ComboFix 08-07-27.3 - administrateur 2008-07-27 23:29:27.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.430 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\dhwmeqwa.ini
C:\WINDOWS\system32\eqguampl.ini
C:\WINDOWS\system32\hptusbnc.ini
C:\WINDOWS\system32\jfbfxggt.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\sdkwmssr.ini
C:\WINDOWS\system32\tpxcuasy.ini
C:\WINDOWS\system32\wgixismu.ini
C:\WINDOWS\system32\yhfxydar.ini
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-27 to 2008-07-27 ))))))))))))))))))))))))))))))))))))
.
2008-07-27 23:38 . 2008-07-27 23:42 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-27 23:38 . 2008-07-27 23:42 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-27 22:44 . 2008-07-27 22:54 2,652 --a------ C:\WINDOWS\system32\tmp.reg
2008-07-27 22:43 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-07-27 22:43 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-07-27 22:43 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-07-27 22:43 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-07-27 22:43 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-07-27 22:43 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
2008-07-27 22:43 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-07-27 22:43 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-07-27 22:43 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-07-27 19:20 . 2008-07-27 19:20 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-27 19:20 . 2008-07-27 19:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-27 19:20 . 2008-07-27 19:20 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-07-27 19:20 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-27 19:20 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-27 14:58 . 2008-07-27 14:58 41,579,063 --a------ C:\WORLD MOSAICS.EXE
2008-07-26 13:48 . 2008-07-26 13:48 <REP> d-------- C:\WINDOWS\Unicorn Castle
2008-07-25 20:48 . 2008-07-25 20:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
2008-07-25 20:48 . 2008-07-25 20:48 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Gold Casual Games
2008-07-24 19:00 . 2008-07-24 19:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Media Art
2008-07-24 18:56 . 2008-07-24 18:56 <REP> d-------- C:\Program Files\Legend of Ali Baba
2008-07-23 21:26 . 2008-07-26 19:39 <REP> d-------- C:\Program Files\PokerStars.NET
2008-07-23 20:01 . 2008-07-23 20:01 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Panasonic
2008-07-23 20:00 . 2008-07-23 20:00 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
2008-07-23 20:00 . 2005-02-23 14:58 11,776 --a------ C:\WINDOWS\system32\drivers\afc.sys
2008-07-23 19:57 . 2003-09-20 08:45 21,248 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-07-23 19:56 . 2008-07-23 19:56 <REP> d-------- C:\Program Files\ArcSoft
2008-07-23 19:56 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\system32\gdiplus.dll
2008-07-23 19:56 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-07-23 19:56 . 2005-01-24 17:16 143,360 --a------ C:\WINDOWS\system32\PhotoBase Screen Saver.scr
2008-07-23 19:54 . 2008-07-23 19:54 <REP> d-------- C:\Program Files\Panasonic
2008-07-21 20:51 . 2008-07-21 20:51 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Amaranth Games
2008-07-21 11:17 . 2008-07-21 11:27 <REP> d-------- C:\Program Files\Apple Pie
2008-07-19 15:53 . 2008-07-19 15:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Escape From Paradise
2008-07-19 15:49 . 2008-07-19 15:49 <REP> d-------- C:\Program Files\ReflexiveArcade
2008-07-19 14:00 . 2008-07-19 14:00 <REP> d-------- C:\WINDOWS\Jojos Fashion Show 2 Las Cruces
2008-07-19 11:48 . 2008-07-25 20:48 <REP> d-------- C:\Program Files\iWin.com
2008-07-19 11:46 . 2008-07-19 11:46 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\iWinArcade
2008-07-19 11:45 . 2008-07-19 11:45 <REP> d-------- C:\Program Files\iWin Games
2008-07-19 11:45 . 2008-07-19 11:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\iWin Games
2008-07-18 20:46 . 2008-07-18 20:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Magic Academy
2008-07-18 16:12 . 2008-07-18 16:12 <REP> d-------- C:\WINDOWS\Forgotten Riddles - The Moonlight Sonatas
2008-07-18 13:48 . 2008-07-18 20:38 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ForgottenRiddles
2008-07-18 13:05 . 2008-07-18 13:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Gogii Games
2008-07-18 13:05 . 2008-07-18 13:05 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Gogii Games
2008-07-18 12:39 . 2008-07-19 13:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ForgottenRiddles2
2008-07-17 13:44 . 2008-07-17 13:44 <REP> d-------- C:\SIERRA
2008-07-17 13:43 . 2008-07-17 13:46 183 --a------ C:\WINDOWS\SIERRA.INI
2008-07-17 12:51 . 2008-07-17 12:51 244 --ah----- C:\sqmnoopt04.sqm
2008-07-17 12:51 . 2008-07-17 12:51 232 --ah----- C:\sqmdata04.sqm
2008-07-16 17:53 . 2008-07-16 17:53 0 --a------ C:\WINDOWS\PhantomOfVenice.INI
2008-07-16 16:53 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-07-16 16:28 . 2008-07-16 16:28 <REP> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-07-16 16:28 . 2008-07-16 16:28 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-07-16 16:21 . 2008-07-16 16:21 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
2008-07-16 16:21 . 2008-07-16 16:21 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-16 14:28 . 2008-07-16 14:28 244 --ah----- C:\sqmnoopt03.sqm
2008-07-16 14:28 . 2008-07-16 14:28 232 --ah----- C:\sqmdata03.sqm
2008-07-15 19:10 . 2008-07-15 19:10 24 --a------ C:\WINDOWS\AM_D8.PRF
2008-07-15 19:07 . 1999-11-10 11:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2008-07-15 19:05 . 2008-07-15 19:07 <REP> d-------- C:\WINDOWS\system32\QuickTime
2008-07-15 19:05 . 2008-07-15 19:07 <REP> d-------- C:\Program Files\QuickTime
2008-07-15 19:05 . 2008-07-15 19:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-07-15 16:30 . 2008-07-26 13:48 <REP> d-------- C:\Program Files\Jeux
2008-07-15 16:30 . 2008-07-15 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-07-15 16:30 . 2008-07-15 16:30 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\FloodLightGames
2008-07-14 11:37 . 2008-07-14 11:37 <REP> d-------- C:\WINDOWS\Farmer Jane
2008-07-14 11:37 . 2008-07-14 11:38 <REP> d-------- C:\Program Files\Farmer Jane
2008-07-14 07:33 . 2008-07-14 12:55 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\FarmerJane
2008-07-12 17:25 . 2008-07-12 17:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\blg
2008-07-12 17:25 . 2008-07-12 17:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\blg
2008-07-12 11:50 . 2008-07-12 11:50 <REP> d-------- C:\Program Files\BFG
2008-07-12 11:50 . 2008-07-12 11:51 <REP> d-------- C:\Program Files\A Series of Unfortunate Events
2008-07-09 18:51 . 2008-07-09 18:51 <REP> d-------- C:\WINDOWS\Ancient Quest of Saqqarah
2008-07-09 18:51 . 2008-07-09 18:51 <REP> d-------- C:\Program Files\Ancient Quest of Saqqarah
2008-07-09 17:45 . 2008-07-09 17:49 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Ancient Quest of Saqqarah__bfg
2008-07-08 20:32 . 2008-07-08 20:32 <REP> d-------- C:\WINDOWS\Jenny's Fish Shop
2008-07-06 11:31 . 2008-07-06 11:31 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\SulusGames
2008-07-04 23:06 . 2008-07-04 23:06 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\MysteryStudio
2008-07-04 20:51 . 2008-07-04 20:51 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\PlanetPlayMore
2008-07-04 20:50 . 2008-07-04 22:33 <REP> d-------- C:\Program Files\Tropicabana
2008-07-04 13:27 . 2008-07-04 13:29 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\LTOA
2008-07-02 19:43 . 2008-07-02 19:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FreshGames
2008-06-28 12:57 . 2008-06-28 12:57 <REP> d-------- C:\WINDOWS\Fitness Frenzy
2008-06-28 12:53 . 2008-06-28 12:53 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-06-28 12:30 . 2008-06-28 12:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Fitn17
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-27 21:36 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DNA
2008-07-27 20:52 1,144 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-07-27 20:23 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Spyware Terminator
2008-07-27 20:14 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\BitTorrent
2008-07-27 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-27 12:37 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-27 11:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fugazo
2008-07-26 12:10 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Meridian93
2008-07-23 21:27 --------- d-----w C:\Program Files\Full Tilt Poker
2008-07-23 17:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-19 12:02 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Gamelab
2008-07-17 16:09 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\iWin
2008-07-16 06:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-07-16 06:51 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\PlayFirst
2008-07-15 17:07 --------- d-----w C:\Program Files\Ubisoft
2008-07-11 20:20 --------- d-----w C:\Program Files\Shopping Blocks
2008-07-11 13:59 --------- d-----w C:\Program Files\CLUE Classic
2008-07-11 13:56 --------- d-----w C:\Program Files\Totem Quest
2008-07-08 16:29 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Alawar
2008-06-26 19:13 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Reflexive
2008-06-26 19:12 --------- d-----w C:\Program Files\Puzzle Hero
2008-06-23 20:25 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Restorer
2008-06-23 20:00 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ITTNord
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-19 16:22 --------- d-----w C:\Program Files\Sallys Spa
2008-06-18 19:24 --------- d-----w C:\Program Files\Build in Time
2008-06-18 18:52 --------- d-----w C:\Program Files\Virtual Villagers The Secret City
2008-06-17 19:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-14 14:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-06-12 20:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\VirtualFarm
2008-06-12 17:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Astar Games
2008-06-12 17:38 --------- d-----w C:\Program Files\Laura Jones And The Gates Of Good And Evil
2008-06-09 17:11 --------- d-----w C:\Program Files\Cate West The Vanishing Files
2008-06-08 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-06-08 13:32 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\GamesCafe
2008-06-07 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games
2008-06-07 12:49 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Flood Light Games
2008-06-01 19:56 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ViquaSoft
2008-05-30 17:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ludia
2008-05-30 17:46 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Ludia
2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-03-04 17:37 0 ----a-w C:\Program Files\temp01
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-22 18:10 787696]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 11:01 289088]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-04 17:01 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 13:22 7700480]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 13:22 86016]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2006-09-18 21:52 1696768]
"SansaDispatch"="C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe" [2007-10-22 12:52 75584]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-07-15 19:07 77824]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 20:51 131072]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-19 16:10 160768]
"nwiz"="nwiz.exe" [2006-10-22 13:22 1622016 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"VMCL"=C:\Program Files\vodafone\vmclite\DongleEnumerator.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\iWin Games\\iWinGames.exe"=
"C:\\Program Files\\iWin Games\\WebUpdater.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 10:56]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 10:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-01 18:51]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 iWinGamesInstaller;iWinGamesInstaller;C:\Program Files\iWin Games\iWinGamesInstaller.exe [2008-06-25 20:04]
R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]
S3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2003-12-08 12:53]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43fbf9a4-75bf-11dc-8016-000c76572a4e}]
\Shell\AutoRun\command - E:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43fbf9a5-75bf-11dc-8016-000c76572a4e}]
\Shell\AutoRun\command - E:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c355f1d4-7748-11dc-801b-000c76572a4e}]
\Shell\AutoRun\command - E:\VMC_PBStarter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e28e3c04-7749-11dc-801c-000c76572a4e}]
\Shell\AutoRun\command - E:\VMC_PBStarter.exe
*Newly Created Service* - ASNDIS5
.
- - - - ORPHANS REMOVED - - - -
BHO-{8CA5ED52-F3FB-4414-A105-2E3491156990} - (no file)
Toolbar-{BF53502D-3BEF-4273-9925-89D7526A5F87} - C:\WINDOWS\fdkowvbp.dll
Notify-WgaLogon - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.be/
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 -: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_12.cab
C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 23:39:31
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-27 23:47:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-27 21:47:08
Pre-Run: 6,690,308,096 octets libres
Post-Run: 6,640,893,952 octets libres
275 --- E O F --- 2008-07-11 09:00:07
Changer fond ecran windows 7 starter
