rapport : ComboFix 08-10-28.01 - PATTY 2008-10-28 19:04:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1530 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\PATTY\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\PATTY\Application Data\hidires
C:\Documents and Settings\PATTY\Application Data\m
C:\Documents and Settings\PATTY\Application Data\m\list.oct
C:\Documents and Settings\PATTY\Application Data\m\shared\[Programmi.-.ITA].Sicurezza.AVG.6(antivirus).Spyware.e.SpyBot.AdAware.il.tutto.con.seriali.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\A Fantasy Journey Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Aare AVI to VCD DVD SVCD MPEG Converter 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbNote 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbsolutePrivacy 2.02.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Access Password Recovery Master 1.0.0.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AccessPatrol 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Active@ ISO File Manager 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\activePrinter 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced MP3 Converter 2.63 [Patch].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced Office Password Breaker 1.40 (KeyGen).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AmIAScreenSaverOrNot 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Antiquity Riddles 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AnVir Virus Destroyer 3.7 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apdsoft Web Mailer 3.03.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apex iPod Video Converter 4.19 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ArcaMagica Packaging Templates 2.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ARulesXL 2.0.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ASPlayer 3.00f.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic PST Password Recovery 1.60.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic RAR Password Recovery 1.20 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AV Bros. Colorist 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.AntivÃrus.7.0.322.em.português.+.Keygen.&.Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.AntiVirus.v7.1.371.Multilangages.Incl-Keygen.par.eMule-Paradise.com.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Banner Maker Pro 6.0.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Basenjinn Desktop Buddy 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Batch It! Ultra 3.978 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BatchOutput 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Battlefield 1942 BiTurbo Mod.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bay Area Diving RSS feed 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Big Faceless Report Generator 1.1.34.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bigeye Network Manager 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Birthdays 2.3 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bitdefender.v8.Keygen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BpmChecker 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BRICKLETTER 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CarryDVD 4.5.0 Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\celum IMAGINE 3.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CHP Incident Information 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CoCoMiner 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ColorPickUp 1.1.0.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Command & Conquer Generals Train map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Coollector 1.13.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTMailer 2.20.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Customized Windows Logon 1.0 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dealership Director 3.01 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Deleted Digital Photo Pictures Retrieval 2.0.1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dramatica Pro 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD Base Lite 5.530.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD to VCD AVI DivX Converter 3.2 build 069 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD X IMAGER 2.0.0.1 (Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dynomite 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Easy SMTP Server 2.7 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EasyTVA V1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Email Spy Pro 5.1.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EnergySaver 2.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ESXManager 7.5.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Excel Password Recovery Key 6.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Exe Password 2004 7.114.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\F-Album 1.8.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Falling Icons 3D Screensaver 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FastChords 3.6 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FileMenu 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flashback 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flippin' Switcheroo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Folder Iconizer 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FRS Clocks and Time 1.8 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GalleryView 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GAMP Candy 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Generador2.0.Para.Actualizaciones.Del.Antivirus.Nod32.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GetAnonymous Professional 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GoToMeeting 3.0 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Grass Roots 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hadi Farsi Builder 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HandyRec Professional 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HD Workbench 1.1.31 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HidePro 0.5.1.70 (beta 3).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\High--Low 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HotDog Junior 1.51.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hours Manager 1.1 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HumanityThunder 3.1.1028 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iDump 1.1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\IESnap 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\InsideCAT Lite Edition 4.00 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Insider 3.02 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iPod Audio Studio 6.4.2 [With Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Itookia Free Icon Set.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Jerrycan 6.28.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Keyspan USB Twin Serial Adapter Software 1.9.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Landscape 1.2.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lemonade Tycoon 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Dictionary 2007 German - French 4.0.22 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Suite 2006 Turkish-Russian for Windows 3.1.29.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Logic Builder - VBA Runtime Demo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lunar Colongitude 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MagiName 1.2 Build 30 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MasterBlaster Deluxe 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MCAFEE.ANTISPYWARE.V1.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\McAfee.Internet.Security.Suite.V7.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Medianet 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MonoCalendar 0.7.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Morovia Royal Mail RM4SCC Fontware 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MorphVOX 2.9.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MP3DJ Broadcast 3.7 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MSDict Professional Dictionary Bundle (Symbian Series 80) 2.40.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Muon 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MYquery Analyzer 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\N-Ball 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Net Snippets Standard 3.3 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Network Traffic Generator and Monitor 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Nuclear Clock 2.24.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OGM to AVI Converter 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OpenOffice IFilter 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PacRush 1.42.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paint Shop Photo Album 5.01 (Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paquet Builder 2.9.5.0 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password generator 1.0 beta.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password Inventory 1.1.0.2 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PC-Com Basic 8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Conversion Series - PDF2TXT 1.1 build 1115.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Security and Privacy Audit 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Perfect Day
C:\Documents and Settings\PATTY\Application Data\m\shared\Phyllotaxis Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PictMatch 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Pink Calendar and Day Planner 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Planetary Dreamscapes 1 1.0 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PM Master 2.8 [Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PopSurfer 1.1 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Portals of Arnak 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Power Siphon 1.9.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PowerPoint Slide Show Converter 2.3.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ProcView32 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\QuidProQuo 1.04 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\r.a.d.ajax 1.62 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Radio Max toolbar for IE 4.5.129.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Rapid Backup Beta 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RAR IFilter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RC Converter 2.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Remote Software Installation Utility 2007 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Renamer 5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RGS-ADSLBoost 1.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RSS Content Generator Enterprise 3.1.58 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\San Francisco 49ers screensaver.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Scenic Drive - Welsh Hills to Chestnut Hills 1.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sense Remote Control 1.4.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sfx-Factory 2.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sideways Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Slawdog Smart Shutdown 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SmartFormFiller 5.1 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SMB iCRM 4.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Soft193 Password Manager 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Softdiv Audio Converter 3.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Space War Online 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Spamihilator 0.9.9.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SQLeonardo 2006.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Starlines INC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\swBatchPrint 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Symantec.Norton.Antivirus.2007.Full.+.Symantec.Norton.Internet.Security.2007.Full.part1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TestLAB 3.0.3 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Text Converter 2.1.3.21.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TextPad 5.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\The Business OpsCenter 3.5.0 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Thunder Batch 2.1.2 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Titanium Checkbook 3.2 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trade Empires 1.01 patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Traffic Scotland Cameras 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trojan Guarder 5.54.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Twinsen's Odyssey demo.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\uCertify PrepKit for test 70-300 8.02.5 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Fire Pitt v1.1 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Knallert45 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\UrVirtualDesktops 1.0.0.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VAS Free System Tools 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VB Doodle 5.0.0.68.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Vegetarian Cookery 1.0 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VerMan's Art Converter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Visual Catalogues Lite 4.16.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Voice Tracker 1.3 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VOKATOR 1.0.2 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Volt 1.301.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - Lt. Bronx's Assault map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - The Death Sheep map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warhammer 40,000 Dawn of War The Canyon map 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WGP FolderLock 2006 1.0.4 (Patch).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\When Clones Attack 1.04.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Wincry 1.6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WinLog Assist 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WOA Custom Document Properties 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Woize 2.5.0.32959.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WordCaptureX 2.2 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\X-Copy Professional 1.6.50.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\YASA VOB to iPod Converter 4.0 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Zarafa Outlook Sharing 4.22 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\srvlist.oct
C:\Documents and Settings\PATTY\ravmonlog
C:\resycled
C:\resycled\boot.com
C:\WINDOWS\cnsinfo.dat
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\fxtslgsw.ini
C:\WINDOWS\system32\kdpuf.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\plpgbsvi.ini
C:\WINDOWS\system32\RsDdcfii.ini
C:\WINDOWS\system32\RsDdcfii.ini2
C:\xcrashdump.dat
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Legacy_CNSMINKP
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.
2008-10-28 18:27 . 2008-10-28 18:51 <REP> d-------- C:\Lop SD
2008-10-28 18:07 . 2008-10-28 18:24 <REP> d-------- C:\Program Files\Navilog1
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-28 17:54 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-28 16:27 . 2008-10-28 16:33 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-28 16:27 . 2008-10-28 16:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-28 16:27 . 2008-10-28 16:27 355,584 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-28 16:27 . 2008-05-29 09:28 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-10-28 16:11 . 2008-10-28 16:11 <REP> d-------- C:\Program Files\Zylom Games2
2008-10-28 13:43 . 2008-10-28 13:43 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Program Files\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-10-28 13:07 . 2008-10-28 13:07 144 --a------ C:\WINDOWS\wininit.ini
2008-10-27 22:40 . 2008-10-27 22:40 <REP> d-------- C:\VundoFix Backups
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\rsit
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\Program Files\trend micro
2008-10-26 16:41 . 2008-10-26 16:41 <REP> d-------- C:\Program Files\Yahoo!
2008-10-26 16:41 . 2008-10-26 16:42 <REP> d-------- C:\Program Files\CCleaner
2008-10-24 06:59 . 2008-10-15 17:35 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-23 14:46 . 2008-10-23 14:46 <REP> d-------- C:\Program Files\SmartShopper
2008-10-23 14:46 . 2008-10-27 14:49 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\SmartShopper
2008-10-23 14:46 . 2008-10-23 14:46 0 --a------ C:\WINDOWS\_MSI5166._IS
2008-10-22 15:51 . 2006-11-13 14:30 106,496 --a------ C:\WINDOWS\system32\ssPlantasia.scr
2008-10-22 13:16 . 2008-10-22 13:16 <REP> d-------- C:\Program Files\DD PlayCam
2008-10-22 13:15 . 2008-10-22 13:15 <REP> d-------- C:\Program Files\Fichiers communs\Look312P
2008-10-22 13:15 . 2004-03-19 17:11 90,968 --a------ C:\WINDOWS\system32\drivers\usbVM31b.sys
2008-10-22 13:15 . 2003-05-15 16:17 61,440 --a------ C:\WINDOWS\system32\VM31bSTI.dll
2008-10-21 23:44 . 2008-10-22 18:40 <REP> d-------- C:\WINDOWS\Album
2008-10-21 23:43 . 2008-10-22 22:52 <REP> d-------- C:\Program Files\Look 312P
2008-10-21 23:43 . 2005-06-27 17:24 184,392 --------- C:\WINDOWS\system32\VM31bPrp.Ax
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-10-16 21:13 . 2008-08-14 14:23 2,191,232 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,147,328 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,068,096 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,025,984 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-16 13:01 . 2008-09-15 16:26 1,846,528 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-16 12:15 . 2008-09-08 11:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 23:51 . 2008-10-14 23:51 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\GamesCafe
2008-10-10 23:21 . 2008-10-19 19:58 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Shopping Blocks
2008-10-04 13:51 . 2008-10-04 13:51 <REP> d-------- C:\Program Files\Eidos
2008-10-04 09:20 . 2008-10-04 09:20 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Anuman Interactive
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-28 16:31 --------- d-----w C:\Program Files\Zylom Games
2008-10-28 16:21 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Zylom
2008-10-28 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-10-28 13:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-28 12:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-28 01:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-28 01:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-28 01:34 --------- d-----w C:\Documents and Settings\PATTY\Application Data\EoRezo
2008-10-28 00:27 --------- d-----w C:\Program Files\EoRezo
2008-10-27 21:23 --------- d-----w C:\Program Files\WiPen
2008-10-27 21:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-26 20:19 --------- d-----w C:\Program Files\eMule
2008-10-23 15:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\MythPeople
2008-10-05 12:25 --------- d-----w C:\Program Files\GameSpy Arcade
2008-10-04 21:05 --------- d-----w C:\Documents and Settings\PATTY\Application Data\PlayFirst
2008-10-04 20:11 --------- d-----w C:\Program Files\Ubisoft
2008-10-04 20:11 --------- d-----w C:\Program Files\Codemasters
2008-10-04 20:11 --------- d-----w C:\Program Files\Anuman Interactive
2008-10-04 08:26 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-25 10:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\GameHouse
2008-09-23 21:49 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Playrix Entertainment
2008-09-19 12:07 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-09-17 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-09-12 23:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\POPWWPROFILES
2008-09-12 07:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gogii
2008-09-11 20:54 --------- d-----w C:\Documents and Settings\PATTY\Application Data\SPAMfighter
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 12:01 --------- d-----w C:\Program Files\Maxis
2008-09-07 11:08 --------- d-----w C:\Program Files\MSN Messenger
2008-09-04 11:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-09-02 09:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-04-01 16:46 212,368 ----a-w C:\Documents and Settings\PATTY\Application Data\GDIPFONTCACHEV1.DAT
2007-04-25 14:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2003-03-21 11:37 16,056 ----a-w C:\Program Files\owcstp16.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-09 68856]
"AnumanLive"="C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe" [2008-07-01 347648]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-10-25 1410304]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]
C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]
C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\system32\ir32_32.dll
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"13789:TCP"= 13789:TCP:NortonAV
"16158:TCP"= 16158:TCP:NortonAV
"16502:TCP"= 16502:TCP:NortonAV
"16499:TCP"= 16499:TCP:NortonAV
"15187:TCP"= 15187:TCP:NortonAV
"56586:TCP"= 56586:TCP:Pando P2P TCP Listening Port
"56586:UDP"= 56586:UDP:Pando P2P UDP Listening Port
R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2007-02-10 162432]
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2007-02-10 12032]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688]
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 7040]
S2 AbyssWebServer;Abyss Web Server;F:\abyssws.exe [ ]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656]
S3 gAGP440p;gAGP440p;C:\DOCUME~1\PATTY\LOCALS~1\Temp\gAGP440p.sys [ ]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2004-05-17 17536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-28 355584]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b7aeaa1-6abb-11dd-8174-00038a000015}]
\Shell\AutoRun\command - F:\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5e536d2-4688-11dc-bfed-00038a000015}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
Contenu du dossier 'Tâches planifiées'
2008-10-28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{32341E7E-C319-46DE-91D0-E30BB1A3CABA} - (no file)
BHO-{6A511CCC-E0F0-4A27-A70A-664C11A4F999} - (no file)
HKLM-Run-C:\WINDOWS\system32\kdpuf.exe - C:\WINDOWS\system32\kdpuf.exe
Notify-__c008EED6 - C:\WINDOWS\system32\__c008EED6.dat
Notify-cbXooMcY - cbXooMcY.dll
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lo.st
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 -: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {BCEB373D-A35A-4200-BD43-8586CD9DFAE7} -
O16 -: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://zylom.king.com/ctl/kingcomie.cab
C:\WINDOWS\Downloaded Program Files\KingComIE.inf
C:\WINDOWS\KingComIE.dll
O16 -: {48DF87EE-F2DE-11D8-BE7F-302050C10811} - hxxp://www.flysuite.com/flyword/loaderword_win_fr.cab
C:\WINDOWS\Downloaded Program Files\FlyLoader.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-10-28 19:20:32
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-28 19:29:13 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-28 18:29:10
Avant-CF: 249 614 553 088 octets libres
Après-CF: 249,048,584,192 octets libres
450 --- E O F --- 2008-10-25 12:13:51
