Voilà le rapport combofix :
ComboFix 10-05-27.03 - Bressy 31/05/2010 23:14:47.2.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.604 [GMT 2:00]
Lancé depuis: c:\documents and settings\Bressy\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Filseclab Personal Firewall *enabled* {EB4DA513-3B0A-4FCB-86A7-F1243757EFF2}
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-04-28 au 2010-05-31 ))))))))))))))))))))))))))))))))))))
.
2010-05-31 20:22 . 2010-05-31 20:22 -------- d-----w- c:\program files\VirusTotalUploader2
2010-05-31 10:14 . 2010-05-31 10:14 -------- d-----w- c:\documents and settings\Administrateur
2010-05-29 13:31 . 2010-05-29 13:33 -------- d-----w- c:\documents and settings\HelpAssistant
2010-05-29 08:40 . 2010-05-29 08:40 -------- d-----w- C:\_OTM
2010-05-28 21:18 . 2010-05-29 09:01 -------- d-----w- c:\documents and settings\Bressy\Application Data\Apple Computer
2010-05-28 21:17 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-28 21:17 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-05-28 21:16 . 2010-05-28 21:16 -------- d-----w- c:\program files\iPod
2010-05-28 21:16 . 2010-05-28 21:17 -------- d-----w- c:\program files\iTunes
2010-05-28 21:16 . 2010-05-28 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-28 21:15 . 2010-05-28 21:16 -------- d-----w- c:\program files\QuickTime
2010-05-28 21:15 . 2010-05-28 21:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-05-28 21:15 . 2010-05-28 21:15 -------- d-----w- c:\documents and settings\Bressy\Local Settings\Application Data\Apple
2010-05-28 21:15 . 2010-05-28 21:15 -------- d-----w- c:\program files\Apple Software Update
2010-05-28 21:14 . 2010-04-16 06:33 41472 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-05-28 21:14 . 2010-04-16 06:33 3003680 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-05-28 21:14 . 2010-05-28 21:14 -------- d-----w- c:\program files\Bonjour
2010-05-28 21:14 . 2010-05-28 21:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-05-28 21:14 . 2010-05-28 21:16 -------- d-----w- c:\program files\Fichiers communs\Apple
2010-05-28 21:13 . 2010-05-28 21:18 -------- d-----w- c:\documents and settings\Bressy\Local Settings\Application Data\Apple Computer
2010-05-28 19:57 . 2005-07-05 10:55 124752 ----a-w- c:\windows\system32\xpacket.sys
2010-05-28 19:57 . 2010-05-28 19:57 -------- d-----w- c:\program files\Fichiers communs\Filseclab
2010-05-28 19:57 . 2010-05-28 19:57 -------- d-----w- c:\program files\Filseclab
2010-05-28 17:39 . 2008-04-14 02:34 39424 -c--a-w- c:\windows\system32\dllcache\grpconv.exe
2010-05-28 17:39 . 2008-04-14 02:34 39424 ----a-w- c:\windows\system32\grpconv.exe
2010-05-28 17:00 . 2010-05-28 17:00 -------- d-----w- c:\program files\Trend Micro
2010-05-27 23:02 . 2010-05-27 23:02 -------- d-----w- c:\documents and settings\Bressy\Application Data\TortoiseSVN
2010-05-27 21:07 . 2010-05-27 21:07 63488 ----a-w- c:\documents and settings\Bressy\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-05-27 21:07 . 2010-05-27 21:07 52224 ----a-w- c:\documents and settings\Bressy\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-27 21:07 . 2010-05-27 21:07 117760 ----a-w- c:\documents and settings\Bressy\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-27 21:06 . 2010-05-27 21:06 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-05-27 21:06 . 2010-05-27 21:06 -------- d-----w- c:\documents and settings\Bressy\Application Data\SUPERAntiSpyware.com
2010-05-27 21:06 . 2010-05-27 21:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-05-27 19:28 . 2010-05-27 19:53 -------- d---a-w- C:\Navilog1
2010-05-27 19:22 . 2010-05-27 19:22 -------- d-----w- c:\documents and settings\Bressy\Application Data\Malwarebytes
2010-05-27 19:20 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-27 19:20 . 2010-05-27 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-27 19:20 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-27 19:20 . 2010-05-27 19:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-27 15:20 . 2010-05-28 20:13 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-05-27 15:20 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-05-27 15:20 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-05-27 15:20 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-05-27 15:20 . 2010-05-27 15:20 -------- d-----w- c:\program files\Avira
2010-05-27 15:20 . 2010-05-27 15:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-05-26 13:07 . 2010-05-26 13:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-05-26 11:38 . 2010-05-26 11:40 21304816 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\rp\RealPlayerSPGold_fr.exe
2010-05-23 18:16 . 2010-05-23 18:16 -------- d-----w- c:\documents and settings\Marguerite\Local Settings\Application Data\ofumcvvde
2010-05-08 16:40 . 2010-05-08 16:40 -------- d-----w- c:\documents and settings\Marguerite\Application Data\HP
2010-05-07 08:00 . 2010-05-07 08:00 -------- d-----w- C:\spoolerlogs
2010-05-07 07:55 . 2010-05-17 07:46 -------- d-----w- c:\program files\TCPlayer
2010-05-05 05:44 . 2010-05-05 05:44 31464 ----a-w- c:\documents and settings\KALIBEE-16F29E6\Madeleine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-05 05:43 . 2010-05-05 05:43 -------- d-----w- c:\documents and settings\KALIBEE-16F29E6\Madeleine\Application Data\HP
2010-05-04 17:12 . 2010-05-04 17:12 -------- d-----w- c:\program files\GIMP-2.0
2010-05-04 10:47 . 2010-05-04 10:47 -------- d-----w- c:\documents and settings\Bressy\Application Data\HP
2010-05-04 10:45 . 2010-05-04 10:45 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2010-05-04 10:40 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-05-04 10:40 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-29 08:40 . 2004-08-05 12:00 98588 ----a-w- c:\windows\system32\perfc00C.dat
2010-05-29 08:40 . 2004-08-05 12:00 547846 ----a-w- c:\windows\system32\perfh00C.dat
2010-05-28 22:18 . 2010-02-02 16:19 1 ----a-w- c:\documents and settings\Bressy\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-28 19:57 . 2008-06-11 09:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-28 14:45 . 2008-05-20 08:44 28344 ----a-w- c:\windows\system32\drivers\fwdrv.err
2010-05-28 06:26 . 2010-03-13 12:14 443912 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\setup.exe
2010-05-27 23:41 . 2010-03-17 07:09 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-05-26 13:11 . 2008-05-19 14:15 -------- d-----w- c:\program files\Alwil Software
2010-05-15 16:53 . 2010-04-03 13:37 1 ----a-w- c:\documents and settings\Marguerite\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-10 16:20 . 2010-04-20 18:57 31464 ----a-w- c:\documents and settings\Marguerite\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-08 17:43 . 2010-05-01 09:45 -------- d-----w- c:\documents and settings\Marguerite\Application Data\dvdcss
2010-05-04 18:54 . 2009-07-21 18:42 -------- d-----w- c:\documents and settings\Bressy\Application Data\U3
2010-05-04 16:56 . 2008-09-16 19:33 31464 ----a-w- c:\documents and settings\Bressy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-04 10:56 . 2008-09-04 07:40 170942 ----a-w- c:\windows\hppins08.dat
2010-05-04 10:46 . 2008-09-04 07:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2010-05-04 10:45 . 2008-09-04 07:40 -------- d-----w- c:\program files\HP
2010-05-04 10:45 . 2008-09-04 07:40 170901 ----a-w- c:\windows\system32\hppins08.dat
2010-04-30 15:43 . 2010-04-30 14:48 -------- d-----w- c:\program files\Utilitaires LanBooster
2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-03 13:36 . 2010-04-03 13:36 -------- d-----w- c:\documents and settings\Marguerite\Application Data\OpenOffice.org
2010-04-03 13:18 . 2010-04-03 12:43 -------- d-----w- c:\documents and settings\Marguerite\Application Data\vlc
2010-04-03 12:29 . 2010-04-03 12:29 -------- d-----w- c:\documents and settings\Marguerite\Application Data\Subversion
2010-03-22 12:16 . 2010-03-22 12:16 8405312 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2010-03-22 12:15 . 2010-03-22 12:15 149000 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\chr_helper\LaunchHelper.exe
2010-03-22 12:15 . 2010-03-22 12:15 10309448 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\chr\ChromeInstaller.exe
2010-03-22 12:14 . 2010-03-22 12:14 79368 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\vista.exe
2010-03-22 12:14 . 2010-03-22 12:14 64000 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\inst_config\gcapi_dll.dll
2010-03-22 12:14 . 2010-03-22 12:14 52288 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\inst_config\gtapi.dll
2010-03-22 12:14 . 2010-03-22 12:14 50688 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\inst_config\fftbapi.dll
2010-03-22 12:14 . 2010-03-22 12:14 49152 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\inst_config\CarboniteCompatibility.dll
2010-03-22 12:14 . 2010-03-22 12:14 118784 ----a-w- c:\documents and settings\Bressy\Application Data\Real\Update\setup3.10\RUP\inst_config\compat.dll
2010-03-18 17:40 . 2009-11-30 18:22 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-18 17:36 . 2010-04-03 12:14 38784 ----a-w- c:\documents and settings\KALIBEE-16F29E6\Madeleine\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2006-05-03 09:06 . 2009-12-02 20:38 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2009-12-02 20:38 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2009-12-02 20:38 216064 --sh--r- c:\windows\system32\nbDX.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-05-28_19.08.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-31 21:13 . 2010-05-31 21:13 16384 c:\windows\Temp\Perflib_Perfdata_5f8.dat
- 2004-08-05 12:00 . 2008-04-14 02:33 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-05 12:00 . 2009-10-21 05:39 75776 c:\windows\system32\strmfilt.dll
- 2008-06-13 06:58 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2008-06-13 06:58 . 2008-07-08 13:03 18296 c:\windows\system32\spmsg.dll
- 2004-08-05 12:00 . 2010-05-17 07:34 85288 c:\windows\system32\perfc009.dat
+ 2004-08-05 12:00 . 2010-05-29 08:40 85288 c:\windows\system32\perfc009.dat
+ 2004-08-05 12:00 . 2009-10-21 05:39 25088 c:\windows\system32\httpapi.dll
+ 2010-05-28 21:14 . 2010-04-16 06:33 41472 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaapl.sys
+ 2010-05-28 21:15 . 2010-04-16 06:33 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2010-05-28 21:17 . 2009-05-18 11:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2010-05-27 15:20 . 2010-05-28 20:13 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2009-10-21 05:39 . 2009-10-21 05:39 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2009-10-21 05:39 . 2009-10-21 05:39 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2010-05-28 21:15 . 2010-05-28 21:15 27136 c:\windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
+ 2010-05-28 19:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2010-05-28 19:23 . 2009-05-26 11:40 18296 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-05 12:00 . 2008-04-14 02:33 579584 c:\windows\system32\user32.dll
- 2004-08-05 12:00 . 2010-05-23 18:17 579584 c:\windows\system32\user32.DLL
+ 2008-05-19 13:48 . 2008-05-19 13:48 297984 c:\windows\system32\termsrv32.dll
+ 2004-08-05 12:00 . 2010-05-29 08:40 479398 c:\windows\system32\perfh009.dat
- 2004-08-05 12:00 . 2010-05-17 07:34 479398 c:\windows\system32\perfh009.dat
+ 2010-05-28 21:17 . 2008-04-17 10:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2004-08-05 12:00 . 2009-12-31 16:50 353792 c:\windows\system32\drivers\srv.sys
+ 2004-08-05 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
+ 2004-08-05 12:00 . 2008-04-14 02:33 579584 c:\windows\system32\dllcache\user32.dll
+ 2008-10-29 12:27 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2010-05-28 21:14 . 2010-05-28 21:14 791552 c:\windows\Installer\4198bf.msi
+ 2010-05-28 21:18 . 2010-05-28 21:18 372736 c:\windows\Installer\{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}\iTunesIco.exe
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-05-28 19:23 . 2009-05-26 11:40 406392 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2010-05-28 19:23 . 2009-05-26 11:40 767352 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2010-05-28 19:23 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2010-03-08 12:02 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2010-05-28 21:14 . 2010-04-16 06:33 3003680 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaaplrc.dll
+ 2010-05-28 21:15 . 2010-04-16 06:33 1419232 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll
+ 2010-05-28 21:18 . 2010-05-28 21:18 4795392 c:\windows\Installer\4198df.msi
+ 2010-05-28 21:15 . 2010-05-28 21:15 9472000 c:\windows\Installer\4198db.msi
+ 2010-05-28 21:15 . 2010-05-28 21:15 1554944 c:\windows\Installer\4198d4.msi
+ 2010-05-28 21:15 . 2010-05-28 21:15 3168768 c:\windows\Installer\4198cd.msi
+ 2010-05-28 21:14 . 2010-05-28 21:14 1984000 c:\windows\Installer\4198c6.msi
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-18 2397424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-06-13 198160]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"XFILTER"="c:\program files\Filseclab\xfilter\xfilter.exe" [2005-07-27 897284]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Marguerite\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\Bressy\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Filseclab Messenger.lnk - c:\program files\Fichiers communs\Filseclab\FilMsg.exe [2010-5-28 315652]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hppscan6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2076:TCP"= 2076:TCP:Services
"2652:TCP"= 2652:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
R0 XPacket;Filseclab Packet Filter;c:\windows\system32\xpacket.sys [28/05/2010 21:57 124752]
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [18/09/2008 11:23 651264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 20:41 67656]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [27/05/2010 17:20 108289]
R2 ss_service;Eltima Serial Share Service;c:\program files\Eltima Software\Shared Serial Ports\ss_service.exe [24/09/2008 12:10 743936]
R3 sharebus;Shared Serial Ports Bus Enumerator;c:\windows\system32\drivers\sharebus.sys [24/09/2008 11:42 23296]
S2 gupdate1c9ec574bbdba0;Service Google Update (gupdate1c9ec574bbdba0);c:\program files\Google\Update\GoogleUpdate.exe [13/06/2009 20:43 133104]
S3 sershare;ELTIMA Shared Serial Ports Driver;c:\windows\system32\drivers\sershare.sys [24/09/2008 11:42 49664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
2010-05-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
2010-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 18:39]
2010-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 18:39]
.
.
------- Examen supplémentaire -------
.
uStart Page = gmail.com
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>;*.local
LSP: c:\program files\Filseclab\xfilter\XFILTER.DLL
FF - ProfilePath - c:\documents and settings\Bressy\Application Data\Mozilla\Firefox\Profiles\gz9i21nw.default\
FF - prefs.js: browser.startup.homepage -
hxxp://gmail.comFF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-31 23:20
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(808)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\System32\BCMLogon.dll
c:\windows\system32\igfxdev.dll
- - - - - - - > 'lsass.exe'(868)
c:\program files\Filseclab\xfilter\XFILTER.DLL
.
Heure de fin: 2010-05-31 23:23:04
ComboFix-quarantined-files.txt 2010-05-31 21:22
ComboFix2.txt 2010-05-28 19:13
Avant-CF: 6 224 556 032 octets libres
Après-CF: 6 194 978 816 octets libres
- - End Of File - - DF24A500D2F9A872803E52CFE25A33FD