ComboFix 11-03-05.02 - dominique 06/03/2011 20:41:05.3.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.3071.2420 [GMT 4:00]
Lancé depuis: c:\documents and settings\dominique\Mes documents\Téléchargements\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\firststeps\FirstSteps.exe
c:\musicbrigade\Musicbrigade.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-06 au 2011-03-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-05 10:15 . 2011-03-05 10:15 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-03-03 16:09 . 2011-03-03 16:09 -------- d-----w- c:\documents and settings\dominique\Local Settings\Application Data\Wide Angle Software
2011-03-03 16:09 . 2011-03-03 16:09 -------- d-----w- c:\program files\Wide Angle Software
2011-02-21 16:57 . 2011-02-21 16:57 -------- d-----w- C:\NVIDIA
2011-02-21 15:00 . 2011-02-21 15:00 -------- d-----w- c:\program files\ma-config.com
2011-02-21 15:00 . 2011-02-21 15:00 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2011-02-21 14:58 . 2011-02-21 14:58 -------- d--h--w- c:\windows\PIF
2011-02-20 15:07 . 2011-03-03 16:18 -------- d-----w- c:\program files\WhoCrashed
2011-02-20 07:25 . 2011-02-26 07:46 -------- d-----w- c:\documents and settings\dominique\Application Data\vlc
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-17 13:26 . 2010-04-08 13:29 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-02-02 17:40 . 2010-04-28 13:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 15:19 . 2010-04-01 17:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-21 14:44 . 2004-08-05 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-08 03:27 . 2010-07-27 09:20 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2010-07-27 09:20 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-07 15:58 . 2011-01-07 15:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-01-07 15:58 . 2011-01-07 15:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-01-07 15:58 . 2011-01-07 15:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-01-07 15:58 . 2011-01-07 15:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-01-07 15:58 . 2011-01-07 15:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-01-07 15:58 . 2011-01-07 15:58 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-01-07 15:58 . 2011-01-07 15:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-01-07 15:58 . 2011-01-07 15:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-01-07 15:58 . 2011-01-07 15:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-01-07 15:58 . 2011-01-07 15:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-01-07 15:58 . 2011-01-07 15:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-01-07 15:58 . 2011-01-07 15:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-01-07 15:58 . 2011-01-07 15:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-01-07 15:58 . 2011-01-07 15:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-01-07 15:58 . 2011-01-07 15:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-01-07 15:58 . 2011-01-07 15:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-01-07 15:58 . 2011-01-07 15:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-01-07 15:58 . 2011-01-07 15:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-01-07 15:58 . 2011-01-07 15:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-01-07 15:58 . 2011-01-07 15:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-01-07 15:58 . 2011-01-07 15:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-01-07 15:58 . 2011-01-07 15:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-01-07 15:58 . 2011-01-07 15:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-01-07 15:58 . 2011-01-07 15:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-01-07 15:58 . 2011-01-07 15:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-01-07 15:58 . 2011-01-07 15:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-01-07 15:58 . 2011-01-07 15:58 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-01-07 15:58 . 2011-01-07 15:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-01-07 15:58 . 2011-01-07 15:58 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-07 15:58 . 2011-01-07 15:58 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 15:58 . 2011-01-07 15:58 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-07 15:58 . 2011-01-07 15:58 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-07 15:58 . 2011-01-07 15:58 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-07 15:58 . 2011-01-07 15:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 15:58 . 2011-01-07 15:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 14:09 . 2004-08-05 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2004-08-05 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2004-08-05 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:53 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:53 . 2004-08-05 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:53 . 2004-08-05 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-10-28 01:23 736768 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 14:09 . 2010-03-15 16:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 14:08 . 2010-03-15 16:17 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-20 12:55 . 2004-08-05 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-12-14 06:09 . 2010-03-21 08:17 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-09 15:15 . 2004-08-05 12:00 743424 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2004-08-04 00:49 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 15:14 . 2004-08-05 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 14:30 . 2004-08-05 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
.
.
------- Sigcheck -------
.
[-] 2010-06-27 . 456E0F5B9BEB184521B0EE8FA7CC92C7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[7] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[7] 2004-08-05 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB889527$\tcpip.sys
[7] 2004-08-05 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-10-01 190024]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 16856968]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-10-01 190024]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 188416]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
"NIC Monitor"="VNICMon.exe" [2002-12-17 40960]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-11 15961088]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"MCI USB Icon"="c:\windows\system32\USBIcon.exe" [2004-09-17 81920]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544]
.
c:\documents and settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
.
c:\documents and settings\papa\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
.
c:\documents and settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
.
c:\documents and settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
.
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage d'Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-8-29 51984]
.
c:\documents and settings\dominique\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [N/A]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"c:\\Download\\utorrent.exe"=
"c:\\Documents and Settings\\dominique\\Bureau\\Domi\\Nouveau dossier\\zsnesw.exe"=
"c:\\Program Files\\zbattle.net\\zbattle.net.exe"=
"c:\\zsnes\\zsnesw.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\StubInstaller.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Conference\\Conference.dll"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\world\\World of Warcraft\\WoW-3.2.0-frFR-downloader.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\world\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\RealVNC\\VNC4\\vncviewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5900:TCP"= 5900:TCP:vnc
.
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [08/04/2010 17:29 135336]
R2 BT848;Conexant's BtPCI WDM Video Capture;c:\windows\system32\drivers\BT848.sys [18/05/2010 14:05 371349]
R2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [23/12/2008 21:06 16616]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16/11/2009 20:33 50704]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17/06/2009 16:20 12648]
R3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;c:\windows\system32\drivers\superwebcam.sys [01/05/2010 17:19 31872]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/11/2010 15:42 135664]
S2 Pv848;Hercules, SmartTV WDM Video Capture;c:\windows\system32\drivers\PH848.sys [12/08/2010 15:41 66354]
S2 PVTUNER;ProVideo, PV-957 WDM TvTuner;c:\windows\system32\drivers\PHTUNER.SYS [12/08/2010 15:41 19598]
S2 PVXBAR;Hercules, SmartTV WDM Crossbar;c:\windows\system32\drivers\PvXBAR.SYS [12/08/2010 15:41 6841]
S3 DtvAudio;DtvAudio;c:\windows\system32\drivers\DtvAudio.sys [14/08/2010 13:11 10330]
S3 DtvVideo;DtvVideo;c:\windows\system32\drivers\DtvVideo.sys [14/08/2010 13:11 25600]
S3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;c:\windows\system32\drivers\HCWBT8XX.sys [24/12/2008 12:59 472644]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2011 14:49 310640]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [29/03/2006 00:27 215040]
S3 VNICPKT5;VNICPKT5 Protocol Driver;c:\windows\system32\VNICPKT5.sys [20/03/2009 22:04 16066]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vzinfhec
.
Contenu du dossier 'Tâches planifiées'
.
2011-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:50]
.
2011-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-15 11:41]
.
2011-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-15 11:41]
.
2019-02-23 c:\windows\Tasks\User_Feed_Synchronization-{916D55B7-C976-4802-8158-E7CF3BBA8E05}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 00:31]
.
.
------- Examen supplémentaire -------
.
uStart Page =
hxxp://www.google.fr/uSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://fr.rd.yahoo.com/customize/ie/def ... .yahoo.comIE: Download with Go!Zilla -
file://c:\program files\Go!Zilla\download-with-gozilla.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} -
hxxp://www.logitech.com/devicedetector/ ... tion32.cabFF - ProfilePath - c:\documents and settings\dominique\Application Data\Mozilla\Firefox\Profiles\yb98ky6d.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/ig?hl=fr&source=iglkFF - prefs.js: keyword.URL -
hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Dictionnaire français «Réforme 1990»:
fr@dictionaries.addons.mozilla.org - %profile%\extensions\fr@dictionaries.addons.mozilla.org
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: TVU Web Player:
firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: vShare Plugin: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-Muscbrigade - c:\musicbrigade\Musicbrigade.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-03-06 20:51
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Heure de fin: 2011-03-06 20:58:01
ComboFix-quarantined-files.txt 2011-03-06 16:57
.
Avant-CF: 84 973 928 448 octets libres
Après-CF: 85 283 852 288 octets libres
.
Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
- - End Of File - - 26657FE91C75F40874FBC5A70967E290