Here is the report of combofix:
ComboFix 09-10-01.05 - Bastien 03/10/2009 23:57.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.408 [GMT 2:00]
Lancé depuis: c:\documents and settings\Bastien\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-03 au 2009-10-03 ))))))))))))))))))))))))))))))))))))
.
2009-09-13 08:42 . 2009-09-13 08:42 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-09-13 08:42 . 2005-10-27 13:06 356096 ----a-w- c:\windows\system32\rt61.sys
2009-09-13 08:42 . 2005-10-20 13:00 243328 ----a-w- c:\windows\system32\rt2500.sys
2009-09-13 08:42 . 2009-09-13 08:42 -------- d-----w- c:\program files\Linksys Wireless-G PCI Wireless Network Monitor
2009-09-12 14:28 . 2009-09-12 15:08 -------- d-----w- c:\program files\Firefly Studios
2009-09-12 07:39 . 2009-09-12 07:39 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 21:07 . 2009-09-11 21:07 -------- d-----w- c:\documents and settings\Bastien\Local Settings\Application Data\Linksys_LLC_-_A_Division_
2009-09-06 20:57 . 2009-10-03 00:13 72912 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-09-06 17:07 . 2009-09-06 17:07 -------- d-----w- c:\program files\WebEx
2009-09-06 17:06 . 2009-09-06 17:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Linksys
2009-09-06 17:04 . 2008-05-16 04:10 23992 ----a-w- c:\windows\system32\drivers\pnarp.sys
2009-09-06 17:04 . 2008-05-16 04:10 25272 ----a-w- c:\windows\system32\drivers\purendis.sys
2009-09-06 17:04 . 2009-09-06 17:04 -------- d-----w- c:\program files\Fichiers communs\Pure Networks Shared
2009-09-06 17:04 . 2009-09-06 17:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Pure Networks
2009-09-06 17:02 . 2009-09-06 17:03 -------- d-----w- c:\program files\Linksys
2009-09-05 23:14 . 2009-09-13 19:33 -------- d-----w- C:\Fraps
2009-09-05 15:49 . 2009-09-09 17:29 -------- d-----w- c:\documents and settings\Bastien\Local Settings\Application Data\id Software
2009-09-05 15:30 . 2009-09-05 15:30 -------- d-----w- c:\program files\Activision
2009-09-05 15:29 . 2009-09-05 15:29 -------- d-sh--w- c:\windows\ftpcache
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 12:21 . 2008-11-15 20:50 -------- d-----w- c:\program files\World of Warcraft officiel
2009-09-24 21:48 . 2001-08-28 14:00 82572 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-24 21:48 . 2001-08-28 14:00 503034 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-19 15:38 . 2008-11-13 23:10 -------- d-----w- c:\program files\Windows Live
2009-09-19 15:20 . 2008-11-29 00:59 18800 ----a-w- c:\documents and settings\Bastien\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-13 19:33 . 2009-05-09 09:20 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-12 14:28 . 2008-11-13 21:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-12 08:56 . 2009-01-03 15:55 -------- d-----w- c:\program files\Warcraft III
2009-09-12 07:39 . 2009-02-08 09:54 -------- d-----w- c:\program files\Java
2009-09-12 07:27 . 2008-11-13 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-10 15:54 . 2009-04-21 00:34 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-09 17:11 . 2009-06-27 14:15 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-09 17:11 . 2009-06-27 14:15 189640 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-05 23:13 . 2009-04-23 15:48 -------- d-----w- c:\program files\Windows Live Safety Center
2009-09-05 15:47 . 2009-06-27 14:15 139152 ----a-w- c:\documents and settings\Bastien\Application Data\PnkBstrK.sys
2009-09-05 15:46 . 2009-06-27 14:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-05 15:46 . 2009-06-27 14:15 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-09-03 18:44 . 2009-08-29 22:18 -------- d-----w- c:\program files\EA Games
2009-09-03 18:42 . 2009-06-07 20:40 -------- d-----w- c:\program files\The Cleaner
2009-09-03 10:09 . 2008-11-13 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-02 13:17 . 2009-07-04 15:15 -------- d-----w- c:\program files\DOSBox-0.73
2009-09-02 13:17 . 2009-05-09 08:18 -------- d-----w- c:\program files\AruaROSE
2009-09-02 13:15 . 2009-08-23 00:44 -------- d-----w- c:\documents and settings\Bastien\Application Data\SystemRequirementsLab
2009-09-01 20:12 . 2009-03-19 18:07 -------- d-----w- c:\program files\LucasArts
2009-09-01 17:59 . 2009-09-01 16:14 -------- d-----w- c:\program files\Time Commando
2009-09-01 10:57 . 2009-08-22 20:22 -------- d-----w- c:\program files\Cryptic Studios
2009-08-25 21:53 . 2009-01-03 15:58 160032 ----a-w- c:\windows\War3Unin.dat
2009-08-23 01:14 . 2009-08-23 01:14 -------- d-----w- c:\program files\NVIDIA Corporation
2009-08-23 01:14 . 2009-08-23 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-08-23 00:44 . 2009-08-23 00:44 -------- d-----w- c:\program files\SystemRequirementsLab
2009-08-22 21:44 . 2009-08-22 20:17 -------- d-----w- c:\program files\CO
2009-08-21 08:05 . 2008-11-13 21:31 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-21 08:05 . 2008-11-13 21:19 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-21 08:05 . 2008-11-13 21:19 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-20 08:42 . 2009-08-20 08:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-08-14 13:12 . 2008-11-15 12:03 -------- d-----w- c:\documents and settings\Bastien\Application Data\teamspeak2
2009-08-14 11:12 . 2009-03-19 18:17 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-14 10:44 . 2009-05-01 11:18 -------- d-----w- c:\program files\Electronic Arts
2009-08-09 13:39 . 2009-06-24 10:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-08-05 20:48 . 2009-04-21 00:34 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-08-05 09:00 . 2008-04-13 17:33 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:03 . 2008-04-13 17:33 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 18:54 . 2009-08-23 01:14 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-07-14 18:54 . 2009-08-23 01:13 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-07-14 18:54 . 2009-08-23 01:13 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-07-14 18:54 . 2009-08-23 01:13 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-07-14 18:54 . 2009-08-23 01:13 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-07-14 18:54 . 2009-08-23 01:13 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-07-14 18:54 . 2009-08-23 01:13 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-07-14 18:54 . 2009-08-23 01:13 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-07-14 18:54 . 2009-08-23 01:13 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-07-14 18:54 . 2006-06-01 09:22 7741664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-07-14 18:54 . 2006-06-01 09:22 5842816 ----a-w- c:\windows\system32\nv4_disp.dll
2009-07-14 11:34 . 2009-07-14 11:34 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-07-14 11:34 . 2009-07-14 11:34 8085504 ----a-w- c:\windows\system32\nvdispsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-07-14 11:34 . 2009-07-14 11:34 4640768 ----a-w- c:\windows\system32\nvgamesr.dll
2009-07-14 11:34 . 2009-07-14 11:34 458752 ----a-w- c:\windows\system32\nvmccssr.dll
2009-07-14 11:34 . 2009-07-14 11:34 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-07-14 11:34 . 2009-07-14 11:34 2854912 ----a-w- c:\windows\system32\nvmoblsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-07-14 11:34 . 2009-07-14 11:34 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-07-14 11:34 . 2009-07-14 11:34 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-07-14 11:34 . 2009-07-14 11:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 11:34 . 2009-07-14 11:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-07-14 11:34 . 2009-07-14 11:34 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-07-13 21:43 . 2008-04-13 17:33 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 11:01 . 2009-07-10 11:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
2009-07-10 05:01 . 2009-08-23 01:13 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-03-06 20:23 . 2009-03-06 20:23 10610008 ----a-w- c:\program files\Mumble-1.1.7.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-07-24 07:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-21 2007832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"LELA"="c:\program files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" [2008-08-06 159744]
"nmctxth"="c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe" [2008-05-16 648504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-12 149280]
"VF0060 STISvc"="V0060Pin.dll" - c:\windows\system32\V0060Pin.dll [2004-11-01 36864]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-28 17331200]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-21 08:05 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Bastien\\Mes documents\\WoW-2.0.0-frfr-Installer.exe"=
"c:\\Program Files\\GOA\\Gunbound\\GunBound.gme"=
"c:\\Program Files\\Quake III Arena\\quake3.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\cyberdemon_killer\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\cyberdemon_killer\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires\\Empires.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\cyberdemon_killer\\age of chivalry\\hl2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\cyberdemon_killer\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\Program Files\\ZDaemon\\zlauncher.exe"=
"c:\\Program Files\\ZDaemon\\zdaemon.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\World of Warcraft officiel\\WoW-3.1.3.9947-to-3.2.0.10192-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft officiel\\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft officiel\\Launcher.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\EA Games\\Battlefield Heroes\\BFHeroes.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\World of Warcraft officiel\\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft officiel\\WoW-3.2.2.10482-to-3.2.2.10505-frFR-downloader.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"29900:TCP"= 29900:TCP:Gamespy TCP 29900
"29901:TCP"= 29901:TCP:gamespy29901 TCP 29901
"28900:TCP"= 28900:TCP:28900 TCP 28900
"27900:TCP"= 27900:TCP:27900 TCP 27900
"3783:TCP"= 3783:TCP:3783 TCP 3783
"6667:TCP"= 6667:TCP:6667 TCP 6667
"6515:TCP"= 6515:TCP:6515 TCP 6515
"6500:TCP"= 6500:TCP:6500 TCP 6500
"47624:TCP"= 47624:TCP:67624 TCP 47624
"2300:TCP"= 2300:TCP:2300tcp TCP 2300
"2300:UDP"= 2300:UDP:2300udp UDP 2300
"2400:TCP"= 2400:TCP:2400tcp TCP 2400
"2400:UDP"= 2400:UDP:2400udp UDP 2400
"6073:UDP"= 6073:UDP:6073 UDP
"2302:UDP"= 2302:UDP:23022400 UDP 2302-2400
"67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [13/11/2008 23:19 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [13/11/2008 23:19 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [13/11/2008 23:31 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [13/11/2008 23:31 297752]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/04/2009 02:34 54752]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [14/11/2008 00:55 196409]
S2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [26/06/2008 14:52 204800]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - GTNDIS5
.
Contenu du dossier 'Tâches planifiées'
2009-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\Bastien\Application Data\Mozilla\Firefox\Profiles\seka69sy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - prefs.js: keyword.URL - hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\documents and settings\Bastien\Application Data\Mozilla\Firefox\Profiles\seka69sy.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Notification de cadeaux MSN - c:\documents and settings\Bastien\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-04 00:03
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3856)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-10-03 0:05
ComboFix-quarantined-files.txt 2009-10-03 22:05
Avant-CF: 22 897 070 080 octets libres
Après-CF: 23 014 232 064 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
258 --- E O F --- 2009-09-09 22:13
PS: Sorry for my bad english, i'm a little bit tired and have used an online translator :s... (not for this sentence )
Thanks for your answers.
Edited by SidMarcus, 03 October 2009 - 04:31 PM.