Se connecter / S'enregistrer
Votre question
Fermé

Voici mon rapport combofix

Tags :
  • Acer
  • Sécurité
Anonyme
22 Août 2010 19:48:46

ComboFix 10-08-21.06 - amy 22/08/2010 12:05:03.3.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3000.1879 [GMT 2:00]
Lancé depuis: c:\users\amy\Documents\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2010-07-22 au 2010-08-22 ))))))))))))))))))))))))))))))))))))
.

2010-08-22 10:38 . 2010-08-22 10:40 -------- d-----w- c:\users\amy\AppData\Local\temp
2010-08-22 10:38 . 2010-08-22 10:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-22 10:38 . 2010-08-22 10:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-21 17:22 . 2010-08-21 17:22 -------- d-----w- c:\programdata\GARMIN
2010-08-21 17:00 . 2010-08-21 17:22 -------- d-----w- c:\program files\Garmin
2010-08-21 15:42 . 2010-08-21 15:47 -------- d-----w- c:\program files\Common Files\HP
2010-08-21 15:35 . 2010-08-21 15:35 -------- d-----w- c:\programdata\Hewlett-Packard
2010-08-21 15:34 . 2007-02-02 09:26 273920 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp4v2.dll
2010-08-21 15:26 . 2010-08-21 15:26 454144 --sh--w- c:\windows\system32\dot3pack32.dll
2010-08-21 15:26 . 2010-08-21 15:26 38400 --sh--w- c:\windows\system32\advres.dll
2010-08-21 15:12 . 2007-02-02 09:27 117760 ----a-w- c:\windows\system32\hpz3l4v2.dll
2010-08-21 15:11 . 2010-08-21 15:58 146221 ----a-w- c:\windows\hpoins18.dat
2010-08-21 15:08 . 2007-02-01 08:24 258048 ----a-w- c:\windows\system32\hpzids01.dll
2010-08-21 15:08 . 2006-12-16 06:19 675840 ----a-w- c:\windows\system32\hpowiav1.dll
2010-08-21 15:08 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll
2010-08-21 15:08 . 2006-12-16 06:19 897024 ----a-w- c:\windows\system32\hpotiop1.dll
2010-08-21 15:08 . 2007-03-01 00:35 6600 ----a-w- c:\windows\hpomdl18.dat
2010-08-20 12:39 . 2010-08-20 12:39 -------- d-----w- c:\programdata\WEBREG
2010-08-20 12:36 . 2010-08-20 12:44 -------- d-----w- c:\users\amy\AppData\Roaming\HP
2010-08-20 12:35 . 2010-08-20 12:35 -------- d-----w- c:\programdata\HPSSUPPLY
2010-08-20 12:31 . 2010-08-20 12:31 -------- d-----w- c:\program files\Hewlett-Packard
2010-08-20 12:31 . 2010-08-20 12:31 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-08-20 12:26 . 2010-08-21 15:48 -------- d-----w- c:\program files\HP
2010-08-20 12:23 . 2010-08-20 12:32 -------- d-----w- c:\programdata\HP
2010-08-19 16:56 . 2010-08-19 16:56 453120 --sh--w- c:\windows\system32\cscinfo32.dll
2010-08-19 16:56 . 2010-08-19 16:56 37888 --sh--w- c:\windows\system32\diagui.dll
2010-08-15 11:02 . 2010-08-15 11:02 -------- d-----w- c:\program files\Ask Search Assistant
2010-08-10 18:31 . 2010-06-08 17:35 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-10 18:31 . 2010-06-08 17:35 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-10 18:31 . 2010-06-11 16:15 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-08-10 18:31 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-10 18:31 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-10 18:31 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-09 18:37 . 2010-08-09 18:37 -------- d-----w- c:\users\amy\AppData\Local\Apple Computer
2010-08-09 18:37 . 2010-08-09 18:37 -------- d-----w- c:\users\amy\AppData\Roaming\Apple Computer
2010-08-09 18:32 . 2010-08-09 18:33 -------- d-----w- c:\program files\QuickTime
2010-08-09 18:32 . 2010-08-09 18:32 -------- d-----w- c:\programdata\Apple Computer
2010-08-09 18:31 . 2010-08-09 18:31 -------- d-----w- c:\program files\Common Files\Apple
2010-08-09 18:30 . 2010-08-09 18:30 -------- d-----w- c:\users\amy\AppData\Local\Apple
2010-08-09 18:30 . 2010-08-09 18:30 -------- d-----w- c:\program files\Apple Software Update
2010-08-09 18:30 . 2010-08-09 18:30 -------- d-----w- c:\programdata\Apple
2010-08-01 21:41 . 2010-08-01 21:41 -------- d-----w- c:\program files\PopCap Games
2010-08-01 19:28 . 2010-08-01 19:28 98304 ----a-w- c:\users\amy\AppData\Roaming\LimeWire\browser\xulrunner\nssdbm3.dll
2010-08-01 19:20 . 2010-08-01 19:20 -------- d-----w- c:\users\amy\AppData\Roaming\Spore
2010-08-01 13:41 . 2010-08-01 13:41 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-01 13:38 . 2010-08-21 15:30 -------- d-----w- c:\users\amy\AppData\Roaming\vlc
2010-07-30 00:03 . 2010-07-30 00:03 2605008 ----a-w- c:\users\amy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-07-23 17:09 . 2010-07-23 17:08 53632 ----a-w- c:\users\amy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-23 17:08 . 2010-07-23 17:42 -------- d-----w- c:\programdata\Electronic Arts
2010-07-23 17:07 . 2010-07-23 17:08 53632 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-23 17:07 . 2010-07-23 17:08 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-23 17:00 . 2010-07-23 17:00 1206 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-07-23 16:15 . 2010-07-23 17:42 -------- d-----w- c:\program files\Electronic Arts
2010-07-23 16:06 . 2010-07-23 16:06 -------- d--h--r- c:\users\amy\AppData\Roaming\SecuROM
2010-07-23 15:36 . 2010-07-23 15:36 -------- d-----w- c:\program files\Common Files\Macrovision Shared

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-22 10:40 . 2010-04-26 19:23 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-22 09:41 . 2008-05-08 15:56 669566 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-22 09:41 . 2008-05-08 15:56 123556 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-22 05:50 . 2010-03-01 16:54 12 ----a-w- c:\windows\bthservsdp.dat
2010-08-21 17:43 . 2010-02-16 17:25 -------- d-----w- c:\users\amy\AppData\Roaming\Vista Start Menu
2010-08-21 17:01 . 2010-06-08 18:39 -------- d-----w- c:\program files\DIFX
2010-08-21 15:33 . 2010-08-01 19:28 -------- d-----w- c:\users\amy\AppData\Roaming\LimeWire
2010-08-21 15:26 . 2010-05-08 17:19 -------- d-----w- c:\program files\WinAce
2010-08-20 22:27 . 2009-01-10 18:24 -------- d-----w- c:\users\amy\AppData\Roaming\dvdcss
2010-08-15 11:02 . 2009-09-13 09:00 -------- d-----w- c:\program files\Messenger Plus! Live
2010-08-12 18:17 . 2009-09-13 09:01 -------- d-----w- c:\programdata\Messenger Plus!
2010-08-11 18:43 . 2008-05-08 06:10 -------- d-----w- c:\programdata\Microsoft Help
2010-08-01 19:28 . 2010-08-01 19:28 9216 ----a-w- c:\users\amy\AppData\Roaming\LimeWire\browser\xulrunner\plds4.dll
2010-08-01 13:44 . 2008-05-08 06:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-01 13:38 . 2010-03-21 17:28 -------- d-----w- c:\programdata\WinZip
2010-07-24 08:58 . 2010-06-09 10:09 -------- d-----w- c:\programdata\DivX
2010-07-23 17:15 . 2008-12-25 00:11 101720 ----a-w- c:\users\amy\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-23 16:28 . 2010-04-26 19:28 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-07-23 16:16 . 2010-04-26 19:36 -------- d-----w- c:\programdata\Autodesk
2010-07-23 16:16 . 2010-04-26 19:28 -------- d-----w- c:\program files\Autodesk
2010-07-23 15:31 . 2010-04-26 16:45 -------- d-----w- c:\users\amy\AppData\Roaming\Autodesk
2010-07-19 18:42 . 2010-07-19 18:42 -------- d-----w- c:\users\amy\AppData\Roaming\Windows Live Writer
2010-06-28 20:57 . 2010-07-04 19:35 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2009-02-20 19:00 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2009-02-20 19:01 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2009-02-20 19:01 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2009-02-20 19:01 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2009-02-20 19:00 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2009-02-20 19:01 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-26 06:05 . 2010-08-10 18:32 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-10 18:32 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02 . 2010-08-10 18:32 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25 . 2010-08-10 18:32 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-21 13:37 . 2010-08-10 18:32 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-06-19 07:43 . 2010-06-19 07:43 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-18 17:31 . 2010-08-10 18:32 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-06-11 16:16 . 2010-08-10 18:32 274944 ----a-w- c:\windows\system32\schannel.dll
2010-06-09 10:12 . 2010-06-09 10:12 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-09 10:12 . 2010-06-09 10:12 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-09 10:12 . 2010-06-09 10:12 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-06-09 10:12 . 2010-06-09 10:12 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-06-09 10:12 . 2010-06-09 10:12 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-06-09 10:11 . 2010-06-09 10:11 84062 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-06-09 10:11 . 2010-06-09 10:11 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-09 10:11 . 2010-06-09 10:11 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-06-09 10:10 . 2010-06-09 10:10 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-06-09 10:09 . 2010-06-09 10:12 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-06-09 10:09 . 2010-06-09 10:12 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-06-09 07:23 . 2010-06-09 07:24 69632 ----a-w- c:\users\amy\AppData\Roaming\Samsung\New PC Studio\DriverChecker.exe
2010-05-27 20:08 . 2010-08-10 18:32 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-05-26 17:06 . 2010-06-11 11:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 11:06 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-24 16:08 . 2008-12-29 18:32 5972 ----a-w- c:\users\amy\AppData\Local\d3d9caps.dat
2008-09-09 04:46 . 2008-09-09 04:45 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{346de098-61f9-4b42-89da-6dfba7091bb6}"= "c:\program files\IMBooster4web-en\tbIMB1.dll" [2009-11-03 2166296]

[HKEY_CLASSES_ROOT\clsid\{346de098-61f9-4b42-89da-6dfba7091bb6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{346de098-61f9-4b42-89da-6dfba7091bb6}]
2009-11-03 21:17 2166296 ----a-w- c:\program files\IMBooster4web-en\tbIMB1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2008-12-25 00:12 157168 ----a-w- c:\programdata\Partner\partner.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{346de098-61f9-4b42-89da-6dfba7091bb6}"= "c:\program files\IMBooster4web-en\tbIMB1.dll" [2009-11-03 2166296]

[HKEY_CLASSES_ROOT\clsid\{346de098-61f9-4b42-89da-6dfba7091bb6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{346DE098-61F9-4B42-89DA-6DFBA7091BB6}"= "c:\program files\IMBooster4web-en\tbIMB1.dll" [2009-11-03 2166296]

[HKEY_CLASSES_ROOT\clsid\{346de098-61f9-4b42-89da-6dfba7091bb6}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Piratrax"="c:\program files\Piratrax\piratrax_launch.exe" [2009-05-03 776192]
"VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2010-01-27 2775936]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-10-09 107864]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"eMuleAutoStart"="c:\program files\eMule49a\emule.exe" [2008-05-11 5423104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-16 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-16 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\diagui.dll c:\windows\System32\cscinfo32.dll c:\windows\System32\dot3pack32.dll c:\windows\System32\advres.dll c:\windows\System32\advres.dll c:\windows\System32\dot3pack32.dll c:\windows\System32\advres.dll c:\windows\System32\dot3pack32.dll c:\windows\System32\advres.dll c:\windows\System32\dot3pack32.dll c:\windows\System32\advres.dll c:\windows\System32\dot3pack32.dll c:\windows\System32\advres.dll c:\windows\System32\dot3pack32.dll advres.dll dot3pack32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
path=c:\users\amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
backup=c:\windows\pss\Orion.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2008-04-10 14:30 147456 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
2008-05-11 11:19 5423104 ----a-w- c:\program files\eMule49a\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-07-25 03:40 809480 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2008-07-03 10:37 812952 ----a-w- c:\program files\Registry Mechanic\RMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-21 02:15 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2008-01-29 08:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1b,d1,20,13,e3,75,ca,01

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2009-09-04 30240]
R3 athrusb;802.11g Wireless USB2.0 Adapter driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-01-29 451072]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2009-09-11 90240]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2009-09-11 14976]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2009-09-11 121856]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-02 691696]
S1 aswSP;aswSP; [x]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 61424]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-10-09 238952]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-10-05 36608]


--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://lo.st/
mStart Page = hxxp://www.pucuy.com/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
.
.
------- Associations de fichier -------
.
.scr=DWGTrueViewScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-22 12:39
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2906246308-716892153-1294607306-1000\Software\SecuROM\License information*]
"datasecu"=hex:58,5c,8f,4e,2b,b7,9d,f4,70,b2,86,6f,76,6e,2c,cf,ca,a2,ab,47,4c,
7e,ac,1a,a0,c5,c8,52,75,11,bb,50,18,fd,9e,2f,93,8e,9d,3f,12,6f,23,c6,e0,cb,\
"rkeysecu"=hex:e1,aa,e4,a3,8e,0b,cd,08,40,8f,ac,68,6b,6e,2b,d4

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-08-22 13:00:56
ComboFix-quarantined-files.txt 2010-08-22 11:00
ComboFix2.txt 2010-08-21 14:18
ComboFix3.txt 2010-08-20 22:33

Avant-CF: 14 952 943 616 octets libres
Après-CF: 15 619 575 808 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 770402B1C8EC998F125C11D08D10C7EE

Autres pages sur : rapport combofix

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS