ComboFix 12-08-17.03 - Sarl York Edward 18/08/2012  15:23:58.1.2 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.2047.1571 [GMT 2:00]
Lancé depuis: c:\documents and settings\Sarl York Edward\Bureau\ComboFix.exe
.
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Sarl York Edward\WINDOWS
c:\program files\Internet Explorer\SET3.tmp
c:\program files\Internet Explorer\SET4.tmp
c:\program files\Internet Explorer\SET5.tmp
c:\program files\Internet Explorer\SET94.tmp
c:\program files\Internet Explorer\SET95.tmp
c:\program files\Internet Explorer\SET96.tmp
C:\RECYCLER(2)
c:\recycler(2)\S-1-5-21-3763518644-895795467-4165139698-500\INFO2
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
---- Exécution préalable -------
.
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\SET11B2.tmp
c:\windows\system32\SET11BE.tmp
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\WindowsUpdate.log . . . . impossible à supprimer
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-07-18 au 2012-08-18  ))))))))))))))))))))))))))))))))))))
.
.
2012-08-15 16:16 . 2012-08-18 06:07	--------	d-----w-	c:\windows\system32\drivers\NIS\1308000.00E
2012-08-11 10:07 . 2012-08-11 10:07	--------	d-----w-	c:\documents and settings\Sarl York Edward\Application Data\pdfforge
2012-08-11 10:07 . 2012-06-30 06:46	81920	----a-w-	c:\windows\system32\pdfcmon.dll
2012-08-11 10:07 . 2012-08-11 10:08	--------	d-----w-	c:\program files\PDFCreator
2012-08-11 10:07 . 2012-05-05 09:54	23552	----a-w-	c:\windows\system32\MSMPIDE.DLL
2012-08-11 09:33 . 2001-09-19 04:47	765952	----a-r-	c:\windows\system\crlds3d.dll
2012-08-11 09:33 . 2007-01-16 01:09	293888	----a-r-	c:\windows\system32\drivers\ADIHdAud.sys
2012-08-11 09:33 . 2006-08-06 22:57	93952	----a-r-	c:\windows\system32\drivers\aeaudio.sys
2012-08-11 09:33 . 2006-03-17 09:18	392960	----a-r-	c:\windows\system32\drivers\senfilt.sys
2012-08-05 10:10 . 2012-08-05 17:01	--------	d-----w-	c:\documents and settings\All Users\Application Data\Tarma Installer
2012-07-29 12:14 . 2012-07-29 12:14	--------	d-----w-	C:\_OTL
2012-07-29 10:47 . 2012-07-29 10:47	--------	d-----w-	C:\found.002
2012-07-26 15:46 . 2012-07-26 15:46	--------	d-----w-	c:\windows\system32\wbem\Repository
2012-07-26 15:43 . 2012-07-26 15:43	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-07-26 15:43 . 2012-07-26 15:43	--------	d-----w-	C:\AND
2012-07-26 15:41 . 2012-07-26 15:42	--------	d--h--w-	c:\windows\ie8
2012-07-26 15:41 . 2012-08-12 13:31	--------	d-----w-	c:\program files\Graboid
2012-07-23 18:48 . 2012-07-23 18:48	--------	d-----w-	C:\found.001
2012-07-23 17:01 . 2012-07-23 17:02	--------	d-----w-	C:\FRST
2012-07-22 16:33 . 2012-07-22 16:33	--------	d-----w-	C:\found.000
2012-07-22 16:07 . 2012-07-22 16:07	--------	d-----w-	c:\documents and settings\Administrateur
2012-07-22 06:26 . 2012-07-26 15:41	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-07-22 06:26 . 2012-07-22 06:26	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2012-07-22 06:10 . 2012-07-22 06:10	--------	d-----w-	c:\program files\VS Revo Group
2012-07-21 13:44 . 2012-07-26 15:43	--------	d-s---w-	c:\documents and settings\Edward
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 08:22 . 2012-03-31 06:38	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-07-14 08:22 . 2011-05-17 11:56	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-14 08:22 . 2012-07-14 08:22	9822920	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2012-07-06 13:59 . 2004-08-05 12:00	78336	----a-w-	c:\windows\system32\browser.dll
2012-07-04 14:05 . 2007-07-21 08:22	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:27 . 2004-08-05 12:00	1866240	----a-w-	c:\windows\system32\win32k.sys
2012-07-02 17:39 . 2004-08-05 12:00	916992	------w-	c:\windows\system32\wininet.dll
2012-07-02 17:39 . 2004-08-05 12:00	43520	------w-	c:\windows\system32\licmgr10.dll
2012-07-02 17:39 . 2004-08-05 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-05 12:00	385024	----a-w-	c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59	1070152	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2008-04-14 02:33	1372672	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-05 12:00	1172480	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-05 12:00	152576	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2011-09-21 10:09	16408	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-07-21 08:24	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-07-21 08:24	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-07-21 08:24	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-07-21 08:24	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-07-21 08:24	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-04-16 20:45	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-05 12:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-04-16 20:47	16408	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-04-16 20:45	19480	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-07-21 08:24	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-07-21 08:24	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2007-04-16 20:45	25112	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:18 . 2007-12-07 11:15	275696	----a-w-	c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2007-12-07 11:15	214256	----a-w-	c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2007-12-07 11:15	18672	----a-w-	c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-05 12:00	606208	----a-w-	c:\windows\system32\crypt32.dll
2012-06-19 18:19 . 2012-04-08 15:49	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624]
"DataCardMonitor"="c:\program files\Telekom\InternetManager_H\DataCardMonitor.exe" [2011-08-02 253952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Play Wireless USB Adapter Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Play Wireless USB Adapter Utility.lnk
backup=c:\windows\pss\Play Wireless USB Adapter Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^Dragon NaturallySpeaking.lnk]
path=c:\documents and settings\Sarl York Edward\Menu Démarrer\Programmes\Démarrage\Dragon NaturallySpeaking.lnk
backup=c:\windows\pss\Dragon NaturallySpeaking.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^Netzmanager.lnk]
path=c:\documents and settings\Sarl York Edward\Menu Démarrer\Programmes\Démarrage\Netzmanager.lnk
backup=c:\windows\pss\Netzmanager.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Sarl York Edward^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk]
path=c:\documents and settings\Sarl York Edward\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk
backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-29 19:59	937920	----a-r-	c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57	40368	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-12-23 16:05	143360	----a-w-	c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2007-03-02 15:32	630784	------w-	c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2006-11-07 18:03	65536	------w-	c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeTaskScheduler]
2006-11-17 15:42	53341	------w-	c:\program files\Creative\Shared Files\CTSched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:33	15360	----a-w-	c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HW_OPENEYE_OUC_Telekom Internet Manager]
2009-12-31 12:13	110592	----a-w-	c:\program files\Telekom\InternetManager_H\UpdateDog\ouc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-01-29 20:10	46632	----a-w-	c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 14:15	221184	----a-w-	c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 14:15	81920	----a-w-	c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-08-18 23:07	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55	54832	----a-w-	c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2010-09-15 08:11	339312	----a-w-	c:\program files\Fichiers communs\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
2010-12-07 13:15	503969	------w-	c:\program files\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxtorOneTouch]
2005-11-09 15:19	634880	----a-w-	c:\program files\Maxtor\OneTouch\Utils\OneTouch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34	1695232	----a-w-	c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2005-10-17 15:24	81920	----a-w-	c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 13:40	155648	----a-w-	c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-09-27 16:19	13918208	----a-w-	c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-09-27 16:19	86016	----a-w-	c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-01-29 20:12	30248	----a-w-	c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-23 13:10	56928	----a-w-	c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33	17418928	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12	729088	----a-w-	c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2006-12-18 13:34	868352	----a-r-	c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 07:03	210472	----a-w-	c:\program files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0700Mon.exe]
2010-08-17 23:00	28672	----a-w-	c:\windows\V0700Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLANBelkinService"=2 (0x2)
"SkypeUpdate"=2 (0x2)
"Skype C2C Service"=2 (0x2)
"RichVideo"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"NTService1"=2 (0x2)
"NMIndexingService"=3 (0x3)
"NIS"=2 (0x2)
"Netzmanager Service"=2 (0x2)
"NBService"=3 (0x3)
"MozillaMaintenance"=3 (0x3)
"McComponentHostService"=3 (0x3)
"MaxBackServiceInt"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate1c9516b1a6a1962"=2 (0x2)
"Freemake Improver"=2 (0x2)
"DCService.exe"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Fichiers communs\\Thunder Network\\DS\\Ver1\\1.0.2.95\\ThunderService.exe"=
"c:\\Program Files\\Fichiers communs\\Thunder Network\\DS\\Ver1\\1.0.2.95\\ThunderLiveUD.exe"=
"c:\\Program Files\\Fichiers communs\\Thunder Network\\DS\\Ver1\\1.0.2.95\\XLBugReport.exe"=
"c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9997:TCP"= 9997:TCP:*:Disabled:hyjli
.
R0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys [02/08/2011 13:18 13184]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [08/04/2011 10:17 53816]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1308000.00E\symds.sys [15/08/2012 18:16 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1308000.00E\symefa.sys [15/08/2012 18:16 924320]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120804.001\BHDrvx86.sys [10/08/2012 18:33 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1308000.00E\ccsetx86.sys [15/08/2012 18:16 132768]
R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [08/04/2012 16:18 38976]
R1 PSSDKLBF;PSSDKLBF;c:\windows\system32\drivers\pssdklbf.sys [08/04/2012 16:18 53312]
R1 RapportCerberus_25973;RapportCerberus_25973;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\25973\RapportCerberus_25973.sys [13/04/2011 15:56 57144]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [08/04/2011 10:17 66360]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [08/04/2011 10:17 158904]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1308000.00E\ironx86.sys [15/08/2012 18:16 149624]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe [15/08/2012 18:16 138272]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [22/09/2011 10:24 147040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [10/08/2012 18:33 106656]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [02/08/2011 13:17 70656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120817.001\IDSXpx86.sys [18/08/2012 08:07 369632]
R3 V0700Afx;Creative Camera VF0700 Audio Effects Driver;c:\windows\system32\drivers\V0700Afx.sys [20/10/2010 14:24 302720]
R3 V0700Vid;Creative Live! Cam Chat HD Driver;c:\windows\system32\drivers\V0700Vid.sys [18/10/2010 01:00 322304]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 13:28 160944]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [06/11/2009 09:26 642432]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [02/08/2011 13:17 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [12/08/2010 14:52 117504]
S3 filtertdidriver;filtertdidriver;c:\windows\system32\drivers\ewfiltertdidriver.sys [02/08/2011 13:17 7552]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?]
S3 TelekomNM3;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [16/09/2010 17:02 35040]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31/03/2012 08:38 250056]
S4 DCService.exe;DCService.exe;c:\documents and settings\All Users\Application Data\DatacardService\DCService.exe [19/08/2010 10:52 229376]
S4 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [13/04/2012 15:14 96768]
S4 gupdate1c9516b1a6a1962;Google Update Service (gupdate1c9516b1a6a1962);c:\program files\Google\Update\GoogleUpdate.exe [28/11/2008 17:07 133104]
S4 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28/11/2008 17:07 133104]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17/06/2011 19:33 237008]
S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [18/05/2012 10:30 113120]
S4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [24/10/2011 09:53 2565632]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [19/06/2012 17:32 3048136]
S4 WLANBelkinService;Belkin WLAN service;c:\program files\Belkin\F7D4101\V1\wlansrv.exe [28/12/2009 18:25 36864]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
kojknoa
.
Contenu du dossier 'Tâches planifiées'
.
2012-08-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 08:22]
.
2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-01-02 c:\windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
- c:\program files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2008-07-27 18:21]
.
2012-07-08 c:\windows\Tasks\NatSpeak Periodic Language Model Optimization.job
- c:\program files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2008-07-27 18:21]
.
.
------- Examen supplémentaire -------
.
uStart Page = 
FF - ProfilePath - c:\documents and settings\Sarl York Edward\Application Data\Mozilla\Firefox\Profiles\8dnsjj4m.default\
FF - prefs.js: browser.search.selectedEngine - iNTERNET TURBO Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3197087&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3197087&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=make
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=make
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=make&q=
FF - user.js: extensions.funmoods_i.id - 90a95f3d000000000000944452de4965
FF - user.js: extensions.funmoods_i.instlDay - 15443
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1615:16
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - make
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef - 
FF - user.js: extensions.funmoods_i.dfltLng - 
FF - user.js: extensions.funmoods_i.excTlbr - false
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - 
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - 
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 90a95f3d000000000000944452de4965
FF - user.js: extensions.Softonic.instlDay - 15557
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.412:10
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - INF1205T01
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
MSConfigStartUp-Iminent - c:\program files\Iminent\Iminent.exe
MSConfigStartUp-IminentMessenger - c:\program files\Iminent\Iminent.Messengers.exe
MSConfigStartUp-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-18 15:30
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  DataCardMonitor = c:\program files\Telekom\InternetManager_H\DataCardMonitor.exe?C?????????+=?rogram Files\Telekom\InternetManager_H\?RLYO????W???????rogram Files\Telekom\InternetManager_H\DataCardMonitor.exe?P????L?=?`?=?`?=?nts and Settings\Sarl York Edward?windir=C:\WIND 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Heure de fin: 2012-08-18  15:33:20
ComboFix-quarantined-files.txt  2012-08-18 13:33
.
Avant-CF: 108,565,241,856 octets libres
Après-CF: 108,497,444,864 octets libres
.
- - End Of File - - A7228F6BF1C5765E1836B8F81B43EB1C