Oh merci pour la reponse rapide .
voicile rapport demandé:


ComboFix 08-09-22.03 - makikoo 2008-09-23 13:50:07.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1179 [GMT -4:00]
Lancé depuis: C:\Users\makikoo\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documentation\_desktop.ini
C:\Documentation\Documentation\_desktop.ini
C:\Documentation\Documentation\CS\_desktop.ini
C:\Documentation\Documentation\DE\_desktop.ini
C:\Documentation\Documentation\EN\_desktop.ini
C:\Documentation\Documentation\ES\_desktop.ini
C:\Documentation\Documentation\FI\_desktop.ini
C:\Documentation\Documentation\FR\_desktop.ini
C:\Documentation\Documentation\GR\_desktop.ini
C:\Documentation\Documentation\IT\_desktop.ini
C:\Documentation\Documentation\NL\_desktop.ini
C:\Documentation\Documentation\PO\_desktop.ini
C:\Documentation\Documentation\RU\_desktop.ini
C:\Documentation\Documentation\SV\_desktop.ini
C:\Documentation\Leaflets\_desktop.ini
C:\Documentation\Leaflets\CS\_desktop.ini
C:\Documentation\Leaflets\DE\_desktop.ini
C:\Documentation\Leaflets\EN\_desktop.ini
C:\Documentation\Leaflets\ES\_desktop.ini
C:\Documentation\Leaflets\FI\_desktop.ini
C:\Documentation\Leaflets\FR\_desktop.ini
C:\Documentation\Leaflets\GR\_desktop.ini
C:\Documentation\Leaflets\IT\_desktop.ini
C:\Documentation\Leaflets\NL\_desktop.ini
C:\Documentation\Leaflets\PO\_desktop.ini
C:\Documentation\Leaflets\RU\_desktop.ini
C:\Documentation\Leaflets\SV\_desktop.ini
C:\Users\makikoo\AppData\Roaming\Microsoft\Windows\Cookies\makikoo@bluestreak[1].txt
C:\Users\makikoo\AppData\Roaming\Microsoft\Windows\Cookies\makikoo@edt02[2].txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.

2008-09-22 03:01 . 2007-11-08 05:04 11,967,524 --a------ C:\Windows\System32\korwbrkr.lex
2008-09-22 02:00 . 2008-09-22 02:00 <REP> d-------- C:\Program Files\Trend Micro
2008-09-21 23:22 . 2008-07-19 10:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2008-09-21 22:44 . 2008-04-26 04:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-09-21 22:44 . 2008-04-26 04:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-09-21 22:44 . 2008-04-26 04:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-09-21 22:44 . 2008-05-09 23:35 885,248 --a------ C:\Windows\System32\RacEngn.dll
2008-09-21 22:44 . 2008-04-11 23:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-09-21 22:44 . 2008-04-04 21:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-09-21 22:44 . 2008-04-04 23:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-09-21 22:44 . 2008-05-09 18:22 9,127 --a------ C:\Windows\System32\RacUR.xml
2008-09-21 22:44 . 2008-05-09 18:22 153 --a------ C:\Windows\System32\RacUREx.xml
2008-09-21 16:59 . 2008-09-21 17:02 <REP> d-------- C:\ProgramData\Lavasoft
2008-09-21 16:59 . 2008-09-21 16:59 <REP> d-------- C:\Program Files\Lavasoft
2008-09-21 15:00 . 2008-09-21 15:00 <REP> d-------- C:\PerfLogs
2008-09-20 00:31 . 2008-01-19 03:38 4,595,712 --a------ C:\Windows\System32\AuthFWSnapin.dll
2008-09-20 00:30 . 2008-01-19 03:33 8,139,264 --a------ C:\Windows\System32\ssBranded.scr
2008-09-20 00:29 . 2008-01-19 03:32 5,714,432 --a------ C:\Windows\System32\logon.scr
2008-09-20 00:28 . 2008-01-19 02:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-09-20 00:26 . 2008-01-19 03:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-09-20 00:26 . 2008-01-19 03:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-09-20 00:26 . 2008-01-19 03:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-09-20 00:26 . 2008-01-19 03:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-09-20 00:26 . 2008-01-19 03:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-09-20 00:26 . 2008-01-19 03:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-09-20 00:26 . 2008-01-19 03:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-09-20 00:26 . 2008-01-19 03:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-09-20 00:26 . 2008-01-19 03:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-09-19 03:15 . 2008-09-19 03:15 <REP> d-------- C:\Program Files\Xara
2008-09-19 03:15 . 2008-09-19 03:16 <REP> d-------- C:\Program Files\Common Files\Xara
2008-09-18 23:57 . 2008-09-18 23:57 <REP> d-------- C:\ProgramData\UDL
2008-09-18 23:46 . 2008-09-18 23:47 <REP> d-------- C:\ProgramData\EPSON
2008-09-18 23:24 . 2006-12-07 22:04 76,800 --a------ C:\Windows\System32\E_FLBCAE.DLL
2008-09-18 23:24 . 2006-04-18 22:00 62,976 --a------ C:\Windows\System32\E_FD4BCAE.DLL
2008-09-18 23:24 . 2004-09-10 16:12 49,152 --a------ C:\Windows\System32\E_DCINST.DLL
2008-09-18 23:21 . 2008-09-18 23:54 <REP> d-------- C:\Program Files\epson
2008-09-18 23:21 . 2006-12-28 00:00 208,896 --a------ C:\Windows\System32\esint7e.dll
2008-09-18 23:21 . 2006-12-28 00:00 66,560 --a------ C:\Windows\System32\eswia7e.dll
2008-09-18 23:21 . 2006-03-10 00:00 3,584 --a------ C:\Windows\System32\eswiaml.dll
2008-09-18 23:21 . 2008-09-18 23:21 27 --a------ C:\Windows\CDE DX4400DEFGIPS.ini
2008-09-18 13:16 . 2008-09-18 13:16 <REP> d-------- C:\ProgramData\Avanquest Bluetooth SDK
2008-09-16 16:25 . 2008-09-16 16:25 <REP> d-------- C:\ProgramData\ESET
2008-09-15 17:51 . 2008-09-15 17:51 <REP> d-------- C:\Program Files\Avanquest update
2008-09-15 17:26 . 2008-09-15 17:26 <REP> d-------- C:\ProgramData\BVRP Software
2008-09-15 16:45 . 2008-09-15 16:45 <REP> d-------- C:\ProgramData\Sony Ericsson
2008-09-15 16:45 . 2008-09-15 16:45 <REP> d-------- C:\Program Files\Sony Ericsson
2008-09-10 08:39 . 2008-07-30 21:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 08:39 . 2008-07-30 23:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-10 08:36 . 2008-06-25 23:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-04 14:37 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-04 14:37 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-04 14:37 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-04 14:37 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-04 14:36 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-04 14:36 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-04 14:36 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-04 14:36 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-04 14:36 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-23 17:48 --------- d-----w C:\Users\makikoo\AppData\Roaming\Skype
2008-09-22 23:46 --------- d-----w C:\Users\makikoo\AppData\Roaming\WTablet
2008-09-22 04:01 --------- d-----w C:\Program Files\MagicISO
2008-09-22 03:07 --------- d-----w C:\Program Files\ESET
2008-09-21 20:59 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-21 19:15 174 --sha-w C:\Program Files\desktop.ini
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Mail
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Journal
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Defender
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-21 19:03 --------- d-----w C:\Program Files\Windows Calendar
2008-09-21 18:28 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-09-21 18:28 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-09-19 07:16 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-19 04:03 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-18 14:07 --------- d-----w C:\Users\makikoo\AppData\Roaming\VSO
2008-09-16 19:57 --------- d-----w C:\ProgramData\Apple Computer
2008-09-16 19:51 --------- d-----w C:\Program Files\PokerStars.NET
2008-08-06 23:07 --------- d-----w C:\Program Files\WordBiz
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-08-02 01:01 625,152 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-28 18:18 --------- d-----w C:\Program Files\PokerStars
2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 03:29 565,248 ----a-w C:\Windows\System32\emdmgmt.dll
2008-06-26 03:29 45,056 ----a-w C:\Windows\System32\dataclen.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2007-05-07 13:52 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-05-07 13:52 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-05-07 13:52 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 22880040]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]
"EPSON Stylus DX4400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2006-09-11 118784]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2006-11-14 411768]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2006-11-11 43128]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 35328]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 286720]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-22 29744]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-07 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-12-07 81920]
"avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2008-07-19 78008]

C:\Users\makikoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [2008-06-09 546816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-22 734872]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-11-25 2134016]
Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2007-06-04 295606]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-22 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 05:36 73728 C:\Windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B77BB11A-38C4-49B0-A888-CE093055C67D}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{02E1CCB3-EC43-4802-A64B-CDC1B0DCEA00}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9949D198-D92F-411F-A69A-2004CF40F7FE}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{D63CCE78-E125-44E3-9206-10A74C59A89D}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{280BD9DC-2882-4D09-AE79-87F30943CADB}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{49A86D0D-2DA6-4BF6-9911-194714E45BCB}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{F5B8A4B0-67F5-4088-9151-A5C71E3A6991}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{D6FAA793-DF27-4CEC-97BE-16937B09CF09}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{78144605-8F1F-4195-BE7D-6F5C387F95BA}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{77488E8B-2F03-4447-A5B3-55D3E7133BB2}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{668E3013-3DB2-469C-B637-B73DE6010DC9}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{223E8B83-EDF7-420D-95F3-73DE604AE221}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{478A0F31-9CFE-4EF6-8287-AAD92601F3B1}D:\\trackmania united\\tmunited.exe"= UDP:D:\trackmania united\tmunited.exe:TmUnited
"UDP Query User{064C6B6D-E63D-4B04-BE86-7C1FAE0F9E25}D:\\trackmania united\\tmunited.exe"= TCP:D:\trackmania united\tmunited.exe:TmUnited
"TCP Query User{E0B257E1-13F1-4864-B304-FAD939286400}D:\\trackmania united\\tmunited.exe"= UDP:D:\trackmania united\tmunited.exe:TmUnited
"UDP Query User{13E9024B-006D-4424-806C-912CB492FB73}D:\\trackmania united\\tmunited.exe"= TCP:D:\trackmania united\tmunited.exe:TmUnited
"{45C8FFCD-D477-4001-8E9A-97EBAD2E42B7}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{4E3AECFF-0995-4295-897D-7B9287E4B7EF}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{8DCB8ADF-A526-4B4F-955B-ACA700A60996}D:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:D:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{2C8B5620-3010-43AA-AFCE-DC4F4D99C0A3}D:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:D:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{5D0DC81E-FCCF-42C6-817B-E337F93C5695}C:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"UDP Query User{A96258CD-5148-404F-8869-7B48FF55FFF6}C:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:C:\program files\wolfenstein - enemy territory\et.exe:ET
"TCP Query User{757886FE-94A3-4856-8A04-FB82DD860BBE}D:\\age of empires 3\\age3.exe"= UDP:D:\age of empires 3\age3.exe:Age of Empires 3
"UDP Query User{532518EA-0929-4BA5-BCAE-4A3B88510479}D:\\age of empires 3\\age3.exe"= TCP:D:\age of empires 3\age3.exe:Age of Empires 3
"{D59E8208-665A-4827-A760-2A574578D545}"= UDP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{7BEF3725-3DCF-4B2B-8A63-4AF66430EBAF}"= TCP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"TCP Query User{B64E72D6-6F2A-4F7A-991E-E1C2D0137DE5}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{B11F5264-9CEA-40EA-932C-8F39591FC4F4}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{FCD32F89-C282-45E3-A798-6979E55A7336}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{4AC20C25-A7D0-4F7E-8DAF-47D560E2F2A1}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{74A31EFF-C86A-4FBD-8B19-D1DF31C163E2}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{4FD87C64-EE56-45C6-9458-09AB11247244}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{5E3053FC-BE1E-433F-8C00-13608F8623EE}"= UDP:990:LocalSubnet:LocalSubnet|IF={984EF12C-6A82-4A2D-97AB-BBA27CDBAD00}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"TCP Query User{93E38F63-37B8-45A6-906A-C508FB942322}D:\\age of empires 3\\age3.exe"= UDP:D:\age of empires 3\age3.exe:Age of Empires 3
"UDP Query User{194B4964-D17F-46DC-AEEC-CA7B57545A73}D:\\age of empires 3\\age3.exe"= TCP:D:\age of empires 3\age3.exe:Age of Empires 3
"{47BBAA64-6FE3-41FE-8758-BC4C229B284D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D940DF18-B083-4FB6-A80C-FBCD545D6B0C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{4F3C7158-4AB8-423F-BB44-EA8FECE3BD20}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{F228521A-103D-4182-88C3-253978A94278}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{5EF7CF1A-CFA7-4F8A-84B3-A9636E7AC84E}"= UDP:990:LocalSubnet:LocalSubnet|IF={984EF12C-6A82-4A2D-97AB-BBA27CDBAD00}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"{C95FC6D6-69B5-4731-9768-9EE509D23794}"= UDP:990:LocalSubnet:LocalSubnet|IF={984EF12C-6A82-4A2D-97AB-BBA27CDBAD00}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-27 72704]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-27 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [2006-09-06 30976]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2006-11-06 227328]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\Windows\system32\DRIVERS\wacommousefilter.sys [2006-02-14 5632]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\Windows\system32\DRIVERS\wacomvhid.sys [2006-11-15 6272]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\Windows\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-22 29744]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-08 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-08 1089536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c1bab4a-d330-11dc-ab6c-0019c18b99ca}]
\shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e56a8d1-baba-11dc-ae83-0013a986d03c}]
\shell\AutoRun\command - I:\Startup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0f44a4a-7093-11dd-bb02-0019c18b99ca}]
\shell\Auto\command - H:\fun.xls.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da24a7bf-3627-11dd-8971-0019c18b99ca}]
\shell\AutoRun\command - H:\Setup.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-MSServer - C:\Windows\system32\xxYqoOGW.dll
ShellExecuteHooks-{D7336D32-62F7-43B5-8B8C-3963C72CA498} - C:\Windows\system32\xxYqoOGW.dll


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\makikoo\AppData\Roaming\Mozilla\Firefox\Profiles\dfbi8omd.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.vibz-mag.com
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava11.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava12.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava13.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava14.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava32.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npoji610.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 13:54:26
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-23 13:55:33
ComboFix-quarantined-files.txt 2008-09-23 17:55:28

Avant-CF: 13ÿ201ÿ768ÿ448 octets libres
Après-CF: 16,617,242,624 octets libres

299 --- E O F --- 2008-09-22 07:02:43