Probleme sponsored link
Résolu
locatme
Messages postés
333
Statut
Membre
-
locatme Messages postés 333 Statut Membre -
locatme Messages postés 333 Statut Membre -
Bonjour,
alor voila depuis hier soir quand je me conecte sur google j'ai une page a gauche"sponsored link" j'aimerai savoir comment est ce qu'il et possible de l'enlever merci d'avance
alor voila depuis hier soir quand je me conecte sur google j'ai une page a gauche"sponsored link" j'aimerai savoir comment est ce qu'il et possible de l'enlever merci d'avance
A voir également:
- Probleme sponsored link
- Family link localisation - Télécharger - Guide protection
- Changer mot de passe family link - Forum Téléphones & tablettes Android
- Family link localisation impossible ✓ - Forum Applis & Sites
- Code family link 6 chiffres - Forum Samsung
- Mon enfant à déverrouillé family link - Forum Huawei
4 réponses
Bonjour
* Telecharges Hijackthis sur ton bureau :
http://www.trendsecure.com/portal/en-US/tools/Security_tools/hijackthis
* Si tu es sous vista, il faut desactiver l' UAC ( controle des comptes utilisateurs ):
--> Cliques sur Demarrer ---> Panneau de configuration -->comptes utilisateurs
et tu le desactives
* Ouvre hijackthis :
( sous vista --> clic droit--> executer en tant qu'administrateur)
( XP --> double cliques sur l'icone )
* Executes le en cliquant sur Do a scan and save a log file.
--> le rapport s'ouvre sur le bloc-note
--> enregistres le, puis postes le.
* Telecharges Hijackthis sur ton bureau :
http://www.trendsecure.com/portal/en-US/tools/Security_tools/hijackthis
* Si tu es sous vista, il faut desactiver l' UAC ( controle des comptes utilisateurs ):
--> Cliques sur Demarrer ---> Panneau de configuration -->comptes utilisateurs
et tu le desactives
* Ouvre hijackthis :
( sous vista --> clic droit--> executer en tant qu'administrateur)
( XP --> double cliques sur l'icone )
* Executes le en cliquant sur Do a scan and save a log file.
--> le rapport s'ouvre sur le bloc-note
--> enregistres le, puis postes le.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:59, on 12/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: milehighads - {0d5f5902-0ee3-9c6a-5389-36196676238c} - C:\Windows\system32\nsp4962.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: mysidesearch search enhancer - {61DAE51A-9BD6-0EB6-D9CB-E3AD1D3F4DE2} - C:\Windows\system32\kscxmmvtsv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: milehighads browser enhancer - {A555CED7-8563-5F93-6B9E-8E6BEB476060} - C:\Windows\system32\nklfiiwkoljl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControl] C:\Windows\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [rotitbidwnmp] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\nklfiiwkoljl.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Scan saved at 11:06:59, on 12/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: milehighads - {0d5f5902-0ee3-9c6a-5389-36196676238c} - C:\Windows\system32\nsp4962.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: mysidesearch search enhancer - {61DAE51A-9BD6-0EB6-D9CB-E3AD1D3F4DE2} - C:\Windows\system32\kscxmmvtsv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: milehighads browser enhancer - {A555CED7-8563-5F93-6B9E-8E6BEB476060} - C:\Windows\system32\nklfiiwkoljl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControl] C:\Windows\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [rotitbidwnmp] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\nklfiiwkoljl.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
Re,
* Telecharges Combofix sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Desactives ton Antivirus et la garde de ton antispyware /!\
/!\ Deconnectes toi et fermes toutes les applications en cours /!\
* Clic-droit sur l'icone de ton bureau --> (executer en tant qu'administrateur )
--> Un pop up apparait ---> cliques sur oui.
( Vu la puissance de combofix, il est conseillé d'installer la console de recuperations).
---> Choisis la langue et presses la touche 1 yes pour demarrer le scan.
/!\ Ne touche ni à ta souris ni à ton clavier
pendant le scan Combofix, tu risquerais de figer l'ordi /!\.
* En fin de scan, il est possible que combofix ait besoin de redemarrer le pc,
afin de finaliser la desinfection, laisses le faire...
* Un rapport s'affiche à la fin du scan, postes le!
Note : le rapport se trouve aussi aà C:\Combofix.txt
* Telecharges Combofix sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Desactives ton Antivirus et la garde de ton antispyware /!\
/!\ Deconnectes toi et fermes toutes les applications en cours /!\
* Clic-droit sur l'icone de ton bureau --> (executer en tant qu'administrateur )
--> Un pop up apparait ---> cliques sur oui.
( Vu la puissance de combofix, il est conseillé d'installer la console de recuperations).
---> Choisis la langue et presses la touche 1 yes pour demarrer le scan.
/!\ Ne touche ni à ta souris ni à ton clavier
pendant le scan Combofix, tu risquerais de figer l'ordi /!\.
* En fin de scan, il est possible que combofix ait besoin de redemarrer le pc,
afin de finaliser la desinfection, laisses le faire...
* Un rapport s'affiche à la fin du scan, postes le!
Note : le rapport se trouve aussi aà C:\Combofix.txt
ComboFix 09-01-11.02 - loic 2009-01-12 11:41:19.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1023.384 [GMT 1:00]
Lancé depuis: c:\users\loic\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1201 [VPS 090111-1] *On-access scanning disabled* (Outdated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\pthreadGC2.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-12 au 2009-01-12 ))))))))))))))))))))))))))))))))))))
.
2009-01-12 11:06 . 2009-01-12 11:06 <REP> d-------- c:\program files\Trend Micro
2009-01-12 10:31 . 2009-01-12 10:31 <REP> d-------- c:\users\All Users\Malwarebytes
2009-01-12 10:31 . 2009-01-12 10:31 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-12 10:31 . 2009-01-04 18:38 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-12 10:31 . 2009-01-04 18:38 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-11 21:00 . 2009-01-11 21:00 <REP> d-------- c:\program files\Milehighads Games Collection
2009-01-11 20:59 . 2009-01-11 20:59 85,239 --a------ c:\windows\System32\cont_milehighads-remove.exe
2009-01-11 20:59 . 2009-01-11 20:59 69,007 --a------ c:\windows\System32\kscxmmvtsv.dll-uninst.exe
2009-01-11 20:59 . 2009-01-11 20:59 47,576 --a------ c:\windows\System32\xtwrykexilb.exe
2009-01-11 20:16 . 2009-01-11 20:16 <REP> d-------- c:\program files\ReflexiveArcade
2009-01-05 23:30 . 2009-01-05 23:30 <REP> d-------- c:\program files\OpenOffice.org 3
2009-01-05 23:30 . 2009-01-05 23:30 <REP> d-------- c:\program files\JRE
2009-01-05 23:28 . 2009-01-05 23:28 <REP> d-------- c:\program files\Common Files\Java
2009-01-05 20:31 . 2009-01-05 20:31 683,008 --a------ c:\windows\System32\nsp4962.dll
2009-01-04 22:41 . 2009-01-04 22:41 <REP> d-------- c:\program files\VideoLAN
2008-12-24 00:17 . 2008-12-24 00:17 <REP> d--h----- C:\LG3G
2008-12-24 00:10 . 2008-12-24 00:10 <REP> d-------- c:\program files\LG Electronics
2008-12-24 00:10 . 2007-07-11 10:45 21,632 --a------ c:\windows\System32\drivers\lgusbmodem.sys
2008-12-24 00:10 . 2007-07-11 15:51 19,840 --a------ c:\windows\System32\drivers\lgusbdiag.sys
2008-12-24 00:10 . 2007-07-11 10:40 12,416 --a------ c:\windows\System32\drivers\lgusbbus.sys
2008-12-24 00:07 . 2008-12-24 00:09 <REP> d-------- c:\program files\LG PC Suite 2
2008-12-23 11:09 . 2008-12-23 11:09 24 --a------ c:\windows\cdplayer.ini
2008-12-23 11:07 . 2008-12-23 11:10 <REP> d-------- c:\program files\Common Files\Real
2008-12-20 22:12 . 2008-12-20 22:12 <REP> d-------- c:\users\All Users\Downloaded Installations
2008-12-20 12:13 . 2008-12-20 12:32 <REP> d-a------ c:\users\loic\.limewire
2008-12-20 12:12 . 2008-12-20 12:11 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-20 12:11 . 2009-01-05 23:29 <REP> d-------- c:\program files\Java
2008-12-20 12:07 . 2008-12-20 12:07 <REP> d-------- c:\program files\LimeWire
2008-12-20 12:02 . 2008-12-20 12:02 <REP> d-------- c:\users\All Users\Messenger Plus!
2008-12-20 12:01 . 2008-12-20 12:01 <REP> d-------- c:\program files\Messenger Plus! Live
2008-12-20 11:55 . 2009-01-12 11:35 <REP> d-------- c:\users\loic\Tracing
2008-12-20 11:54 . 2008-12-20 11:54 <REP> d-------- c:\windows\System32\Macromed
2008-12-20 11:54 . 2008-12-20 11:54 <REP> d-------- c:\program files\Microsoft
2008-12-20 11:53 . 2008-12-20 11:53 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-20 11:44 . 2008-12-20 11:44 <REP> d-------- c:\program files\Common Files\Windows Live
2008-12-20 11:37 . 2008-12-20 11:38 <REP> d-------- c:\users\All Users\Google
2008-12-20 11:37 . 2008-12-20 11:38 <REP> d-------- c:\program files\Google
2008-12-19 20:27 . 2008-05-16 01:18 50,768 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2008-12-19 20:26 . 2008-12-19 20:26 <REP> d-------- c:\program files\Alwil Software
2008-12-19 20:26 . 2008-12-19 20:26 118 --a------ c:\windows\System32\MRT.INI
2008-12-19 20:24 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-12-19 20:20 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-19 20:13 . 2008-12-19 20:13 <REP> d-------- c:\program files\MSXML 4.0
2008-12-19 20:10 . 2008-06-26 02:45 12,240,896 --a------ c:\windows\System32\NlsLexicons0007.dll
2008-12-19 20:10 . 2008-06-26 02:45 2,644,480 --a------ c:\windows\System32\NlsLexicons0009.dll
2008-12-19 20:10 . 2008-06-26 04:29 801,280 --a------ c:\windows\System32\NaturalLanguage6.dll
2008-12-19 20:07 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-19 20:07 . 2008-03-08 05:21 1,695,744 --a------ c:\windows\System32\gameux.dll
2008-12-19 20:07 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-19 20:06 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll
2008-12-19 20:06 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-12-19 20:06 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-12-19 20:06 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-12-19 20:06 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax
2008-12-19 20:06 . 2008-04-23 05:41 57,856 --a------ c:\windows\System32\MSDvbNP.ax
2008-12-19 20:03 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-19 20:02 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe
2008-12-19 19:58 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-12-19 19:49 . 2008-12-19 19:49 <REP> d-------- c:\program files\ffdshow
2008-12-19 19:49 . 2007-12-15 16:11 7,680 --a------ c:\windows\System32\ff_vfw.dll
2008-12-19 19:49 . 2007-01-01 00:00 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2008-12-19 19:44 . 2008-12-19 19:44 <REP> d-------- c:\windows\PCHEALTH
2008-12-19 19:44 . 2008-12-19 19:49 <REP> d-------- c:\users\All Users\Spybot - Search & Destroy
2008-12-19 19:44 . 2008-12-19 20:33 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-12-19 19:38 . 2008-12-19 19:38 <REP> d-------- c:\users\All Users\WLInstaller
2008-12-19 19:38 . 2008-12-20 11:53 <REP> d-------- c:\program files\Windows Live
2008-12-19 19:38 . 2008-12-19 19:43 <REP> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-19 19:36 . 2008-12-19 19:37 <REP> d-------- c:\users\All Users\Adobe
2008-12-19 19:35 . 2008-12-19 19:36 <REP> d-------- c:\program files\Common Files\Adobe
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\users\All Users\Sonic
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\users\All Users\InstallShield
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\program files\Common Files\SureThing Shared
2008-12-19 19:29 . 2008-12-31 01:18 <REP> d-------- c:\users\All Users\Roxio
2008-12-19 19:29 . 2008-12-19 19:30 <REP> d-------- c:\program files\Roxio
2008-12-19 19:29 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\Sonic Shared
2008-12-19 19:28 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\Roxio Shared
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2008-12-19 19:24 . 2008-12-19 19:24 <REP> d-------- c:\windows\System32\URTTEMP
2008-12-19 19:23 . 2009-01-05 23:34 <REP> d--hs---- c:\windows\Installer
2008-12-19 19:20 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\InstallShield
2008-12-19 19:19 . 2008-12-19 19:19 <REP> d-------- c:\program files\Synaptics
2008-12-19 19:19 . 2008-12-19 19:19 <REP> d-------- c:\program files\DIFX
2008-12-19 19:19 . 2006-03-09 10:58 1,060,424 --a------ c:\windows\System32\WdfCoInstaller01000.dll
2008-12-19 19:19 . 2006-11-22 13:00 196,608 --a------ c:\windows\System32\SynCtrl.dll
2008-12-19 19:19 . 2006-11-22 13:48 181,304 --a------ c:\windows\System32\drivers\SynTP.sys
2008-12-19 19:19 . 2006-11-22 13:00 163,840 --a------ c:\windows\System32\SynCOM.dll
2008-12-19 19:19 . 2006-11-22 13:07 143,360 --a------ c:\windows\System32\SynTPAPI.dll
2008-12-19 19:19 . 2006-11-22 13:47 110,592 --a------ c:\windows\System32\SynTPCo4.dll
2008-12-19 19:19 . 2008-12-19 19:19 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
2008-12-19 19:18 . 2006-11-10 11:01 307,712 --a------ c:\windows\System32\drivers\ADIHdAud.sys
2008-12-19 19:17 . 2004-09-03 10:00 90,112 --a------ c:\windows\System32\snymsico.dll
2008-12-19 19:17 . 2006-11-14 19:42 43,520 --a------ c:\windows\System32\drivers\rimsptsk.sys
2008-12-19 19:17 . 2006-11-14 17:35 37,376 --a------ c:\windows\System32\drivers\rixdptsk.sys
2008-12-19 19:17 . 2006-11-15 00:16 32,256 --a------ c:\windows\System32\drivers\rimmptsk.sys
2008-12-19 19:17 . 2005-05-06 19:06 16,480 --a------ c:\windows\System32\rixdicon.dll
2008-12-19 19:16 . 2006-11-06 10:01 51,200 --a------ c:\windows\System32\drivers\Rtnicxp.sys
2008-12-19 19:15 . 2006-10-30 09:42 1,786,880 --a------ c:\windows\System32\drivers\NETw3v32.sys
2008-12-19 19:07 . 2008-12-19 19:07 <REP> d-------- c:\windows\ATK0100
2008-12-19 19:06 . 2008-12-19 19:06 <REP> d-------- c:\windows\Options
2008-12-19 19:06 . 2008-12-19 19:06 <REP> d-------- c:\windows\BisonCam
2008-12-19 19:06 . 2008-12-24 00:10 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-12-19 19:06 . 2006-11-28 21:53 847,536 --a------ c:\windows\System32\drivers\BisonCam.sys
2008-12-19 19:06 . 2005-01-14 13:47 180,224 --a------ c:\windows\system\StillDrv.dll
2008-12-19 19:06 . 2006-11-28 21:02 176,128 --a------ c:\windows\System32\BisonRem.dll
2008-12-19 19:06 . 2006-03-07 16:26 126,976 --a------ c:\windows\system\BisonCam.dll
2008-12-19 19:06 . 2006-03-07 16:26 90,112 --a------ c:\windows\system\BisonVfw.dll
2008-12-19 19:06 . 2003-09-22 13:49 15,190 --a------ c:\windows\M2000Twn.ini
2008-12-19 19:06 . 2003-09-22 14:36 13,448 --a------ c:\windows\M2000Twn.src
2008-12-19 19:06 . 2005-12-05 12:08 2,264 --a------ c:\windows\system\S20H0220.csr
2008-12-19 19:06 . 2005-12-05 12:08 2,264 --a------ c:\windows\system\S20F0220.csr
2008-12-19 19:05 . 2008-12-19 19:20 <REP> d-------- C:\drivers
2008-12-19 19:05 . 2008-12-19 19:05 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-12-19 18:10 . 2008-12-19 18:10 <REP> d-------- C:\PerfLogs
2008-12-19 17:53 . 2008-12-19 17:36 152,576 --a------ c:\windows\System32\SPWizUI.dll
2008-12-19 17:53 . 2008-12-19 17:36 47,560 --a------ c:\windows\System32\SPReview.exe
2008-12-19 17:42 . 2008-01-18 23:33 599,552 --a------ c:\windows\System32\vsp1cln.exe
2008-12-19 17:42 . 2008-01-18 23:33 193,024 --a------ c:\windows\System32\recdisc.exe
2008-12-19 17:42 . 2008-01-18 23:36 142,336 --a------ c:\windows\System32\spp.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 19:31 --------- d-----w c:\program files\Windows Mail
2008-12-19 17:17 174 --sha-w c:\program files\desktop.ini
2008-12-19 17:11 --------- d-----w c:\program files\Windows Sidebar
2008-12-19 17:11 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-19 17:11 --------- d-----w c:\program files\Windows Journal
2008-12-19 17:11 --------- d-----w c:\program files\Windows Defender
2008-12-19 17:11 --------- d-----w c:\program files\Windows Collaboration
2008-12-19 17:11 --------- d-----w c:\program files\Windows Calendar
2008-12-19 17:00 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-19 17:00 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-19 16:03 --------- d-sh--w c:\program files\Fichiers communs
2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0d5f5902-0ee3-9c6a-5389-36196676238c}]
2009-01-05 20:31 683008 --a------ c:\windows\system32\nsp4962.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-17 3882312]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-12-15 217088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-10 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-10 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-10 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 79224]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-20 136600]
c:\users\loic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{D9200AD3-2A67-4581-AA78-F8797ED265B8}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{181C68E9-159D-4764-B97D-E9DDE846655A}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-12-19 78416]
R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-12-19 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-12-19 50768]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
c:\windows\Downloaded Program Files\GoPetsWeb.ocx - O16 -: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
c:\windows\Downloaded Program Files\GoPetsWeb.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-12 11:44:30
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-01-12 11:46:11
ComboFix-quarantined-files.txt 2009-01-12 10:46:08
Avant-CF: 80 022 708 224 octets libres
Après-CF: 80,002,842,624 octets libres
217 --- E O F --- 2008-12-22 21:25:54
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1023.384 [GMT 1:00]
Lancé depuis: c:\users\loic\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1201 [VPS 090111-1] *On-access scanning disabled* (Outdated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\pthreadGC2.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-12 au 2009-01-12 ))))))))))))))))))))))))))))))))))))
.
2009-01-12 11:06 . 2009-01-12 11:06 <REP> d-------- c:\program files\Trend Micro
2009-01-12 10:31 . 2009-01-12 10:31 <REP> d-------- c:\users\All Users\Malwarebytes
2009-01-12 10:31 . 2009-01-12 10:31 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-12 10:31 . 2009-01-04 18:38 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-12 10:31 . 2009-01-04 18:38 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-11 21:00 . 2009-01-11 21:00 <REP> d-------- c:\program files\Milehighads Games Collection
2009-01-11 20:59 . 2009-01-11 20:59 85,239 --a------ c:\windows\System32\cont_milehighads-remove.exe
2009-01-11 20:59 . 2009-01-11 20:59 69,007 --a------ c:\windows\System32\kscxmmvtsv.dll-uninst.exe
2009-01-11 20:59 . 2009-01-11 20:59 47,576 --a------ c:\windows\System32\xtwrykexilb.exe
2009-01-11 20:16 . 2009-01-11 20:16 <REP> d-------- c:\program files\ReflexiveArcade
2009-01-05 23:30 . 2009-01-05 23:30 <REP> d-------- c:\program files\OpenOffice.org 3
2009-01-05 23:30 . 2009-01-05 23:30 <REP> d-------- c:\program files\JRE
2009-01-05 23:28 . 2009-01-05 23:28 <REP> d-------- c:\program files\Common Files\Java
2009-01-05 20:31 . 2009-01-05 20:31 683,008 --a------ c:\windows\System32\nsp4962.dll
2009-01-04 22:41 . 2009-01-04 22:41 <REP> d-------- c:\program files\VideoLAN
2008-12-24 00:17 . 2008-12-24 00:17 <REP> d--h----- C:\LG3G
2008-12-24 00:10 . 2008-12-24 00:10 <REP> d-------- c:\program files\LG Electronics
2008-12-24 00:10 . 2007-07-11 10:45 21,632 --a------ c:\windows\System32\drivers\lgusbmodem.sys
2008-12-24 00:10 . 2007-07-11 15:51 19,840 --a------ c:\windows\System32\drivers\lgusbdiag.sys
2008-12-24 00:10 . 2007-07-11 10:40 12,416 --a------ c:\windows\System32\drivers\lgusbbus.sys
2008-12-24 00:07 . 2008-12-24 00:09 <REP> d-------- c:\program files\LG PC Suite 2
2008-12-23 11:09 . 2008-12-23 11:09 24 --a------ c:\windows\cdplayer.ini
2008-12-23 11:07 . 2008-12-23 11:10 <REP> d-------- c:\program files\Common Files\Real
2008-12-20 22:12 . 2008-12-20 22:12 <REP> d-------- c:\users\All Users\Downloaded Installations
2008-12-20 12:13 . 2008-12-20 12:32 <REP> d-a------ c:\users\loic\.limewire
2008-12-20 12:12 . 2008-12-20 12:11 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-20 12:11 . 2009-01-05 23:29 <REP> d-------- c:\program files\Java
2008-12-20 12:07 . 2008-12-20 12:07 <REP> d-------- c:\program files\LimeWire
2008-12-20 12:02 . 2008-12-20 12:02 <REP> d-------- c:\users\All Users\Messenger Plus!
2008-12-20 12:01 . 2008-12-20 12:01 <REP> d-------- c:\program files\Messenger Plus! Live
2008-12-20 11:55 . 2009-01-12 11:35 <REP> d-------- c:\users\loic\Tracing
2008-12-20 11:54 . 2008-12-20 11:54 <REP> d-------- c:\windows\System32\Macromed
2008-12-20 11:54 . 2008-12-20 11:54 <REP> d-------- c:\program files\Microsoft
2008-12-20 11:53 . 2008-12-20 11:53 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-20 11:44 . 2008-12-20 11:44 <REP> d-------- c:\program files\Common Files\Windows Live
2008-12-20 11:37 . 2008-12-20 11:38 <REP> d-------- c:\users\All Users\Google
2008-12-20 11:37 . 2008-12-20 11:38 <REP> d-------- c:\program files\Google
2008-12-19 20:27 . 2008-05-16 01:18 50,768 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2008-12-19 20:26 . 2008-12-19 20:26 <REP> d-------- c:\program files\Alwil Software
2008-12-19 20:26 . 2008-12-19 20:26 118 --a------ c:\windows\System32\MRT.INI
2008-12-19 20:24 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-12-19 20:20 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-19 20:13 . 2008-12-19 20:13 <REP> d-------- c:\program files\MSXML 4.0
2008-12-19 20:10 . 2008-06-26 02:45 12,240,896 --a------ c:\windows\System32\NlsLexicons0007.dll
2008-12-19 20:10 . 2008-06-26 02:45 2,644,480 --a------ c:\windows\System32\NlsLexicons0009.dll
2008-12-19 20:10 . 2008-06-26 04:29 801,280 --a------ c:\windows\System32\NaturalLanguage6.dll
2008-12-19 20:07 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-19 20:07 . 2008-03-08 05:21 1,695,744 --a------ c:\windows\System32\gameux.dll
2008-12-19 20:07 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-19 20:06 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll
2008-12-19 20:06 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-12-19 20:06 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-12-19 20:06 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-12-19 20:06 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax
2008-12-19 20:06 . 2008-04-23 05:41 57,856 --a------ c:\windows\System32\MSDvbNP.ax
2008-12-19 20:03 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-19 20:02 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe
2008-12-19 19:58 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-12-19 19:49 . 2008-12-19 19:49 <REP> d-------- c:\program files\ffdshow
2008-12-19 19:49 . 2007-12-15 16:11 7,680 --a------ c:\windows\System32\ff_vfw.dll
2008-12-19 19:49 . 2007-01-01 00:00 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2008-12-19 19:44 . 2008-12-19 19:44 <REP> d-------- c:\windows\PCHEALTH
2008-12-19 19:44 . 2008-12-19 19:49 <REP> d-------- c:\users\All Users\Spybot - Search & Destroy
2008-12-19 19:44 . 2008-12-19 20:33 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-12-19 19:38 . 2008-12-19 19:38 <REP> d-------- c:\users\All Users\WLInstaller
2008-12-19 19:38 . 2008-12-20 11:53 <REP> d-------- c:\program files\Windows Live
2008-12-19 19:38 . 2008-12-19 19:43 <REP> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-19 19:36 . 2008-12-19 19:37 <REP> d-------- c:\users\All Users\Adobe
2008-12-19 19:35 . 2008-12-19 19:36 <REP> d-------- c:\program files\Common Files\Adobe
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\users\All Users\Sonic
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\users\All Users\InstallShield
2008-12-19 19:30 . 2008-12-19 19:30 <REP> d-------- c:\program files\Common Files\SureThing Shared
2008-12-19 19:29 . 2008-12-31 01:18 <REP> d-------- c:\users\All Users\Roxio
2008-12-19 19:29 . 2008-12-19 19:30 <REP> d-------- c:\program files\Roxio
2008-12-19 19:29 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\Sonic Shared
2008-12-19 19:28 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\Roxio Shared
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2008-12-19 19:25 . 2008-12-19 19:25 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2008-12-19 19:24 . 2008-12-19 19:24 <REP> d-------- c:\windows\System32\URTTEMP
2008-12-19 19:23 . 2009-01-05 23:34 <REP> d--hs---- c:\windows\Installer
2008-12-19 19:20 . 2008-12-19 19:29 <REP> d-------- c:\program files\Common Files\InstallShield
2008-12-19 19:19 . 2008-12-19 19:19 <REP> d-------- c:\program files\Synaptics
2008-12-19 19:19 . 2008-12-19 19:19 <REP> d-------- c:\program files\DIFX
2008-12-19 19:19 . 2006-03-09 10:58 1,060,424 --a------ c:\windows\System32\WdfCoInstaller01000.dll
2008-12-19 19:19 . 2006-11-22 13:00 196,608 --a------ c:\windows\System32\SynCtrl.dll
2008-12-19 19:19 . 2006-11-22 13:48 181,304 --a------ c:\windows\System32\drivers\SynTP.sys
2008-12-19 19:19 . 2006-11-22 13:00 163,840 --a------ c:\windows\System32\SynCOM.dll
2008-12-19 19:19 . 2006-11-22 13:07 143,360 --a------ c:\windows\System32\SynTPAPI.dll
2008-12-19 19:19 . 2006-11-22 13:47 110,592 --a------ c:\windows\System32\SynTPCo4.dll
2008-12-19 19:19 . 2008-12-19 19:19 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
2008-12-19 19:18 . 2006-11-10 11:01 307,712 --a------ c:\windows\System32\drivers\ADIHdAud.sys
2008-12-19 19:17 . 2004-09-03 10:00 90,112 --a------ c:\windows\System32\snymsico.dll
2008-12-19 19:17 . 2006-11-14 19:42 43,520 --a------ c:\windows\System32\drivers\rimsptsk.sys
2008-12-19 19:17 . 2006-11-14 17:35 37,376 --a------ c:\windows\System32\drivers\rixdptsk.sys
2008-12-19 19:17 . 2006-11-15 00:16 32,256 --a------ c:\windows\System32\drivers\rimmptsk.sys
2008-12-19 19:17 . 2005-05-06 19:06 16,480 --a------ c:\windows\System32\rixdicon.dll
2008-12-19 19:16 . 2006-11-06 10:01 51,200 --a------ c:\windows\System32\drivers\Rtnicxp.sys
2008-12-19 19:15 . 2006-10-30 09:42 1,786,880 --a------ c:\windows\System32\drivers\NETw3v32.sys
2008-12-19 19:07 . 2008-12-19 19:07 <REP> d-------- c:\windows\ATK0100
2008-12-19 19:06 . 2008-12-19 19:06 <REP> d-------- c:\windows\Options
2008-12-19 19:06 . 2008-12-19 19:06 <REP> d-------- c:\windows\BisonCam
2008-12-19 19:06 . 2008-12-24 00:10 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-12-19 19:06 . 2006-11-28 21:53 847,536 --a------ c:\windows\System32\drivers\BisonCam.sys
2008-12-19 19:06 . 2005-01-14 13:47 180,224 --a------ c:\windows\system\StillDrv.dll
2008-12-19 19:06 . 2006-11-28 21:02 176,128 --a------ c:\windows\System32\BisonRem.dll
2008-12-19 19:06 . 2006-03-07 16:26 126,976 --a------ c:\windows\system\BisonCam.dll
2008-12-19 19:06 . 2006-03-07 16:26 90,112 --a------ c:\windows\system\BisonVfw.dll
2008-12-19 19:06 . 2003-09-22 13:49 15,190 --a------ c:\windows\M2000Twn.ini
2008-12-19 19:06 . 2003-09-22 14:36 13,448 --a------ c:\windows\M2000Twn.src
2008-12-19 19:06 . 2005-12-05 12:08 2,264 --a------ c:\windows\system\S20H0220.csr
2008-12-19 19:06 . 2005-12-05 12:08 2,264 --a------ c:\windows\system\S20F0220.csr
2008-12-19 19:05 . 2008-12-19 19:20 <REP> d-------- C:\drivers
2008-12-19 19:05 . 2008-12-19 19:05 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-12-19 18:10 . 2008-12-19 18:10 <REP> d-------- C:\PerfLogs
2008-12-19 17:53 . 2008-12-19 17:36 152,576 --a------ c:\windows\System32\SPWizUI.dll
2008-12-19 17:53 . 2008-12-19 17:36 47,560 --a------ c:\windows\System32\SPReview.exe
2008-12-19 17:42 . 2008-01-18 23:33 599,552 --a------ c:\windows\System32\vsp1cln.exe
2008-12-19 17:42 . 2008-01-18 23:33 193,024 --a------ c:\windows\System32\recdisc.exe
2008-12-19 17:42 . 2008-01-18 23:36 142,336 --a------ c:\windows\System32\spp.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 19:31 --------- d-----w c:\program files\Windows Mail
2008-12-19 17:17 174 --sha-w c:\program files\desktop.ini
2008-12-19 17:11 --------- d-----w c:\program files\Windows Sidebar
2008-12-19 17:11 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-19 17:11 --------- d-----w c:\program files\Windows Journal
2008-12-19 17:11 --------- d-----w c:\program files\Windows Defender
2008-12-19 17:11 --------- d-----w c:\program files\Windows Collaboration
2008-12-19 17:11 --------- d-----w c:\program files\Windows Calendar
2008-12-19 17:00 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-19 17:00 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-19 16:03 --------- d-sh--w c:\program files\Fichiers communs
2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0d5f5902-0ee3-9c6a-5389-36196676238c}]
2009-01-05 20:31 683008 --a------ c:\windows\system32\nsp4962.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-17 3882312]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-12-15 217088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-10 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-10 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-10 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 79224]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-20 136600]
c:\users\loic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{D9200AD3-2A67-4581-AA78-F8797ED265B8}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{181C68E9-159D-4764-B97D-E9DDE846655A}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-12-19 78416]
R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-12-19 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-12-19 50768]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
c:\windows\Downloaded Program Files\GoPetsWeb.ocx - O16 -: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
c:\windows\Downloaded Program Files\GoPetsWeb.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-12 11:44:30
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-01-12 11:46:11
ComboFix-quarantined-files.txt 2009-01-12 10:46:08
Avant-CF: 80 022 708 224 octets libres
Après-CF: 80,002,842,624 octets libres
217 --- E O F --- 2008-12-22 21:25:54
