Sujet Précédent Sujet Suivant

Problème de virus

Résolu
flechemaster Messages postés 87 Statut Membre -  
flechemaster Messages postés 87 Statut Membre -
Bonjour,
J'ai un problème, quand je veut ouvrir Mozilla Firefox ou Internet Explorer, j'ai un message d'antivir me repérant un virus.
Voila la fenêtre qu'il me met :

http://www.hostingpics.net/viewer.php?id=233361Virus_Avira.png

Sur l'image, vous voyer que la case Refuser l'accès est cochée, mais j'ai déja essayer "Ecraser et supprimer", "Supprimer", "Déplacer en quarantaine", et même "Ignorer", et en cochant la case "Mémoriser l'action sélectionnée pour ce fichier (dangereux) "

sa me revient a chaque fois que je veut ouvrir Mozilla Firefox ou IE et quoi que je fasse.
Que faire ?????
A voir également:

67 réponses

Précédent
Réponse 21 / 67
Utilisateur anonyme
 
Re,

Télécharge ComboFix (de sUBs) sur ton Bureau.

/!\Désactive temporairement toute protection résidente /!\ (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide :Comment utiliser ComboFix.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 22 / 67
flechemaster Messages postés 87 Statut Membre 1
 
OK mais avant je tien a te dire que AD-Aware est passé a :

4 Object Recognized
0 Object Ignored
4 New Critical Object
0
Réponse 23 / 67
Utilisateur anonyme
 
Re,

M'en fout d'ad aware il est périmer depuis un byeeeee.

Fait combofix.

++
0
Réponse 24 / 67
flechemaster Messages postés 87 Statut Membre 1
 
lol ok
je l'ai lancé, j'ai un tout petit chargement, et puis arrivé a 100% il s'enleve et pis plus rien
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 67
Utilisateur anonyme
 
Re,

Refait moi un Log avec RSIT...
0
Réponse 26 / 67
flechemaster Messages postés 87 Statut Membre 1
 
pas besoin en fait dès que j'ai arréter ad-aware il s'est mi a remarché et voila le rapport log.txt :

ComboFix 09-05-31.02 - alexis 01/06/2009 0:17.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate Édition 6.0.6001.1.1252.33.1036.18.1277.800 [GMT 2:00]
Lancé depuis: c:\users\alexis\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. /i

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\pack.epk
c:\windows\system32\drivers\gxvxcdtyeedvhresextcwdxvttipgbicdblft.sys
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxcrromjypimrtbpniueqxykmnvrlxowyvc.dll
c:\windows\system32\tmp.reg
c:\windows\system32\winio.dll
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_GXVXCSERV.SYS
-------\Service_GXVXCSERV.SYS

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-28 au 2009-05-31 ))))))))))))))))))))))))))))))))))))
.

2009-05-31 21:05 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-31 21:05 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-31 21:05 . 2009-05-31 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-31 20:07 . 2009-05-31 20:07 35 ----a-w- c:\users\alexis\AppData\Roaming\SetValue.bat
2009-05-31 20:06 . 2009-05-31 20:11 -------- d-----w- c:\windows\system32\SmitfraudFix
2009-05-31 18:48 . 2009-05-31 18:49 -------- d-----w- C:\Rooter$
2009-05-31 17:30 . 2009-05-31 17:30 -------- d-----w- c:\program files\trend micro
2009-05-31 17:30 . 2009-05-31 17:31 -------- d-----w- C:\rsit
2009-05-30 07:48 . 2009-05-30 07:48 -------- d-----w- c:\program files\Quicksys
2009-05-30 07:44 . 2009-05-30 07:44 -------- d-----w- c:\program files\YourWare Solutions
2009-05-25 19:49 . 2009-04-27 18:39 100944 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-05-25 19:47 . 2009-04-27 18:39 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-05-24 09:17 . 2009-05-29 15:57 -------- d-----w- c:\users\alexis\AppData\Local\Zattoo
2009-05-23 20:33 . 2009-05-24 08:05 -------- d-----w- c:\programdata\EasyMp3Downloader
2009-05-23 20:33 . 2009-05-23 20:33 -------- d-----w- c:\users\alexis\AppData\Roaming\EasyMp3Downloader
2009-05-23 20:33 . 2009-05-24 07:44 -------- d-----w- c:\program files\EasyMP3Downloader
2009-05-23 20:23 . 2009-05-23 20:23 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-23 20:22 . 2009-05-23 20:22 -------- d-----w- c:\users\alexis\AppData\Roaming\Nvu
2009-05-23 20:22 . 2009-05-24 07:41 -------- d-----w- c:\program files\Nvu
2009-05-23 18:46 . 2009-05-23 18:46 -------- d-----w- c:\users\alexis\AppData\Local\Opera
2009-05-23 18:45 . 2009-05-23 19:09 -------- d-----w- c:\program files\Opera
2009-05-21 19:32 . 2009-05-21 20:56 -------- d-----w- c:\program files\Aesop
2009-05-21 18:23 . 2009-05-21 18:23 -------- d-----w- c:\program files\uTorrent
2009-05-19 20:28 . 2009-05-21 19:44 253952 ------w- c:\windows\Setup1.exe
2009-05-19 20:28 . 2009-05-21 19:44 74752 ----a-w- c:\windows\ST6UNST.EXE
2009-05-18 17:44 . 2009-05-18 17:44 -------- d-----w- c:\program files\JRE
2009-05-15 09:36 . 2009-05-15 09:36 -------- d-----w- c:\program files\DDN Créations
2009-05-14 15:37 . 2009-05-14 15:37 74701 ----a-w- c:\windows\system32\Uninstal.exe
2009-05-14 15:20 . 2009-05-29 20:01 -------- d-----w- c:\program files\Bodom-Child - RaBBi
2009-05-14 12:12 . 2009-05-30 08:52 1 ----a-w- c:\users\alexis\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-14 12:11 . 2009-05-14 12:11 -------- d-----w- c:\users\alexis\AppData\Roaming\OpenOffice.org
2009-05-14 12:09 . 2009-05-18 17:44 -------- d-----w- c:\program files\OpenOffice.org 3
2009-05-14 12:08 . 2009-05-14 12:08 -------- d-----w- c:\program files\Common Files\Java
2009-05-13 14:37 . 2009-05-16 15:58 -------- d-----w- c:\users\alexis\AppData\Roaming\dvdcss
2009-05-09 16:02 . 2009-05-09 16:02 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-09 14:45 . 2009-05-09 14:45 -------- d-----w- c:\program files\Rockstar Games
2009-05-08 22:20 . 2009-05-09 14:47 -------- d-----w- c:\users\alexis\AppData\Roaming\Desktopicon
2009-05-08 22:20 . 2009-05-08 22:20 -------- d-----w- c:\program files\VDOWNLOADER
2009-05-08 19:19 . 2009-05-08 19:19 -------- d-----w- c:\users\alexis\AppData\Roaming\vlc
2009-05-08 18:52 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\en-US
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\en
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\drivers\en-US
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\[u]0/u409
2009-05-08 18:27 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\en-US
2009-05-08 18:03 . 2009-05-30 08:55 609434 ----a-w- c:\windows\system32\perfh007.dat
2009-05-08 18:03 . 2009-05-30 08:55 122884 ----a-w- c:\windows\system32\perfc007.dat
2009-05-08 18:03 . 2009-05-08 18:00 36916 ----a-w- c:\windows\system32\perfd007.dat
2009-05-08 18:03 . 2009-05-08 18:00 290748 ----a-w- c:\windows\system32\perfi007.dat
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\de-DE
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\drivers\de-DE
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\[u]0/u407
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\de
2009-05-08 18:02 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\de-DE
2009-05-08 17:31 . 2009-05-30 08:55 658076 ----a-w- c:\windows\system32\perfh00A.dat
2009-05-08 17:31 . 2009-05-30 08:55 129516 ----a-w- c:\windows\system32\perfc00A.dat
2009-05-08 17:31 . 2009-05-08 17:28 40258 ----a-w- c:\windows\system32\perfd00A.dat
2009-05-08 17:31 . 2009-05-08 17:28 336930 ----a-w- c:\windows\system32\perfi00A.dat
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\MSAgent
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\winrm
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\MigWiz
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\es
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\[u]0/uC0A
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\drivers\es-ES
2009-05-08 17:29 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\es-ES
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\system32\Speech
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\es-ES
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\Speech
2009-05-06 15:05 . 2009-05-06 15:05 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2009-05-06 06:00 . 2009-05-06 06:00 -------- d-----w- c:\users\alexis\AppData\Roaming\Malwarebytes
2009-05-06 06:00 . 2009-05-06 06:00 -------- d-----w- c:\programdata\Malwarebytes
2009-05-05 09:49 . 2009-05-24 09:17 -------- d-----w- c:\users\alexis\AppData\Local\ZattooPlayer
2009-05-05 09:48 . 2009-05-05 09:48 -------- d-----w- c:\program files\Zattoo
2009-05-05 09:43 . 2009-05-05 09:43 -------- d-----w- c:\users\alexis\AppData\Roaming\MeuhMeuhTV
2009-05-05 09:39 . 2009-05-05 09:39 -------- d-----w- c:\users\alexis\AppData\Roaming\Participatory Culture Foundation
2009-05-05 09:39 . 2009-05-05 09:39 -------- d-----w- c:\program files\Participatory Culture Foundation
2009-05-05 09:35 . 2009-05-05 09:39 -------- d-----w- c:\program files\ProgDVB
2009-05-05 09:15 . 2009-05-05 09:15 -------- d--h--w- c:\windows\PIF
2009-05-03 14:04 . 2009-05-11 15:10 -------- d-----w- c:\users\alexis\AppData\Local\Microsoft Games

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 22:11 . 2009-03-23 14:05 -------- d-----w- c:\users\alexis\AppData\Roaming\uTorrent
2009-05-31 20:07 . 2009-05-31 20:07 691 ----a-w- c:\users\alexis\AppData\Roaming\GetValue.vbs
2009-05-30 08:55 . 2008-01-19 20:00 672294 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-30 08:55 . 2008-01-19 20:00 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-22 06:12 . 2009-03-22 20:08 97624 ----a-w- c:\users\alexis\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-19 20:01 . 2008-01-19 20:00 615424 ----a-w- c:\windows\system32\themeui.dll
2009-05-19 20:01 . 2008-01-19 20:00 240128 ----a-w- c:\windows\system32\uxtheme.dll
2009-05-15 11:19 . 2009-04-23 19:47 -------- d-----w- c:\program files\VirtualDJ
2009-05-15 09:36 . 2009-05-15 09:36 -------- d-----w- c:\program files\DDN Créations
2009-05-15 09:19 . 2008-03-01 20:25 -------- d-----w- c:\programdata\Microsoft Help
2009-05-14 12:09 . 2009-04-25 13:43 -------- d-----w- c:\program files\Java
2009-05-13 11:33 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 15:15 . 2009-03-22 20:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-05-08 18:26 . 2009-05-08 18:27 30674 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfd.dat
2009-05-08 18:26 . 2009-05-08 18:27 30674 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfc.dat
2009-05-08 18:26 . 2009-05-08 18:27 287440 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfi.dat
2009-05-08 18:26 . 2009-05-08 18:27 287440 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfh.dat
2009-05-08 18:00 . 2009-05-08 18:02 36916 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfd.dat
2009-05-08 18:00 . 2009-05-08 18:02 36916 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfc.dat
2009-05-08 18:00 . 2009-05-08 18:02 290748 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfi.dat
2009-05-08 18:00 . 2009-05-08 18:02 290748 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfh.dat
2009-05-08 17:28 . 2009-05-08 17:30 40258 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfd.dat
2009-05-08 17:28 . 2009-05-08 17:30 40258 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfc.dat
2009-05-08 17:28 . 2009-05-08 17:30 336930 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfi.dat
2009-05-08 17:28 . 2009-05-08 17:30 336930 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfh.dat
2009-05-06 09:34 . 2009-04-30 14:38 -------- d-----w- c:\programdata\ma-config.com
2009-05-06 07:22 . 2009-03-23 12:56 -------- d-----w- c:\program files\Microsoft
2009-05-06 07:21 . 2008-02-22 22:50 -------- d-----w- c:\program files\Windows Live
2009-05-01 12:00 . 2009-04-23 13:49 -------- d-----w- c:\program files\UltraVNC
2009-04-30 15:05 . 2009-04-30 14:33 -------- d-----w- c:\program files\Easy Duplicate Finder
2009-04-30 13:07 . 2009-04-30 13:07 684872 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-04-30 12:45 . 2009-04-30 12:45 -------- d-----w- c:\users\alexis\AppData\Roaming\Avira
2009-04-30 12:11 . 2008-03-01 20:28 -------- d-----w- c:\program files\Microsoft Works
2009-04-30 11:10 . 2009-04-30 11:10 -------- d-----w- c:\program files\Common Files\logishrd
2009-04-29 16:08 . 2009-04-29 16:08 -------- d-----w- c:\program files\MSXML 4.0
2009-04-29 12:17 . 2009-04-29 12:17 -------- d-----w- c:\program files\Avira
2009-04-29 12:17 . 2009-03-23 13:53 -------- d-----w- c:\programdata\Avira
2009-04-29 12:10 . 2009-04-29 12:17 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-04-29 12:10 . 2009-04-29 12:17 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-04-28 14:46 . 2009-03-25 17:04 -------- d-----w- c:\program files\Google
2009-04-28 14:33 . 2009-03-28 09:46 -------- d-----w- c:\program files\Stardock
2009-04-27 18:39 . 2009-04-27 18:39 79888 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-04-27 18:39 . 2009-04-27 18:39 31952 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2009-04-26 12:57 . 2009-04-26 12:57 -------- d-----w- c:\users\alexis\AppData\Roaming\Nero
2009-04-25 13:43 . 2009-04-25 13:44 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-24 21:22 . 2009-04-24 21:22 -------- d-----w- c:\users\alexis\AppData\Roaming\Talkback
2009-04-24 21:21 . 2009-04-24 21:21 -------- d-----w- c:\users\alexis\AppData\Roaming\Thunderbird
2009-04-23 14:03 . 2008-03-19 19:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-23 12:56 . 2009-04-22 15:50 -------- d-----w- c:\programdata\Skyline
2009-04-22 19:03 . 2006-11-02 12:35 -------- d-----w- c:\program files\Microsoft Games
2009-04-22 14:44 . 2008-02-22 22:30 -------- d-----w- c:\program files\Ad-Aware
2009-04-22 14:40 . 2009-04-22 14:40 -------- d-----w- c:\users\alexis\AppData\Roaming\Lavasoft
2009-04-21 13:38 . 2009-04-30 14:35 429224 ----a-w- c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-20 15:50 . 2009-04-20 15:50 680 ----a-w- c:\users\alexis\AppData\Local\d3d9caps.dat
2009-04-18 15:37 . 2009-04-18 15:37 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-04-17 14:26 . 2009-04-17 14:26 -------- d-----w- c:\program files\Movie Maker 2.6
2009-04-15 20:00 . 2009-04-10 16:54 -------- d-----w- c:\program files\Messenger Plus! Live
2009-04-15 16:14 . 2009-04-15 16:08 -------- d-----w- c:\programdata\Symantec
2009-04-14 13:02 . 2009-04-14 09:46 -------- d-----w- c:\users\alexis\AppData\Roaming\zweitgeist
2009-04-14 13:02 . 2009-04-14 09:47 -------- d-----w- c:\program files\weblin
2009-04-14 09:47 . 2009-04-14 09:47 49152 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\IdleHook.dll
2009-04-14 09:47 . 2009-04-14 09:47 20480 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\hook13.dll
2009-04-14 09:47 . 2009-04-14 09:47 81920 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\uninstall.exe
2009-04-13 21:04 . 2009-04-08 09:38 -------- d-----w- c:\program files\GameTribe
2009-04-11 21:22 . 2009-04-11 21:22 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00003.tmp
2009-04-11 20:18 . 2009-04-11 20:18 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-11 12:11 . 2009-04-11 12:11 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00002.tmp
2009-04-11 12:10 . 2009-04-11 12:10 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00001.tmp
2009-04-10 16:55 . 2009-04-10 16:55 -------- d-----w- c:\programdata\Messenger Plus!
2009-04-08 16:36 . 2009-04-08 11:50 -------- d-----w- c:\program files\gPotato.eu
2009-04-08 12:31 . 2009-04-08 12:31 -------- d-----w- c:\program files\Common Files\INCA Shared
2009-04-07 21:23 . 2009-04-07 21:23 -------- d-----w- c:\users\alexis\AppData\Roaming\Notepad++
2009-04-07 17:05 . 2009-04-07 17:05 15872 ------w- c:\windows\system32\winskfr.dll
2009-04-07 09:19 . 2009-04-07 09:10 -------- d-----w- c:\program files\EPSON
2009-04-07 09:19 . 2008-03-19 20:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-04-03 21:08 . 2009-04-03 21:08 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-03 21:08 . 2009-04-03 21:08 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-03 21:08 . 2009-04-03 21:08 -------- d-----w- c:\program files\OpenAL
2009-04-03 20:15 . 2009-04-03 16:59 -------- d-----w- c:\users\alexis\AppData\Roaming\DeskSoft
2009-04-03 18:55 . 2009-04-03 18:20 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-04-03 18:35 . 2009-04-03 18:35 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-04-03 18:35 . 2009-04-03 18:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-03 18:32 . 2009-04-03 18:32 189184 ----a-w- c:\programdata\Microsoft\VBExpress\9.0\1036\ResourceCache.dll
2009-04-03 18:28 . 2009-04-03 18:28 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1036\ResourceCache.dll
2009-04-03 18:18 . 2009-04-03 18:18 -------- d-----w- c:\program files\Microsoft SDKs
2009-04-03 17:48 . 2009-04-03 17:48 -------- d-----w- c:\program files\Compil Games
2009-04-03 17:48 . 2009-04-03 17:08 -------- d-----w- c:\program files\GStudio6
2009-04-03 17:05 . 2009-04-03 17:05 -------- d-----w- c:\program files\ExperimentalScene
2009-04-03 17:05 . 2009-04-03 17:05 -------- d-----w- c:\users\alexis\AppData\Roaming\DarkWave Studio
2009-04-03 16:59 . 2009-04-03 16:59 62976 ----a-w- c:\windows\DTDraw.dll
2009-03-24 06:00 . 2008-01-19 20:00 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-03-23 12:45 . 2009-03-23 12:45 0 ----a-w- c:\windows\nsreg.dat
2009-03-23 12:41 . 2006-02-15 23:49 141414 ----a-w- c:\windows\DUMP8618.tmp
2009-03-22 20:04 . 2009-03-22 20:04 319984 ----a-w- c:\windows\DIFxAPI.dll
2009-03-17 03:38 . 2009-04-15 18:59 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 18:59 24064 ----a-w- c:\windows\system32\amxread.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-05-21 274224]
"FreeRAM XP"="c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-22 1591808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-22 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-22 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-12-22 86016]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-25 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-04-29 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-28 4186112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2008-01-19 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8CDB64E8-D2D2-4EE0-ABEF-FB8A576EDF81}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{7886B1F6-0DA4-4F15-8F8B-DF46A4FC2124}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{4C0C111C-502E-4627-BF25-2B224D4B6897}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"{ADE9E4B8-2806-4BF6-B6BB-E0AE8D1A886D}"= UDP:c:\users\alexis\AppData\Local\F4\ClientUpdater\ClientUpdater.exe:F4 Game Client Updater
"{1800A418-EA9D-4657-A4A0-1CC6F1621656}"= TCP:c:\users\alexis\AppData\Local\F4\ClientUpdater\ClientUpdater.exe:F4 Game Client Updater
"TCP Query User{36DEF846-0CF5-4884-9364-70719B56FF22}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= UDP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"UDP Query User{2CE12772-3F08-4B7B-851E-F425E855D85B}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= TCP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"TCP Query User{D215D9DC-DA7C-4856-A67F-EFF412A74589}c:\\program files\\shoutcast\\sc_serv.exe"= UDP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"UDP Query User{96EB137D-97A1-4652-BAF8-85336CA61465}c:\\program files\\shoutcast\\sc_serv.exe"= TCP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"TCP Query User{9F5FF72B-19CC-4DDD-A602-EA274CCE7D3C}c:\\users\\alexis\\desktop\\sc_serv.exe"= UDP:c:\users\alexis\desktop\sc_serv.exe:sc_serv.exe
"UDP Query User{B2BABF26-00D9-4E8D-B827-61BB14A850F4}c:\\users\\alexis\\desktop\\sc_serv.exe"= TCP:c:\users\alexis\desktop\sc_serv.exe:sc_serv.exe
"{38E4A27F-FF9F-41E9-88CD-FAD3ECE8B363}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{4AD5A6B5-9AA2-4B1F-BA31-48DBF235C29F}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{C193B054-9D8D-4350-9D90-507A8E8A8E6B}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{071C1CEB-51BC-4B40-868B-EB831D0C455C}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{52DD35B3-A3E7-40A9-B1AE-6287241BC98E}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{0A0AAA4F-5431-4C02-B46F-3FBF814C691A}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{CA53A8AC-5DC1-4E84-BC79-E02D08C302A6}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{36270FDE-926B-4259-AB60-64D269BBDB81}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{DE043796-3AD6-4C80-A88D-DCE22DAD2C64}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{03D0A90F-FAAE-4D94-A89A-EF7D69D1A783}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{2E4C3BFE-323D-4039-A13B-3F1573135FDA}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{5234CF43-C2B1-4218-B291-60C768ECBCEC}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{3E27E9C4-F0AF-42B2-A44A-751B7897EF33}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= UDP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"UDP Query User{DE9771DA-3FAD-4F18-9B60-4356D392B934}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= TCP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"TCP Query User{8E205424-323B-45E1-9675-55C328B6EA14}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"UDP Query User{C1090B63-6C7E-4F46-9FD0-6F9B3D0E5C9C}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"TCP Query User{40CF86FB-D527-4733-A4D3-5CCFB116B539}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"UDP Query User{A9E21EF9-08F1-4DC0-B1FC-5D8FCBD1D84B}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"TCP Query User{E7E2BB88-E09D-4645-AFB2-5C61E450B4FB}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"UDP Query User{23B401F4-6601-4621-89C5-FF24EF5541BD}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"TCP Query User{6A28B668-1AFA-4BC8-BC6E-6AE79C8CB970}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{C4E2E19F-D921-4B98-8E82-CA2B4FE2B851}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{256F719F-E0A1-4408-A52E-E592AA8D5AF1}c:\\program files\\ultravnc\\vncviewer.exe"= UDP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"UDP Query User{17FE3E27-4EDC-43DD-B015-CAE6C1171313}c:\\program files\\ultravnc\\vncviewer.exe"= TCP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"{DB036DAB-F23B-42AF-A996-5FAAB6EF3B2A}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{857F8272-E095-411E-B4C4-245E57B53F09}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{102DF932-05DD-49D1-B469-BC02E1BA30E7}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{8AFD765C-8019-4ECE-AC93-4A7EC4527B9D}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{CB9B0F58-E809-40C7-BB18-9030CB7FAA20}c:\\program files\\ultravnc\\vncviewer.exe"= UDP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"UDP Query User{2482A93D-34B3-499A-8343-7604C0D02026}c:\\program files\\ultravnc\\vncviewer.exe"= TCP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"TCP Query User{E769FD9C-2FE8-409C-81FC-81DD5EF85E29}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"UDP Query User{0701BE33-4E15-4EF2-81F4-AF5CD104C4C1}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"TCP Query User{3F803CAC-5268-42B0-A867-A889DEC05F3D}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{DEF45238-523F-4319-8E20-D657EEDF59C7}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{716358A4-5AC0-4C29-A620-38408F0968D4}c:\\program files\\zattoo\\zattoo2.exe"= UDP:c:\program files\zattoo\zattoo2.exe:
"UDP Query User{33D07A18-1BBE-470F-99CD-CE259E8C06C5}c:\\program files\\zattoo\\zattoo2.exe"= TCP:c:\program files\zattoo\zattoo2.exe:
"TCP Query User{0D5E226B-97D8-4701-882A-5C3635F058A8}c:\\program files\\maïdo production\\izispot 4\\izispot.exe"= Disabled:UDP:c:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"UDP Query User{20AD1E8D-091D-47C8-9498-7E30D30D3044}c:\\program files\\maïdo production\\izispot 4\\izispot.exe"= Disabled:TCP:c:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"{DA042341-B2D2-48E6-84A5-2B0685AA6631}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{CBF0C150-7C62-4EC6-8807-86F8395187AD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [19/03/2008 22:10 73728]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [29/04/2009 14:17 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/04/2009 14:17 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [29/04/2009 14:17 432897]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [19/01/2008 22:00 179712]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [23/03/2009 13:47 28224]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [27/04/2009 20:39 79888]
S3 VBoxUSB;VirtualBox USB;c:\windows\System32\drivers\VBoxUSB.sys [27/04/2009 20:39 31952]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contenu du dossier 'Tâches planifiées'

2009-05-31 c:\windows\Tasks\User_Feed_Synchronization-{BBC5C9FB-B610-4971-A327-6E6B5D5DB36D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-27 11:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-procexp90.Sys

.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyServer = amontpellier-552-1-89-188.w92-143.abo.wanadoo.fr:80
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: localhost
FF - ProfilePath - c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59831&ei=utf-8&yahoo_domain=search.yahoo.com&p=
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll

---- PARAMETRES FIREFOX ----

FF - user.js: browser.sessionstore.resume_from_crash - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 00:23
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\users\alexis\AppData\Local\Temp\gxvxc000 0 bytes

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gxvxcserv.sys]
"imagepath"="\systemroot\system32\drivers\gxvxcotosnqdptociohbmycnvxwfnxpujbfqr.sys"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxcotosnqdptociohbmycnvxwfnxpujbfqr.sys"
.
Heure de fin: 2009-05-31 0:26
ComboFix-quarantined-files.txt 2009-05-31 22:26

Avant-CF: 40 593 129 472 octets libres
Après-CF: 40 543 731 712 octets libres

362 --- E O F --- 2009-05-15 06:07
0
Réponse 27 / 67
Utilisateur anonyme
 
Re,

Relance malwarebyte.

++
0
Réponse 28 / 67
flechemaster Messages postés 87 Statut Membre 1
 
comment sa se fait qu'il marche a nouveau ? c'étais un programme espion qui le bloquais ? si oui pourquoi n'as t'il pas bloqué les autre que tu ma fait télécharger ?
0
Réponse 29 / 67
Utilisateur anonyme
 
Re,

Ben oui un rootkit une saloperie qui te bloquer cela et enplus toi tu faisait des autres choses a côté donc !!!!

Ne fait rien d'autres que ce que je te demande de faire....

0
Réponse 30 / 67
flechemaster Messages postés 87 Statut Membre 1
 
j'ai fait faire une mise a jour de malwarebyte's et une recherche complete
0
Réponse 31 / 67
flechemaster Messages postés 87 Statut Membre 1
 
heu j'ai pour le moment rien trouvé mais il n'as pas encore finis
0
Réponse 32 / 67
flechemaster Messages postés 87 Statut Membre 1
 
C'est bon l'examen est finis et il n'a rien trouvé
0
Réponse 33 / 67
Utilisateur anonyme
 
Re,

Relance combofix .

++
0
Réponse 34 / 67
flechemaster Messages postés 87 Statut Membre 1
 
Pourquoi ? a quoi sa me serviras de le relance ?
0
Réponse 35 / 67
Utilisateur anonyme
 
Re,

fait le.
0
Réponse 36 / 67
flechemaster Messages postés 87 Statut Membre 1
 
c'est bon par contre si tu veut la rapport faudrat que tu me dise ou il se cache
0
Réponse 37 / 67
Utilisateur anonyme
 
Re,

Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ combofix.txt)
0
Réponse 38 / 67
flechemaster Messages postés 87 Statut Membre 1
 
--
Bla Bla BlaComboFix 09-05-31.05 - alexis 01/06/2009 16:26.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate Édition 6.0.6001.1.1252.33.1036.18.1277.556 [GMT 2:00]
Lancé depuis: c:\users\alexis\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gxvxcserv.sys

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-01 au 2009-06-01 ))))))))))))))))))))))))))))))))))))
.

2009-06-01 10:25 . 2009-06-01 10:25 113280 ----a-w- c:\programdata\Microsoft\VCExpress\9.0\1036\ResourceCache.dll
2009-06-01 10:19 . 2009-06-01 10:20 -------- d-----w- c:\program files\Common Files\Merge Modules
2009-05-31 21:05 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-31 21:05 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-31 21:05 . 2009-05-31 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-31 20:07 . 2009-05-31 20:07 35 ----a-w- c:\users\alexis\AppData\Roaming\SetValue.bat
2009-05-31 20:06 . 2009-06-01 12:10 -------- d-----w- c:\windows\system32\SmitfraudFix
2009-05-31 18:48 . 2009-05-31 18:49 -------- d-----w- C:\Rooter$
2009-05-31 17:30 . 2009-05-31 17:30 -------- d-----w- c:\program files\trend micro
2009-05-31 17:30 . 2009-05-31 17:31 -------- d-----w- C:\rsit
2009-05-30 07:48 . 2009-05-30 07:48 -------- d-----w- c:\program files\Quicksys
2009-05-30 07:44 . 2009-05-30 07:44 -------- d-----w- c:\program files\YourWare Solutions
2009-05-25 19:49 . 2009-04-27 18:39 100944 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-05-25 19:47 . 2009-04-27 18:39 41424 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-05-24 09:17 . 2009-05-29 15:57 -------- d-----w- c:\users\alexis\AppData\Local\Zattoo
2009-05-23 20:33 . 2009-05-24 08:05 -------- d-----w- c:\programdata\EasyMp3Downloader
2009-05-23 20:33 . 2009-05-23 20:33 -------- d-----w- c:\users\alexis\AppData\Roaming\EasyMp3Downloader
2009-05-23 20:33 . 2009-05-24 07:44 -------- d-----w- c:\program files\EasyMP3Downloader
2009-05-23 20:23 . 2009-05-23 20:23 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-23 20:22 . 2009-05-23 20:22 -------- d-----w- c:\users\alexis\AppData\Roaming\Nvu
2009-05-23 20:22 . 2009-05-24 07:41 -------- d-----w- c:\program files\Nvu
2009-05-23 18:46 . 2009-05-23 18:46 -------- d-----w- c:\users\alexis\AppData\Local\Opera
2009-05-23 18:45 . 2009-05-23 19:09 -------- d-----w- c:\program files\Opera
2009-05-21 19:32 . 2009-05-21 20:56 -------- d-----w- c:\program files\Aesop
2009-05-21 18:23 . 2009-05-21 18:23 -------- d-----w- c:\program files\uTorrent
2009-05-19 20:28 . 2009-05-21 19:44 253952 ------w- c:\windows\Setup1.exe
2009-05-19 20:28 . 2009-05-21 19:44 74752 ----a-w- c:\windows\ST6UNST.EXE
2009-05-18 17:44 . 2009-05-18 17:44 -------- d-----w- c:\program files\JRE
2009-05-15 09:36 . 2009-05-15 09:36 -------- d-----w- c:\program files\DDN Créations
2009-05-14 15:20 . 2009-06-01 14:04 -------- d-----w- c:\program files\Bodom-Child - RaBBi
2009-05-14 12:12 . 2009-05-30 08:52 1 ----a-w- c:\users\alexis\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-14 12:11 . 2009-05-14 12:11 -------- d-----w- c:\users\alexis\AppData\Roaming\OpenOffice.org
2009-05-14 12:09 . 2009-05-18 17:44 -------- d-----w- c:\program files\OpenOffice.org 3
2009-05-14 12:08 . 2009-05-14 12:08 -------- d-----w- c:\program files\Common Files\Java
2009-05-13 14:37 . 2009-05-16 15:58 -------- d-----w- c:\users\alexis\AppData\Roaming\dvdcss
2009-05-09 16:02 . 2009-05-09 16:02 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-09 14:45 . 2009-05-09 14:45 -------- d-----w- c:\program files\Rockstar Games
2009-05-08 22:20 . 2009-05-09 14:47 -------- d-----w- c:\users\alexis\AppData\Roaming\Desktopicon
2009-05-08 22:20 . 2009-05-08 22:20 -------- d-----w- c:\program files\VDOWNLOADER
2009-05-08 19:19 . 2009-05-08 19:19 -------- d-----w- c:\users\alexis\AppData\Roaming\vlc
2009-05-08 18:52 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\en-US
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\en
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\drivers\en-US
2009-05-08 18:27 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\[u]0/u409
2009-05-08 18:27 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\en-US
2009-05-08 18:03 . 2009-06-01 07:50 609434 ----a-w- c:\windows\system32\perfh007.dat
2009-05-08 18:03 . 2009-06-01 07:50 122884 ----a-w- c:\windows\system32\perfc007.dat
2009-05-08 18:03 . 2009-05-08 18:00 36916 ----a-w- c:\windows\system32\perfd007.dat
2009-05-08 18:03 . 2009-05-08 18:00 290748 ----a-w- c:\windows\system32\perfi007.dat
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\de-DE
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\drivers\de-DE
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\[u]0/u407
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\windows\system32\de
2009-05-08 18:02 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\de-DE
2009-05-08 17:31 . 2009-06-01 07:50 658076 ----a-w- c:\windows\system32\perfh00A.dat
2009-05-08 17:31 . 2009-06-01 07:50 129516 ----a-w- c:\windows\system32\perfc00A.dat
2009-05-08 17:31 . 2009-05-08 17:28 40258 ----a-w- c:\windows\system32\perfd00A.dat
2009-05-08 17:31 . 2009-05-08 17:28 336930 ----a-w- c:\windows\system32\perfi00A.dat
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\MSAgent
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\winrm
2009-05-08 17:30 . 2009-05-08 18:27 -------- d-----w- c:\windows\system32\MigWiz
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\es
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\[u]0/uC0A
2009-05-08 17:30 . 2009-05-08 17:30 -------- d-----w- c:\windows\system32\drivers\es-ES
2009-05-08 17:29 . 2009-05-08 18:51 -------- d-----w- c:\windows\system32\wbem\es-ES
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\system32\Speech
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\es-ES
2009-05-08 17:29 . 2009-05-08 17:29 -------- d-----w- c:\windows\Speech
2009-05-06 15:05 . 2009-05-06 15:05 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2009-05-06 06:00 . 2009-05-06 06:00 -------- d-----w- c:\users\alexis\AppData\Roaming\Malwarebytes
2009-05-06 06:00 . 2009-05-06 06:00 -------- d-----w- c:\programdata\Malwarebytes
2009-05-05 09:49 . 2009-05-24 09:17 -------- d-----w- c:\users\alexis\AppData\Local\ZattooPlayer
2009-05-05 09:48 . 2009-05-05 09:48 -------- d-----w- c:\program files\Zattoo
2009-05-05 09:43 . 2009-05-05 09:43 -------- d-----w- c:\users\alexis\AppData\Roaming\MeuhMeuhTV
2009-05-05 09:39 . 2009-05-05 09:39 -------- d-----w- c:\users\alexis\AppData\Roaming\Participatory Culture Foundation
2009-05-05 09:39 . 2009-05-05 09:39 -------- d-----w- c:\program files\Participatory Culture Foundation
2009-05-05 09:35 . 2009-05-05 09:39 -------- d-----w- c:\program files\ProgDVB
2009-05-05 09:15 . 2009-05-05 09:15 -------- d--h--w- c:\windows\PIF
2009-05-03 14:04 . 2009-05-11 15:10 -------- d-----w- c:\users\alexis\AppData\Local\Microsoft Games

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 14:09 . 2009-03-23 14:05 -------- d-----w- c:\users\alexis\AppData\Roaming\uTorrent
2009-06-01 10:26 . 2008-03-01 20:25 -------- d-----w- c:\programdata\Microsoft Help
2009-06-01 10:24 . 2009-04-03 18:28 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1036\ResourceCache.dll
2009-06-01 10:21 . 2009-04-03 18:20 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-06-01 07:50 . 2008-01-19 20:00 672294 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-01 07:50 . 2008-01-19 20:00 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-31 20:07 . 2009-05-31 20:07 691 ----a-w- c:\users\alexis\AppData\Roaming\GetValue.vbs
2009-05-22 06:12 . 2009-03-22 20:08 97624 ----a-w- c:\users\alexis\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-19 20:01 . 2008-01-19 20:00 615424 ----a-w- c:\windows\system32\themeui.dll
2009-05-19 20:01 . 2008-01-19 20:00 240128 ----a-w- c:\windows\system32\uxtheme.dll
2009-05-15 11:19 . 2009-04-23 19:47 -------- d-----w- c:\program files\VirtualDJ
2009-05-15 09:36 . 2009-05-15 09:36 -------- d-----w- c:\program files\DDN Créations
2009-05-14 12:09 . 2009-04-25 13:43 -------- d-----w- c:\program files\Java
2009-05-13 11:33 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 15:15 . 2009-03-22 20:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-08 18:27 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-05-08 18:26 . 2009-05-08 18:27 30674 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfd.dat
2009-05-08 18:26 . 2009-05-08 18:27 30674 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfc.dat
2009-05-08 18:26 . 2009-05-08 18:27 287440 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfi.dat
2009-05-08 18:26 . 2009-05-08 18:27 287440 ----a-w- c:\windows\inf\PERFLIB\[u]0/u409\perfh.dat
2009-05-08 18:00 . 2009-05-08 18:02 36916 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfd.dat
2009-05-08 18:00 . 2009-05-08 18:02 36916 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfc.dat
2009-05-08 18:00 . 2009-05-08 18:02 290748 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfi.dat
2009-05-08 18:00 . 2009-05-08 18:02 290748 ----a-w- c:\windows\inf\PERFLIB\[u]0/u407\perfh.dat
2009-05-08 17:28 . 2009-05-08 17:30 40258 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfd.dat
2009-05-08 17:28 . 2009-05-08 17:30 40258 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfc.dat
2009-05-08 17:28 . 2009-05-08 17:30 336930 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfi.dat
2009-05-08 17:28 . 2009-05-08 17:30 336930 ----a-w- c:\windows\inf\PERFLIB\[u]0/uC0A\perfh.dat
2009-05-06 09:34 . 2009-04-30 14:38 -------- d-----w- c:\programdata\ma-config.com
2009-05-06 07:22 . 2009-03-23 12:56 -------- d-----w- c:\program files\Microsoft
2009-05-06 07:21 . 2008-02-22 22:50 -------- d-----w- c:\program files\Windows Live
2009-05-01 12:00 . 2009-04-23 13:49 -------- d-----w- c:\program files\UltraVNC
2009-04-30 15:05 . 2009-04-30 14:33 -------- d-----w- c:\program files\Easy Duplicate Finder
2009-04-30 13:07 . 2009-04-30 13:07 684872 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-04-30 12:45 . 2009-04-30 12:45 -------- d-----w- c:\users\alexis\AppData\Roaming\Avira
2009-04-30 12:11 . 2008-03-01 20:28 -------- d-----w- c:\program files\Microsoft Works
2009-04-30 11:10 . 2009-04-30 11:10 -------- d-----w- c:\program files\Common Files\logishrd
2009-04-29 16:08 . 2009-04-29 16:08 -------- d-----w- c:\program files\MSXML 4.0
2009-04-29 12:17 . 2009-04-29 12:17 -------- d-----w- c:\program files\Avira
2009-04-29 12:17 . 2009-03-23 13:53 -------- d-----w- c:\programdata\Avira
2009-04-29 12:10 . 2009-04-29 12:17 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-04-29 12:10 . 2009-04-29 12:17 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-04-28 14:46 . 2009-03-25 17:04 -------- d-----w- c:\program files\Google
2009-04-28 14:33 . 2009-03-28 09:46 -------- d-----w- c:\program files\Stardock
2009-04-27 18:39 . 2009-04-27 18:39 79888 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-04-27 18:39 . 2009-04-27 18:39 31952 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2009-04-26 12:57 . 2009-04-26 12:57 -------- d-----w- c:\users\alexis\AppData\Roaming\Nero
2009-04-25 13:43 . 2009-04-25 13:44 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-24 21:22 . 2009-04-24 21:22 -------- d-----w- c:\users\alexis\AppData\Roaming\Talkback
2009-04-24 21:21 . 2009-04-24 21:21 -------- d-----w- c:\users\alexis\AppData\Roaming\Thunderbird
2009-04-23 14:03 . 2008-03-19 19:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-23 12:56 . 2009-04-22 15:50 -------- d-----w- c:\programdata\Skyline
2009-04-22 19:03 . 2006-11-02 12:35 -------- d-----w- c:\program files\Microsoft Games
2009-04-22 14:44 . 2008-02-22 22:30 -------- d-----w- c:\program files\Ad-Aware
2009-04-22 14:40 . 2009-04-22 14:40 -------- d-----w- c:\users\alexis\AppData\Roaming\Lavasoft
2009-04-21 13:38 . 2009-04-30 14:35 429224 ----a-w- c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-20 15:50 . 2009-04-20 15:50 680 ----a-w- c:\users\alexis\AppData\Local\d3d9caps.dat
2009-04-18 15:37 . 2009-04-18 15:37 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-04-17 14:26 . 2009-04-17 14:26 -------- d-----w- c:\program files\Movie Maker 2.6
2009-04-15 20:00 . 2009-04-10 16:54 -------- d-----w- c:\program files\Messenger Plus! Live
2009-04-15 16:14 . 2009-04-15 16:08 -------- d-----w- c:\programdata\Symantec
2009-04-14 13:02 . 2009-04-14 09:46 -------- d-----w- c:\users\alexis\AppData\Roaming\zweitgeist
2009-04-14 13:02 . 2009-04-14 09:47 -------- d-----w- c:\program files\weblin
2009-04-14 09:47 . 2009-04-14 09:47 49152 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\IdleHook.dll
2009-04-14 09:47 . 2009-04-14 09:47 20480 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\hook13.dll
2009-04-14 09:47 . 2009-04-14 09:47 81920 ----a-w- c:\users\alexis\AppData\Roaming\zweitgeist\uninstall.exe
2009-04-13 21:04 . 2009-04-08 09:38 -------- d-----w- c:\program files\GameTribe
2009-04-11 21:22 . 2009-04-11 21:22 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00003.tmp
2009-04-11 20:18 . 2009-04-11 20:18 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-11 12:11 . 2009-04-11 12:11 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00002.tmp
2009-04-11 12:10 . 2009-04-11 12:10 -------- d-----w- c:\users\alexis\AppData\Roaming\~LM00001.tmp
2009-04-10 16:55 . 2009-04-10 16:55 -------- d-----w- c:\programdata\Messenger Plus!
2009-04-08 16:36 . 2009-04-08 11:50 -------- d-----w- c:\program files\gPotato.eu
2009-04-08 12:31 . 2009-04-08 12:31 -------- d-----w- c:\program files\Common Files\INCA Shared
2009-04-07 21:23 . 2009-04-07 21:23 -------- d-----w- c:\users\alexis\AppData\Roaming\Notepad++
2009-04-07 17:05 . 2009-04-07 17:05 15872 ------w- c:\windows\system32\winskfr.dll
2009-04-07 09:19 . 2009-04-07 09:10 -------- d-----w- c:\program files\EPSON
2009-04-07 09:19 . 2008-03-19 20:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-04-03 21:08 . 2009-04-03 21:08 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-03 21:08 . 2009-04-03 21:08 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-03 21:08 . 2009-04-03 21:08 -------- d-----w- c:\program files\OpenAL
2009-04-03 20:15 . 2009-04-03 16:59 -------- d-----w- c:\users\alexis\AppData\Roaming\DeskSoft
2009-04-03 18:35 . 2009-04-03 18:35 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-04-03 18:35 . 2009-04-03 18:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-04-03 18:32 . 2009-04-03 18:32 189184 ----a-w- c:\programdata\Microsoft\VBExpress\9.0\1036\ResourceCache.dll
2009-04-03 18:18 . 2009-04-03 18:18 -------- d-----w- c:\program files\Microsoft SDKs
2009-04-03 17:48 . 2009-04-03 17:48 -------- d-----w- c:\program files\Compil Games
2009-04-03 17:48 . 2009-04-03 17:08 -------- d-----w- c:\program files\GStudio6
2009-04-03 17:05 . 2009-04-03 17:05 -------- d-----w- c:\program files\ExperimentalScene
2009-04-03 17:05 . 2009-04-03 17:05 -------- d-----w- c:\users\alexis\AppData\Roaming\DarkWave Studio
2009-04-03 16:59 . 2009-04-03 16:59 62976 ----a-w- c:\windows\DTDraw.dll
2009-03-24 06:00 . 2008-01-19 20:00 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-03-23 12:45 . 2009-03-23 12:45 0 ----a-w- c:\windows\nsreg.dat
2009-03-23 12:41 . 2006-02-15 23:49 141414 ----a-w- c:\windows\DUMP8618.tmp
2009-03-22 20:04 . 2009-03-22 20:04 319984 ----a-w- c:\windows\DIFxAPI.dll
2009-03-17 03:38 . 2009-04-15 18:59 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 18:59 24064 ----a-w- c:\windows\system32\amxread.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-05-21 274224]
"FreeRAM XP"="c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-22 1591808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-22 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-22 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-12-22 86016]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-25 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-04-29 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-28 4186112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8CDB64E8-D2D2-4EE0-ABEF-FB8A576EDF81}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{7886B1F6-0DA4-4F15-8F8B-DF46A4FC2124}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{4C0C111C-502E-4627-BF25-2B224D4B6897}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"{ADE9E4B8-2806-4BF6-B6BB-E0AE8D1A886D}"= UDP:c:\users\alexis\AppData\Local\F4\ClientUpdater\ClientUpdater.exe:F4 Game Client Updater
"{1800A418-EA9D-4657-A4A0-1CC6F1621656}"= TCP:c:\users\alexis\AppData\Local\F4\ClientUpdater\ClientUpdater.exe:F4 Game Client Updater
"TCP Query User{36DEF846-0CF5-4884-9364-70719B56FF22}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= UDP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"UDP Query User{2CE12772-3F08-4B7B-851E-F425E855D85B}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= TCP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"TCP Query User{D215D9DC-DA7C-4856-A67F-EFF412A74589}c:\\program files\\shoutcast\\sc_serv.exe"= UDP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"UDP Query User{96EB137D-97A1-4652-BAF8-85336CA61465}c:\\program files\\shoutcast\\sc_serv.exe"= TCP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"TCP Query User{9F5FF72B-19CC-4DDD-A602-EA274CCE7D3C}c:\\users\\alexis\\desktop\\sc_serv.exe"= UDP:c:\users\alexis\desktop\sc_serv.exe:sc_serv.exe
"UDP Query User{B2BABF26-00D9-4E8D-B827-61BB14A850F4}c:\\users\\alexis\\desktop\\sc_serv.exe"= TCP:c:\users\alexis\desktop\sc_serv.exe:sc_serv.exe
"{38E4A27F-FF9F-41E9-88CD-FAD3ECE8B363}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{4AD5A6B5-9AA2-4B1F-BA31-48DBF235C29F}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{C193B054-9D8D-4350-9D90-507A8E8A8E6B}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{071C1CEB-51BC-4B40-868B-EB831D0C455C}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{52DD35B3-A3E7-40A9-B1AE-6287241BC98E}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{0A0AAA4F-5431-4C02-B46F-3FBF814C691A}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{CA53A8AC-5DC1-4E84-BC79-E02D08C302A6}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{36270FDE-926B-4259-AB60-64D269BBDB81}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{DE043796-3AD6-4C80-A88D-DCE22DAD2C64}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{03D0A90F-FAAE-4D94-A89A-EF7D69D1A783}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{2E4C3BFE-323D-4039-A13B-3F1573135FDA}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{5234CF43-C2B1-4218-B291-60C768ECBCEC}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{3E27E9C4-F0AF-42B2-A44A-751B7897EF33}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= UDP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"UDP Query User{DE9771DA-3FAD-4F18-9B60-4356D392B934}c:\\program files\\gpotato.eu\\street gears\\streetgear.exe"= TCP:c:\program files\gpotato.eu\street gears\streetgear.exe:StreetGear
"TCP Query User{8E205424-323B-45E1-9675-55C328B6EA14}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"UDP Query User{C1090B63-6C7E-4F46-9FD0-6F9B3D0E5C9C}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"TCP Query User{40CF86FB-D527-4733-A4D3-5CCFB116B539}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"UDP Query User{A9E21EF9-08F1-4DC0-B1FC-5D8FCBD1D84B}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:Serveur VNC pour Win32
"TCP Query User{E7E2BB88-E09D-4645-AFB2-5C61E450B4FB}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"UDP Query User{23B401F4-6601-4621-89C5-FF24EF5541BD}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"TCP Query User{6A28B668-1AFA-4BC8-BC6E-6AE79C8CB970}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{C4E2E19F-D921-4B98-8E82-CA2B4FE2B851}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{256F719F-E0A1-4408-A52E-E592AA8D5AF1}c:\\program files\\ultravnc\\vncviewer.exe"= UDP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"UDP Query User{17FE3E27-4EDC-43DD-B015-CAE6C1171313}c:\\program files\\ultravnc\\vncviewer.exe"= TCP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"{DB036DAB-F23B-42AF-A996-5FAAB6EF3B2A}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{857F8272-E095-411E-B4C4-245E57B53F09}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{102DF932-05DD-49D1-B469-BC02E1BA30E7}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{8AFD765C-8019-4ECE-AC93-4A7EC4527B9D}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{CB9B0F58-E809-40C7-BB18-9030CB7FAA20}c:\\program files\\ultravnc\\vncviewer.exe"= UDP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"UDP Query User{2482A93D-34B3-499A-8343-7604C0D02026}c:\\program files\\ultravnc\\vncviewer.exe"= TCP:c:\program files\ultravnc\vncviewer.exe:VNCViewer
"TCP Query User{E769FD9C-2FE8-409C-81FC-81DD5EF85E29}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"UDP Query User{0701BE33-4E15-4EF2-81F4-AF5CD104C4C1}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"TCP Query User{3F803CAC-5268-42B0-A867-A889DEC05F3D}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{DEF45238-523F-4319-8E20-D657EEDF59C7}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{716358A4-5AC0-4C29-A620-38408F0968D4}c:\\program files\\zattoo\\zattoo2.exe"= UDP:c:\program files\zattoo\zattoo2.exe:
"UDP Query User{33D07A18-1BBE-470F-99CD-CE259E8C06C5}c:\\program files\\zattoo\\zattoo2.exe"= TCP:c:\program files\zattoo\zattoo2.exe:
"TCP Query User{0D5E226B-97D8-4701-882A-5C3635F058A8}c:\\program files\\maïdo production\\izispot 4\\izispot.exe"= Disabled:UDP:c:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"UDP Query User{20AD1E8D-091D-47C8-9498-7E30D30D3044}c:\\program files\\maïdo production\\izispot 4\\izispot.exe"= Disabled:TCP:c:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"{DA042341-B2D2-48E6-84A5-2B0685AA6631}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{CBF0C150-7C62-4EC6-8807-86F8395187AD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [19/03/2008 22:10 73728]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [29/04/2009 14:17 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/04/2009 14:17 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [29/04/2009 14:17 432897]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [19/01/2008 22:00 179712]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [23/03/2009 13:47 28224]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [27/04/2009 20:39 79888]
S3 VBoxUSB;VirtualBox USB;c:\windows\System32\drivers\VBoxUSB.sys [27/04/2009 20:39 31952]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contenu du dossier 'Tâches planifiées'

2009-06-01 c:\windows\Tasks\User_Feed_Synchronization-{BBC5C9FB-B610-4971-A327-6E6B5D5DB36D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-27 11:31]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyServer = amontpellier-552-1-89-188.w92-143.abo.wanadoo.fr:80
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: localhost
FF - ProfilePath - c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59831&ei=utf-8&yahoo_domain=search.yahoo.com&p=
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xmd5eco2.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll

---- PARAMETRES FIREFOX ----

FF - user.js: browser.sessionstore.resume_from_crash - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 16:39
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\France Telecom\Shared Modules\FTRTSVC\[u]0/u\FTRTSVC.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
c:\windows\System32\drivers\XAudio.exe
c:\windows\System32\iashost.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\wbem\unsecapp.exe
c:\users\alexis\AppData\Local\Temp\RtkBtMnt.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\Mozilla Firefox\firefox.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-06-01 16:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-01 14:46
ComboFix2.txt 2009-05-31 22:26

Avant-CF: 40 374 284 288 octets libres
Après-CF: 40 294 281 216 octets libres

363 --- E O F --- 2009-06-01 07:20
0
Réponse 39 / 67
Utilisateur anonyme
 
Re,

Relance malwarebyte.

0
Réponse 40 / 67
flechemaster Messages postés 87 Statut Membre 1
 
je l'ai déjà ! pourquoi je le retéléchargerais ?
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses