Sujet Précédent Sujet Suivant

PC infecté sous Vista

Fermé
Patient44 - 7 juil. 2009 à 21:44
 Patient44 - 15 juil. 2009 à 04:37
Bonjour, je viens vers vous du fait que mon PC soit infecté par un ou des spywares ou virus je ne sais trop. Je reçoit des messages d'alertes me signifiant que mon pc pourrait être infecté par des virus et un petite page d'alerte s'ouvre me demandant de télécharger un anti virus en ligne. Ce message revient régulièrement et ma machine est devenue très lente. Parfois redirigé vers une page que je n'ai pas demandée ou des jeux de poker en ligne. Merci de m'indiquer la procédure à suivre afin d'éradiquer cette M----
Précision: j'ai effectué un scan virus mais impossible de le déloger. par ailleurs j'ai télécharger Spybot mais celui-ci ne veux pas se lancer. Merci de votre aide.
A voir également:

30 réponses

Précédent
  • 1
  • 2
Réponse 21 / 30
Patient44
8 juil. 2009 à 15:46
Toujours personne? si quelqu'un peux m'aider car je suis dedans........
De plus la RAM semble s'affoler
725 mo sur 2GO alors que rien ne tourne............
0
Réponse 22 / 30
Patient44
8 juil. 2009 à 17:23
Toujours personne pour m'aider?
0
Réponse 23 / 30
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
8 juil. 2009 à 19:32
lance le en mode sans echec
0
Réponse 24 / 30
Patient44
8 juil. 2009 à 23:26
Voici le rapport:

ComboFix 09-07-08.02 - Oliveira 08/07/2009 23:02.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2047.1374 [GMT 2:00]
Lancé depuis: c:\users\Oliveira\Desktop\ComboFix2.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\PlayMYDVD
c:\users\Oliveira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMYDVD
c:\windows\10091z5rus9f2.exe
c:\windows\10557virus4z9.bin
c:\windows\10635no9za-virus548.bin
c:\windows\10795noz-a-virus290.exe
c:\windows\10c9th9ea58673z.exe
c:\windows\10z05not5a-virus692.cpl
c:\windows\11113woz9597.bin
c:\windows\11208hackto9l5z4.bin
c:\windows\112c5pazse9043.dll
c:\windows\118zad9ware6255.dll
c:\windows\11z8threat95122.exe
c:\windows\121z75ot-a-virus4b9.bin
c:\windows\1252threat21z90.dll
c:\windows\12612not-azvi95s126.exe
c:\windows\130e5pars91254z.ocx
c:\windows\13498s596z.cpl
c:\windows\139c5parse2716z.ocx
c:\windows\13z89ir1445.cpl
c:\windows\14057wo9m8z.cpl
c:\windows\1412s5e9l84z.dll
c:\windows\14599troj293z.ocx
c:\windows\145zste9l1556.ocx
c:\windows\14913vir5s20z.cpl
c:\windows\14953s5amb9z6b8.dll
c:\windows\15023zackt5ol29a.cpl
c:\windows\155179zrm775.cpl
c:\windows\15615vzrus7f29.ocx
c:\windows\157985zckto9l255.ocx
c:\windows\158695irus2dz.dll
c:\windows\15939s9ycz.exe
c:\windows\15968zorm499.dll
c:\windows\15986worz7a5.dll
c:\windows\16479s5amboz76e9.exe
c:\windows\16779hack5oz97f8.bin
c:\windows\17595spazbot2ca.exe
c:\windows\185z5spam9otaf.dll
c:\windows\187dspy9a5e330z.bin
c:\windows\18896not-a-viruz554.cpl
c:\windows\18a8do59loader967z.exe
c:\windows\190425azktool539.dll
c:\windows\19093troz548.exe
c:\windows\19219not-azv5rus1c6.bin
c:\windows\19246s5amz9t24c.ocx
c:\windows\192asp5rze336.cpl
c:\windows\19441sz558.cpl
c:\windows\1945addwar525z1.exe
c:\windows\194795rzj7df.bin
c:\windows\19550viruz529.dll
c:\windows\1958zworm658.bin
c:\windows\19621virus55z.bin
c:\windows\19682zirus5e5.exe
c:\windows\19755vzrus531.bin
c:\windows\19z39wor57df.dll
c:\windows\19z9thie5675.bin
c:\windows\1c57downloa5erz93.dll
c:\windows\1ca5dow5l9ader2z70.cpl
c:\windows\1dzc9pyware257.dll
c:\windows\1f839hrzat15935.dll
c:\windows\1fbedoznl5ader997.bin
c:\windows\1ff9spyzar5427.ocx
c:\windows\1z396s5y758.bin
c:\windows\1z4209irus755.ocx
c:\windows\1z4bth5ef9491.ocx
c:\windows\1z6359py18b5.bin
c:\windows\20089zot-a-5irus255.dll
c:\windows\20092vz5us426.dll
c:\windows\20189hackz5ol6109.ocx
c:\windows\204759irus82z.dll
c:\windows\2067znot-a-vi9u51ac.exe
c:\windows\208z5spy1e69.bin
c:\windows\21396w9rz15d.cpl
c:\windows\21576hacktool4z9.cpl
c:\windows\215z59roj328.exe
c:\windows\21930s5z3fc.exe
c:\windows\22079n9t-a-vizus6dd5.exe
c:\windows\22355zp54439.dll
c:\windows\22390spaz95t70b.exe
c:\windows\22592wz9m577.dll
c:\windows\22615tzoj39d.ocx
c:\windows\22626z9rm56e.ocx
c:\windows\227795p9zfc.exe
c:\windows\230595acktool45ez.ocx
c:\windows\232039ozm665.dll
c:\windows\23950hackzool5c.exe
c:\windows\2400ziru519.cpl
c:\windows\24698spz1a5.ocx
c:\windows\24z2back5oor3924.cpl
c:\windows\2519not-az5irus789.ocx
c:\windows\252z5hacktool119.ocx
c:\windows\2536spa9botz43.ocx
c:\windows\25419wz9me5.ocx
c:\windows\25465zorm39.bin
c:\windows\2555z59rus21a.dll
c:\windows\25697noz-a-vi9us5ac.dll
c:\windows\256dsp9rze126.ocx
c:\windows\25906not-a9vir5s72z.ocx
c:\windows\25912spa5zotea.exe
c:\windows\2592zs5y61c.bin
c:\windows\25938s9y2z2.exe
c:\windows\25984not5z-v9rus4f5.dll
c:\windows\259z2virus13b9.exe
c:\windows\263459pyzb9.dll
c:\windows\26539spyz98.ocx
c:\windows\26598viruz21.ocx
c:\windows\26660vz5us5eb9.exe
c:\windows\26922n5tza-virus398.bin
c:\windows\26ffs9e5l3z8.dll
c:\windows\27199z9a5bot63c.dll
c:\windows\2735vir1z709.exe
c:\windows\284z9s5ambot596.cpl
c:\windows\28595spzmbo9555.exe
c:\windows\2859szyware1549.ocx
c:\windows\28647troj595z.bin
c:\windows\286679zcktoo51ee.ocx
c:\windows\287405oz-a-v9rus19.bin
c:\windows\29223sp5zcc.cpl
c:\windows\2930z5rm669.cpl
c:\windows\29353hacktzol592.dll
c:\windows\29409zr5145.ocx
c:\windows\29468not-9-virzs357.dll
c:\windows\29538sp9mbot5z6.dll
c:\windows\2957zir35929.dll
c:\windows\296099pz3f5.cpl
c:\windows\2970s5arsez499.ocx
c:\windows\2b4as5eal971z.exe
c:\windows\2b9eaddzare506.exe
c:\windows\2d4zv9r18535.dll
c:\windows\2d53do9nloader2954z.bin
c:\windows\2d99threatz45465.ocx
c:\windows\2f29st5az2494.dll
c:\windows\2z692vir5s12e.dll
c:\windows\2z794not-a-virus905.dll
c:\windows\2z984spa5bot319.dll
c:\windows\2zc3d9wnloader18155.exe
c:\windows\30118vzr9s55f.dll
c:\windows\305639roj39z.bin
c:\windows\305c5zief498.ocx
c:\windows\30650spaz9ot39.cpl
c:\windows\30894spa5boz639.exe
c:\windows\309z2spamb5t2399.cpl
c:\windows\30z24spamb9579.dll
c:\windows\30z55wo9m689.cpl
c:\windows\3110zhack5oo9481.ocx
c:\windows\3154459oj687z.bin
c:\windows\323285acktoo9z7.dll
c:\windows\3249z5py36f.ocx
c:\windows\3258sp9waze1126.exe
c:\windows\3259zorm396.exe
c:\windows\32708zp9m5ot2c1.ocx
c:\windows\327c59r1z1.bin
c:\windows\32973zp5370.bin
c:\windows\32997wor53cfz.bin
c:\windows\32z85spy399.dll
c:\windows\330dbzckdo9r13975.bin
c:\windows\336zdownload5r889.cpl
c:\windows\342cs5eal2599z.exe
c:\windows\3456th9eaz5019.ocx
c:\windows\35899pambo52bcz.ocx
c:\windows\358e9ir2z59.ocx
c:\windows\35z5th9ef2102.dll
c:\windows\3615hacktoo92faz.exe
c:\windows\36bzthi9f509.exe
c:\windows\36d5spazs523169.dll
c:\windows\3754thi9f1z10.dll
c:\windows\37z9spar5e2585.ocx
c:\windows\39129ha5ktool5ez.exe
c:\windows\395ebaz5doo91841.exe
c:\windows\39f9b5czdoor952.cpl
c:\windows\3a3a5zief2349.dll
c:\windows\3bf9vzr1553.exe
c:\windows\3d55back5oor91z9.bin
c:\windows\3d66vz59989.exe
c:\windows\3df29zwnloader1645.dll
c:\windows\3fa65a9kdooz1181.ocx
c:\windows\3z22s5eal30639.bin
c:\windows\3z2esparse5369.ocx
c:\windows\3z5069ackto5l1b2.exe
c:\windows\3z68v5r25679.cpl
c:\windows\3zbcth59f2836.exe
c:\windows\4119sp5mzot98f.cpl
c:\windows\4220wzrm5aa9.dll
c:\windows\42595pywarz954.cpl
c:\windows\42bbt95efz006.ocx
c:\windows\430b9ddwarez259.exe
c:\windows\4333vir91z5.dll
c:\windows\4357spzware994.exe
c:\windows\4523hacztool93e.dll
c:\windows\45929tzal1966.dll
c:\windows\45z9steal2337.exe
c:\windows\464sz5rse14289.bin
c:\windows\4697zpy15c.bin
c:\windows\4964s5yware576z.ocx
c:\windows\4a54add9zre1631.bin
c:\windows\4bz8spar5e930.cpl
c:\windows\4cdaste9l15z35.ocx
c:\windows\4d57zhreat16591.bin
c:\windows\4e4ddown9oaderz445.cpl
c:\windows\4fz4t9reat51737.bin
c:\windows\4z55download9r1581.bin
c:\windows\4zdvi9815.dll
c:\windows\5052vzr28095.ocx
c:\windows\505ethi9f20z3.cpl
c:\windows\51392t9oz58b.ocx
c:\windows\52b359arse2z73.bin
c:\windows\5306downloa9er2z78.ocx
c:\windows\5345iz9s551.cpl
c:\windows\53c7a9d5are1973z.ocx
c:\windows\5553zddware57089.dll
c:\windows\556a5dwaze9849.exe
c:\windows\5591trzj219.exe
c:\windows\5594zroj4965.bin
c:\windows\559zir9976.cpl
c:\windows\55f8stea9z259.exe
c:\windows\5642zi995.cpl
c:\windows\5655s9yw5rz1801.ocx
c:\windows\5670backdoo91400z.bin
c:\windows\5697b59kdoor2z57.exe
c:\windows\570add9ar5145z.bin
c:\windows\57639worm720z.bin
c:\windows\57655ddwzr9100.bin
c:\windows\585spambo593cz.ocx
c:\windows\5899virus7b0z.exe
c:\windows\59181trojaz.ocx
c:\windows\5929haczto5l768.ocx
c:\windows\594z5wo9m3c.cpl
c:\windows\595fth5efz78.ocx
c:\windows\595w5rz79d.cpl
c:\windows\5985woz953a.ocx
c:\windows\5998zot-a95irus71f.cpl
c:\windows\59zbbackdoor388.dll
c:\windows\5a96thzeat31881.exe
c:\windows\5b43zte5l195.bin
c:\windows\5c3zthr59t21431.exe
c:\windows\5c55vir179z.exe
c:\windows\5cd9thrzat27537.bin
c:\windows\5d9cthief195z.exe
c:\windows\5e27do5nloazer15879.bin
c:\windows\5e7bzpywar579.dll
c:\windows\5f09z5ief1760.ocx
c:\windows\5z56download9r2725.cpl
c:\windows\5z5steal32669.dll
c:\windows\5z75vir9051.exe
c:\windows\5z843s9ambot711.dll
c:\windows\5z95vir1468.dll
c:\windows\5za9parse5090.bin
c:\windows\5ze1b9ckdoor2355.cpl
c:\windows\6001szeal595.bin
c:\windows\607zsp9ware2758.ocx
c:\windows\60zes95al585.dll
c:\windows\61b5backdoo92041z.exe
c:\windows\621cd59nlzader1982.bin
c:\windows\6298bacz9oor1534.dll
c:\windows\62z59ddware3210.dll
c:\windows\62z6spy9ar52264.exe
c:\windows\654ctzief14689.exe
c:\windows\656zspy293.bin
c:\windows\6595not-a-virusz65.bin
c:\windows\6599hac9tool5z5.bin
c:\windows\669thief1255z.exe
c:\windows\67f4d5wnloader9424z.exe
c:\windows\692dzteal2656.cpl
c:\windows\695s9ywarez275.exe
c:\windows\69995r1386z.exe
c:\windows\6999spazb5t11e.cpl
c:\windows\699dthief3255z.cpl
c:\windows\6b54backz5or694.cpl
c:\windows\6d08backdo9z12275.cpl
c:\windows\6de5tzie91603.dll
c:\windows\6eeevi53997z.dll
c:\windows\6fze9hr5at999.ocx
c:\windows\6z29troj735.bin
c:\windows\6zc5sparse3955.bin
c:\windows\6zcasp5rs93040.exe
c:\windows\707dspywarz15529.dll
c:\windows\7193backdoor55z1.dll
c:\windows\7215s9ambotz5.bin
c:\windows\7356not-a-v9rzs125.bin
c:\windows\7452wormz9c5.bin
c:\windows\7516threzt19409.cpl
c:\windows\757zt5reat21397.cpl
c:\windows\757zthrea921762.cpl
c:\windows\75c8zhief959.dll
c:\windows\75ccviz950.ocx
c:\windows\769bzt59l889.exe
c:\windows\77z7s9arse5897.exe
c:\windows\78bdvi5956z.dll
c:\windows\7934zir9536.dll
c:\windows\799evir25z6.exe
c:\windows\79a5spywzre907.ocx
c:\windows\7a56ba9kdoor2909z.dll
c:\windows\7bc5addwaze28759.bin
c:\windows\7c19zownloader355.bin
c:\windows\7c69dow5zoader1996.cpl
c:\windows\7d3459zal1650.cpl
c:\windows\89z5s59597.dll
c:\windows\8bdbaz5door9554.ocx
c:\windows\90135spy3az.ocx
c:\windows\90855zoj2c.cpl
c:\windows\91105spambot326z.ocx
c:\windows\91126trojz775.cpl
c:\windows\9119stzal335.bin
c:\windows\91518tr5j295z.exe
c:\windows\91z78virus257.ocx
c:\windows\92426vir5z22f.exe
c:\windows\92z14virus15e.dll
c:\windows\932s5y3ze.cpl
c:\windows\9456vi5us603z.ocx
c:\windows\945z1troj520.bin
c:\windows\94915spam5oz187.cpl
c:\windows\9518spzmbot3a5.exe
c:\windows\9545v5ruscbz.exe
c:\windows\9546v9rus5zd.dll
c:\windows\95531troz61a5.ocx
c:\windows\9568addwzre554.ocx
c:\windows\9589ir15z5.cpl
c:\windows\95fzthreat22351.exe
c:\windows\9616threat5z58.exe
c:\windows\96c1s5eal84z.dll
c:\windows\977z4not-5-virus473.cpl
c:\windows\9815addwzre22275.cpl
c:\windows\985zspam9ot24.cpl
c:\windows\987zthief519.ocx
c:\windows\98908szy485.dll
c:\windows\99058spz7c9.cpl
c:\windows\9916spy959z.ocx
c:\windows\9a1zspy5are3122.dll
c:\windows\9adcthr5at19663z.cpl
c:\windows\9db6szar5e2918.exe
c:\windows\9df2szeal1589.cpl
c:\windows\9e29tzal599.ocx
c:\windows\9e5adoznloader1278.bin
c:\windows\9e7stez515449.exe
c:\windows\9z445spy54f.dll
c:\windows\9z510worm1f4.dll
c:\windows\9z59virus9b.exe
c:\windows\a2c5aczdoor988.ocx
c:\windows\b3zth59at2432.bin
c:\windows\c65spars9555z.ocx
c:\windows\c6z9hreat13583.exe
c:\windows\da5zhr9at5758.bin
c:\windows\ebazkdoor91035.cpl
c:\windows\ez3th95at14237.exe
c:\windows\f0ea95zare84.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\drivers\MSIVXpxbwusvnxcrtciibrqfcjwpursntgebs.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXnxfmwkpwxpqeorbdsptjqvgvhlwwrpji.dll
c:\windows\system32\MSIVXtmckioatwteadeixugcbyatnvjbfclvg.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\z0416vi9u56fe.exe
c:\windows\z0a5vir1957.ocx
c:\windows\z2098worm345.dll
c:\windows\z2259viru976a.bin
c:\windows\z22vi916105.cpl
c:\windows\z3188spy35c9.bin
c:\windows\z433st9al15.exe
c:\windows\z4d8add5ar93104.dll
c:\windows\z568bac9door829.ocx
c:\windows\z5712n9t-a5virus7ac.exe
c:\windows\z58spywar5918.bin
c:\windows\z5d1sparse9246.cpl
c:\windows\z7893spam5ot77f9.dll
c:\windows\z79ebackdoor5211.exe
c:\windows\z87aspyware159.dll
c:\windows\z91fsteal1155.cpl

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSIVXserv.sys
-------\Service_MSIVXserv.sys


((((((((((((((((((((((((((((( Fichiers créés du 2009-06-08 au 2009-07-08 ))))))))))))))))))))))))))))))))))))
.

2009-12-26 10:04 . 2009-12-26 10:04 15882 ----a-w- c:\windows\system32\9905spambot6zc.dll
2009-12-26 06:35 . 2009-12-26 06:35 9910 ----a-w- c:\windows\system32\24955zpambot9b1.dll
2009-12-25 07:08 . 2009-12-25 07:08 6959 ----a-w- c:\windows\system32\2z9backdo9r564.dll
2009-12-14 17:04 . 2009-12-14 17:04 13948 ----a-w- c:\windows\system32\10903spazbo548e.bin
2009-12-14 07:19 . 2009-12-14 07:19 18183 ----a-w- c:\windows\system32\212azdw5re69.bin
2009-12-13 08:39 . 2009-12-13 08:39 18254 ----a-w- c:\windows\system32\7894w5rz357.exe
2009-12-12 15:27 . 2009-12-12 15:27 15802 ----a-w- c:\windows\system32\120s59mzot569.exe
2009-12-10 12:44 . 2009-12-10 12:44 3438 ----a-w- c:\windows\system32\5f99spz5se782.exe
2009-11-27 19:50 . 2009-11-27 19:50 4263 ----a-w- c:\windows\system32\55bzir1997.dll
2009-11-25 01:43 . 2009-11-25 01:43 7718 ----a-w- c:\windows\system32\99dzt9a5634.bin
2009-11-22 19:26 . 2009-11-22 19:26 16118 ----a-w- c:\windows\system32\2z865spy579.bin
2009-11-21 10:12 . 2009-11-21 10:12 16739 ----a-w- c:\windows\system32\29587wzrm42a.bin
2009-11-16 12:35 . 2009-11-16 12:35 4469 ----a-w- c:\windows\system32\78a6sz9al4075.dll
2009-11-13 15:28 . 2009-11-13 15:28 16721 ----a-w- c:\windows\system32\55z9steal952.dll
2009-11-12 23:08 . 2009-11-12 23:08 6159 ----a-w- c:\windows\system32\16559zroj4dd.exe
2009-11-09 10:31 . 2009-11-09 10:31 10286 ----a-w- c:\windows\system32\10619v5rusz95.exe
2009-11-09 00:59 . 2009-11-09 00:59 13808 ----a-w- c:\windows\system32\15a79ir2377z.exe
2009-11-08 16:47 . 2009-11-08 16:47 4306 ----a-w- c:\windows\system32\3cd7thre5t17z59.dll
2009-11-05 19:05 . 2009-11-05 19:05 2668 ----a-w- c:\windows\system32\725bsp9warz501.dll
2009-11-02 21:02 . 2009-11-02 21:02 12585 ----a-w- c:\windows\system32\5f91viz5172.bin
2009-11-02 19:04 . 2009-11-02 19:04 12927 ----a-w- c:\windows\system32\4498hacktoolf5z.bin
2009-10-27 02:55 . 2009-10-27 02:55 16445 ----a-w- c:\windows\system32\539zhacktool40a.bin
2009-10-23 05:30 . 2009-10-23 05:30 11896 ----a-w- c:\windows\system32\379aaddza5e393.dll
2009-10-21 06:53 . 2009-10-21 06:53 10386 ----a-w- c:\windows\system32\z796downloade95168.bin
2009-10-17 17:58 . 2009-10-17 17:58 6242 ----a-w- c:\windows\system32\55f19ir1z55.exe
2009-10-16 07:30 . 2009-10-16 07:30 13189 ----a-w- c:\windows\system32\5z87thie91571.dll
2009-10-15 08:00 . 2009-10-15 08:00 14591 ----a-w- c:\windows\system32\31z5vir1509.exe
2009-10-11 13:42 . 2009-10-11 13:42 9686 ----a-w- c:\windows\system32\12z05w9r52e8.exe
2009-10-02 05:04 . 2009-10-02 05:04 4490 ----a-w- c:\windows\system32\z09cdownloade5846.dll
2009-10-01 04:01 . 2009-10-01 04:01 6327 ----a-w- c:\windows\system32\8591w95m5zf.exe
2009-09-27 04:40 . 2009-09-27 04:40 14066 ----a-w- c:\windows\system32\579fa9dwarez898.dll
2009-09-24 13:50 . 2009-09-24 13:50 16820 ----a-w- c:\windows\system32\5z51t9ief1350.exe
2009-09-22 20:59 . 2009-09-22 20:59 14273 ----a-w- c:\windows\system32\34aaspyzare9935.dll
2009-09-20 03:36 . 2009-09-20 03:36 16396 ----a-w- c:\windows\zaa25hreat1957.bin
2009-09-17 02:05 . 2009-09-17 02:05 8583 ----a-w- c:\windows\system32\18719zir9s7f5.exe
2009-09-12 16:02 . 2009-09-12 16:02 8356 ----a-w- c:\windows\system32\24160v9rzs456.bin
2009-09-10 23:25 . 2009-09-10 23:25 5855 ----a-w- c:\windows\z957vir2805.dll
2009-09-08 01:13 . 2009-09-08 01:13 17424 ----a-w- c:\windows\system32\2cb8t95efz949.dll
2009-09-04 08:53 . 2009-09-04 08:53 7004 ----a-w- c:\windows\system32\2520virus5z9.bin
2009-09-03 06:21 . 2009-09-03 06:21 17319 ----a-w- c:\windows\system32\549eszar5e9559.bin
2009-08-23 09:11 . 2009-08-23 09:11 3347 ----a-w- c:\windows\system32\23635zo9m83.exe
2009-08-16 03:11 . 2009-08-16 03:11 3754 ----a-w- c:\windows\system32\5be3downlo5zer9969.dll
2009-08-15 04:45 . 2009-08-15 04:45 14053 ----a-w- c:\windows\system32\75a9vir25z99.dll
2009-08-15 00:46 . 2009-08-15 00:46 2648 ----a-w- c:\windows\system32\95b5thief311z.bin
2009-07-25 12:38 . 2009-07-25 12:38 4193 ----a-w- c:\windows\system32\5fz4spywar92557.bin
2009-07-24 22:00 . 2009-07-24 22:00 8672 ----a-w- c:\windows\system32\z567addw9re5067.bin
2009-07-21 17:37 . 2009-07-21 17:37 13681 ----a-w- c:\windows\system32\7z96spyware1295.dll
2009-07-21 14:53 . 2009-07-21 14:53 2642 ----a-w- c:\windows\system32\2da6stzal27159.dll
2009-07-18 10:27 . 2009-07-18 10:27 4467 ----a-w- c:\windows\system32\30742no5-a-9irus6zf.dll
2009-07-08 21:08 . 2009-07-08 21:11 -------- d-----w- c:\users\Oliveira\AppData\Local\temp
2009-07-08 14:39 . 2009-07-08 20:58 -------- d-----w- c:\users\Oliveira\AppData\Roaming\Skype
2009-07-08 14:38 . 2009-07-08 14:38 -------- d-----w- c:\program files\Common Files\Skype
2009-07-08 14:38 . 2009-07-08 14:38 -------- d-----r- c:\program files\Skype
2009-07-08 14:38 . 2009-07-08 14:38 -------- d-----w- c:\progra~2\Skype
2009-07-07 22:03 . 2009-07-07 22:03 -------- d-----w- c:\users\Oliveira\AppData\Local\LogiShrd
2009-07-07 20:10 . 2009-07-07 20:12 -------- d-----w- C:\WORT
2009-07-07 19:52 . 2009-07-07 19:52 -------- d-----w- C:\UAC
2009-07-07 19:48 . 2009-07-07 19:57 -------- d-----w- C:\GenProc
2009-07-07 19:18 . 2009-07-07 20:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-07 18:48 . 2009-07-07 18:48 35 ----a-w- c:\users\Oliveira\AppData\Roaming\SetValue.bat
2009-07-07 16:09 . 2009-07-07 16:09 7559 ----a-w- c:\windows\system32\24397hackt9ol45fz.bin
2009-07-06 23:21 . 2009-01-18 21:35 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-06 23:10 . 2009-07-06 23:10 -------- dc-h--w- c:\progra~2\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-07-06 23:09 . 2009-07-06 23:16 -------- d-----w- c:\progra~2\Lavasoft
2009-07-06 23:09 . 2009-07-06 23:09 -------- d-----w- c:\program files\Lavasoft
2009-07-06 20:55 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-06 20:55 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-06 20:55 . 2009-07-06 20:55 -------- d-----w- c:\program files\Avira
2009-07-06 20:55 . 2009-07-06 20:55 -------- d-----w- c:\progra~2\Avira
2009-07-06 19:34 . 2009-07-06 19:47 -------- d-----w- c:\program files\Common Files\BitDefender
2009-07-06 19:18 . 2009-07-06 19:18 -------- d-----w- c:\users\Oliveira\AppData\Roaming\Apple Computer
2009-07-06 19:18 . 2009-07-06 19:18 -------- d-----w- c:\users\Oliveira\AppData\Local\Apple Computer
2009-07-06 19:17 . 2009-07-06 19:17 -------- dc----w- c:\windows\system32\DRVSTORE
2009-07-06 19:17 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-06 19:17 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-07-06 19:17 . 2009-07-06 19:17 -------- d-----w- c:\program files\iPod
2009-07-06 19:17 . 2009-07-06 19:17 -------- d-----w- c:\program files\iTunes
2009-07-06 19:17 . 2009-07-06 19:17 -------- d-----w- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-06 19:17 . 2009-07-06 19:17 -------- d-----w- c:\program files\Bonjour
2009-07-06 19:17 . 2009-07-06 19:17 -------- d-----w- c:\program files\Common Files\Apple
2009-07-06 19:12 . 2009-07-06 19:17 -------- d-----w- c:\progra~2\Apple Computer
2009-07-06 19:12 . 2009-07-06 19:12 -------- d-----w- c:\program files\QuickTime
2009-06-24 23:08 . 2009-06-24 23:08 4268 ----a-w- c:\windows\system32\31z79n5t9a-virus2e0.bin
2009-06-19 18:48 . 2009-06-19 18:48 18101 ----a-w- c:\windows\system32\1c96stea5z68.bin
2009-06-17 11:35 . 2009-07-06 23:00 -------- d-----w- c:\program files\Opera
2009-06-16 16:12 . 2009-06-16 16:12 -------- d-----w- c:\users\Oliveira\Videos.avi
2009-06-14 16:39 . 2009-06-16 18:01 -------- d-----w- c:\program files\DeskSpace
2009-06-14 12:35 . 2009-06-14 12:35 -------- d-----w- c:\users\Oliveira\AppData\Roaming\Media Player Classic
2009-06-13 23:53 . 2009-06-13 23:53 2180 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat
2009-06-13 23:52 . 2009-06-13 23:52 1326 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Winamp Codec.dat
2009-06-13 23:52 . 2009-06-13 23:52 2233 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP VQF Codec.dat
2009-06-13 23:52 . 2009-06-13 23:52 2994 ----a-w- c:\windows\system32\SpoonUninstall-dBPowerAMP Real Audio Encoder R3.dat
2009-06-13 23:51 . 2009-06-13 23:51 1927 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Real Audio Codec.dat
2009-06-13 23:51 . 2009-06-13 23:51 2153 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
2009-06-13 23:50 . 2009-06-13 23:50 619 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP FAAC Mp4 Codec.dat
2009-06-13 23:50 . 2009-06-13 23:50 2217 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Mp4 & AAC Decode Codec.dat
2009-06-13 23:50 . 2009-06-13 23:50 515 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP AAC to Mp4 Codec.dat
2009-06-13 23:50 . 2009-06-13 23:50 1121 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP AAC Codec.dat
2009-06-13 23:49 . 2009-06-13 23:49 2466 ----a-w- c:\windows\system32\SpoonUninstall-dMC mp3PRO (CLI) Encoder.dat
2009-06-13 23:49 . 2009-06-13 23:49 2073 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP mp3PRO Input Codec.dat
2009-06-13 23:49 . 2009-06-13 23:49 2275 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Monkeys Audio Codec.dat
2009-06-13 23:48 . 2009-06-13 23:48 738 ----a-w- c:\windows\system32\SpoonUninstall-dBPowerAMP AIFF codec r4.dat
2009-06-13 23:45 . 2009-06-13 23:51 3451 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Musepack Codec.dat
2009-06-13 23:33 . 2009-06-13 23:33 9519 ----a-w- c:\windows\system32\535zthief569.exe
2009-06-13 16:50 . 2009-06-13 16:50 12668 ----a-w- c:\windows\system32\1530spambotz659.dll
2009-06-13 08:20 . 2009-06-13 08:20 10376 ----a-w- c:\windows\system32\10b5bazk9oor2759.dll
2009-06-11 18:59 . 2009-06-11 18:59 7945 ----a-w- c:\windows\system32\560z9wo9m74.dll
2009-06-10 01:00 . 2009-06-10 01:00 -------- d-sh--w- c:\windows\system32\%APPDATA%
2009-06-09 17:37 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-09 17:37 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-09 17:36 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-09 17:36 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-09 17:31 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 21:07 . 2008-01-21 08:40 672084 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-08 21:07 . 2008-01-21 08:40 124228 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-07 22:14 . 2009-04-15 16:46 -------- d-----w- c:\progra~2\NVIDIA
2009-07-07 22:03 . 2009-04-29 11:34 -------- d-----w- c:\program files\Logitech
2009-07-07 22:02 . 2009-04-28 10:16 -------- d-----w- c:\program files\Common Files\logishrd
2009-07-07 20:03 . 2009-05-27 01:22 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2009-07-07 18:48 . 2009-07-07 18:48 691 ----a-w- c:\users\Oliveira\AppData\Roaming\GetValue.vbs
2009-07-07 16:09 . 2009-07-07 16:09 7453 ----a-w- c:\windows\system32\11e89zr5631.exe
2009-07-06 22:59 . 2009-05-18 22:59 -------- d-----w- c:\program files\AVS4YOU
2009-07-06 22:59 . 2009-05-18 22:59 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-07-06 20:37 . 2009-04-15 15:32 1356 ----a-w- c:\users\Oliveira\AppData\Local\d3d9caps.dat
2009-06-13 23:53 . 2009-04-28 21:50 167936 ----a-w- c:\windows\system32\SpoonUninstall.exe
2009-06-13 23:47 . 2009-04-28 21:52 2597 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
2009-06-13 21:09 . 2009-04-15 15:54 -------- d-----w- c:\progra~2\Microsoft Help
2009-06-06 03:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-06 03:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-06 03:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-06 03:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-06 03:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-06 03:02 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-06 03:01 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-06 03:01 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-01 11:05 . 2009-06-01 11:05 18381 ----a-w- c:\windows\system32\59f0addwar529z9.bin
2009-05-27 06:31 . 2009-05-27 06:31 6464 ----a-w- c:\windows\system32\11594ziru9a8.exe
2009-05-26 07:55 . 2009-05-25 21:03 -------- d-----w- c:\program files\Documents To Go
2009-05-26 07:52 . 2009-05-25 21:01 -------- d-----w- c:\program files\Palm
2009-05-25 22:20 . 2009-05-25 21:19 -------- d-----w- c:\program files\Microsoft Money 2005
2009-05-25 21:03 . 2009-05-25 21:03 -------- d-----w- c:\program files\Common Files\DataViz
2009-05-25 21:03 . 2009-05-25 21:03 -------- d-----w- c:\progra~2\DataViz
2009-05-25 21:03 . 2009-05-25 21:03 -------- d-----w- c:\progra~2\HotSync
2009-05-25 21:01 . 2009-05-25 21:01 -------- d-----w- c:\users\Oliveira\AppData\Roaming\HotSync
2009-05-25 21:01 . 2009-05-25 21:02 53248 ----a-w- c:\windows\PalmDevC.dll
2009-05-25 21:01 . 2009-05-25 21:01 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-21 15:34 . 2009-05-21 15:34 -------- d-----w- c:\program files\Ashampoo
2009-05-21 00:53 . 2009-05-21 00:53 -------- d-----w- c:\program files\Google
2009-05-20 23:50 . 2009-05-20 23:50 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-20 23:50 . 2009-05-20 23:50 -------- d-----w- c:\program files\eRightSoft
2009-05-20 23:42 . 2009-05-20 23:42 -------- d-----w- c:\progra~2\DVD Shrink
2009-05-20 00:28 . 2009-05-20 00:28 -------- d-----w- c:\program files\Apple Software Update
2009-05-20 00:28 . 2009-05-20 00:28 -------- d-----w- c:\progra~2\Apple
2009-05-19 06:51 . 2009-05-19 06:51 6319 ----a-w- c:\windows\system32\38cad5wa9e1797z.bin
2009-05-19 00:04 . 2009-05-19 00:04 -------- d-----w- c:\users\Oliveira\AppData\Roaming\Broad Intelligence
2009-05-19 00:04 . 2009-05-19 00:03 -------- d-----w- c:\program files\MediaCoder
2009-05-18 23:43 . 2009-05-11 23:14 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-18 23:10 . 2009-05-18 22:40 -------- d-----w- c:\program files\Aimersoft
2009-05-18 23:09 . 2009-04-28 21:39 -------- d-----w- c:\users\Oliveira\AppData\Roaming\Ahead
2009-05-18 23:01 . 2009-05-18 23:01 -------- d-----w- c:\progra~2\AVS4YOU
2009-05-14 22:27 . 2009-05-14 22:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-05-11 23:14 . 2009-04-15 19:55 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-05-11 00:57 . 2009-04-19 23:43 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-11 00:57 . 2009-05-11 00:57 -------- d-----w- c:\program files\Java
2009-05-08 23:52 . 2009-05-08 23:52 2617 ----a-w- c:\windows\system32\8136vzrus925.exe
2009-05-08 08:13 . 2009-05-08 08:13 13584 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2009-05-07 11:08 . 2009-05-07 11:08 13050 ----a-w- c:\windows\system32\513609rzj52e.bin
2009-05-07 01:20 . 2009-04-15 15:33 105632 ----a-w- c:\users\Oliveira\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-06 03:13 . 2009-05-06 03:13 14249 ----a-w- c:\windows\system32\101c5ac9dzor1781.bin
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-04-30 21:02 . 2009-04-30 21:02 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2009-04-30 21:02 . 2009-04-30 21:02 539160 ----a-w- c:\windows\system32\LVUI2.dll
2009-04-30 21:01 . 2009-04-30 21:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2009-04-30 20:57 . 2009-04-30 20:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2009-04-30 20:57 . 2009-04-30 20:57 416280 ----a-w- c:\windows\system32\lvcodec2.dll
2009-04-30 20:55 . 2008-07-26 13:22 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
2009-04-30 20:55 . 2009-04-30 20:55 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
2009-04-30 20:39 . 2009-04-30 20:39 34068 ----a-w- c:\windows\system32\Repository.reg
2009-04-30 14:00 . 2009-04-30 14:00 25624 ----a-w- c:\windows\system32\drivers\LVPr2Mon.sys
2009-04-28 21:50 . 2009-04-28 21:50 35132 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2009-04-25 14:22 . 2009-04-25 14:22 17825 ----a-w- c:\windows\system32\1689thi5f1458z.dll
2009-04-25 11:30 . 2009-04-25 11:30 3145 ----a-w- c:\windows\system32\11896spambot5z7.exe
2009-04-22 17:13 . 2009-05-01 01:42 98304 ----a-w- c:\users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\jev1ve24.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayAccessService.dll
2009-04-22 17:13 . 2009-05-01 01:42 77824 ----a-w- c:\users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\jev1ve24.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayFormSubmitObserver.dll
2009-04-22 14:08 . 2009-04-15 18:19 185760 ----a-w- c:\windows\hpoins21.dat
2009-04-21 21:02 . 2009-04-15 16:16 114 ----a-w- c:\users\Oliveira\AppData\Roaming\wklnhst.dat
2009-04-21 14:07 . 2009-04-21 14:07 2717 ----a-w- c:\windows\system32\15261hac9toolz7c5.bin
2009-04-19 21:53 . 2009-04-19 21:52 119517 ----a-w- c:\windows\hpqins00.dat
2009-04-15 20:25 . 2009-04-15 18:30 120056 ------w- c:\windows\system32\PxCpyI64.exe
2009-04-15 20:25 . 2009-04-15 18:30 118520 ------w- c:\windows\system32\PxInsI64.exe
2009-04-15 19:55 . 2009-04-15 19:55 0 ----a-w- c:\windows\nsreg.dat
2009-04-11 09:50 . 2009-04-11 09:50 8472 ----a-w- c:\windows\system32\95c7downlzader3048.bin
2009-04-11 06:33 . 2009-06-06 02:46 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-06-06 02:45 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-06-06 02:45 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-06-06 02:46 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-06-06 02:45 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-06-06 02:45 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-06-06 02:46 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-06-06 02:45 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-06-06 02:45 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-06-06 02:45 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-06-06 02:46 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-11 05:03 . 2009-06-06 02:46 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-06-06 02:45 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-06-06 02:45 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-06-06 02:45 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-06-06 02:45 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-06-06 02:45 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-06-06 02:45 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-06-06 02:45 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-06-06 02:45 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-06-06 02:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2006-05-03 09:06 . 2009-05-20 23:50 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-05-20 23:50 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-05-20 23:50 216064 --sh--r- c:\windows\System32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-06-25 1578736]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-26 25604904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]

c:\users\Oliveira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-4-15 385024]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
DataViz Inc Messenger.lnk - c:\program files\Common Files\DataViz\DvzIncMsgr.exe [2009-5-25 28672]
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2008-1-3 1392640]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):73,42,46,17,54,e6,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{DCBF6E50-B20F-4568-8D37-EBE538FC9025}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{3C0C0673-1222-4353-A627-5FA2BF735241}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{DCFAA8CA-9EAC-4675-A782-3CB6A511FE80}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{F9BCAAD6-C26F-4E36-B18E-769B8379A262}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{058F4824-8D62-494C-90E0-A20D5F3B161F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{FF3FFC49-BCFB-41C1-801B-C9D9267C15B6}"= Disabled:UDP:d:\setup\HPZNUI01.EXE:hpznui01.exe
"{9D4CD41A-8187-414B-BDA1-E25718C0CFAB}"= Disabled:TCP:d:\setup\HPZNUI01.EXE:hpznui01.exe
"{08E0465C-10EF-4822-854B-8776DBD7CE93}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{1FD5E903-4239-4AD5-B259-A2308EB1B8C1}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{9D9A697B-D74A-4D2B-A7C3-741CBE5416C0}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{7CBD6DF8-148F-4189-9304-923685F05960}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{533B902E-1A84-4690-A1BF-94A835A451A0}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{F0900549-F03F-4283-8E6C-730D6E905272}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{4F03C87A-A0BE-4D98-A376-3A7E33D755E3}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{BFF2B5E4-D9B1-47F3-A7CE-4BFB59B80C32}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{A9213EC4-FC88-4859-B605-9E51D0CABA28}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{7AF99CB5-0972-4132-9463-4F354240D035}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{628E7955-6B75-477E-8222-72FDD8BC2FAE}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{7BA150A1-8052-42F0-BBB4-E7091FB6E62B}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{3856CAE6-CA9A-4A45-928A-513744148B66}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{D0169986-D753-4911-9F71-9738DDA493FF}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{C79CFDFC-F415-4802-B8F6-B2D5A898A1A2}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{2A258242-47B2-4D5E-90A6-B638AC88AF1B}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{48C94995-381E-4322-B8E9-0294A3FCC347}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{5609E490-7218-4DA7-9ADB-45FF78D75830}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{6F12C924-9BD7-4FD4-A115-9EF1B9C40095}"= UDP:c:\program files\Lphant Applications\Lphant\Lphant.exe:Lphant
"{55BCFBF8-A15E-4C9F-8304-5A971C3E8402}"= TCP:c:\program files\Lphant Applications\Lphant\Lphant.exe:Lphant
"TCP Query User{648A6D5B-CC13-4B06-B38E-FB804A57941B}c:\\program files\\lphant\\elephantclient.exe"= UDP:c:\program files\lphant\elephantclient.exe:lphant Client
"UDP Query User{563D25A0-30E9-4763-8FAB-AEE000C20196}c:\\program files\\lphant\\elephantclient.exe"= TCP:c:\program files\lphant\elephantclient.exe:lphant Client
"TCP Query User{DAF8B093-4B24-4476-B21A-3DBFB6EB223B}c:\\program files\\lphant\\elephantclient.exe"= UDP:c:\program files\lphant\elephantclient.exe:lphant Client
"UDP Query User{59776ED1-AA0D-432F-B3E3-DB3BEE3C5013}c:\\program files\\lphant\\elephantclient.exe"= TCP:c:\program files\lphant\elephantclient.exe:lphant Client
"{EB055C38-C911-4E99-98E1-FF8BF4BE753C}"= Disabled:UDP:d:\setup\HPZNUI01.EXE:hpznui01.exe
"{4C044BBB-202E-42DB-A892-907BAB1A9A43}"= Disabled:TCP:d:\setup\HPZNUI01.EXE:hpznui01.exe
"TCP Query User{75CE93BA-C0A3-4425-92F4-01AB3B8C3614}c:\\program files\\encyclopaedia universalis\\encyclopaedia universalis\\starter.exe"= UDP:c:\program files\encyclopaedia universalis\encyclopaedia universalis\starter.exe:starter
"UDP Query User{7036D565-F8DF-408C-AD6A-E01748C27440}c:\\program files\\encyclopaedia universalis\\encyclopaedia universalis\\starter.exe"= TCP:c:\program files\encyclopaedia universalis\encyclopaedia universalis\starter.exe:starter
"TCP Query User{F2A8888B-C047-4D6C-817A-277AEF43871F}c:\\program files\\readon technology\\readon tv movie radio player 4.5.0.0\\internettv.exe"= UDP:c:\program files\readon technology\readon tv movie radio player 4.5.0.0\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{6185244A-6489-4F56-B34E-22CCA52EA607}c:\\program files\\readon technology\\readon tv movie radio player 4.5.0.0\\internettv.exe"= TCP:c:\program files\readon technology\readon tv movie radio player 4.5.0.0\internettv.exe:Readon TV Movie Radio Player
"TCP Query User{171AABF1-C054-408C-A3D0-43DFDAF6C526}c:\\program files\\readon technology\\readon tv movie radio player 5.0.0.0\\internettv.exe"= UDP:c:\program files\readon technology\readon tv movie radio player 5.0.0.0\internettv.exe:Readon TV Movie Radio Player
"UDP Query User{E5335D74-3E35-41A3-9AA4-9FAC72C45228}c:\\program files\\readon technology\\readon tv movie radio player 5.0.0.0\\internettv.exe"= TCP:c:\program files\readon technology\readon tv movie radio player 5.0.0.0\internettv.exe:Readon TV Movie Radio Player
"{B4E2218F-96F4-41CD-AE25-BA35256112A8}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EDE077D5-697D-47B8-89BE-2056DC11F50D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{4BE41F8F-3A02-4937-8D8C-EDEA3A91A8E9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{EC2592DB-E025-449A-9811-20470286BC73}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{6962F35D-CAF7-4C7D-8667-03231A4421D3}"= UDP:c:\program files\Logitech\Logitech Vid\Vid.exe:Logitech Vid
"{4A7928DE-5D1E-446F-A40C-A4AD8E83600E}"= TCP:c:\program files\Logitech\Logitech Vid\Vid.exe:Logitech Vid
"TCP Query User{EAD01726-784C-44F4-BFE1-69FA7787BCD5}c:\\program files\\logitech\\logitech vid\\vid.exe"= UDP:c:\program files\logitech\logitech vid\vid.exe:Logitech Vid
"UDP Query User{E477435D-0645-41AA-9FE1-7ED98C59EA5C}c:\\program files\\logitech\\logitech vid\\vid.exe"= TCP:c:\program files\logitech\logitech vid\vid.exe:Logitech Vid
"{F9E69E3D-21EA-4757-ABA8-201D84787DF6}"= c:\program files\Skype\Phone\Skype.exe:Skype

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [11/05/2009 03:09 28544]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [06/07/2009 22:55 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 921936]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: secuser.com\www
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
FF - ProfilePath - c:\users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\jev1ve24.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\jev1ve24.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayAccessService.dll
FF - component: c:\users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\jev1ve24.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayFormSubmitObserver.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-08 23:11
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\windows\TEMP\TMP000000280213CBF5D1CF8EAC 524288 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1286249970-4162862373-390522960-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A55FB05B-F528-F2F9-8834-04799480887D}*]
"pamcbenkklaamlfocaaflgigdgjefibn"=hex:6a,61,6c,6e,67,67,69,66,66,6e,68,6b,6b,
6d,64,67,64,64,67,6e,00,52
"aboclngkldlglkjkeambmbekbcjoejfjom"=hex:6a,61,6c,6e,67,67,69,66,66,6e,68,6b,
6b,6d,64,67,64,64,67,6e,00,52
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Common Files\logishrd\LQCVFX\COCIManager.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2009-07-08 23:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-07-08 21:14

Avant-CF: 182 871 912 448 octets libres
Après-CF: 182 649 454 592 octets libres

782 --- E O F --- 2009-07-07 22:00
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 30
Patient34
9 juil. 2009 à 03:16
Je pense que le problème est résolu après le scan de combofix, car aucune fenêtre intempestive ne s'affiche. Néanmoins je préfére avoir l'aval d'un connaisseur et savoir si d'autre manip sont nécessaires ou non avant de clôturer le post et de remercier ceux qui ont participé au bon rétablissement de mon PC.
0
Réponse 26 / 30
Patient44
9 juil. 2009 à 12:49
Personne pour m'aider à finaliser?
0
Réponse 27 / 30
Patient44
10 juil. 2009 à 00:42
Décidément personne ne veux me répondre
0
Réponse 28 / 30
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
10 juil. 2009 à 11:53
fais ce scan en ligne (coche toutes les cases à chaque fois) https://www.eset.com/
A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt
0
Patient44
10 juil. 2009 à 12:29
merci pour ton suivi Narco

Bon, une fois le scan lancé, celui-ci s'interrompt au beau milieu et message de windows:

Un problème à fait que le programme a cesser de fonctionner correctement. Windows va fermer ce programme et vous indiquer si une solution est possible.
Mais windows ne me propose rien!

J'ai relancè le scan et idem.....

De plus ce n'est pas la première fois depuis l'infection que certains de mes programmes plantent.
Dois-je en déduire qu'il reste un peu de m---- dans mon pc?

Dois je le lancer en mode sans échec afin de refaire l'analyse?

Merci Narco
0
Réponse 29 / 30
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
10 juil. 2009 à 12:49
Dois je le lancer en mode sans échec afin de refaire l'analyse?

oui en mode sans echec avec prise en charge réseaux.
0
Patient44
10 juil. 2009 à 15:39
Bon, voilà aucune trace n'a été trouvé par Eset lors de l'analyse.
Néanmoins et ce que je ne comprends pas c'est que certains programme plante au démarrage, comme Eset car il a fallu que je l'ouvre (comme tu le préconisait) en mode sans échec.

Spybot connait le même problème.
0
Réponse 30 / 30
Patient44
15 juil. 2009 à 04:37
Si quelqu'un peux m'aider à finaliser ce serait sympa. Merci
0