Virus dans explorer.exe et svchost.exe
saratum
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
je viens de passer plusieurs jours à me battre contre ce ou ces virus....
symptomes:
- mes recherches google et yahoo sont redirigé vers des sites de pub....
- Impossible de lancer plusieurs programme (je les lance et rien ne se passe.... )
------ Combofix, psyware doctor, spybot s&d, gmer, Hijackthis(des fois), malewarebytes.......
AVG me trouves plusieurs objets tels:
UACpjqrmsjmechyiha.dll Trojan Generic 13 (reviens sans cesse même après nettoyage....
explorer.exe ( 6732) trojan, incapable de nettoyer
svchost.exe ( 1332) et (1556) incapable de nettoyer....
ainsi que plusieurs Rootkits relié au UAC....blabla patente chose.... je les efface avec avg ou manuellement et ils reviennent....
des suggestions?
je viens de passer plusieurs jours à me battre contre ce ou ces virus....
symptomes:
- mes recherches google et yahoo sont redirigé vers des sites de pub....
- Impossible de lancer plusieurs programme (je les lance et rien ne se passe.... )
------ Combofix, psyware doctor, spybot s&d, gmer, Hijackthis(des fois), malewarebytes.......
AVG me trouves plusieurs objets tels:
UACpjqrmsjmechyiha.dll Trojan Generic 13 (reviens sans cesse même après nettoyage....
explorer.exe ( 6732) trojan, incapable de nettoyer
svchost.exe ( 1332) et (1556) incapable de nettoyer....
ainsi que plusieurs Rootkits relié au UAC....blabla patente chose.... je les efface avec avg ou manuellement et ils reviennent....
des suggestions?
A voir également:
- Virus dans explorer.exe et svchost.exe
- Svchost.exe - Guide
- Explorer.exe - Télécharger - Divers Utilitaires
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
6 réponses
bien ....bonsoir:
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
pense a renommer Combofix en ce que tu veux.exe ;) par exemple :moi.exe ou monvoisin.exe
_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================</gras>
On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
pense a renommer Combofix en ce que tu veux.exe ;) par exemple :moi.exe ou monvoisin.exe
_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================</gras>
On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
Grand dieu, j'ai quand même quelques années d'informatique dans le corps, et je n'avais pas penser renommer mon exécutable... vraiment t un chef.....
voici les résultat du log.... :
ComboFix 09-07-08.02 - Pat 2009-07-08 17:09:30.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.1535.1042 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Administrator\Desktop\moi.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Spyware Terminator *On-access scanning enabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Install.txt
C:\WINDOWS\Installer\19d7fce.msi
C:\WINDOWS\Installer\35c24c.msi
C:\WINDOWS\Installer\9cc7d17.msi
C:\WINDOWS\Installer\9cc7d1f.msi
C:\WINDOWS\Installer\9cc7dbe.msi
C:\WINDOWS\Installer\9cc7dda.msi
C:\WINDOWS\Installer\a199f7.msi
C:\WINDOWS\Installer\cd2c661.msi
C:\WINDOWS\Installer\dc9775.msi
C:\WINDOWS\system32\drivers\hjgruinoekafqp.sys
C:\WINDOWS\system32\drivers\UACbotkylkfrhoyqqu.sys
C:\WINDOWS\system32\hjgruijbfmjebo.dll
C:\WINDOWS\system32\hjgruipdfouixt.dll
C:\WINDOWS\system32\hjgruithctjccg.dat
C:\WINDOWS\system32\hjgruiylktbxvr.dat
C:\WINDOWS\system32\Install.txt
C:\WINDOWS\system32\UACbrqoiynsxwpuhti.dll
C:\WINDOWS\system32\UACcklquygechatymu.dll
C:\WINDOWS\system32\uacinit.dll
C:\WINDOWS\system32\UAClxtgtkmodyoymkd.dll
C:\WINDOWS\system32\UACmvqgmfqwqbrnkfp.db
C:\WINDOWS\system32\UACpjqrmsjmevhyiha.dll
C:\WINDOWS\system32\UACregvsthxbjlxbnmcj.log
C:\WINDOWS\system32\UACrnllbkxdltfnevn.dat
C:\WINDOWS\system32\uactmp.db
C:\WINDOWS\system32\UACvnawjbaorjdnpfy.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_hjgruiwfedrepq
-------\Service_UACd.sys
-------\Legacy_MSNCACHE
-------\Legacy_SOPIDKC
((((((((((((((((((((((((((((( Fichiers créés du 2009-06-08 au 2009-07-08 ))))))))))))))))))))))))))))))))))))
.
2009-07-08 20:47:30 . 2009-07-08 20:47:30 0 d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
2009-07-08 19:17:26 . 2009-07-08 19:17:26 0 d-sh--w- C:\Documents and Settings\LocalService\IETldCache
2009-07-08 17:19:50 . 2009-07-08 17:19:56 278221 ----a-w- C:\gmer.zip
2009-07-08 17:01:01 . 2009-07-08 17:01:01 0 d-sh--w- C:\Documents and Settings\Administrator\IECompatCache
2009-07-08 16:59:37 . 2009-07-08 16:59:37 0 d-sh--w- C:\Documents and Settings\Administrator\PrivacIE
2009-07-08 16:10:21 . 2009-07-08 16:10:21 0 d-sh--w- C:\Documents and Settings\NetworkService\IETldCache
2009-07-08 14:36:58 . 2009-07-08 14:36:58 0 d-sh--w- C:\Documents and Settings\Administrator\IETldCache
2009-07-08 07:28:48 . 2009-07-07 21:24:01 1085208 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-08 07:28:47 . 2009-07-07 21:24:01 587032 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgiproxy.exe
2009-07-08 07:28:47 . 2009-07-07 21:24:01 1452312 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-08 07:28:46 . 2009-07-07 21:24:01 755992 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-07-08 02:08:57 . 2009-07-08 02:08:57 0 d-sh--w- C:\Documents and Settings\Pat\PrivacIE
2009-07-08 02:03:15 . 2009-07-08 02:03:15 0 d-sh--w- C:\Documents and Settings\Pat\IETldCache
2009-07-08 02:02:42 . 2009-07-08 02:02:42 0 d-sh--w- C:\WINDOWS\system32\config\systemprofile\IETldCache
2009-07-08 01:57:40 . 2009-06-02 10:12:46 102912 -c----w- C:\WINDOWS\system32\dllcache\iecompat.dll
2009-07-08 01:57:23 . 2009-07-08 01:57:23 0 d-----w- C:\WINDOWS\ie8updates
2009-07-08 01:56:57 . 2009-04-30 21:22:34 12800 -c----w- C:\WINDOWS\system32\dllcache\xpshims.dll
2009-07-08 01:56:57 . 2009-04-30 21:22:31 246272 -c----w- C:\WINDOWS\system32\dllcache\ieproxy.dll
2009-07-08 01:53:46 . 2009-07-08 01:55:43 0 dc-h--w- C:\WINDOWS\ie8
2009-07-08 00:53:15 . 2009-07-08 19:46:19 0 d--h--w- C:\$AVG8.VAULT$
2009-07-08 00:50:25 . 2009-06-02 17:38:14 1004800 ----a-w- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-08 00:46:30 . 2009-07-08 20:48:00 0 d-----w- C:\Program Files\Crawler
2009-07-07 23:04:08 . 2009-07-07 23:12:35 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat
2009-07-07 21:24:30 . 2009-07-08 07:29:50 11952 ----a-w- C:\WINDOWS\system32\avgrsstx.dll
2009-07-07 21:24:29 . 2009-07-07 21:24:29 12552 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys
2009-07-07 21:24:22 . 2009-07-07 21:24:22 108552 ----a-w- C:\WINDOWS\system32\drivers\avgtdix.sys
2009-07-07 21:24:15 . 2009-07-08 07:29:50 335752 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys
2009-07-07 21:24:14 . 2009-07-08 07:29:50 27784 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys
2009-07-07 21:24:13 . 2009-07-08 13:50:28 0 d-----w- C:\WINDOWS\system32\drivers\Avg
2009-07-07 21:24:09 . 2009-07-08 00:50:25 0 d-----w- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-07-07 21:24:00 . 2009-07-07 21:36:29 0 d-----w- C:\Documents and Settings\All Users\Application Data\avg8
2009-07-07 21:24:00 . 2009-07-07 21:24:00 0 d-----w- C:\Program Files\AVG
2009-07-07 16:06:21 . 2009-07-08 20:47:52 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-07-06 18:40:48 . 2009-07-06 18:40:48 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Safer Networking
2009-07-06 18:39:48 . 2009-07-06 18:40:28 0 d-----w- C:\Program Files\Safer Networking
2009-07-06 00:58:54 . 2009-07-06 00:58:54 0 d-----w- C:\Program Files\Alwil Software
2009-07-06 00:40:45 . 2009-07-06 00:43:26 0 d-----w- C:\Program Files\WinClamAVShield
2009-07-06 00:37:50 . 2009-07-06 00:37:50 6144 ----a-w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-07-06 00:37:50 . 2009-07-06 00:37:50 5632 ----a-w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-07-06 00:37:50 . 2009-07-06 00:37:50 142592 ----a-w- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2009-07-06 00:37:45 . 2009-07-06 00:47:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-07-06 00:37:33 . 2009-07-08 20:47:52 0 d-----w- C:\Program Files\Spyware Terminator
2009-07-05 23:48:17 . 2009-07-05 23:48:18 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2009-07-05 23:42:14 . 2009-07-05 23:42:14 0 d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\ESET
2009-07-05 04:21:01 . 2009-07-08 18:00:10 0 d-----w- C:\Spyware Doctor 6.0.0.385+patch-full updates to 2011
2009-07-04 19:47:46 . 2009-07-04 19:47:46 0 d-----w- C:\Program Files\ESET
2009-07-04 19:47:45 . 2009-07-04 19:47:45 0 d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2009-07-04 19:09:58 . 2008-02-13 17:11:52 102664 ----a-w- C:\WINDOWS\system32\drivers\tmcomm.sys
2009-07-04 05:07:46 . 2009-07-04 04:59:02 15688 ----a-w- C:\WINDOWS\system32\lsdelete.exe
2009-07-04 04:59:10 . 2009-07-04 04:58:25 64160 ----a-w- C:\WINDOWS\system32\drivers\Lbd.sys
2009-07-04 04:59:04 . 2009-07-04 04:59:04 314712 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-07-04 04:59:03 . 2009-07-04 04:59:03 25440 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-07-04 04:59:02 . 2009-07-04 04:59:02 169312 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-07-04 04:59:02 . 2009-07-04 04:59:02 15688 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-07-04 04:59:01 . 2009-07-04 04:59:01 348496 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-07-04 04:59:00 . 2009-07-04 04:59:00 298336 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-07-04 04:52:55 . 2009-07-04 04:52:55 0 dc-h--w- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-07-04 04:52:55 . 2009-03-12 08:17:34 2902048 -c--a-w- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-07-04 04:52:51 . 2009-07-04 04:52:51 0 d-----w- C:\Program Files\Lavasoft
2009-07-04 02:00:23 . 2009-07-04 03:56:55 0 d-----w- C:\Program Files\Pando Networks
2009-06-20 06:21:06 . 2009-07-06 15:54:13 30 ----a-w- C:\WINDOWS\mscpt.dat
2009-06-20 06:20:59 . 2009-06-20 06:20:59 0 d-----w- C:\Program Files\TLKGAMES
2009-06-17 04:18:31 . 2009-06-17 04:19:44 0 d-----w- C:\Program Files\SolSuite
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 18:44:38 . 2008-01-23 04:26:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\HP
2009-07-08 18:44:38 . 2008-01-23 04:24:06 0 d-----w- C:\Program Files\HP
2009-07-08 14:51:19 . 2007-09-19 03:09:43 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-07 21:36:28 . 2008-02-04 18:58:03 0 d-----w- C:\Documents and Settings\All Users\Application Data\Avg7
2009-07-06 18:15:54 . 2008-02-13 16:50:40 0 d-----w- C:\Program Files\MagicISO
2009-07-06 18:12:28 . 2008-04-26 19:20:47 0 d-----w- C:\Program Files\Black Ice Software Inc
2009-07-06 00:47:42 . 2007-10-31 07:29:03 0 d-----w- C:\Program Files\eChanblard
2009-07-05 02:22:04 . 2007-11-09 09:59:34 0 d-----w- C:\Documents and Settings\All Users\Application Data\Bold Bows Tray Dvd
2009-07-04 18:31:18 . 2007-09-19 02:44:25 0 d-----w- C:\Program Files\MSN Messenger
2009-06-11 16:21:29 . 2007-09-19 04:24:21 10842 -c--a-w- C:\WINDOWS\mozver.dat
2009-06-07 15:21:11 . 2009-06-07 15:21:11 0 d-----w- C:\Program Files\Nuclear Coffee
2009-06-05 21:05:39 . 2009-06-05 21:05:39 0 d-----w- C:\Program Files\Chikka Messenger
2009-06-04 08:06:47 . 2009-06-04 07:08:20 0 d-----w- C:\Program Files\FFB - Facebook Friend Bomber
2009-05-28 21:04:33 . 2009-05-28 21:04:33 0 d-----w- C:\Program Files\DMV
2009-05-27 17:46:03 . 2009-05-27 17:45:35 0 d-----w- C:\Program Files\DivX
2009-05-27 17:45:41 . 2009-05-27 17:45:36 0 d-----w- C:\Program Files\Common Files\DivX Shared
2009-05-13 05:15:55 . 2006-06-23 15:33:58 915456 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-05-12 02:57:12 . 2009-05-12 02:42:57 0 d-----w- C:\Program Files\Questrade
2009-05-12 02:57:12 . 2004-03-05 05:18:26 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-05-07 15:32:35 . 2004-03-05 02:49:52 345600 ----a-w- C:\WINDOWS\system32\localspl.dll
2009-05-06 07:11:12 . 2009-05-06 07:11:11 306192 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\tbsetup.exe
2009-05-06 07:11:11 . 2009-05-06 07:11:05 3059720 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ocpinst.exe
2009-05-06 07:11:05 . 2009-05-06 07:11:04 159312 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\setup.exe
2009-05-06 07:11:04 . 2009-05-06 07:11:03 88064 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\instph.dll
2009-05-06 07:11:03 . 2009-05-06 07:11:01 547984 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\muinst.exe
2009-05-06 07:11:01 . 2009-05-06 07:11:00 9728 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\brwschk.dll
2009-05-06 07:11:00 . 2009-05-06 07:10:59 75264 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ProgUpd.dll
2009-05-06 07:10:58 . 2009-05-06 07:10:57 138296 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\WDInst.exe
2009-05-06 07:10:57 . 2009-05-06 07:10:56 81176 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\alsetup.exe
2009-05-06 07:10:54 . 2009-05-06 07:10:54 34896 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\postproc.exe
2009-05-06 07:10:54 . 2009-05-06 07:10:52 594240 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLinst.exe
2009-05-06 07:10:50 . 2009-05-06 07:10:49 466944 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\gui.dll
2009-05-06 07:10:49 . 2009-05-06 07:10:48 53248 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\instSup.dll
2009-05-06 07:10:48 . 2009-05-06 07:10:47 6144 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\tbinst.dll
2009-05-06 07:10:47 . 2009-05-06 07:10:46 352112 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLLang.exe
2009-05-06 07:10:46 . 2009-05-06 07:10:45 164080 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\iphinst.exe
2009-05-06 07:10:45 . 2009-05-06 07:10:44 9728 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ocpchk.dll
2009-05-06 06:44:16 . 2009-05-06 06:44:16 39712 -c-ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-04-28 00:19:46 . 2004-03-05 04:25:13 70096 -c--a-w- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-27 05:02:56 . 2009-04-27 05:03:12 410984 -c--a-w- C:\WINDOWS\system32\deploytk.dll
2009-04-23 18:15:49 . 2009-04-20 05:40:07 53248 -c--a-w- C:\WINDOWS\system32\cfperfmon_8.dll
2009-04-22 18:29:11 . 2009-04-22 18:29:11 3584 -c--a-r- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-04-22 05:30:22 . 2004-03-05 04:14:48 87639 -c--a-w- C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-04-20 05:42:09 . 2009-04-20 05:42:09 21 ---ha-w- C:\qpmd8379.bin
2009-04-17 12:26:40 . 2004-03-05 02:50:18 1847168 ----a-w- C:\WINDOWS\system32\win32k.sys
2009-04-15 20:25:42 . 2009-05-27 17:45:55 120056 ----a-w- C:\WINDOWS\system32\pxcpyi64.exe
2009-04-15 20:25:42 . 2009-05-27 17:45:55 118520 ----a-w- C:\WINDOWS\system32\pxinsi64.exe
2009-04-15 20:24:40 . 2009-04-15 20:24:40 90112 ----a-w- C:\WINDOWS\system32\dpl100.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\WINDOWS\system32\divx_xx0c.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\WINDOWS\system32\divx_xx07.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 815104 ----a-w- C:\WINDOWS\system32\divx_xx0a.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 802816 ----a-w- C:\WINDOWS\system32\divx_xx11.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 684032 ----a-w- C:\WINDOWS\system32\DivX.dll
2009-04-15 14:51:25 . 2004-03-06 02:16:11 585216 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 1044480 ----a-w- C:\Program Files\opera\program\plugins\libdivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 200704 ----a-w- C:\Program Files\opera\program\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-02 17:38:14 1004800 ----a-w- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 16:55:02 5674352]
"Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 08:42:23 495616]
"AdobeBridge"="C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-28 23:34:14 13145448]
"SpywareTerminatorUpdate"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-06 00:37:56 3055616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2008-04-14 00:12:19 50176]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-02-11 05:10:00 335872]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-02-19 23:10:32 638976]
"CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-02-19 22:26:56 135168]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-01-12 10:15:08 712704]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-06-18 06:44:06 151552]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-02-19 23:08:00 53248]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 06:43:16 184320]
"Battery Checker"="C:\Program Files\TOSHIBA\Battery Checker\BtryChkr.exe" [2004-02-27 23:39:50 32768]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-04-27 05:02:57 148888]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 04:15:46 15872]
"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 11:58:34 611712]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 10:24:52 286720]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-04 04:58:08 520024]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-06 00:37:50 2173440]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 20:06:30 2027792]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 20:02:54 563984]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 06:12:02 483328]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-07-07 21:24:01 1948440]
"ATIModeChange"="Ati2mdxx.exe" - C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 08:24:26 28672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 00:12:16 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [2009-4-27 25214]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 19:39:22 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-08 07:29:50 11952 ----a-w- C:\WINDOWS\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Pat^Start Menu^Programs^Startup^ComboFix.exe]
path=C:\Documents and Settings\Pat\Start Menu\Programs\Startup\ComboFix.exe
backup=C:\WINDOWS\pss\ComboFix.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Netlogon"=3 (0x3)
"AVEService"=2 (0x2)
"antivirwebservice"=2 (0x2)
"AntiVirService"=2 (0x2)
"AntiVirScheduler"=2 (0x2)
"AntiVirMailService"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"Drag'n Drop CD+DVD"=C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
"ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Soulseek-Test\\slsk.exe"=
"C:\\Program Files\\Java\\jre1.6.0\\bin\\javaw.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\Binaries\\helpctr.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\drivers\avgrkx86.sys [2009-07-07 17:24:29 12552]
R0 BatteryChecker;Battery Checker Driver;C:\WINDOWS\system32\drivers\BtryChkr.sys [2004-03-05 17:09:59 5392]
R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2004-03-05 01:29:38 10112]
R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [2009-07-04 00:59:10 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\drivers\avgldx86.sys [2009-07-07 17:24:15 335752]
R1 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\drivers\avgtdix.sys [2009-07-07 17:24:22 108552]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2009-07-05 20:37:50 142592]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-07 17:24:00 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 15:06:55 1029456]
R4 BsUDF;B.H.A UDF Filesystem;C:\WINDOWS\system32\drivers\BsUDF.sys [2004-03-05 01:29:37 395008]
S3 ColdFusion 8 .NET Service;ColdFusion 8 .NET Service;C:\ColdFusion8\jnbridge\CF8DotNetsvc.exe [2009-04-23 14:16:33 77824]
S3 ColdFusion 8 Application Server;ColdFusion 8 Application Server;C:\ColdFusion8\runtime\bin\jrunsvc.exe [2009-04-23 14:15:43 65536]
S3 ColdFusion 8 ODBC Agent;ColdFusion 8 ODBC Agent;C:\ColdFusion8\db\slserver54\bin\swagent.exe "ColdFusion 8 ODBC Agent" --> C:\ColdFusion8\db\slserver54\bin\swagent.exe ColdFusion 8 ODBC Agent [?]
S3 ColdFusion 8 ODBC Server;ColdFusion 8 ODBC Server;C:\ColdFusion8\db\slserver54\bin\swstrtr.exe "ColdFusion 8 ODBC Server" --> C:\ColdFusion8\db\slserver54\bin\swstrtr.exe ColdFusion 8 ODBC Server [?]
S3 ttv100x;TOSHIBA USB2 TV Tuner;C:\WINDOWS\system32\drivers\ttv100x.sys [2004-03-04 22:51:30 1233024]
S4 Bandwidth Monitor Pro;Bandwidth Monitor Pro;C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe --> C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe [?]
S4 ColdFusion 8 Search Server;ColdFusion 8 Search Server;C:\ColdFusion8\verity\k2\_nti40\bin\k2admin.exe [2009-04-23 14:14:50 2743056]
S4 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-04-23 11:35:29 33176]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - SP_RSDRV2
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'
2009-07-06 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06:56 . 2009-07-04 04:58:19]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-SpybotSD TeaTimer - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Crawler Search - tbr:iemenu
Trusted Zone: gouv.qc.ca\www.registrefoncier
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
FF - ProfilePath - C:\Documents and Settings\Pat\Application Data\Mozilla\Firefox\Profiles\onjy8ag7.default\
FF - prefs.js: browser.search.selectedEngine - Crawler Search
FF - component: C:\Program Files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files\Crawler\firefox\components\xcomm.dll
FF - component: C:\Program Files\Crawler\firefox\components\xshared.dll
FF - component: C:\Program Files\Crawler\firefox\components\xsupport.dll
FF - component: C:\Program Files\Crawler\firefox\components\xwsg.dll
FF - plugin: C:\Documents and Settings\Pat\Application Data\Mozilla\plugins\npo3dautoplugin.dll
FF - plugin: C:\Documents and Settings\Pat\Application Data\Mozilla\plugins\npPxPlay.dll
FF - plugin: C:\Documents and Settings\Pat\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: C:\PROGRA~1\MOZILL~1\plugins\np_gp.dll
FF - plugin: C:\Program Files\DMV\Common\npvlc.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.1.0.20926.0.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files\Opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
C:\Program Files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");
.
L'ordi semble revenu comme il devrait être, mise a part qu'il est catastrofiquement lent.....
Je n'ose pas débarquer avg et spyware terminator avant d'avoir réinstaller spybot....
autres marches à suivre grand Gourou??
voici les résultat du log.... :
ComboFix 09-07-08.02 - Pat 2009-07-08 17:09:30.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.1535.1042 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Administrator\Desktop\moi.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Spyware Terminator *On-access scanning enabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Install.txt
C:\WINDOWS\Installer\19d7fce.msi
C:\WINDOWS\Installer\35c24c.msi
C:\WINDOWS\Installer\9cc7d17.msi
C:\WINDOWS\Installer\9cc7d1f.msi
C:\WINDOWS\Installer\9cc7dbe.msi
C:\WINDOWS\Installer\9cc7dda.msi
C:\WINDOWS\Installer\a199f7.msi
C:\WINDOWS\Installer\cd2c661.msi
C:\WINDOWS\Installer\dc9775.msi
C:\WINDOWS\system32\drivers\hjgruinoekafqp.sys
C:\WINDOWS\system32\drivers\UACbotkylkfrhoyqqu.sys
C:\WINDOWS\system32\hjgruijbfmjebo.dll
C:\WINDOWS\system32\hjgruipdfouixt.dll
C:\WINDOWS\system32\hjgruithctjccg.dat
C:\WINDOWS\system32\hjgruiylktbxvr.dat
C:\WINDOWS\system32\Install.txt
C:\WINDOWS\system32\UACbrqoiynsxwpuhti.dll
C:\WINDOWS\system32\UACcklquygechatymu.dll
C:\WINDOWS\system32\uacinit.dll
C:\WINDOWS\system32\UAClxtgtkmodyoymkd.dll
C:\WINDOWS\system32\UACmvqgmfqwqbrnkfp.db
C:\WINDOWS\system32\UACpjqrmsjmevhyiha.dll
C:\WINDOWS\system32\UACregvsthxbjlxbnmcj.log
C:\WINDOWS\system32\UACrnllbkxdltfnevn.dat
C:\WINDOWS\system32\uactmp.db
C:\WINDOWS\system32\UACvnawjbaorjdnpfy.dll
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_hjgruiwfedrepq
-------\Service_UACd.sys
-------\Legacy_MSNCACHE
-------\Legacy_SOPIDKC
((((((((((((((((((((((((((((( Fichiers créés du 2009-06-08 au 2009-07-08 ))))))))))))))))))))))))))))))))))))
.
2009-07-08 20:47:30 . 2009-07-08 20:47:30 0 d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
2009-07-08 19:17:26 . 2009-07-08 19:17:26 0 d-sh--w- C:\Documents and Settings\LocalService\IETldCache
2009-07-08 17:19:50 . 2009-07-08 17:19:56 278221 ----a-w- C:\gmer.zip
2009-07-08 17:01:01 . 2009-07-08 17:01:01 0 d-sh--w- C:\Documents and Settings\Administrator\IECompatCache
2009-07-08 16:59:37 . 2009-07-08 16:59:37 0 d-sh--w- C:\Documents and Settings\Administrator\PrivacIE
2009-07-08 16:10:21 . 2009-07-08 16:10:21 0 d-sh--w- C:\Documents and Settings\NetworkService\IETldCache
2009-07-08 14:36:58 . 2009-07-08 14:36:58 0 d-sh--w- C:\Documents and Settings\Administrator\IETldCache
2009-07-08 07:28:48 . 2009-07-07 21:24:01 1085208 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-08 07:28:47 . 2009-07-07 21:24:01 587032 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgiproxy.exe
2009-07-08 07:28:47 . 2009-07-07 21:24:01 1452312 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-08 07:28:46 . 2009-07-07 21:24:01 755992 ----a-w- C:\Documents and Settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-07-08 02:08:57 . 2009-07-08 02:08:57 0 d-sh--w- C:\Documents and Settings\Pat\PrivacIE
2009-07-08 02:03:15 . 2009-07-08 02:03:15 0 d-sh--w- C:\Documents and Settings\Pat\IETldCache
2009-07-08 02:02:42 . 2009-07-08 02:02:42 0 d-sh--w- C:\WINDOWS\system32\config\systemprofile\IETldCache
2009-07-08 01:57:40 . 2009-06-02 10:12:46 102912 -c----w- C:\WINDOWS\system32\dllcache\iecompat.dll
2009-07-08 01:57:23 . 2009-07-08 01:57:23 0 d-----w- C:\WINDOWS\ie8updates
2009-07-08 01:56:57 . 2009-04-30 21:22:34 12800 -c----w- C:\WINDOWS\system32\dllcache\xpshims.dll
2009-07-08 01:56:57 . 2009-04-30 21:22:31 246272 -c----w- C:\WINDOWS\system32\dllcache\ieproxy.dll
2009-07-08 01:53:46 . 2009-07-08 01:55:43 0 dc-h--w- C:\WINDOWS\ie8
2009-07-08 00:53:15 . 2009-07-08 19:46:19 0 d--h--w- C:\$AVG8.VAULT$
2009-07-08 00:50:25 . 2009-06-02 17:38:14 1004800 ----a-w- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-07-08 00:46:30 . 2009-07-08 20:48:00 0 d-----w- C:\Program Files\Crawler
2009-07-07 23:04:08 . 2009-07-07 23:12:35 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat
2009-07-07 21:24:30 . 2009-07-08 07:29:50 11952 ----a-w- C:\WINDOWS\system32\avgrsstx.dll
2009-07-07 21:24:29 . 2009-07-07 21:24:29 12552 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys
2009-07-07 21:24:22 . 2009-07-07 21:24:22 108552 ----a-w- C:\WINDOWS\system32\drivers\avgtdix.sys
2009-07-07 21:24:15 . 2009-07-08 07:29:50 335752 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys
2009-07-07 21:24:14 . 2009-07-08 07:29:50 27784 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys
2009-07-07 21:24:13 . 2009-07-08 13:50:28 0 d-----w- C:\WINDOWS\system32\drivers\Avg
2009-07-07 21:24:09 . 2009-07-08 00:50:25 0 d-----w- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-07-07 21:24:00 . 2009-07-07 21:36:29 0 d-----w- C:\Documents and Settings\All Users\Application Data\avg8
2009-07-07 21:24:00 . 2009-07-07 21:24:00 0 d-----w- C:\Program Files\AVG
2009-07-07 16:06:21 . 2009-07-08 20:47:52 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-07-06 18:40:48 . 2009-07-06 18:40:48 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Safer Networking
2009-07-06 18:39:48 . 2009-07-06 18:40:28 0 d-----w- C:\Program Files\Safer Networking
2009-07-06 00:58:54 . 2009-07-06 00:58:54 0 d-----w- C:\Program Files\Alwil Software
2009-07-06 00:40:45 . 2009-07-06 00:43:26 0 d-----w- C:\Program Files\WinClamAVShield
2009-07-06 00:37:50 . 2009-07-06 00:37:50 6144 ----a-w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-07-06 00:37:50 . 2009-07-06 00:37:50 5632 ----a-w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-07-06 00:37:50 . 2009-07-06 00:37:50 142592 ----a-w- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2009-07-06 00:37:45 . 2009-07-06 00:47:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-07-06 00:37:33 . 2009-07-08 20:47:52 0 d-----w- C:\Program Files\Spyware Terminator
2009-07-05 23:48:17 . 2009-07-05 23:48:18 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2009-07-05 23:42:14 . 2009-07-05 23:42:14 0 d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\ESET
2009-07-05 04:21:01 . 2009-07-08 18:00:10 0 d-----w- C:\Spyware Doctor 6.0.0.385+patch-full updates to 2011
2009-07-04 19:47:46 . 2009-07-04 19:47:46 0 d-----w- C:\Program Files\ESET
2009-07-04 19:47:45 . 2009-07-04 19:47:45 0 d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2009-07-04 19:09:58 . 2008-02-13 17:11:52 102664 ----a-w- C:\WINDOWS\system32\drivers\tmcomm.sys
2009-07-04 05:07:46 . 2009-07-04 04:59:02 15688 ----a-w- C:\WINDOWS\system32\lsdelete.exe
2009-07-04 04:59:10 . 2009-07-04 04:58:25 64160 ----a-w- C:\WINDOWS\system32\drivers\Lbd.sys
2009-07-04 04:59:04 . 2009-07-04 04:59:04 314712 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-07-04 04:59:03 . 2009-07-04 04:59:03 25440 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-07-04 04:59:02 . 2009-07-04 04:59:02 169312 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-07-04 04:59:02 . 2009-07-04 04:59:02 15688 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-07-04 04:59:01 . 2009-07-04 04:59:01 348496 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-07-04 04:59:00 . 2009-07-04 04:59:00 298336 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-07-04 04:52:55 . 2009-07-04 04:52:55 0 dc-h--w- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-07-04 04:52:55 . 2009-03-12 08:17:34 2902048 -c--a-w- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-07-04 04:52:51 . 2009-07-04 04:52:51 0 d-----w- C:\Program Files\Lavasoft
2009-07-04 02:00:23 . 2009-07-04 03:56:55 0 d-----w- C:\Program Files\Pando Networks
2009-06-20 06:21:06 . 2009-07-06 15:54:13 30 ----a-w- C:\WINDOWS\mscpt.dat
2009-06-20 06:20:59 . 2009-06-20 06:20:59 0 d-----w- C:\Program Files\TLKGAMES
2009-06-17 04:18:31 . 2009-06-17 04:19:44 0 d-----w- C:\Program Files\SolSuite
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 18:44:38 . 2008-01-23 04:26:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\HP
2009-07-08 18:44:38 . 2008-01-23 04:24:06 0 d-----w- C:\Program Files\HP
2009-07-08 14:51:19 . 2007-09-19 03:09:43 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-07 21:36:28 . 2008-02-04 18:58:03 0 d-----w- C:\Documents and Settings\All Users\Application Data\Avg7
2009-07-06 18:15:54 . 2008-02-13 16:50:40 0 d-----w- C:\Program Files\MagicISO
2009-07-06 18:12:28 . 2008-04-26 19:20:47 0 d-----w- C:\Program Files\Black Ice Software Inc
2009-07-06 00:47:42 . 2007-10-31 07:29:03 0 d-----w- C:\Program Files\eChanblard
2009-07-05 02:22:04 . 2007-11-09 09:59:34 0 d-----w- C:\Documents and Settings\All Users\Application Data\Bold Bows Tray Dvd
2009-07-04 18:31:18 . 2007-09-19 02:44:25 0 d-----w- C:\Program Files\MSN Messenger
2009-06-11 16:21:29 . 2007-09-19 04:24:21 10842 -c--a-w- C:\WINDOWS\mozver.dat
2009-06-07 15:21:11 . 2009-06-07 15:21:11 0 d-----w- C:\Program Files\Nuclear Coffee
2009-06-05 21:05:39 . 2009-06-05 21:05:39 0 d-----w- C:\Program Files\Chikka Messenger
2009-06-04 08:06:47 . 2009-06-04 07:08:20 0 d-----w- C:\Program Files\FFB - Facebook Friend Bomber
2009-05-28 21:04:33 . 2009-05-28 21:04:33 0 d-----w- C:\Program Files\DMV
2009-05-27 17:46:03 . 2009-05-27 17:45:35 0 d-----w- C:\Program Files\DivX
2009-05-27 17:45:41 . 2009-05-27 17:45:36 0 d-----w- C:\Program Files\Common Files\DivX Shared
2009-05-13 05:15:55 . 2006-06-23 15:33:58 915456 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-05-12 02:57:12 . 2009-05-12 02:42:57 0 d-----w- C:\Program Files\Questrade
2009-05-12 02:57:12 . 2004-03-05 05:18:26 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-05-07 15:32:35 . 2004-03-05 02:49:52 345600 ----a-w- C:\WINDOWS\system32\localspl.dll
2009-05-06 07:11:12 . 2009-05-06 07:11:11 306192 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\tbsetup.exe
2009-05-06 07:11:11 . 2009-05-06 07:11:05 3059720 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ocpinst.exe
2009-05-06 07:11:05 . 2009-05-06 07:11:04 159312 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\setup.exe
2009-05-06 07:11:04 . 2009-05-06 07:11:03 88064 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\instph.dll
2009-05-06 07:11:03 . 2009-05-06 07:11:01 547984 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\muinst.exe
2009-05-06 07:11:01 . 2009-05-06 07:11:00 9728 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\brwschk.dll
2009-05-06 07:11:00 . 2009-05-06 07:10:59 75264 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ProgUpd.dll
2009-05-06 07:10:58 . 2009-05-06 07:10:57 138296 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\WDInst.exe
2009-05-06 07:10:57 . 2009-05-06 07:10:56 81176 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\alsetup.exe
2009-05-06 07:10:54 . 2009-05-06 07:10:54 34896 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\postproc.exe
2009-05-06 07:10:54 . 2009-05-06 07:10:52 594240 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLinst.exe
2009-05-06 07:10:50 . 2009-05-06 07:10:49 466944 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\gui.dll
2009-05-06 07:10:49 . 2009-05-06 07:10:48 53248 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\instSup.dll
2009-05-06 07:10:48 . 2009-05-06 07:10:47 6144 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\tbinst.dll
2009-05-06 07:10:47 . 2009-05-06 07:10:46 352112 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\SLLang.exe
2009-05-06 07:10:46 . 2009-05-06 07:10:45 164080 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\iphinst.exe
2009-05-06 07:10:45 . 2009-05-06 07:10:44 9728 -c--a-w- C:\Documents and Settings\All Users\Application Data\AOL Downloads\AOLEXPLORER_1.5.22.1\ocpchk.dll
2009-05-06 06:44:16 . 2009-05-06 06:44:16 39712 -c-ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-04-28 00:19:46 . 2004-03-05 04:25:13 70096 -c--a-w- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-27 05:02:56 . 2009-04-27 05:03:12 410984 -c--a-w- C:\WINDOWS\system32\deploytk.dll
2009-04-23 18:15:49 . 2009-04-20 05:40:07 53248 -c--a-w- C:\WINDOWS\system32\cfperfmon_8.dll
2009-04-22 18:29:11 . 2009-04-22 18:29:11 3584 -c--a-r- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-04-22 05:30:22 . 2004-03-05 04:14:48 87639 -c--a-w- C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-04-20 05:42:09 . 2009-04-20 05:42:09 21 ---ha-w- C:\qpmd8379.bin
2009-04-17 12:26:40 . 2004-03-05 02:50:18 1847168 ----a-w- C:\WINDOWS\system32\win32k.sys
2009-04-15 20:25:42 . 2009-05-27 17:45:55 120056 ----a-w- C:\WINDOWS\system32\pxcpyi64.exe
2009-04-15 20:25:42 . 2009-05-27 17:45:55 118520 ----a-w- C:\WINDOWS\system32\pxinsi64.exe
2009-04-15 20:24:40 . 2009-04-15 20:24:40 90112 ----a-w- C:\WINDOWS\system32\dpl100.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\WINDOWS\system32\divx_xx0c.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\WINDOWS\system32\divx_xx07.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 815104 ----a-w- C:\WINDOWS\system32\divx_xx0a.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 802816 ----a-w- C:\WINDOWS\system32\divx_xx11.dll
2009-04-15 20:24:38 . 2009-04-15 20:24:38 684032 ----a-w- C:\WINDOWS\system32\DivX.dll
2009-04-15 14:51:25 . 2004-03-06 02:16:11 585216 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 1044480 ----a-w- C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 200704 ----a-w- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 1044480 ----a-w- C:\Program Files\opera\program\plugins\libdivx.dll
2009-04-15 20:24:54 . 2009-04-15 20:24:54 200704 ----a-w- C:\Program Files\opera\program\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-02 17:38:14 1004800 ----a-w- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 16:55:02 5674352]
"Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 08:42:23 495616]
"AdobeBridge"="C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-28 23:34:14 13145448]
"SpywareTerminatorUpdate"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-06 00:37:56 3055616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2008-04-14 00:12:19 50176]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-02-11 05:10:00 335872]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-02-19 23:10:32 638976]
"CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-02-19 22:26:56 135168]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-01-12 10:15:08 712704]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-06-18 06:44:06 151552]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-02-19 23:08:00 53248]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 06:43:16 184320]
"Battery Checker"="C:\Program Files\TOSHIBA\Battery Checker\BtryChkr.exe" [2004-02-27 23:39:50 32768]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-04-27 05:02:57 148888]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 04:15:46 15872]
"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 11:58:34 611712]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 10:24:52 286720]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-04 04:58:08 520024]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-06 00:37:50 2173440]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 20:06:30 2027792]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 20:02:54 563984]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 06:12:02 483328]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-07-07 21:24:01 1948440]
"ATIModeChange"="Ati2mdxx.exe" - C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 08:24:26 28672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 00:12:16 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [2009-4-27 25214]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 19:39:22 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-08 07:29:50 11952 ----a-w- C:\WINDOWS\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Pat^Start Menu^Programs^Startup^ComboFix.exe]
path=C:\Documents and Settings\Pat\Start Menu\Programs\Startup\ComboFix.exe
backup=C:\WINDOWS\pss\ComboFix.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Netlogon"=3 (0x3)
"AVEService"=2 (0x2)
"antivirwebservice"=2 (0x2)
"AntiVirService"=2 (0x2)
"AntiVirScheduler"=2 (0x2)
"AntiVirMailService"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"Drag'n Drop CD+DVD"=C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
"ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Soulseek-Test\\slsk.exe"=
"C:\\Program Files\\Java\\jre1.6.0\\bin\\javaw.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\Binaries\\helpctr.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\drivers\avgrkx86.sys [2009-07-07 17:24:29 12552]
R0 BatteryChecker;Battery Checker Driver;C:\WINDOWS\system32\drivers\BtryChkr.sys [2004-03-05 17:09:59 5392]
R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2004-03-05 01:29:38 10112]
R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [2009-07-04 00:59:10 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\drivers\avgldx86.sys [2009-07-07 17:24:15 335752]
R1 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\drivers\avgtdix.sys [2009-07-07 17:24:22 108552]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2009-07-05 20:37:50 142592]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-07 17:24:00 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 15:06:55 1029456]
R4 BsUDF;B.H.A UDF Filesystem;C:\WINDOWS\system32\drivers\BsUDF.sys [2004-03-05 01:29:37 395008]
S3 ColdFusion 8 .NET Service;ColdFusion 8 .NET Service;C:\ColdFusion8\jnbridge\CF8DotNetsvc.exe [2009-04-23 14:16:33 77824]
S3 ColdFusion 8 Application Server;ColdFusion 8 Application Server;C:\ColdFusion8\runtime\bin\jrunsvc.exe [2009-04-23 14:15:43 65536]
S3 ColdFusion 8 ODBC Agent;ColdFusion 8 ODBC Agent;C:\ColdFusion8\db\slserver54\bin\swagent.exe "ColdFusion 8 ODBC Agent" --> C:\ColdFusion8\db\slserver54\bin\swagent.exe ColdFusion 8 ODBC Agent [?]
S3 ColdFusion 8 ODBC Server;ColdFusion 8 ODBC Server;C:\ColdFusion8\db\slserver54\bin\swstrtr.exe "ColdFusion 8 ODBC Server" --> C:\ColdFusion8\db\slserver54\bin\swstrtr.exe ColdFusion 8 ODBC Server [?]
S3 ttv100x;TOSHIBA USB2 TV Tuner;C:\WINDOWS\system32\drivers\ttv100x.sys [2004-03-04 22:51:30 1233024]
S4 Bandwidth Monitor Pro;Bandwidth Monitor Pro;C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe --> C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe [?]
S4 ColdFusion 8 Search Server;ColdFusion 8 Search Server;C:\ColdFusion8\verity\k2\_nti40\bin\k2admin.exe [2009-04-23 14:14:50 2743056]
S4 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-04-23 11:35:29 33176]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - SP_RSDRV2
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'
2009-07-06 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06:56 . 2009-07-04 04:58:19]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-SpybotSD TeaTimer - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Crawler Search - tbr:iemenu
Trusted Zone: gouv.qc.ca\www.registrefoncier
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
FF - ProfilePath - C:\Documents and Settings\Pat\Application Data\Mozilla\Firefox\Profiles\onjy8ag7.default\
FF - prefs.js: browser.search.selectedEngine - Crawler Search
FF - component: C:\Program Files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files\Crawler\firefox\components\xcomm.dll
FF - component: C:\Program Files\Crawler\firefox\components\xshared.dll
FF - component: C:\Program Files\Crawler\firefox\components\xsupport.dll
FF - component: C:\Program Files\Crawler\firefox\components\xwsg.dll
FF - plugin: C:\Documents and Settings\Pat\Application Data\Mozilla\plugins\npo3dautoplugin.dll
FF - plugin: C:\Documents and Settings\Pat\Application Data\Mozilla\plugins\npPxPlay.dll
FF - plugin: C:\Documents and Settings\Pat\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: C:\PROGRA~1\MOZILL~1\plugins\np_gp.dll
FF - plugin: C:\Program Files\DMV\Common\npvlc.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.1.0.20926.0.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files\Opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
C:\Program Files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");
.
L'ordi semble revenu comme il devrait être, mise a part qu'il est catastrofiquement lent.....
Je n'ose pas débarquer avg et spyware terminator avant d'avoir réinstaller spybot....
autres marches à suivre grand Gourou??
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Télécharge OTL de OLDTimer
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant scan all users
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
NE LE POSTE PAS SUR LE FORUM
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Tu feras la meme chose avec le "Extra.txt" s'il t'est demandé
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant scan all users
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
NE LE POSTE PAS SUR LE FORUM
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Tu feras la meme chose avec le "Extra.txt" s'il t'est demandé
Pour suivre ... ;)