Problème redirection Google. - Page 4

Précédent
  • 1
  • 2
  • 3
  • 4
Réponse 61 / 65
BenZzz666 Messages postés 22 Statut Membre
 
Voila :

ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:09:35.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1491 [GMT 1:00]
Lancé depuis: C:\Benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\Agent.OMZ.Fix.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\senekaulhtpjyr.dat
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe

.
original MBR restored successfully !
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.

2010-06-28 07:40:40 . 2009-02-05 20:06:10 23152 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-06-28 07:40:39 . 2009-02-05 20:06:20 51376 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-06-28 07:40:39 . 2009-02-05 20:05:11 26944 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-06-28 07:40:38 . 2009-02-05 20:04:45 97480 ----a-w- C:\WINDOWS\system32\AvastSS.scr
2010-06-28 07:40:37 . 2009-02-05 20:08:19 93296 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-06-28 07:40:37 . 2009-02-05 20:08:10 94032 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:23 114768 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:12 20560 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-06-28 07:40:25 . 2009-02-05 20:11:35 1256296 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2009-12-19 11:34:31 . 2009-12-19 11:34:42 -------- d-----w- C:\rsit
2009-12-19 11:29:58 . 2009-12-19 11:30:00 -------- d-----w- C:\Program Files\CCleaner
2009-12-18 19:26:05 . 2009-12-18 20:11:21 -------- d-----w- C:\WINDOWS\BDOSCAN8
2009-12-18 18:57:20 . 2009-12-18 19:16:50 -------- d-----w- C:\UsbFix
2009-12-16 14:17:56 . 2009-12-16 14:17:56 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17:52 . 2009-12-03 15:14:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17:50 . 2009-12-16 14:17:55 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-16 14:17:50 . 2009-12-16 14:17:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17:50 . 2009-12-03 15:13:56 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2009-12-16 14:11:18 . 2009-12-19 11:34:33 -------- d-----w- C:\Program Files\trend micro
2009-12-16 13:12:43 . 2009-12-18 17:45:51 -------- d-----w- C:\Program Files\ZHPDiag
2009-12-13 19:03:47 . 2009-12-14 19:05:20 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2009-12-13 19:03:47 . 2009-03-30 08:32:47 96104 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys
2009-12-13 19:03:47 . 2009-02-13 10:28:39 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys
2009-12-13 19:03:47 . 2009-02-13 10:17:49 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Program Files\Avira
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2009-12-13 18:26:08 . 2009-12-13 19:54:03 -------- d-----w- C:\Documents and Settings\HelpAssistant\Tracing
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\WINDOWS
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\UserData
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\PrivacIE
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\Phone Browser
2009-12-13 18:10:23 . 2009-12-13 18:10:24 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08:57 . 2009-12-07 16:27:12 78344 ----a-w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08:52 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08:49 . 2009-12-13 19:03:24 -------- d-sh--w- C:\Documents and Settings\HelpAssistant\IETldCache
2009-12-13 18:08:49 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\IECompatCache
2009-12-13 18:08:39 . 2009-12-13 18:08:46 -------- d-----w- C:\Documents and Settings\HelpAssistant\Contacts
2009-12-13 18:03:15 . 2009-12-13 18:03:15 -------- d-----w- C:\Documents and Settings\HelpAssistant\.thumbnails
2009-12-13 18:03:14 . 2009-12-13 18:03:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52:44 . 2009-12-02 17:52:44 -------- d-----w- C:\Program Files\MSXML 4.0
2009-12-02 17:51:09 . 2009-10-19 20:49:26 1164728 ----a-w- C:\WINDOWS\system32\NMSDVDXU.dll
2009-12-02 17:51:03 . 2009-12-02 17:51:03 -------- d--h--w- C:\Documents and Settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28:38 . 2008-11-24 22:36:19 -------- d-----w- C:\Documents and Settings\All Users\Application Data\BitDefender
2010-06-28 07:28:30 . 2008-11-24 22:41:12 81984 ----a-w- C:\WINDOWS\system32\bdod.bin
2009-12-20 18:23:51 . 2009-11-24 05:54:34 79488 ----a-w- C:\Documents and Settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-19 13:13:51 . 2009-03-28 21:52:09 49548 ---ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-12-19 13:00:32 . 2009-05-06 16:58:22 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00:32 . 2009-05-06 16:57:11 -------- d-----w- C:\Program Files\SoundSpectrum
2009-12-07 16:27:12 . 2008-09-13 19:35:51 78344 ----a-w- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30:44 . 2008-09-30 17:00:44 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00:50 . 2008-09-13 19:39:11 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2009-12-02 17:52:43 . 2002-09-07 00:00:00 72126 ----a-w- C:\WINDOWS\system32\perfc00C.dat
2009-12-02 17:52:43 . 2002-09-07 00:00:00 460986 ----a-w- C:\WINDOWS\system32\perfh00C.dat
2009-12-02 17:52:26 . 2009-09-02 15:40:40 -------- d-----w- C:\Program Files\LG Electronics
2009-12-02 17:52:15 . 2009-12-02 17:52:15 53248 ----a-r- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{D137B59C-551C-4659-8AA8-206FA650BF40}\ARPPRODUCTICON.exe
2009-11-07 15:25:19 . 2009-11-07 15:25:19 -------- d-----w- C:\Program Files\Microsoft
2009-11-07 15:24:43 . 2009-11-07 15:24:43 -------- d-----w- C:\Program Files\Windows Live SkyDrive
2009-11-07 15:24:16 . 2008-09-26 19:27:53 -------- d-----w- C:\Program Files\Windows Live
2009-11-06 20:40:34 . 2009-11-06 20:40:34 -------- d-----w- C:\Program Files\Fichiers communs\Windows Live
2009-11-05 19:37:34 . 2009-11-05 19:36:43 -------- d-----w- C:\Program Files\iTunes
2009-11-05 19:36:49 . 2009-11-05 19:36:49 -------- d-----w- C:\Program Files\iPod
2009-11-05 19:36:46 . 2008-10-11 15:09:34 -------- d-----w- C:\Program Files\Fichiers communs\Apple
2009-11-05 19:30:20 . 2009-11-05 19:30:20 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 13:44:32 . 2009-12-02 17:51:18 24576 ----a-w- C:\Documents and Settings\Administrateur\Application Data\LG Electronics\LG PC Suite III\UpdateHelper.exe
2009-09-29 07:11:22 . 2009-09-29 07:11:22 12160 ----a-w- C:\WINDOWS\system32\drivers\lgbtport.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 12928 ----a-w- C:\WINDOWS\system32\drivers\lgvmodem.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 10496 ----a-w- C:\WINDOWS\system32\drivers\lgbtbus.sys
.
0
Réponse 62 / 65
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Le rapport n'est pas complet.
0
Réponse 63 / 65
BenZzz666 Messages postés 22 Statut Membre
 
Désolé pas assez attendu :P
voila :

ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:34:45.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1468 [GMT 1:00]
Lancé depuis: c:\benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\documents and settings\Administrateur\Local Settings\Temp\IadHide4.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\senekaulhtpjyr.dat
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.

2010-06-28 07:40 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 07:40 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 07:40 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-28 07:40 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-06-28 07:40 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 07:40 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 07:40 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 07:40 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 07:40 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-19 11:34 . 2009-12-19 11:34 -------- d-----w- C:\rsit
2009-12-19 11:29 . 2009-12-19 11:30 -------- d-----w- c:\program files\CCleaner
2009-12-18 19:26 . 2009-12-18 20:11 -------- d-----w- c:\windows\BDOSCAN8
2009-12-18 18:57 . 2009-12-18 19:16 -------- d-----w- C:\UsbFix
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 14:11 . 2009-12-19 11:34 -------- d-----w- c:\program files\trend micro
2009-12-16 13:12 . 2009-12-18 17:45 -------- d-----w- c:\program files\ZHPDiag
2009-12-13 19:03 . 2009-12-14 19:05 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-13 19:03 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-13 19:03 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-13 19:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\program files\Avira
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-13 18:26 . 2009-12-13 19:54 -------- d-----w- c:\documents and settings\HelpAssistant\Tracing
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\WINDOWS
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\UserData
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\PrivacIE
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\Phone Browser
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08 . 2009-12-07 16:27 78344 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08 . 2009-12-13 19:03 -------- d-sh--w- c:\documents and settings\HelpAssistant\IETldCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\IECompatCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Contacts
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.thumbnails
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52 . 2009-12-02 17:52 -------- d-----w- c:\program files\MSXML 4.0
2009-12-02 17:51 . 2009-10-19 20:49 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-12-02 17:51 . 2009-12-02 17:51 -------- d--h--w- c:\documents and settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28 . 2008-11-24 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-06-28 07:28 . 2008-11-24 22:41 81984 ----a-w- c:\windows\system32\bdod.bin
2009-12-19 13:13 . 2009-03-28 21:52 49548 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-19 13:00 . 2009-05-06 16:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00 . 2009-05-06 16:57 -------- d-----w- c:\program files\SoundSpectrum
2009-12-07 16:27 . 2008-09-13 19:35 78344 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30 . 2008-09-30 17:00 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00 . 2008-09-13 19:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-02 17:52 . 2002-09-07 00:00 72126 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-02 17:52 . 2002-09-07 00:00 460986 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-02 17:52 . 2009-09-02 15:40 -------- d-----w- c:\program files\LG Electronics
2009-11-07 15:25 . 2009-11-07 15:25 -------- d-----w- c:\program files\Microsoft
2009-11-07 15:24 . 2009-11-07 15:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-07 15:24 . 2008-09-26 19:27 -------- d-----w- c:\program files\Windows Live
2009-11-06 20:40 . 2009-11-06 20:40 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-11-05 19:37 . 2009-11-05 19:36 -------- d-----w- c:\program files\iTunes
2009-11-05 19:36 . 2009-11-05 19:36 -------- d-----w- c:\program files\iPod
2009-11-05 19:36 . 2008-10-11 15:09 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-09-29 07:11 . 2009-09-29 07:11 12160 ----a-w- c:\windows\system32\drivers\lgbtport.sys
2009-09-29 07:11 . 2009-09-29 07:11 12928 ----a-w- c:\windows\system32\drivers\lgvmodem.sys
2009-09-29 07:11 . 2009-09-29 07:11 10496 ----a-w- c:\windows\system32\drivers\lgbtbus.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-09-14 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-10 397312]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"nwiz"="nwiz.exe" [2008-02-25 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-25 81920]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"3246:TCP"= 3246:TCP:Services
"2479:TCP"= 2479:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"3523:TCP"= 3523:TCP:Services

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [28/06/2010 08:40 114768]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/12/2009 20:03 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/06/2010 08:40 20560]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 08:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 08:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 08:11 12928]
S3 {27C96397-42E6-4BDA-8129A2A80783F004};{27C96397-42E6-4BDA-8129A2A80783F004};\??\c:\windows\TEMP\1E.tmp --> c:\windows\TEMP\1E.tmp [?]
S3 {32A49D5C-1796-46E6-BBC8159EB1E74D1A};{32A49D5C-1796-46E6-BBC8159EB1E74D1A};c:\windows\System32\svchost.exe -k netsvcs [03/08/2004 23:55 14336]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [28/10/2008 15:36 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [28/10/2008 15:36 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [28/10/2008 15:36 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [28/10/2008 15:36 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [28/10/2008 15:36 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [28/10/2008 15:36 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [28/10/2008 15:36 117672]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [15/08/2009 17:24 58536]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
AddRemove-db - c:\program files\Sports Interactive\Football Manager 2009\data\db\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-20 19:40
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{27C96397-42E6-4BDA-8129A2A80783F004}]
"ImagePath"="\??\c:\windows\TEMP\1E.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{32A49D5C-1796-46E6-BBC8159EB1E74D1A}]
"ServiceDll"="c:\docume~1\ADMINI~1\LOCALS~1\Temp\1A.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\

[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (Administrator)
@Allowed: (Read) (Administrator)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1408)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-12-20 19:47:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-20 18:47

Avant-CF: 5 481 623 552 octets libres
Après-CF: 5 440 315 392 octets libres

- - End Of File - - A2EDA2B7E741F8A97B9DE92D54D7F2E6
0
Réponse 64 / 65
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Toujours des redirections ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 65
BenZzz666 Messages postés 22 Statut Membre
 
Le problème à l'air résolu, merci pour ton aide et ta patience !
J'espère que cela ne va pas revenir afin de ne pas te déranger de nouveau !

Bonnes fêtes et merci =)
0
Précédent
  • 1
  • 2
  • 3
  • 4