Problème redirection Google.
Ben666
-
BenZzz666 Messages postés 22 Statut Membre -
BenZzz666 Messages postés 22 Statut Membre -
Bonjour,
J'ai un petit problème avec Google ces temps ci. Lorsque j'effectue une recherche et que je clique sur n'importe quel lien il ne m'affiche pas la page sélectionné mais charge l'adresse d'un tout autre site puis ne m'affiche rien à l'écran...Par contre les recherches marchent très bien avec Yahoo par exemple.
Help Me please !
J'ai un petit problème avec Google ces temps ci. Lorsque j'effectue une recherche et que je clique sur n'importe quel lien il ne m'affiche pas la page sélectionné mais charge l'adresse d'un tout autre site puis ne m'affiche rien à l'écran...Par contre les recherches marchent très bien avec Yahoo par exemple.
Help Me please !
A voir également:
- Problème redirection Google.
- Google maps satellite - Guide
- Google maps - Guide
- Google photo - Télécharger - Albums photo
- Dns google - Guide
- Créer un compte google - Guide
65 réponses
Voila :
ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:09:35.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1491 [GMT 1:00]
Lancé depuis: C:\Benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\Agent.OMZ.Fix.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\senekaulhtpjyr.dat
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
original MBR restored successfully !
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:40:40 . 2009-02-05 20:06:10 23152 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-06-28 07:40:39 . 2009-02-05 20:06:20 51376 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-06-28 07:40:39 . 2009-02-05 20:05:11 26944 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-06-28 07:40:38 . 2009-02-05 20:04:45 97480 ----a-w- C:\WINDOWS\system32\AvastSS.scr
2010-06-28 07:40:37 . 2009-02-05 20:08:19 93296 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-06-28 07:40:37 . 2009-02-05 20:08:10 94032 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:23 114768 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:12 20560 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-06-28 07:40:25 . 2009-02-05 20:11:35 1256296 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2009-12-19 11:34:31 . 2009-12-19 11:34:42 -------- d-----w- C:\rsit
2009-12-19 11:29:58 . 2009-12-19 11:30:00 -------- d-----w- C:\Program Files\CCleaner
2009-12-18 19:26:05 . 2009-12-18 20:11:21 -------- d-----w- C:\WINDOWS\BDOSCAN8
2009-12-18 18:57:20 . 2009-12-18 19:16:50 -------- d-----w- C:\UsbFix
2009-12-16 14:17:56 . 2009-12-16 14:17:56 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17:52 . 2009-12-03 15:14:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17:50 . 2009-12-16 14:17:55 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-16 14:17:50 . 2009-12-16 14:17:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17:50 . 2009-12-03 15:13:56 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2009-12-16 14:11:18 . 2009-12-19 11:34:33 -------- d-----w- C:\Program Files\trend micro
2009-12-16 13:12:43 . 2009-12-18 17:45:51 -------- d-----w- C:\Program Files\ZHPDiag
2009-12-13 19:03:47 . 2009-12-14 19:05:20 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2009-12-13 19:03:47 . 2009-03-30 08:32:47 96104 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys
2009-12-13 19:03:47 . 2009-02-13 10:28:39 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys
2009-12-13 19:03:47 . 2009-02-13 10:17:49 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Program Files\Avira
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2009-12-13 18:26:08 . 2009-12-13 19:54:03 -------- d-----w- C:\Documents and Settings\HelpAssistant\Tracing
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\WINDOWS
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\UserData
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\PrivacIE
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\Phone Browser
2009-12-13 18:10:23 . 2009-12-13 18:10:24 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08:57 . 2009-12-07 16:27:12 78344 ----a-w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08:52 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08:49 . 2009-12-13 19:03:24 -------- d-sh--w- C:\Documents and Settings\HelpAssistant\IETldCache
2009-12-13 18:08:49 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\IECompatCache
2009-12-13 18:08:39 . 2009-12-13 18:08:46 -------- d-----w- C:\Documents and Settings\HelpAssistant\Contacts
2009-12-13 18:03:15 . 2009-12-13 18:03:15 -------- d-----w- C:\Documents and Settings\HelpAssistant\.thumbnails
2009-12-13 18:03:14 . 2009-12-13 18:03:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52:44 . 2009-12-02 17:52:44 -------- d-----w- C:\Program Files\MSXML 4.0
2009-12-02 17:51:09 . 2009-10-19 20:49:26 1164728 ----a-w- C:\WINDOWS\system32\NMSDVDXU.dll
2009-12-02 17:51:03 . 2009-12-02 17:51:03 -------- d--h--w- C:\Documents and Settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28:38 . 2008-11-24 22:36:19 -------- d-----w- C:\Documents and Settings\All Users\Application Data\BitDefender
2010-06-28 07:28:30 . 2008-11-24 22:41:12 81984 ----a-w- C:\WINDOWS\system32\bdod.bin
2009-12-20 18:23:51 . 2009-11-24 05:54:34 79488 ----a-w- C:\Documents and Settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-19 13:13:51 . 2009-03-28 21:52:09 49548 ---ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-12-19 13:00:32 . 2009-05-06 16:58:22 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00:32 . 2009-05-06 16:57:11 -------- d-----w- C:\Program Files\SoundSpectrum
2009-12-07 16:27:12 . 2008-09-13 19:35:51 78344 ----a-w- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30:44 . 2008-09-30 17:00:44 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00:50 . 2008-09-13 19:39:11 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2009-12-02 17:52:43 . 2002-09-07 00:00:00 72126 ----a-w- C:\WINDOWS\system32\perfc00C.dat
2009-12-02 17:52:43 . 2002-09-07 00:00:00 460986 ----a-w- C:\WINDOWS\system32\perfh00C.dat
2009-12-02 17:52:26 . 2009-09-02 15:40:40 -------- d-----w- C:\Program Files\LG Electronics
2009-12-02 17:52:15 . 2009-12-02 17:52:15 53248 ----a-r- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{D137B59C-551C-4659-8AA8-206FA650BF40}\ARPPRODUCTICON.exe
2009-11-07 15:25:19 . 2009-11-07 15:25:19 -------- d-----w- C:\Program Files\Microsoft
2009-11-07 15:24:43 . 2009-11-07 15:24:43 -------- d-----w- C:\Program Files\Windows Live SkyDrive
2009-11-07 15:24:16 . 2008-09-26 19:27:53 -------- d-----w- C:\Program Files\Windows Live
2009-11-06 20:40:34 . 2009-11-06 20:40:34 -------- d-----w- C:\Program Files\Fichiers communs\Windows Live
2009-11-05 19:37:34 . 2009-11-05 19:36:43 -------- d-----w- C:\Program Files\iTunes
2009-11-05 19:36:49 . 2009-11-05 19:36:49 -------- d-----w- C:\Program Files\iPod
2009-11-05 19:36:46 . 2008-10-11 15:09:34 -------- d-----w- C:\Program Files\Fichiers communs\Apple
2009-11-05 19:30:20 . 2009-11-05 19:30:20 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 13:44:32 . 2009-12-02 17:51:18 24576 ----a-w- C:\Documents and Settings\Administrateur\Application Data\LG Electronics\LG PC Suite III\UpdateHelper.exe
2009-09-29 07:11:22 . 2009-09-29 07:11:22 12160 ----a-w- C:\WINDOWS\system32\drivers\lgbtport.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 12928 ----a-w- C:\WINDOWS\system32\drivers\lgvmodem.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 10496 ----a-w- C:\WINDOWS\system32\drivers\lgbtbus.sys
.
ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:09:35.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1491 [GMT 1:00]
Lancé depuis: C:\Benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\Agent.OMZ.Fix.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\senekaulhtpjyr.dat
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
original MBR restored successfully !
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:40:40 . 2009-02-05 20:06:10 23152 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-06-28 07:40:39 . 2009-02-05 20:06:20 51376 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-06-28 07:40:39 . 2009-02-05 20:05:11 26944 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-06-28 07:40:38 . 2009-02-05 20:04:45 97480 ----a-w- C:\WINDOWS\system32\AvastSS.scr
2010-06-28 07:40:37 . 2009-02-05 20:08:19 93296 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-06-28 07:40:37 . 2009-02-05 20:08:10 94032 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:23 114768 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-06-28 07:40:37 . 2009-02-05 20:07:12 20560 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-06-28 07:40:25 . 2009-02-05 20:11:35 1256296 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2009-12-19 11:34:31 . 2009-12-19 11:34:42 -------- d-----w- C:\rsit
2009-12-19 11:29:58 . 2009-12-19 11:30:00 -------- d-----w- C:\Program Files\CCleaner
2009-12-18 19:26:05 . 2009-12-18 20:11:21 -------- d-----w- C:\WINDOWS\BDOSCAN8
2009-12-18 18:57:20 . 2009-12-18 19:16:50 -------- d-----w- C:\UsbFix
2009-12-16 14:17:56 . 2009-12-16 14:17:56 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17:52 . 2009-12-03 15:14:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17:50 . 2009-12-16 14:17:55 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-16 14:17:50 . 2009-12-16 14:17:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17:50 . 2009-12-03 15:13:56 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2009-12-16 14:11:18 . 2009-12-19 11:34:33 -------- d-----w- C:\Program Files\trend micro
2009-12-16 13:12:43 . 2009-12-18 17:45:51 -------- d-----w- C:\Program Files\ZHPDiag
2009-12-13 19:03:47 . 2009-12-14 19:05:20 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2009-12-13 19:03:47 . 2009-03-30 08:32:47 96104 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys
2009-12-13 19:03:47 . 2009-02-13 10:28:39 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys
2009-12-13 19:03:47 . 2009-02-13 10:17:49 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Program Files\Avira
2009-12-13 19:03:37 . 2009-12-13 19:03:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2009-12-13 18:26:08 . 2009-12-13 19:54:03 -------- d-----w- C:\Documents and Settings\HelpAssistant\Tracing
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\WINDOWS
2009-12-13 18:26:08 . 2009-12-13 18:26:08 -------- d-----w- C:\Documents and Settings\HelpAssistant\UserData
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\PrivacIE
2009-12-13 18:25:54 . 2009-12-13 18:25:54 -------- d-----w- C:\Documents and Settings\HelpAssistant\Phone Browser
2009-12-13 18:10:23 . 2009-12-13 18:10:24 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10:14 . 2009-12-13 18:10:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08:57 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08:57 . 2009-12-07 16:27:12 78344 ----a-w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08:52 . 2009-12-13 18:08:57 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08:51 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08:49 . 2009-12-13 19:03:24 -------- d-sh--w- C:\Documents and Settings\HelpAssistant\IETldCache
2009-12-13 18:08:49 . 2009-12-13 18:08:51 -------- d-----w- C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08:49 . 2009-12-13 18:08:49 -------- d-----w- C:\Documents and Settings\HelpAssistant\IECompatCache
2009-12-13 18:08:39 . 2009-12-13 18:08:46 -------- d-----w- C:\Documents and Settings\HelpAssistant\Contacts
2009-12-13 18:03:15 . 2009-12-13 18:03:15 -------- d-----w- C:\Documents and Settings\HelpAssistant\.thumbnails
2009-12-13 18:03:14 . 2009-12-13 18:03:14 -------- d-----w- C:\Documents and Settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52:44 . 2009-12-02 17:52:44 -------- d-----w- C:\Program Files\MSXML 4.0
2009-12-02 17:51:09 . 2009-10-19 20:49:26 1164728 ----a-w- C:\WINDOWS\system32\NMSDVDXU.dll
2009-12-02 17:51:03 . 2009-12-02 17:51:03 -------- d--h--w- C:\Documents and Settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28:38 . 2008-11-24 22:36:19 -------- d-----w- C:\Documents and Settings\All Users\Application Data\BitDefender
2010-06-28 07:28:30 . 2008-11-24 22:41:12 81984 ----a-w- C:\WINDOWS\system32\bdod.bin
2009-12-20 18:23:51 . 2009-11-24 05:54:34 79488 ----a-w- C:\Documents and Settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-19 13:13:51 . 2009-03-28 21:52:09 49548 ---ha-w- C:\WINDOWS\system32\mlfcache.dat
2009-12-19 13:00:32 . 2009-05-06 16:58:22 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00:32 . 2009-05-06 16:57:11 -------- d-----w- C:\Program Files\SoundSpectrum
2009-12-07 16:27:12 . 2008-09-13 19:35:51 78344 ----a-w- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30:44 . 2008-09-30 17:00:44 -------- d-----w- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00:50 . 2008-09-13 19:39:11 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2009-12-02 17:52:43 . 2002-09-07 00:00:00 72126 ----a-w- C:\WINDOWS\system32\perfc00C.dat
2009-12-02 17:52:43 . 2002-09-07 00:00:00 460986 ----a-w- C:\WINDOWS\system32\perfh00C.dat
2009-12-02 17:52:26 . 2009-09-02 15:40:40 -------- d-----w- C:\Program Files\LG Electronics
2009-12-02 17:52:15 . 2009-12-02 17:52:15 53248 ----a-r- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{D137B59C-551C-4659-8AA8-206FA650BF40}\ARPPRODUCTICON.exe
2009-11-07 15:25:19 . 2009-11-07 15:25:19 -------- d-----w- C:\Program Files\Microsoft
2009-11-07 15:24:43 . 2009-11-07 15:24:43 -------- d-----w- C:\Program Files\Windows Live SkyDrive
2009-11-07 15:24:16 . 2008-09-26 19:27:53 -------- d-----w- C:\Program Files\Windows Live
2009-11-06 20:40:34 . 2009-11-06 20:40:34 -------- d-----w- C:\Program Files\Fichiers communs\Windows Live
2009-11-05 19:37:34 . 2009-11-05 19:36:43 -------- d-----w- C:\Program Files\iTunes
2009-11-05 19:36:49 . 2009-11-05 19:36:49 -------- d-----w- C:\Program Files\iPod
2009-11-05 19:36:46 . 2008-10-11 15:09:34 -------- d-----w- C:\Program Files\Fichiers communs\Apple
2009-11-05 19:30:20 . 2009-11-05 19:30:20 79144 ----a-w- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-27 13:44:32 . 2009-12-02 17:51:18 24576 ----a-w- C:\Documents and Settings\Administrateur\Application Data\LG Electronics\LG PC Suite III\UpdateHelper.exe
2009-09-29 07:11:22 . 2009-09-29 07:11:22 12160 ----a-w- C:\WINDOWS\system32\drivers\lgbtport.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 12928 ----a-w- C:\WINDOWS\system32\drivers\lgvmodem.sys
2009-09-29 07:11:20 . 2009-09-29 07:11:20 10496 ----a-w- C:\WINDOWS\system32\drivers\lgbtbus.sys
.
Désolé pas assez attendu :P
voila :
ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:34:45.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1468 [GMT 1:00]
Lancé depuis: c:\benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\documents and settings\Administrateur\Local Settings\Temp\IadHide4.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\senekaulhtpjyr.dat
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:40 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 07:40 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 07:40 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-28 07:40 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-06-28 07:40 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 07:40 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 07:40 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 07:40 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 07:40 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-19 11:34 . 2009-12-19 11:34 -------- d-----w- C:\rsit
2009-12-19 11:29 . 2009-12-19 11:30 -------- d-----w- c:\program files\CCleaner
2009-12-18 19:26 . 2009-12-18 20:11 -------- d-----w- c:\windows\BDOSCAN8
2009-12-18 18:57 . 2009-12-18 19:16 -------- d-----w- C:\UsbFix
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 14:11 . 2009-12-19 11:34 -------- d-----w- c:\program files\trend micro
2009-12-16 13:12 . 2009-12-18 17:45 -------- d-----w- c:\program files\ZHPDiag
2009-12-13 19:03 . 2009-12-14 19:05 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-13 19:03 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-13 19:03 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-13 19:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\program files\Avira
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-13 18:26 . 2009-12-13 19:54 -------- d-----w- c:\documents and settings\HelpAssistant\Tracing
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\WINDOWS
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\UserData
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\PrivacIE
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\Phone Browser
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08 . 2009-12-07 16:27 78344 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08 . 2009-12-13 19:03 -------- d-sh--w- c:\documents and settings\HelpAssistant\IETldCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\IECompatCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Contacts
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.thumbnails
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52 . 2009-12-02 17:52 -------- d-----w- c:\program files\MSXML 4.0
2009-12-02 17:51 . 2009-10-19 20:49 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-12-02 17:51 . 2009-12-02 17:51 -------- d--h--w- c:\documents and settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28 . 2008-11-24 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-06-28 07:28 . 2008-11-24 22:41 81984 ----a-w- c:\windows\system32\bdod.bin
2009-12-19 13:13 . 2009-03-28 21:52 49548 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-19 13:00 . 2009-05-06 16:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00 . 2009-05-06 16:57 -------- d-----w- c:\program files\SoundSpectrum
2009-12-07 16:27 . 2008-09-13 19:35 78344 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30 . 2008-09-30 17:00 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00 . 2008-09-13 19:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-02 17:52 . 2002-09-07 00:00 72126 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-02 17:52 . 2002-09-07 00:00 460986 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-02 17:52 . 2009-09-02 15:40 -------- d-----w- c:\program files\LG Electronics
2009-11-07 15:25 . 2009-11-07 15:25 -------- d-----w- c:\program files\Microsoft
2009-11-07 15:24 . 2009-11-07 15:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-07 15:24 . 2008-09-26 19:27 -------- d-----w- c:\program files\Windows Live
2009-11-06 20:40 . 2009-11-06 20:40 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-11-05 19:37 . 2009-11-05 19:36 -------- d-----w- c:\program files\iTunes
2009-11-05 19:36 . 2009-11-05 19:36 -------- d-----w- c:\program files\iPod
2009-11-05 19:36 . 2008-10-11 15:09 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-09-29 07:11 . 2009-09-29 07:11 12160 ----a-w- c:\windows\system32\drivers\lgbtport.sys
2009-09-29 07:11 . 2009-09-29 07:11 12928 ----a-w- c:\windows\system32\drivers\lgvmodem.sys
2009-09-29 07:11 . 2009-09-29 07:11 10496 ----a-w- c:\windows\system32\drivers\lgbtbus.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-09-14 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-10 397312]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"nwiz"="nwiz.exe" [2008-02-25 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-25 81920]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"3246:TCP"= 3246:TCP:Services
"2479:TCP"= 2479:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"3523:TCP"= 3523:TCP:Services
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [28/06/2010 08:40 114768]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/12/2009 20:03 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/06/2010 08:40 20560]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 08:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 08:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 08:11 12928]
S3 {27C96397-42E6-4BDA-8129A2A80783F004};{27C96397-42E6-4BDA-8129A2A80783F004};\??\c:\windows\TEMP\1E.tmp --> c:\windows\TEMP\1E.tmp [?]
S3 {32A49D5C-1796-46E6-BBC8159EB1E74D1A};{32A49D5C-1796-46E6-BBC8159EB1E74D1A};c:\windows\System32\svchost.exe -k netsvcs [03/08/2004 23:55 14336]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [28/10/2008 15:36 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [28/10/2008 15:36 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [28/10/2008 15:36 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [28/10/2008 15:36 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [28/10/2008 15:36 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [28/10/2008 15:36 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [28/10/2008 15:36 117672]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [15/08/2009 17:24 58536]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
AddRemove-db - c:\program files\Sports Interactive\Football Manager 2009\data\db\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-20 19:40
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{27C96397-42E6-4BDA-8129A2A80783F004}]
"ImagePath"="\??\c:\windows\TEMP\1E.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{32A49D5C-1796-46E6-BBC8159EB1E74D1A}]
"ServiceDll"="c:\docume~1\ADMINI~1\LOCALS~1\Temp\1A.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (Administrator)
@Allowed: (Read) (Administrator)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1408)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-12-20 19:47:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-20 18:47
Avant-CF: 5 481 623 552 octets libres
Après-CF: 5 440 315 392 octets libres
- - End Of File - - A2EDA2B7E741F8A97B9DE92D54D7F2E6
voila :
ComboFix 09-12-19.03 - Administrateur 20/12/2009 19:34:45.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1983.1468 [GMT 1:00]
Lancé depuis: c:\benjamin\antivirus\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1335 [VPS 091220-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\documents and settings\Administrateur\Local Settings\Temp\IadHide4.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\senekaulhtpjyr.dat
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-20 au 2009-12-20 ))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:40 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 07:40 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 07:40 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-28 07:40 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-06-28 07:40 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 07:40 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 07:40 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 07:40 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 07:40 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-19 11:34 . 2009-12-19 11:34 -------- d-----w- C:\rsit
2009-12-19 11:29 . 2009-12-19 11:30 -------- d-----w- c:\program files\CCleaner
2009-12-18 19:26 . 2009-12-18 20:11 -------- d-----w- c:\windows\BDOSCAN8
2009-12-18 18:57 . 2009-12-18 19:16 -------- d-----w- C:\UsbFix
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-16 14:17 . 2009-12-16 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-16 14:17 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 14:11 . 2009-12-19 11:34 -------- d-----w- c:\program files\trend micro
2009-12-16 13:12 . 2009-12-18 17:45 -------- d-----w- c:\program files\ZHPDiag
2009-12-13 19:03 . 2009-12-14 19:05 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-13 19:03 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-13 19:03 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-13 19:03 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\program files\Avira
2009-12-13 19:03 . 2009-12-13 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-13 18:26 . 2009-12-13 19:54 -------- d-----w- c:\documents and settings\HelpAssistant\Tracing
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\WINDOWS
2009-12-13 18:26 . 2009-12-13 18:26 -------- d-----w- c:\documents and settings\HelpAssistant\UserData
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\PrivacIE
2009-12-13 18:25 . 2009-12-13 18:25 -------- d-----w- c:\documents and settings\HelpAssistant\Phone Browser
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony Ericsson
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Sony
2009-12-13 18:10 . 2009-12-13 18:10 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\PunkBuster
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Logitech-LS
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Identities
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Google
2009-12-13 18:08 . 2009-12-07 16:27 78344 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple Computer
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Apple
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Ahead
2009-12-13 18:08 . 2009-12-13 19:03 -------- d-sh--w- c:\documents and settings\HelpAssistant\IETldCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Local Settings\Application Data\Adobe
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\InstallAnywhere
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\IECompatCache
2009-12-13 18:08 . 2009-12-13 18:08 -------- d-----w- c:\documents and settings\HelpAssistant\Contacts
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.thumbnails
2009-12-13 18:03 . 2009-12-13 18:03 -------- d-----w- c:\documents and settings\HelpAssistant\.gimp-2.4
2009-12-02 17:52 . 2009-12-02 17:52 -------- d-----w- c:\program files\MSXML 4.0
2009-12-02 17:51 . 2009-10-19 20:49 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-12-02 17:51 . 2009-12-02 17:51 -------- d--h--w- c:\documents and settings\Administrateur\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 07:28 . 2008-11-24 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-06-28 07:28 . 2008-11-24 22:41 81984 ----a-w- c:\windows\system32\bdod.bin
2009-12-19 13:13 . 2009-03-28 21:52 49548 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-19 13:00 . 2009-05-06 16:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\SoundSpectrum
2009-12-19 13:00 . 2009-05-06 16:57 -------- d-----w- c:\program files\SoundSpectrum
2009-12-07 16:27 . 2008-09-13 19:35 78344 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-05 14:30 . 2008-09-30 17:00 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
2009-12-03 09:00 . 2008-09-13 19:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-02 17:52 . 2002-09-07 00:00 72126 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-02 17:52 . 2002-09-07 00:00 460986 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-02 17:52 . 2009-09-02 15:40 -------- d-----w- c:\program files\LG Electronics
2009-11-07 15:25 . 2009-11-07 15:25 -------- d-----w- c:\program files\Microsoft
2009-11-07 15:24 . 2009-11-07 15:24 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-07 15:24 . 2008-09-26 19:27 -------- d-----w- c:\program files\Windows Live
2009-11-06 20:40 . 2009-11-06 20:40 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-11-05 19:37 . 2009-11-05 19:36 -------- d-----w- c:\program files\iTunes
2009-11-05 19:36 . 2009-11-05 19:36 -------- d-----w- c:\program files\iPod
2009-11-05 19:36 . 2008-10-11 15:09 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-09-29 07:11 . 2009-09-29 07:11 12160 ----a-w- c:\windows\system32\drivers\lgbtport.sys
2009-09-29 07:11 . 2009-09-29 07:11 12928 ----a-w- c:\windows\system32\drivers\lgvmodem.sys
2009-09-29 07:11 . 2009-09-29 07:11 10496 ----a-w- c:\windows\system32\drivers\lgbtbus.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-09-14 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-10 397312]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"nwiz"="nwiz.exe" [2008-02-25 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-25 81920]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"3246:TCP"= 3246:TCP:Services
"2479:TCP"= 2479:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"3523:TCP"= 3523:TCP:Services
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [28/06/2010 08:40 114768]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/12/2009 20:03 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/06/2010 08:40 20560]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29/09/2009 08:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29/09/2009 08:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29/09/2009 08:11 12928]
S3 {27C96397-42E6-4BDA-8129A2A80783F004};{27C96397-42E6-4BDA-8129A2A80783F004};\??\c:\windows\TEMP\1E.tmp --> c:\windows\TEMP\1E.tmp [?]
S3 {32A49D5C-1796-46E6-BBC8159EB1E74D1A};{32A49D5C-1796-46E6-BBC8159EB1E74D1A};c:\windows\System32\svchost.exe -k netsvcs [03/08/2004 23:55 14336]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [28/10/2008 15:36 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [28/10/2008 15:36 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [28/10/2008 15:36 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [28/10/2008 15:36 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [28/10/2008 15:36 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [28/10/2008 15:36 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [28/10/2008 15:36 117672]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [15/08/2009 17:24 58536]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-PCSuiteTrayApplication - c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
AddRemove-db - c:\program files\Sports Interactive\Football Manager 2009\data\db\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-20 19:40
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{27C96397-42E6-4BDA-8129A2A80783F004}]
"ImagePath"="\??\c:\windows\TEMP\1E.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{32A49D5C-1796-46E6-BBC8159EB1E74D1A}]
"ServiceDll"="c:\docume~1\ADMINI~1\LOCALS~1\Temp\1A.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f3,4b,a4,d5,c3,3b,e7,41,a7,06,b8,\
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1547161642-1202660629-839522115-500\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (Administrator)
@Allowed: (Read) (Administrator)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1408)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide4.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-12-20 19:47:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-20 18:47
Avant-CF: 5 481 623 552 octets libres
Après-CF: 5 440 315 392 octets libres
- - End Of File - - A2EDA2B7E741F8A97B9DE92D54D7F2E6
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question