Rundll33.exe :(
got2be
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous!
Depuis quelques temps, je trouve que mon ordinateur rame un peu, en voulant supprimer un processus, je me suis aperçut qu'il y avait pas moins de 20 "rundll32.exe" de lancé, prenant tous environ 3K de mémoire.
Comment faire pour les suppriemr et qu'il ne reviennent pas?
BitDefender ne me trouve aucun virus...
Mereci de votre aide :D
Depuis quelques temps, je trouve que mon ordinateur rame un peu, en voulant supprimer un processus, je me suis aperçut qu'il y avait pas moins de 20 "rundll32.exe" de lancé, prenant tous environ 3K de mémoire.
Comment faire pour les suppriemr et qu'il ne reviennent pas?
BitDefender ne me trouve aucun virus...
Mereci de votre aide :D
A voir également:
- Rundll33.exe :(
- .Exe - Télécharger - Divers Utilitaires
- Winrar exe - Télécharger - Compression & Décompression
- Svchost exe - Guide
- Bat to exe - Télécharger - Édition & Programmation
- Picture to exe - Télécharger - Visionnage & Diaporama
25 réponses
voici le rapport combofix, j'ai suivi t'es conseils j'ai confiance :D
ComboFix 10-07-11.05 - Méjane 12/07/2010 16:42:37.1.4 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.2403 [GMT 2:00]
Lancé depuis: c:\users\MJANE~1\AppData\Local\Temp\pk0p7szl.tmp\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Pare-feu *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender Antispyware *enabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cheat Engine\dbk32.sys
c:\programdata\mazuki.dll
c:\users\Méjane\AppData\Local\ckoag.dat
c:\users\Méjane\AppData\Local\ckoag_nav.dat
c:\users\Méjane\AppData\Local\ckoag_navps.dat
c:\users\Méjane\Documents\SYS
c:\users\Méjane\Documents\SYS\svhost.exe
c:\windows\config.ini
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-12 au 2010-07-12 ))))))))))))))))))))))))))))))))))))
.
2010-07-12 14:51 . 2010-07-12 14:51 -------- d-----w- c:\users\HomeGedDB\AppData\Local\temp
2010-07-12 14:51 . 2010-07-12 14:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-11 20:47 . 2010-07-11 20:47 137840 ---ha-w- c:\windows\system32\mlfcache.dat
2010-07-11 18:05 . 2010-07-11 18:05 34012 ----a-w- C:\UsbFix_Upload_Me_PC-DE-MÉJANE.zip
2010-07-11 17:15 . 2010-07-11 18:05 -------- d-----w- C:\UsbFix
2010-07-11 16:48 . 2010-07-11 16:48 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-11 16:48 . 2010-07-11 16:48 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-07-11 16:47 . 2010-07-11 16:47 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-08 18:03 . 2010-07-08 18:03 -------- d-----w- c:\programdata\FLEXnet
2010-07-08 17:12 . 2010-07-08 17:12 -------- d-----w- C:\Mes Sites Web
2010-07-08 17:10 . 2010-07-08 17:11 -------- d-----w- c:\program files\WinHTTrack
2010-07-06 14:30 . 2010-07-06 14:30 -------- d-----w- c:\program files\City Interactive
2010-07-02 17:33 . 2010-07-02 17:33 -------- d-----w- C:\Games
2010-07-02 10:54 . 2010-07-02 10:54 -------- d-----w- c:\program files\LibUsbDotNet
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\iPod
2010-06-26 09:45 . 2010-06-26 09:45 -------- d-----w- c:\program files\Bonjour
2010-06-26 09:45 . 2010-06-26 09:45 72504 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-26 09:44 . 2010-06-26 09:44 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-24 01:00 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 01:00 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 01:00 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 01:00 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 01:00 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 22:24 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 22:24 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-17 20:18 . 2010-06-17 20:18 -------- d-----w- c:\program files\UnH Solutions
2010-06-17 20:14 . 2010-06-17 20:14 -------- d-----w- c:\program files\The Game Creators
2010-06-15 16:42 . 2009-11-07 23:41 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-06-15 16:42 . 2009-11-07 23:41 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-06-15 16:42 . 2006-09-28 12:32 9472 ----a-w- c:\windows\system32\drivers\pnetmdm.sys
2010-06-15 16:42 . 2010-06-15 16:42 -------- d-----w- c:\program files\PdaNet for Android
2010-06-14 20:24 . 2010-06-14 20:24 -------- d-----w- c:\program files\Wide Angle Software
2010-06-14 17:32 . 2010-06-14 17:32 -------- d-----w- c:\programdata\Driver Whiz
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-12 14:51 . 2009-10-19 19:47 -------- d-----w- c:\program files\Cheat Engine
2010-07-12 14:43 . 2006-11-02 15:48 688166 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-12 14:43 . 2006-11-02 15:48 130868 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-12 14:36 . 2010-03-02 16:28 -------- d-----w- c:\program files\Common Files\Akamai
2010-07-12 14:34 . 2008-05-12 11:16 2140 ----a-w- c:\windows\bthservsdp.dat
2010-07-11 20:02 . 2009-01-13 19:20 -------- d-----w- c:\programdata\Google Updater
2010-07-11 16:48 . 2010-04-20 17:18 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-11 16:48 . 2010-04-20 17:16 -------- d-----w- c:\programdata\DivX
2010-07-11 16:48 . 2008-11-08 11:29 -------- d-----w- c:\program files\DivX
2010-07-11 16:47 . 2010-04-20 17:17 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-07-11 16:47 . 2010-04-20 17:17 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-07 00:40 . 2009-01-30 17:44 138584 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-07-07 00:40 . 2008-10-29 11:05 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-07-06 10:02 . 2010-05-15 18:41 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-02 17:50 . 2008-05-12 11:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-02 17:34 . 2010-05-07 16:05 -------- d-----w- c:\program files\NCSoft
2010-07-02 17:34 . 2010-03-17 20:23 -------- d-----w- c:\program files\OpenAL
2010-06-26 15:22 . 2008-05-12 11:24 -------- d-----w- c:\program files\Java
2010-06-26 09:50 . 2008-11-06 18:13 -------- d-----w- c:\program files\iTunes
2010-06-26 09:49 . 2008-11-06 18:10 -------- d-----w- c:\program files\Common Files\Apple
2010-06-26 09:44 . 2009-11-07 12:55 -------- d-----w- c:\program files\Safari
2010-06-25 01:01 . 2008-11-03 14:18 -------- d-----w- c:\program files\Microsoft.NET
2010-06-21 16:58 . 2010-01-05 17:43 -------- d-----w- c:\program files\Common Files\Java
2010-06-18 16:43 . 2008-10-29 11:15 -------- d-----w- c:\program files\Steam
2010-06-15 16:44 . 2010-06-15 16:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-06-14 17:39 . 2008-11-09 19:52 -------- d-----w- c:\program files\PackageFactory
2010-06-14 17:36 . 2010-03-02 22:22 -------- d-----w- c:\programdata\ma-config.com
2010-06-14 17:36 . 2010-03-02 22:22 -------- d-----w- c:\program files\ma-config.com
2010-06-13 17:26 . 2008-10-29 11:16 -------- d-----w- c:\program files\Common Files\Steam
2010-06-12 01:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-12 01:07 . 2008-11-03 14:16 -------- d-----w- c:\programdata\Microsoft Help
2010-06-09 15:58 . 2010-06-09 15:58 -------- d-----w- c:\program files\Neffy
2010-06-09 08:06 . 2010-06-09 08:06 976832 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AcrobatUpdater.exe
2010-06-05 15:20 . 2008-12-16 20:13 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-04 22:31 . 2009-08-06 15:34 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-06-04 17:38 . 2009-10-23 20:34 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-04 17:38 . 2010-06-04 17:38 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-05-27 15:50 . 2010-05-27 15:50 -------- d-----w- c:\program files\Dofus 2
2010-05-26 17:06 . 2010-06-11 11:39 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 11:39 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-24 17:15 . 2010-05-24 17:15 -------- d-----w- c:\program files\PAK Explorer
2010-05-21 17:40 . 2010-05-21 17:40 -------- d-----w- c:\program files\Mumble
2010-05-21 12:14 . 2010-06-05 00:26 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 21:22 . 2010-05-20 21:22 -------- d-----w- c:\program files\RADVideo
2010-05-20 21:09 . 2010-05-20 21:09 -------- d-----w- c:\program files\Speed Gear
2010-05-18 19:16 . 2009-08-28 20:09 -------- d-----w- c:\program files\VirtualDJ
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-06 17:54 . 2010-05-06 17:54 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-06 17:54 . 2010-05-06 17:54 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-04 19:15 . 2010-06-11 11:39 834048 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 18:37 . 2010-06-11 11:38 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-01 14:13 . 2010-06-11 11:38 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll
2010-04-23 14:13 . 2010-05-25 19:23 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-22 16:28 . 2009-05-02 22:03 22016 ----a-w- c:\windows\system32\drivers\libusb0.sys
2010-04-22 16:28 . 2009-05-02 22:03 37376 ----a-w- c:\windows\system32\libusb0.dll
2010-04-20 17:17 . 2010-04-20 17:17 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-20 17:17 . 2010-04-20 17:17 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-19 18:47 . 2010-04-19 18:47 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-16 16:43 . 2010-06-23 22:24 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-23 22:24 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-23 22:24 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-23 22:24 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-03-02 17:15 . 2010-03-02 17:05 656110629 ----a-w- c:\program files\GrandFantasia_FR_CB_Install_20100223.exe
2010-02-05 06:15 . 2010-02-05 06:15 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 10:06 . 2009-04-06 17:26 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 . 2009-10-23 23:10 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 13:30 . 2009-10-23 23:10 216064 --sh--r- c:\windows\System32\nbDX.dll
2008-05-12 19:04 . 2008-05-12 18:53 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 12:54 1555480 ----a-w- c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-12 68856]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3399727]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"DeskSpace"="c:\users\Méjane\AppData\Roaming\DeskSpace\deskspace.exe" [2007-10-18 1135104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 9728]
"PMX Daemon"="ICO.EXE" [2006-11-08 49152]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-05 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-04-01 1123360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-11-20 71152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 405504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_14\bin\jusched.exe" [2009-12-30 148888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
c:\users\M'jane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DesktopEarth AutoStart.lnk - c:\users\M'jane\AppData\Roaming\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe [2010-3-7 29926]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [2010-6-15 447952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568]
La Solution Ciel.lnk - c:\users\M'jane\FABIENNE\Starter.exe [2010-1-24 524288]
LedWallpaper.lnk - c:\program files\LED\LedWallpaper\LedWallpaper.exe [2008-11-14 372736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Méjane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Accueil Internet.lnk]
path=c:\users\Méjane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Accueil Internet.lnk
backup=c:\windows\pss\Accueil Internet.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-09-04 18:25 4608 ------w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 23:14 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):d4,97,3d,5a,79,ba,ca,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
R2 HomeGedServer;HomeGed Server;c:\program files\HomeGedEnterprise\wrapper.exe [x]
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [x]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-20 183880]
R3 dump_wmimmc;dump_wmimmc;c:\program files\Softnyx\WolfTeam\GameGuard\dump_wmimmc.sys [x]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-05 30192]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-06-10 253808]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-11-12 3403420]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-09 691696]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-06-04 72784]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-06-04 85128]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-11 153448]
S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [2007-08-29 96384]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2010-04-22 22016]
S3 ovt530;Hercules Deluxe Webcam;c:\windows\system32\Drivers\ov530vid.sys [2007-02-02 167464]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
2010-07-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-12 16:17]
2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 05:30]
2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 05:30]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = google.fr
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Recherche avec cherche.us
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
Trusted Zone: chat-land.org
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game12.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Méjane\AppData\Roaming\Mozilla\Firefox\Profiles\xytxrmk8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.startup.homepage - google.fr
FF - prefs.js: keyword.URL - hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-360desktop - (no file)
HKCU-Run-PlayNC Launcher - (no file)
HKCU-Run-{9B71D88C-C598-4935-C5D1-43AA4DB90836} - c:\users\Méjane\AppData\Roaming\Hs_5461.exe
HKLM-Run-EoEngine - (no file)
Notify-GoToAssist - c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
MSConfigStartUp-ckoag - c:\users\méjane\appdata\local\ckoag.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Luder3D - c:\program files\ThriXXX\uninst3dl.exe
AddRemove-Mozilla Firefox (2.0.0.20) - l:\system\Apps\3C9F7B3F-D55C-42cd-8537-B878518B73AF\Exec\firefox\uninstall\helper.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-12 16:52
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2937451982-3772484150-249134558-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{71173C26-DEEF-172B-BB2D-4D38F12A0340}*]
"oanogmjnhapngjbnlhfmonccmdcpkd"=hex:69,61,70,68,68,6c,6d,6a,62,62,62,61,61,6a,
70,69,64,65,00,00
"padbamabbgpkcfncbbnfkagdpbeojkfm"=hex:6a,61,61,69,62,6c,64,64,6d,6c,6c,6b,63,
68,62,63,62,63,6d,6b,00,06
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-07-12 16:55:00
ComboFix-quarantined-files.txt 2010-07-12 14:54
Avant-CF: 80 770 387 968 octets libres
Après-CF: 83 671 990 272 octets libres
- - End Of File - - 1B0FE89ED3DBA030646C46D6AED330DC
ComboFix 10-07-11.05 - Méjane 12/07/2010 16:42:37.1.4 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.2403 [GMT 2:00]
Lancé depuis: c:\users\MJANE~1\AppData\Local\Temp\pk0p7szl.tmp\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Pare-feu *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender Antispyware *enabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cheat Engine\dbk32.sys
c:\programdata\mazuki.dll
c:\users\Méjane\AppData\Local\ckoag.dat
c:\users\Méjane\AppData\Local\ckoag_nav.dat
c:\users\Méjane\AppData\Local\ckoag_navps.dat
c:\users\Méjane\Documents\SYS
c:\users\Méjane\Documents\SYS\svhost.exe
c:\windows\config.ini
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-12 au 2010-07-12 ))))))))))))))))))))))))))))))))))))
.
2010-07-12 14:51 . 2010-07-12 14:51 -------- d-----w- c:\users\HomeGedDB\AppData\Local\temp
2010-07-12 14:51 . 2010-07-12 14:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-11 20:47 . 2010-07-11 20:47 137840 ---ha-w- c:\windows\system32\mlfcache.dat
2010-07-11 18:05 . 2010-07-11 18:05 34012 ----a-w- C:\UsbFix_Upload_Me_PC-DE-MÉJANE.zip
2010-07-11 17:15 . 2010-07-11 18:05 -------- d-----w- C:\UsbFix
2010-07-11 16:48 . 2010-07-11 16:48 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-11 16:48 . 2010-07-11 16:48 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-07-11 16:47 . 2010-07-11 16:47 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-08 18:03 . 2010-07-08 18:03 -------- d-----w- c:\programdata\FLEXnet
2010-07-08 17:12 . 2010-07-08 17:12 -------- d-----w- C:\Mes Sites Web
2010-07-08 17:10 . 2010-07-08 17:11 -------- d-----w- c:\program files\WinHTTrack
2010-07-06 14:30 . 2010-07-06 14:30 -------- d-----w- c:\program files\City Interactive
2010-07-02 17:33 . 2010-07-02 17:33 -------- d-----w- C:\Games
2010-07-02 10:54 . 2010-07-02 10:54 -------- d-----w- c:\program files\LibUsbDotNet
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\iPod
2010-06-26 09:45 . 2010-06-26 09:45 -------- d-----w- c:\program files\Bonjour
2010-06-26 09:45 . 2010-06-26 09:45 72504 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-26 09:44 . 2010-06-26 09:44 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-24 01:00 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 01:00 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 01:00 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 01:00 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 01:00 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 22:24 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 22:24 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-17 20:18 . 2010-06-17 20:18 -------- d-----w- c:\program files\UnH Solutions
2010-06-17 20:14 . 2010-06-17 20:14 -------- d-----w- c:\program files\The Game Creators
2010-06-15 16:42 . 2009-11-07 23:41 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-06-15 16:42 . 2009-11-07 23:41 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-06-15 16:42 . 2006-09-28 12:32 9472 ----a-w- c:\windows\system32\drivers\pnetmdm.sys
2010-06-15 16:42 . 2010-06-15 16:42 -------- d-----w- c:\program files\PdaNet for Android
2010-06-14 20:24 . 2010-06-14 20:24 -------- d-----w- c:\program files\Wide Angle Software
2010-06-14 17:32 . 2010-06-14 17:32 -------- d-----w- c:\programdata\Driver Whiz
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-12 14:51 . 2009-10-19 19:47 -------- d-----w- c:\program files\Cheat Engine
2010-07-12 14:43 . 2006-11-02 15:48 688166 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-12 14:43 . 2006-11-02 15:48 130868 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-12 14:36 . 2010-03-02 16:28 -------- d-----w- c:\program files\Common Files\Akamai
2010-07-12 14:34 . 2008-05-12 11:16 2140 ----a-w- c:\windows\bthservsdp.dat
2010-07-11 20:02 . 2009-01-13 19:20 -------- d-----w- c:\programdata\Google Updater
2010-07-11 16:48 . 2010-04-20 17:18 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-11 16:48 . 2010-04-20 17:16 -------- d-----w- c:\programdata\DivX
2010-07-11 16:48 . 2008-11-08 11:29 -------- d-----w- c:\program files\DivX
2010-07-11 16:47 . 2010-04-20 17:17 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-07-11 16:47 . 2010-04-20 17:17 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-07 00:40 . 2009-01-30 17:44 138584 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-07-07 00:40 . 2008-10-29 11:05 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-07-06 10:02 . 2010-05-15 18:41 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-02 17:50 . 2008-05-12 11:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-02 17:34 . 2010-05-07 16:05 -------- d-----w- c:\program files\NCSoft
2010-07-02 17:34 . 2010-03-17 20:23 -------- d-----w- c:\program files\OpenAL
2010-06-26 15:22 . 2008-05-12 11:24 -------- d-----w- c:\program files\Java
2010-06-26 09:50 . 2008-11-06 18:13 -------- d-----w- c:\program files\iTunes
2010-06-26 09:49 . 2008-11-06 18:10 -------- d-----w- c:\program files\Common Files\Apple
2010-06-26 09:44 . 2009-11-07 12:55 -------- d-----w- c:\program files\Safari
2010-06-25 01:01 . 2008-11-03 14:18 -------- d-----w- c:\program files\Microsoft.NET
2010-06-21 16:58 . 2010-01-05 17:43 -------- d-----w- c:\program files\Common Files\Java
2010-06-18 16:43 . 2008-10-29 11:15 -------- d-----w- c:\program files\Steam
2010-06-15 16:44 . 2010-06-15 16:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-06-14 17:39 . 2008-11-09 19:52 -------- d-----w- c:\program files\PackageFactory
2010-06-14 17:36 . 2010-03-02 22:22 -------- d-----w- c:\programdata\ma-config.com
2010-06-14 17:36 . 2010-03-02 22:22 -------- d-----w- c:\program files\ma-config.com
2010-06-13 17:26 . 2008-10-29 11:16 -------- d-----w- c:\program files\Common Files\Steam
2010-06-12 01:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-12 01:07 . 2008-11-03 14:16 -------- d-----w- c:\programdata\Microsoft Help
2010-06-09 15:58 . 2010-06-09 15:58 -------- d-----w- c:\program files\Neffy
2010-06-09 08:06 . 2010-06-09 08:06 976832 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\5218\AcrobatUpdater.exe
2010-06-05 15:20 . 2008-12-16 20:13 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-04 22:31 . 2009-08-06 15:34 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-06-04 17:38 . 2009-10-23 20:34 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-04 17:38 . 2010-06-04 17:38 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-04 17:38 . 2010-06-04 17:38 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-05-27 15:50 . 2010-05-27 15:50 -------- d-----w- c:\program files\Dofus 2
2010-05-26 17:06 . 2010-06-11 11:39 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 11:39 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-24 17:15 . 2010-05-24 17:15 -------- d-----w- c:\program files\PAK Explorer
2010-05-21 17:40 . 2010-05-21 17:40 -------- d-----w- c:\program files\Mumble
2010-05-21 12:14 . 2010-06-05 00:26 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 21:22 . 2010-05-20 21:22 -------- d-----w- c:\program files\RADVideo
2010-05-20 21:09 . 2010-05-20 21:09 -------- d-----w- c:\program files\Speed Gear
2010-05-18 19:16 . 2009-08-28 20:09 -------- d-----w- c:\program files\VirtualDJ
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-06 17:54 . 2010-05-06 17:54 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-06 17:54 . 2010-05-06 17:54 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-04 19:15 . 2010-06-11 11:39 834048 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 18:37 . 2010-06-11 11:38 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-01 14:13 . 2010-06-11 11:38 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll
2010-04-23 14:13 . 2010-05-25 19:23 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-22 16:28 . 2009-05-02 22:03 22016 ----a-w- c:\windows\system32\drivers\libusb0.sys
2010-04-22 16:28 . 2009-05-02 22:03 37376 ----a-w- c:\windows\system32\libusb0.dll
2010-04-20 17:17 . 2010-04-20 17:17 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-20 17:17 . 2010-04-20 17:17 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-19 18:47 . 2010-04-19 18:47 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-16 16:43 . 2010-06-23 22:24 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-23 22:24 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-23 22:24 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-23 22:24 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-03-02 17:15 . 2010-03-02 17:05 656110629 ----a-w- c:\program files\GrandFantasia_FR_CB_Install_20100223.exe
2010-02-05 06:15 . 2010-02-05 06:15 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 10:06 . 2009-04-06 17:26 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 . 2009-10-23 23:10 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 13:30 . 2009-10-23 23:10 216064 --sh--r- c:\windows\System32\nbDX.dll
2008-05-12 19:04 . 2008-05-12 18:53 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 12:54 1555480 ----a-w- c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-12 68856]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3399727]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"DeskSpace"="c:\users\Méjane\AppData\Roaming\DeskSpace\deskspace.exe" [2007-10-18 1135104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 9728]
"PMX Daemon"="ICO.EXE" [2006-11-08 49152]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-05 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-04-01 1123360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-11-20 71152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 405504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_14\bin\jusched.exe" [2009-12-30 148888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
c:\users\M'jane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DesktopEarth AutoStart.lnk - c:\users\M'jane\AppData\Roaming\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe [2010-3-7 29926]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [2010-6-15 447952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568]
La Solution Ciel.lnk - c:\users\M'jane\FABIENNE\Starter.exe [2010-1-24 524288]
LedWallpaper.lnk - c:\program files\LED\LedWallpaper\LedWallpaper.exe [2008-11-14 372736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Méjane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Accueil Internet.lnk]
path=c:\users\Méjane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Accueil Internet.lnk
backup=c:\windows\pss\Accueil Internet.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-09-04 18:25 4608 ------w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 23:14 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):d4,97,3d,5a,79,ba,ca,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
R2 HomeGedServer;HomeGed Server;c:\program files\HomeGedEnterprise\wrapper.exe [x]
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [x]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-20 183880]
R3 dump_wmimmc;dump_wmimmc;c:\program files\Softnyx\WolfTeam\GameGuard\dump_wmimmc.sys [x]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-05 30192]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-06-10 253808]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-11-12 3403420]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-09 691696]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-06-04 72784]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-06-04 85128]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-11 153448]
S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [2007-08-29 96384]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2010-04-22 22016]
S3 ovt530;Hercules Deluxe Webcam;c:\windows\system32\Drivers\ov530vid.sys [2007-02-02 167464]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
2010-07-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-12 16:17]
2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 05:30]
2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 05:30]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = google.fr
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Recherche avec cherche.us
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
Trusted Zone: chat-land.org
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game12.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Méjane\AppData\Roaming\Mozilla\Firefox\Profiles\xytxrmk8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.startup.homepage - google.fr
FF - prefs.js: keyword.URL - hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-360desktop - (no file)
HKCU-Run-PlayNC Launcher - (no file)
HKCU-Run-{9B71D88C-C598-4935-C5D1-43AA4DB90836} - c:\users\Méjane\AppData\Roaming\Hs_5461.exe
HKLM-Run-EoEngine - (no file)
Notify-GoToAssist - c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
MSConfigStartUp-ckoag - c:\users\méjane\appdata\local\ckoag.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Luder3D - c:\program files\ThriXXX\uninst3dl.exe
AddRemove-Mozilla Firefox (2.0.0.20) - l:\system\Apps\3C9F7B3F-D55C-42cd-8537-B878518B73AF\Exec\firefox\uninstall\helper.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-12 16:52
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2937451982-3772484150-249134558-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{71173C26-DEEF-172B-BB2D-4D38F12A0340}*]
"oanogmjnhapngjbnlhfmonccmdcpkd"=hex:69,61,70,68,68,6c,6d,6a,62,62,62,61,61,6a,
70,69,64,65,00,00
"padbamabbgpkcfncbbnfkagdpbeojkfm"=hex:6a,61,61,69,62,6c,64,64,6d,6c,6c,6b,63,
68,62,63,62,63,6d,6b,00,06
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2010-07-12 16:55:00
ComboFix-quarantined-files.txt 2010-07-12 14:54
Avant-CF: 80 770 387 968 octets libres
Après-CF: 83 671 990 272 octets libres
- - End Of File - - 1B0FE89ED3DBA030646C46D6AED330DC
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question