Impossible de faire un scan en ligne
oums
Messages postés
25
Statut
Membre
-
oums Messages postés 25 Statut Membre -
oums Messages postés 25 Statut Membre -
Bonjour, depuis quelque temps mon pc est devenu tres lent,je n arrive plus a faire de scan en ligne,et je perd la connection au bout d un moment.j ai fais une analyse avec combofix ,voici le rapport ,si quelqu un peu m aider.
ComboFix 11-12-21.02 - OUMAR 22/12/2011 2:06.1.1 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.1983.1479 [GMT 1:00]
Running from: c:\users\OUMAR\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\OUMAR\AppData\Local\bloson.bmp
c:\users\OUMAR\AppData\Local\Bloson.exe
c:\users\OUMAR\AppData\Local\ConduitInstaller.exe
c:\users\OUMAR\AppData\Local\lateral1.bmp
c:\users\OUMAR\AppData\Local\lateral2.bmp
c:\users\OUMAR\AppData\Local\lateral3.bmp
c:\users\OUMAR\AppData\Local\toolbar3.bmp
c:\users\OUMAR\AppData\Roaming\OfferBox
c:\users\OUMAR\AppData\Roaming\OfferBox\config.dat
c:\users\OUMAR\AppData\Roaming\OfferBox\config.xml
c:\windows\alcrmv.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
.
.
2011-12-22 01:00 . 2011-12-22 01:00 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-21 22:11 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-21 18:30 . 2011-12-21 18:30 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{691B3BB3-5D05-4690-ADF0-D6F933CCAF64}\offreg.dll
2011-12-20 17:36 . 2011-12-20 17:36 -------- d-----w- c:\program files\ESET
2011-12-20 17:16 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{691B3BB3-5D05-4690-ADF0-D6F933CCAF64}\mpengine.dll
2011-12-16 20:22 . 2011-12-16 20:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-12-16 20:22 . 2011-12-21 11:00 1176400 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-15 21:33 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 21:33 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 21:32 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 21:31 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 21:31 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-15 21:31 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-12 23:46 . 2011-12-19 00:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-12-12 23:45 . 2011-12-19 00:52 1197904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-12 22:08 . 2010-01-07 09:20 375808 ----a-r- c:\windows\system32\drivers\rtl8187.sys
2011-12-12 22:08 . 2009-04-02 09:27 188416 ----a-w- c:\windows\system32\RTLExtUI.dll
2011-12-12 22:08 . 2009-03-31 13:31 380928 ----a-w- c:\windows\RtlUI2.exe
2011-12-12 22:08 . 2008-07-01 11:31 614400 ----a-w- c:\windows\system32\Rtlihvs.dll
2011-12-12 22:08 . 2009-02-05 01:49 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2011-12-12 22:07 . 2011-12-12 22:07 -------- d-----w- c:\windows\system32\RtlGina
2011-12-08 15:35 . 2011-12-08 15:36 -------- d-----w- c:\program files\Wireshark
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\program files\Clip Extractor
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\programdata\Auto Updater
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\program files\Auto Updater
2011-12-03 01:09 . 2011-12-03 01:09 -------- d-----w- c:\users\Invitado\AppData\Roaming\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2010-12-21 06:39 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-12-21 06:39 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-03 18:21 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-12-21 06:40 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-12-21 06:40 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-12-21 06:40 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-12-21 06:40 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2010-12-21 06:40 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2010-12-22 18:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-19 16:51 . 2011-10-19 16:52 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-29 16:03 . 2011-11-08 23:21 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2006-10-12 03:09 94208 --sh--w- c:\windows\System32\SalaatTime.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{cd02a92b-ef7b-45af-b3a7-77334be2e731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
2011-01-17 14:54 175912 ----a-w- c:\program files\cadenaser.com\prxtbcad2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{cd02a92b-ef7b-45af-b3a7-77334be2e731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CD02A92B-EF7B-45AF-B3A7-77334BE2E731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-06-16 413072]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-21 39408]
"SalaatTime"="c:\program files\Salaat Time\SalaatTime.exe" [2010-09-14 15376384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-10-08 4441944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^OUMAR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\OUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
2006-07-04 13:16 49152 ----a-w- c:\windows\Domino.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2009-04-14 14:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-12-21 03:54 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMSnap3]
2006-07-18 15:15 49152 ----a-w- c:\windows\vmsnap3.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
R2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 136176]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-08 820568]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2011-03-16 32672]
R2 Realtek87B;Realtek87B;c:\program files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-01-12 23456]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07 204800]
R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2010-01-18 27136]
R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys [2009-02-08 99968]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-05-26 856928]
R3 netr73;Controlador de tarjeta LAN inalámbrica USB RT73 para Vista;c:\windows\system32\DRIVERS\netr73.sys [x]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2011-09-20 30600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-09-20 19792]
R3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [2007-06-23 480128]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-22 1343400]
R3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\Drivers\usbVM303.sys [2007-05-15 1472768]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-10-08 18768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr61.sys [2010-04-07 376160]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 42499174
*Deregistered* - 42499174
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-06 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2011-07-06 18:55]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 03:50]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 03:50]
.
2011-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143808295-203797245-3529467309-1000Core.job
- c:\users\OUMAR\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06 03:50]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143808295-203797245-3529467309-1000UA.job
- c:\users\OUMAR\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06 03:50]
.
2011-12-21 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-12-26 17:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{383CD226-3D52-404F-8F7F-B99B4A239EAD}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{4E593B9C-B147-40AC-94E0-DD5D341B8AD3}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{56D93F9E-B02A-4F45-9CE1-891BD14B9DEA}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{6D2A1D35-7237-4824-B9DD-9158FAB4C65A}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{7D0635C3-8E43-4E68-B5B1-CAA43EA80F12}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{9939483A-5746-435B-BCCC-BC7473DB6CA0}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{A049023A-5DDB-4ED9-9762-8D1F9E2C386F}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{B7ACC348-C2CD-45A6-9910-AC2C37DB8B12}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{D40B902E-BF6B-4A41-B3CC-EF0EBB21C51A}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{F1242401-F093-477D-B0FE-BC4D44720479}: NameServer = 85.62.229.133 85.62.229.134
FF - ProfilePath - c:\users\OUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\65xcldnr.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://es.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Iminent WebBooster: webbooster@iminent.com - c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\Alwil Software\Avast5\WebRep\FF
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
MSConfigStartUp-IObit Security 360 - c:\program files\IObit\IObit Security 360\IS360tray.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,19,a5,60,22,66,e0,17,45,9c,8c,2c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,19,a5,60,22,66,e0,17,45,9c,8c,2c,\
.
[HKEY_USERS\S-1-5-21-143808295-203797245-3529467309-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-143808295-203797245-3529467309-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-22 02:17:43
ComboFix-quarantined-files.txt 2011-12-22 01:17
.
Pre-Run: 37.707.812.864 bytes libres
Post-Run: 37.506.056.192 bytes libres
.
- - End Of File - - 46530BFCF1D28B229B2E9BEDC1888FD4
ComboFix 11-12-21.02 - OUMAR 22/12/2011 2:06.1.1 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.1983.1479 [GMT 1:00]
Running from: c:\users\OUMAR\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\OUMAR\AppData\Local\bloson.bmp
c:\users\OUMAR\AppData\Local\Bloson.exe
c:\users\OUMAR\AppData\Local\ConduitInstaller.exe
c:\users\OUMAR\AppData\Local\lateral1.bmp
c:\users\OUMAR\AppData\Local\lateral2.bmp
c:\users\OUMAR\AppData\Local\lateral3.bmp
c:\users\OUMAR\AppData\Local\toolbar3.bmp
c:\users\OUMAR\AppData\Roaming\OfferBox
c:\users\OUMAR\AppData\Roaming\OfferBox\config.dat
c:\users\OUMAR\AppData\Roaming\OfferBox\config.xml
c:\windows\alcrmv.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
.
.
2011-12-22 01:00 . 2011-12-22 01:00 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-21 22:11 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-21 18:30 . 2011-12-21 18:30 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{691B3BB3-5D05-4690-ADF0-D6F933CCAF64}\offreg.dll
2011-12-20 17:36 . 2011-12-20 17:36 -------- d-----w- c:\program files\ESET
2011-12-20 17:16 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{691B3BB3-5D05-4690-ADF0-D6F933CCAF64}\mpengine.dll
2011-12-16 20:22 . 2011-12-16 20:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-12-16 20:22 . 2011-12-21 11:00 1176400 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-15 21:33 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 21:33 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 21:32 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 21:31 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 21:31 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-15 21:31 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-12 23:46 . 2011-12-19 00:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-12-12 23:45 . 2011-12-19 00:52 1197904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-12 22:08 . 2010-01-07 09:20 375808 ----a-r- c:\windows\system32\drivers\rtl8187.sys
2011-12-12 22:08 . 2009-04-02 09:27 188416 ----a-w- c:\windows\system32\RTLExtUI.dll
2011-12-12 22:08 . 2009-03-31 13:31 380928 ----a-w- c:\windows\RtlUI2.exe
2011-12-12 22:08 . 2008-07-01 11:31 614400 ----a-w- c:\windows\system32\Rtlihvs.dll
2011-12-12 22:08 . 2009-02-05 01:49 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2011-12-12 22:07 . 2011-12-12 22:07 -------- d-----w- c:\windows\system32\RtlGina
2011-12-08 15:35 . 2011-12-08 15:36 -------- d-----w- c:\program files\Wireshark
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\program files\Clip Extractor
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\programdata\Auto Updater
2011-12-04 21:54 . 2011-12-04 21:54 -------- d-----w- c:\program files\Auto Updater
2011-12-03 01:09 . 2011-12-03 01:09 -------- d-----w- c:\users\Invitado\AppData\Roaming\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2010-12-21 06:39 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-12-21 06:39 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-03 18:21 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-12-21 06:40 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-12-21 06:40 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-12-21 06:40 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-12-21 06:40 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2010-12-21 06:40 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2010-12-22 18:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-19 16:51 . 2011-10-19 16:52 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-29 16:03 . 2011-11-08 23:21 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2006-10-12 03:09 94208 --sh--w- c:\windows\System32\SalaatTime.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{cd02a92b-ef7b-45af-b3a7-77334be2e731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
2011-01-17 14:54 175912 ----a-w- c:\program files\cadenaser.com\prxtbcad2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{cd02a92b-ef7b-45af-b3a7-77334be2e731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CD02A92B-EF7B-45AF-B3A7-77334BE2E731}"= "c:\program files\cadenaser.com\prxtbcad2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd02a92b-ef7b-45af-b3a7-77334be2e731}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-06-16 413072]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-21 39408]
"SalaatTime"="c:\program files\Salaat Time\SalaatTime.exe" [2010-09-14 15376384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-10-08 4441944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^OUMAR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\OUMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
2006-07-04 13:16 49152 ----a-w- c:\windows\Domino.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2009-04-14 14:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-12-21 03:54 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMSnap3]
2006-07-18 15:15 49152 ----a-w- c:\windows\vmsnap3.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
R2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 136176]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-08 820568]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2011-03-16 32672]
R2 Realtek87B;Realtek87B;c:\program files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-01-12 23456]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07 204800]
R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2010-01-18 27136]
R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys [2009-02-08 99968]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-05-26 856928]
R3 netr73;Controlador de tarjeta LAN inalámbrica USB RT73 para Vista;c:\windows\system32\DRIVERS\netr73.sys [x]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2011-09-20 30600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-09-20 19792]
R3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [2007-06-23 480128]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-22 1343400]
R3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\Drivers\usbVM303.sys [2007-05-15 1472768]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-10-08 18768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr61.sys [2010-04-07 376160]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 42499174
*Deregistered* - 42499174
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-06 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2011-07-06 18:55]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 03:50]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 03:50]
.
2011-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143808295-203797245-3529467309-1000Core.job
- c:\users\OUMAR\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06 03:50]
.
2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143808295-203797245-3529467309-1000UA.job
- c:\users\OUMAR\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06 03:50]
.
2011-12-21 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-12-26 17:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{383CD226-3D52-404F-8F7F-B99B4A239EAD}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{4E593B9C-B147-40AC-94E0-DD5D341B8AD3}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{56D93F9E-B02A-4F45-9CE1-891BD14B9DEA}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{6D2A1D35-7237-4824-B9DD-9158FAB4C65A}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{7D0635C3-8E43-4E68-B5B1-CAA43EA80F12}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{9939483A-5746-435B-BCCC-BC7473DB6CA0}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{A049023A-5DDB-4ED9-9762-8D1F9E2C386F}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{B7ACC348-C2CD-45A6-9910-AC2C37DB8B12}: NameServer = 85.62.229.133 85.62.229.134
TCP: Interfaces\{D40B902E-BF6B-4A41-B3CC-EF0EBB21C51A}: NameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{F1242401-F093-477D-B0FE-BC4D44720479}: NameServer = 85.62.229.133 85.62.229.134
FF - ProfilePath - c:\users\OUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\65xcldnr.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://es.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Iminent WebBooster: webbooster@iminent.com - c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\Alwil Software\Avast5\WebRep\FF
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
MSConfigStartUp-IObit Security 360 - c:\program files\IObit\IObit Security 360\IS360tray.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,19,a5,60,22,66,e0,17,45,9c,8c,2c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,19,a5,60,22,66,e0,17,45,9c,8c,2c,\
.
[HKEY_USERS\S-1-5-21-143808295-203797245-3529467309-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-143808295-203797245-3529467309-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-22 02:17:43
ComboFix-quarantined-files.txt 2011-12-22 01:17
.
Pre-Run: 37.707.812.864 bytes libres
Post-Run: 37.506.056.192 bytes libres
.
- - End Of File - - 46530BFCF1D28B229B2E9BEDC1888FD4
A voir également:
- Impossible de faire un scan en ligne
- Partage de photos en ligne - Guide
- Formulaire en ligne de meta - Guide
- Scan qr code pc - Guide
- Mètre en ligne - Guide
- Sfc scan - Guide
4 réponses
salut
on va regarder ca ensemble
* Télécharge ZHPDiag (de Nicolas Coolman). https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
? Rends toi sur pjjoint.malekal.com
? Clique sur le bouton Parcourir
? Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
? Clique sur le bouton Envoyer
? Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015
? Copie le lien dans ta prochaine réponse.
on va regarder ca ensemble
* Télécharge ZHPDiag (de Nicolas Coolman). https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
? Rends toi sur pjjoint.malekal.com
? Clique sur le bouton Parcourir
? Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
? Clique sur le bouton Envoyer
? Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015
? Copie le lien dans ta prochaine réponse.
bonjour,je vous envoi le lien pour visualiser le fichier https://pjjoint.malekal.com/files.php?id=ZHPDiag_20111222_b11n10w5y7b14
PRÉLIMINAIRES
Spybot gène la désinfection , il est ,de plus ,complètement désuet et ne fait que consommer de la ram,
Désactiver le TeaTimer de Spybot :
Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.
* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.
=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.
désinfections SPÉCIALES
AD-Remover & AdwCleaner
télecharge
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://www.teamxscript.org/too/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
? Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
? Double clique sur l'icône Ad-remover située sur ton bureau
au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin
( le rapport est sauvegardé aussi sous C:\Ad-report.log ) adreport(clean)
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
passe également AdwCleaner en mode nettoyage
sur vista et/ou sur windows seven
clic droit sur le raccourci du log de desinfection et choisir démarrer en tant qu'administrateur
---------------------------
vérification
Télécharge LOP S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7cp3MN2LszShXfB_3TOjglgrKvwMHQOrviW8DqwkyjCNRK7p5uVHefEl2RxWud2WnOVya_LmBriuw2PRJFaaYmgkYUmTXzeH5lH9Eirrsls4zqmas8PnF9UttqQ7kn33mU8vsqG0gWw5w-uymQl29li1wHXwSEfU0rHq0DJfVH1TeaV8uh-upBxoo2LohAnUog7hnEQIX4x_Fyaj4l42zfAhiQ7MjQ%3D%3D&attredirects=3
lance l'installe et il y a un raccouci de crée aussitot
double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée ,
puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )
( Si le Bureau ne réapparaît pas,a la fin du scan, lance le gestionnaire des tâches en cliquant sur les touches simultanément "Ctrl + Alt + Suppr" , puis dans Onglet Fichier , choisir Nouvelle tâche , taper "explorer.exe" et valider )
(Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\LopR.txt)
Quand les bornes sont franchies, il n'y a plus de limite
Ce que j'ai écrit, je l'ai écrit
Spybot gène la désinfection , il est ,de plus ,complètement désuet et ne fait que consommer de la ram,
Désactiver le TeaTimer de Spybot :
Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.
* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.
=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.
désinfections SPÉCIALES
AD-Remover & AdwCleaner
télecharge
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://www.teamxscript.org/too/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
? Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
? Double clique sur l'icône Ad-remover située sur ton bureau
au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin
( le rapport est sauvegardé aussi sous C:\Ad-report.log ) adreport(clean)
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
passe également AdwCleaner en mode nettoyage
sur vista et/ou sur windows seven
clic droit sur le raccourci du log de desinfection et choisir démarrer en tant qu'administrateur
---------------------------
vérification
Télécharge LOP S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7cp3MN2LszShXfB_3TOjglgrKvwMHQOrviW8DqwkyjCNRK7p5uVHefEl2RxWud2WnOVya_LmBriuw2PRJFaaYmgkYUmTXzeH5lH9Eirrsls4zqmas8PnF9UttqQ7kn33mU8vsqG0gWw5w-uymQl29li1wHXwSEfU0rHq0DJfVH1TeaV8uh-upBxoo2LohAnUog7hnEQIX4x_Fyaj4l42zfAhiQ7MjQ%3D%3D&attredirects=3
lance l'installe et il y a un raccouci de crée aussitot
double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée ,
puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )
( Si le Bureau ne réapparaît pas,a la fin du scan, lance le gestionnaire des tâches en cliquant sur les touches simultanément "Ctrl + Alt + Suppr" , puis dans Onglet Fichier , choisir Nouvelle tâche , taper "explorer.exe" et valider )
(Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\LopR.txt)
Quand les bornes sont franchies, il n'y a plus de limite
Ce que j'ai écrit, je l'ai écrit
IMPORTANT tu a deux antivirus , désinstalle Panda Antivirus
,Un seul antivirus par pc ,"enfin par systeme d'exploitation" , c'est une regle incontournable, quelques soit le systeme
, cela entraine plusieurs types de problemes
1 plantage "ecran bleu",cause du partage du systeme,
2 ralentissement de la machine
3 ralentissement du surf
4 interdiction de suprimer un virus "contradiction des antivirs"
5 probleme des détections heuristic, interprétation
6 pas vraiment + de virus de detecté pour autant
,Un seul antivirus par pc ,"enfin par systeme d'exploitation" , c'est une regle incontournable, quelques soit le systeme
, cela entraine plusieurs types de problemes
1 plantage "ecran bleu",cause du partage du systeme,
2 ralentissement de la machine
3 ralentissement du surf
4 interdiction de suprimer un virus "contradiction des antivirs"
5 probleme des détections heuristic, interprétation
6 pas vraiment + de virus de detecté pour autant
Bonjour,aujourd hui j ai deux problemes.Premierement je n arrive plus a redemarrer en mode sans echec.Deuxiementj ai telecharge AD-REMOVERsur un disc mobil, je l ai installe mais j ai pas de raccourci sur le bureau.
je vous poste le rapport de ADWCLEANER:
# AdwCleaner v1.402 - Logfile created 12/22/2011 at 23:17:21
# Updated 12/11/11 at 19:00p.m by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : OUMAR - OUMAR-PC (Administrator)
# Running from : C:\Users\OUMAR\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\OUMAR\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Deleted : C:\Users\OUMAR\AppData\Local\Conduit
Folder Deleted : C:\Users\OUMAR\AppData\Local\ConduitEngine
Folder Deleted : C:\Users\OUMAR\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\OUMAR\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
File Deleted : C:\Windows\system32\conduitEngine.tmp
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2537298
Key Deleted : HKCU\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Canneverbe Limited\OpenCandy
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Registry is OK.
-\\ Mozilla Firefox v3.6.13 (es-ES)
Profile : 65xcldnr.default
File : C:\Users\OUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\65xcldnr.default\prefs.js
File is OK.
-\\ Google Chrome v16.0.912.63
File : C:\Users\OUMAR\AppData\Local\Google\Chrome\User Data\Default\Preferences
File is OK.
*************************
AdwCleaner[S1].txt - [359 octets] - [22/12/2011 20:45:59]
AdwCleaner[S2].txt - [2944 octets] - [22/12/2011 23:17:21]
*************************
Temporary folder : : 5 folder(s)et 8 file(s) deleted
########## EOF - C:\AdwCleaner[S2].txt - [3158 octets] ##########
je vous poste le rapport de ADWCLEANER:
# AdwCleaner v1.402 - Logfile created 12/22/2011 at 23:17:21
# Updated 12/11/11 at 19:00p.m by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : OUMAR - OUMAR-PC (Administrator)
# Running from : C:\Users\OUMAR\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\OUMAR\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Folder Deleted : C:\Users\OUMAR\AppData\Local\Conduit
Folder Deleted : C:\Users\OUMAR\AppData\Local\ConduitEngine
Folder Deleted : C:\Users\OUMAR\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\OUMAR\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
File Deleted : C:\Windows\system32\conduitEngine.tmp
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2537298
Key Deleted : HKCU\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Canneverbe Limited\OpenCandy
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Registry is OK.
-\\ Mozilla Firefox v3.6.13 (es-ES)
Profile : 65xcldnr.default
File : C:\Users\OUMAR\AppData\Roaming\Mozilla\Firefox\Profiles\65xcldnr.default\prefs.js
File is OK.
-\\ Google Chrome v16.0.912.63
File : C:\Users\OUMAR\AppData\Local\Google\Chrome\User Data\Default\Preferences
File is OK.
*************************
AdwCleaner[S1].txt - [359 octets] - [22/12/2011 20:45:59]
AdwCleaner[S2].txt - [2944 octets] - [22/12/2011 23:17:21]
*************************
Temporary folder : : 5 folder(s)et 8 file(s) deleted
########## EOF - C:\AdwCleaner[S2].txt - [3158 octets] ##########
oums a répondu là.
http://www.commentcamarche.net/forum/affich-23967297-http-pjjoint-malekal-com-files-php-id-df5