Sujet Précédent Sujet Suivant

Message d'erreur AVAST

Résolu
flonad33 Messages postés 19 Statut Membre -  
flonad33 Messages postés 19 Statut Membre -
Bonjour tout le monde,

Depuis hier mon anti-virus ne tourne plus. quand je le force à se lancer j'ai ce message d'erreur: "C:\Program Files\Avast4\ashAvast.exe n'est pas une application Win32 valide."

j'ai recherché les solutions dans les différentes discussions et suite aux diverses réponses j'ai effectué COMBOFIX et HIJACKTHIS dont je vous mes les rapports ci-dessous.

MERCI POUR VOTRE AIDE, je n'ai plus de protection pour mon PC.

Log COMBOFIX :
ComboFix 08-08-10.02 - PAUSE 2008-08-10 23:30:13.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2049 [GMT 2:00]
* CrÚation d'un nouveau point de restauration
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\PAUSE\AppData\Roaming\m
C:\Users\PAUSE\AppData\Roaming\m\data.oct
C:\Users\PAUSE\AppData\Roaming\m\flec006.exe
C:\Users\PAUSE\AppData\Roaming\m\list.oct
C:\Users\PAUSE\AppData\Roaming\m\shared
C:\Users\PAUSE\AppData\Roaming\m\shared\2006 Olympic Snow Sports Screensaver.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\ActiveComport Serial Port Development Kit 2.1 Cracked.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\ADOReport 1.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Advanced Direct Remailer 2.20 [Key+Serial].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Adwarewipe 9.3.0.10 With Crack.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\AdWords Clever Wizard 1.7.21.55.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Agent Ransack 1.7.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Axialis AX-cursors 4.5 Serial.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\BitTorrent 4.26.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Blog 8.0 Beta 2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Box Option Spread Calculator 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\BrainWasher 1.2.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\BrownRecluse Pro 1.11.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Business Finder! 1.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Cabos for Windows 0.5.5.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Chrysanth Download Manager 1.6.5.895.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\CNebulaX 1.5.59.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Crystal Clear Hire 3.2.2.6.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Cup Companion 1.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Cycling Manager demo.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\DEKSI SmartCheck 2.0 [Serial].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\DemandTools for AppExchange 1.6.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Deskman 5.5 (With Crack).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Deskroller Screensaver 1.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\DriveClone Pro 3.05.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\E-Mage Processor 1.2 build 171 [Crack].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Easy Video to Audio Converter 1.6.6.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\EffectsMaster 1.00.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\EGBrowse 7.6.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\English-Russian Verb Reference System 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\EuroMediWBC3 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\eXInbox 1.0.0.7.519.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Fireworks on Brooklyn Bridge Animated Wallpaper 5.07.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Fonts in Action 1.2 [Serial].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Freedom Notebook 6.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Gigaget Download Manager 1.0.0.23.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Golos 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Greatis Toys 2.02.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Head Over Heels 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\HealthChecK 1.51.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\HeavyMath StereoPic 3.5.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\ICQ for Java 0.981a.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\IDFree 1.1.0.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Image Broadway 5.1 (With Crack).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Innovatools diskSpace Explorer Home 3.0.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Internet- The Browser 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\IPI.HELPDESK 6.05 (Patch).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\JavaScript Dissolving PopMenu 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Jessu Slide Show 1.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\kalamazooeats 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Karamasoft UltimateCallback 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Knowbody HPGL Import 4.0.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\LanCalculator 1.0.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\LogonEdit 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\LSP Explorer for Ad-Aware SE 1.05.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Matador Spam Fighter 1.0.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MatrixWalks Basic 3.02.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Media Detective 1.6.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Medinsure Magic 4.2 [Patch].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MetaBlaster 4.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MMD Logger 2.0 with GDI Tool 2.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MPEG AVI DVD Cutter 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MpPlaya 1.2.0.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\MSDict Oxford French Minidictionary (Symbian Series 60) 2.40.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Neemagrader 2B.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Neovilla Personal Portal 1.27.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Net Weasel 1.5 Patch.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\NoBlankQuote 0.3.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\OGM to AVI Converter 3.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Okoker MPEG to AVI DVD VCD WMV Converter&Burner 2.4.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\On-Top 1.0 (KeyGen).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Opera Mini (BlackBerry) 2.0.4509.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\OTrader Portfolio Management 4.1.14.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Oven Fresh Mp3 Audio System 2.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Panda.Internet.Security.2007.v11.00.02.Retail.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Parts Tracker 2.1.17.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\PCPal 1.0.1026.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\PDF Sorter 1.2.0.68.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Physics'Solutions 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Pick n' Text 2006 (Crack).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Picture Tools 4.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Pinwheel 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\PMon 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Post NET Notes 1.5f (Serial).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\PoweRecovery Professional 5.5.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\QNote 1.0 [Patch].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Quick Recovery for Linux (EXT-2 EXT-3) 10.12.04.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\RD birthday reminder 2.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\RipIt4Me 1.7.1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Rocket Retriever 3.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Safe Surfer 4.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\ScanR Whiteboards for Treo 700w 2.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SecretsSaver Personal Pro 2.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Secure Notes Organizer 3.0.11.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Sheep vs. Gravity Screensaver 1.08.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SKWChicagoScreenSaver 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Smart Mailer for PC 1.0 Key+Serial.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Socket Master 1.00.56.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Soft191 Duplicate File Finder 1.0 [Crack].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SplitMe 1.0c (Serial).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SQLBACKUPZIP 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\StarCraft Brood War v1.11 patch.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Stitch Fisheye 1.16 Key+Serial.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SuperVoice VideoPhone 1.0.3.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SwiftCompare 1.2 [Key].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Symantec.Norton.Ghost.2003.Enterprise.Edition.-.Keygenerator.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Symantec.Winfax.Pro.v10.03.patch.crack.multiLanguage.with.serial.by.ParadoX.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\SysUtils LAN Administration System 1.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Talisman Desktop 2.98.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\TaskbarHide 1.2b.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Temproact 11.8 (Key).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\The DME Calculator 2.1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Tiff-XChange 3.25.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Total Audio Recorder and Editor 4.2 [Serial].zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Transaction File Maker 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Underworld Evolution 1.0.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Unlock your Samsung phone from home 0.8.29 (KeyGen).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\UnrealPlayer UIQ 2.6 Key.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\ValidatorBuddy 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Virtual CD 9.0.0.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Visual Capture 1.0 (Key+Serial).zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Wake On LAN 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Windows Me Unchecked Buffer in File Decompression Functions Vulnerability Patch MS02-054.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\WiseCam 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Wordster 1.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\X360 Multiple Video Player ActiveX Control 2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Xiph OGG plugins for RealPlayer 0.7.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Yak! 2.1.2.zip
C:\Users\PAUSE\AppData\Roaming\m\shared\Zip-n-Go 3.12 (With Crack).zip
C:\Users\PAUSE\AppData\Roaming\m\srvlist.oct
C:\Windows\system32\AutoRun.inf
C:\Windows\system32\ban_list.txt
C:\Windows\system32\drivers\downld
C:\Windows\system32\drivers\downld\12644770.exe
C:\Windows\system32\drivers\downld\136953.exe
C:\Windows\system32\drivers\downld\137811.exe
C:\Windows\system32\drivers\downld\141227.exe
C:\Windows\system32\drivers\downld\14824556.exe
C:\Windows\system32\drivers\downld\14832512.exe
C:\Windows\system32\drivers\downld\14843198.exe
C:\Windows\system32\drivers\downld\14844883.exe
C:\Windows\system32\drivers\downld\14853479.exe
C:\Windows\system32\drivers\downld\14857582.exe
C:\Windows\system32\drivers\downld\14929030.exe
C:\Windows\system32\drivers\downld\14946986.exe
C:\Windows\system32\drivers\downld\150353.exe
C:\Windows\system32\drivers\downld\150618.exe
C:\Windows\system32\drivers\downld\1549869.exe
C:\Windows\system32\drivers\downld\160400.exe
C:\Windows\system32\drivers\downld\162943.exe
C:\Windows\system32\drivers\downld\163816.exe
C:\Windows\system32\drivers\downld\171008.exe
C:\Windows\system32\drivers\downld\173051.exe
C:\Windows\system32\drivers\downld\175750.exe
C:\Windows\system32\drivers\downld\182848.exe
C:\Windows\system32\drivers\downld\186249.exe
C:\Windows\system32\drivers\downld\191397.exe
C:\Windows\system32\drivers\downld\200866.exe
C:\Windows\system32\drivers\downld\203128.exe
C:\Windows\system32\drivers\downld\214563.exe
C:\Windows\system32\drivers\downld\217808.exe
C:\Windows\system32\drivers\downld\229680.exe
C:\Windows\system32\drivers\downld\232004.exe
C:\Windows\system32\drivers\downld\233549.exe
C:\Windows\system32\drivers\downld\235608.exe
C:\Windows\system32\drivers\downld\243377.exe
C:\Windows\system32\drivers\downld\243486.exe
C:\Windows\system32\drivers\downld\248025.exe
C:\Windows\system32\drivers\downld\252269.exe
C:\Windows\system32\drivers\downld\255872.exe
C:\Windows\system32\drivers\downld\271410.exe
C:\Windows\system32\drivers\downld\286729.exe
C:\Windows\system32\drivers\downld\298414.exe
C:\Windows\system32\drivers\downld\305621.exe
C:\Windows\system32\drivers\downld\316416.exe
C:\Windows\system32\drivers\downld\327555.exe
C:\Windows\system32\drivers\downld\337149.exe
C:\Windows\system32\drivers\downld\345261.exe
C:\Windows\system32\drivers\downld\360455.exe
C:\Windows\system32\drivers\downld\362125.exe
C:\Windows\system32\drivers\downld\367273.exe
C:\Windows\system32\drivers\downld\370611.exe
C:\Windows\system32\drivers\downld\399939.exe
C:\Windows\system32\drivers\downld\406023.exe
C:\Windows\system32\drivers\downld\431436.exe
C:\Windows\system32\drivers\downld\442028.exe
C:\Windows\system32\drivers\downld\4556617.exe
C:\Windows\system32\drivers\downld\4578348.exe
C:\Windows\system32\drivers\downld\4588613.exe
C:\Windows\system32\drivers\downld\4591764.exe
C:\Windows\system32\drivers\downld\4601311.exe
C:\Windows\system32\drivers\downld\4603620.exe
C:\Windows\system32\drivers\downld\4631170.exe
C:\Windows\system32\drivers\downld\4634742.exe
C:\Windows\system32\drivers\downld\4708110.exe
C:\Windows\system32\drivers\downld\4763942.exe
C:\Windows\system32\drivers\downld\66768.exe
C:\Windows\system32\drivers\downld\70434.exe
C:\Windows\system32\drivers\downld\733735.exe
C:\Windows\system32\drivers\downld\755559.exe
C:\Windows\system32\drivers\downld\757322.exe
C:\Windows\system32\drivers\downld\761862.exe
C:\Windows\system32\drivers\downld\764170.exe
C:\Windows\system32\drivers\downld\819161.exe
C:\Windows\system32\drivers\downld\837740.exe
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\mdelk.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\jusched.exe
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA

((((((((((((((((((((((((( Files Created from 2008-07-10 to 2008-08-10 )))))))))))))))))))))))))))))))
.

2008-08-10 22:51 . 2008-07-19 16:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2008-08-10 22:18 . 2008-08-10 22:18 <REP> d-------- C:\Windows\Sun
2008-08-06 23:50 . 2008-08-06 23:51 <REP> d-------- C:\Program Files\Common Files\Adobe(1)
2008-08-06 23:50 . 2008-08-06 23:50 <REP> d-------- C:\Program Files\Adobe(0)
2008-08-05 10:33 . 2008-08-05 10:33 268 --ah----- C:\sqmdata09.sqm
2008-08-05 10:33 . 2008-08-05 10:33 244 --ah----- C:\sqmnoopt09.sqm
2008-08-04 23:35 . 2008-08-04 23:35 268 --ah----- C:\sqmdata08.sqm
2008-08-04 23:35 . 2008-08-04 23:35 244 --ah----- C:\sqmnoopt08.sqm
2008-08-04 19:59 . 2008-08-04 19:59 268 --ah----- C:\sqmdata07.sqm
2008-08-04 19:59 . 2008-08-04 19:59 244 --ah----- C:\sqmnoopt07.sqm
2008-08-04 09:54 . 2008-08-04 09:54 268 --ah----- C:\sqmdata06.sqm
2008-08-04 09:54 . 2008-08-04 09:54 244 --ah----- C:\sqmnoopt06.sqm
2008-08-04 02:40 . 2008-08-04 02:40 268 --ah----- C:\sqmdata05.sqm
2008-08-04 02:40 . 2008-08-04 02:40 244 --ah----- C:\sqmnoopt05.sqm
2008-08-03 22:52 . 2008-08-03 22:52 <REP> d-------- C:\My Download Files
2008-08-03 22:50 . 2008-08-03 22:50 <REP> d-------- C:\Program Files\Real
2008-08-03 22:50 . 2008-08-03 22:50 774,144 --a------ C:\Program Files\RngInterstitial.dll
2008-08-03 22:49 . 2008-08-03 22:49 <REP> d-------- C:\Users\All Users\Google
2008-08-03 22:49 . 2008-08-04 01:31 <REP> d-------- C:\Program Files\Google
2008-08-03 22:49 . 2008-08-03 23:23 <REP> d-------- C:\Program Files\Common Files\Real
2008-08-03 20:26 . 2008-08-03 20:26 <REP> d-------- C:\Users\All Users\Zylom
2008-08-03 20:26 . 2008-08-03 20:26 <REP> d-------- C:\ProgramData\Zylom
2008-08-03 19:35 . 2008-08-03 19:35 268 --ah----- C:\sqmdata04.sqm
2008-08-03 19:35 . 2008-08-03 19:35 244 --ah----- C:\sqmnoopt04.sqm
2008-08-03 16:48 . 2008-08-03 16:48 268 --ah----- C:\sqmdata03.sqm
2008-08-03 16:48 . 2008-08-03 16:48 244 --ah----- C:\sqmnoopt03.sqm
2008-08-03 03:47 . 2008-08-03 03:47 268 --ah----- C:\sqmdata02.sqm
2008-08-03 03:47 . 2008-08-03 03:47 244 --ah----- C:\sqmnoopt02.sqm
2008-08-03 02:54 . 2008-08-03 02:54 268 --ah----- C:\sqmdata01.sqm
2008-08-03 02:54 . 2008-08-03 02:54 244 --ah----- C:\sqmnoopt01.sqm
2008-08-03 00:13 . 2008-08-03 00:13 268 --ah----- C:\sqmdata00.sqm
2008-08-03 00:13 . 2008-08-03 00:13 244 --ah----- C:\sqmnoopt00.sqm
2008-08-03 00:13 . 2008-08-03 00:13 56 --ah----- C:\Windows\System32\ezsidmv.dat
2008-08-03 00:09 . 2008-08-07 12:05 168,228,118 --a------ C:\Windows\MEMORY.DMP
2008-07-23 12:48 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-23 12:48 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-23 12:48 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-20 21:41 . 2008-07-20 21:41 <REP> d-------- C:\Users\PAUSE\AppData\Roaming\dvdcss
2008-07-15 00:58 . 2008-08-10 20:10 <REP> d-------- C:\Users\PAUSE\AppData\Roaming\skypePM
2008-07-15 00:56 . 2008-08-10 20:10 <REP> d-------- C:\Users\PAUSE\AppData\Roaming\Skype
2008-07-15 00:56 . 2008-07-15 00:56 <REP> d-------- C:\Users\All Users\Skype
2008-07-15 00:56 . 2008-07-15 00:56 <REP> d-------- C:\ProgramData\Skype
2008-07-15 00:56 . 2008-07-15 00:56 <REP> d-------- C:\Program Files\Skype
2008-07-15 00:56 . 2008-07-15 00:56 <REP> d-------- C:\Program Files\Common Files\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-07 19:46 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-07 11:03 --------- d-----w C:\ProgramData\HP Product Assistant
2008-07-10 10:26 --------- d-----w C:\Program Files\Windows Mail
2008-06-24 08:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-24 08:15 --------- d-----w C:\Program Files\EA GAMES
2008-06-11 16:08 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-10 17:40 174 --sha-w C:\Program Files\desktop.ini
2008-06-10 17:34 --------- d-----w C:\Program Files\Windows Sidebar
2008-06-10 17:34 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-06-10 17:34 --------- d-----w C:\Program Files\Windows Journal
2008-06-10 17:34 --------- d-----w C:\Program Files\Windows Collaboration
2008-06-10 17:34 --------- d-----w C:\Program Files\Windows Calendar
2008-06-10 11:43 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-06-10 11:43 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-06-03 16:51 179,618,618 ----a-w C:\Windows\DUMP35de.tmp
2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll
2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll
2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll
2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll
2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll
2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll
2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll
2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll
2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll
2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll
2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll
2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll
2008-03-01 20:08 22 --sha-w C:\Windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2005-02-23 04:06 712712]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 03:56 54936]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-08-29 14:17 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-08-29 14:20 77824]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-07 03:45 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-07 03:45 8466432]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-07 03:45 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-05-07 20:15:47 169472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.enc"= ITIG726.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-05-30 15:54 21718312 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2346725713-1572255982-2525913878-1000]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F2685032-94B7-45D9-9221-C864B3051BD1}"= Profile=Private|c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{9AB78F5A-B3F2-4397-B7A7-DDDBD11C9B56}"= Disabled:c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"TCP Query User{D0F2C544-996D-4DFC-992E-04BB6F9EF5DC}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule Plus
"UDP Query User{28B59583-31C8-48A3-8AD5-C334C2BF86DF}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule Plus
"TCP Query User{9EEACD20-BDFF-49BD-A58F-5BF5E6D288B3}C:\\users\\pause\\emule\\emule.exe"= UDP:C:\users\pause\emule\emule.exe:emule.exe
"UDP Query User{379B0AD3-90D7-419B-AF17-7D16ED20AB49}C:\\users\\pause\\emule\\emule.exe"= TCP:C:\users\pause\emule\emule.exe:emule.exe
"TCP Query User{2812EBA8-E7CD-4E3C-BD68-6FA16EEA52E6}C:\\users\\pause\\documents\\emule 0.48a pro ultra 2\\emule.exe"= UDP:C:\users\pause\documents\emule 0.48a pro ultra 2\emule.exe:emule.exe
"UDP Query User{669B119B-3E96-46E3-9570-98317CE27F40}C:\\users\\pause\\documents\\emule 0.48a pro ultra 2\\emule.exe"= TCP:C:\users\pause\documents\emule 0.48a pro ultra 2\emule.exe:emule.exe
"TCP Query User{5CC2B385-030F-4232-82B5-A72B426E717F}C:\\users\\pause\\appdata\\local\\temp\\temp1_emule 0.48a pro ultra 2(1).zip\\emule.exe"= UDP:C:\users\pause\appdata\local\temp\temp1_emule 0.48a pro ultra 2(1).zip\emule.exe:emule.exe
"UDP Query User{0898169D-8196-4088-AA42-5AAF880159D7}C:\\users\\pause\\appdata\\local\\temp\\temp1_emule 0.48a pro ultra 2(1).zip\\emule.exe"= TCP:C:\users\pause\appdata\local\temp\temp1_emule 0.48a pro ultra 2(1).zip\emule.exe:emule.exe
"TCP Query User{CC4D4BF7-FE66-4816-9856-E834B33AFFB3}C:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= UDP:C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"UDP Query User{FC4BAD89-5E6C-461D-A9ED-FF620EC351BE}C:\\program files\\logitech\\desktop messenger\\8876480\\program\\backweb-8876480.exe"= TCP:C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe:backWeb-8876480
"{62072282-9B23-4FBA-9D3B-902672BAA37B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{BC115D1C-AE23-447E-884B-53C089170820}"= C:\Program Files\Skype\Phone\Skype.exe:Skype

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
R3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\Windows\system32\DRIVERS\fbxusb32.sys [2004-10-20 15:23]
S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe []
S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\Windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 10:13]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2008-08-10 C:\Windows\Tasks\User_Feed_Synchronization-{E0B47A96-4E98-443B-A16D-444C4B4AFC58}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-Windows Defender - C:\Program Files\Windows Defender\MSASCui.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\PAUSE\AppData\Roaming\Mozilla\Firefox\Profiles\b0wyhi1i.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:fr-FR:official

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-10 23:34:50
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\Users\PAUSE\AppData\Local\Microsoft\Portable Devices\wpdlog04.sqm 472 bytes
C:\Users\PAUSE\AppData\Local\Microsoft\Portable Devices\wpdlog05.sqm 472 bytes
C:\Users\PAUSE\AppData\Local\Microsoft\Portable Devices\wpdlog06.sqm 472 bytes

scan completed successfully
hidden files: 3

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\schtasks.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
.
**************************************************************************
.
Completion time: 2008-08-10 23:37:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-10 21:36:58

Pre-Run: 354,458,554,368 octets libres
Post-Run: 354,364,936,192 octets libres

423 --- E O F --- 2008-08-02 14:51:05

Log HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:53:53, on 10/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Windows\system32\schtasks.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
A voir également:

27 réponses

Précédent
  • 1
  • 2
Réponse 21 / 27
flonad33 Messages postés 19 Statut Membre
 
c:\users\pause\appdata\roaming\m\flec006.exe
c:\windows\system32\drivers\downld\12644770.exe
c:\windows\system32\drivers\downld\136953.exe
c:\windows\system32\drivers\downld\137811.exe
c:\windows\system32\drivers\downld\141227.exe
c:\windows\system32\drivers\downld\14824556.exe
c:\windows\system32\drivers\downld\14832512.exe
c:\windows\system32\drivers\downld\14843198.exe
c:\windows\system32\drivers\downld\14844883.exe
c:\windows\system32\drivers\downld\14853479.exe
c:\windows\system32\drivers\downld\14857582.exe
c:\windows\system32\drivers\downld\14929030.exe
c:\windows\system32\drivers\downld\14946986.exe
c:\windows\system32\drivers\downld\150353.exe
c:\windows\system32\drivers\downld\150618.exe
c:\windows\system32\drivers\downld\1549869.exe
c:\windows\system32\drivers\downld\160400.exe
c:\windows\system32\drivers\downld\162943.exe
c:\windows\system32\drivers\downld\163816.exe
c:\windows\system32\drivers\downld\171008.exe
c:\windows\system32\drivers\downld\173051.exe
c:\windows\system32\drivers\downld\175750.exe
c:\windows\system32\drivers\downld\182848.exe
c:\windows\system32\drivers\downld\186249.exe
c:\windows\system32\drivers\downld\191397.exe
c:\windows\system32\drivers\downld\200866.exe
c:\windows\system32\drivers\downld\203128.exe
c:\windows\system32\drivers\downld\214563.exe
c:\windows\system32\drivers\downld\217808.exe
c:\windows\system32\drivers\downld\229680.exe
c:\windows\system32\drivers\downld\232004.exe
c:\windows\system32\drivers\downld\233549.exe
c:\windows\system32\drivers\downld\235608.exe
c:\windows\system32\drivers\downld\243377.exe
c:\windows\system32\drivers\downld\243486.exe
c:\windows\system32\drivers\downld\248025.exe
c:\windows\system32\drivers\downld\252269.exe
c:\windows\system32\drivers\downld\255872.exe
c:\windows\system32\drivers\downld\271410.exe
c:\windows\system32\drivers\downld\286729.exe
c:\windows\system32\drivers\downld\298414.exe
c:\windows\system32\drivers\downld\305621.exe
c:\windows\system32\drivers\downld\316416.exe
c:\windows\system32\drivers\downld\327555.exe
c:\windows\system32\drivers\downld\337149.exe
c:\windows\system32\drivers\downld\345261.exe
c:\windows\system32\drivers\downld\360455.exe
c:\windows\system32\drivers\downld\362125.exe
c:\windows\system32\drivers\downld\367273.exe
c:\windows\system32\drivers\downld\370611.exe
c:\windows\system32\drivers\downld\399939.exe
c:\windows\system32\drivers\downld\406023.exe
c:\windows\system32\drivers\downld\431436.exe
c:\windows\system32\drivers\downld\442028.exe
c:\windows\system32\drivers\downld\4556617.exe
c:\windows\system32\drivers\downld\4578348.exe
c:\windows\system32\drivers\downld\4588613.exe
c:\windows\system32\drivers\downld\4591764.exe
c:\windows\system32\drivers\downld\4601311.exe
c:\windows\system32\drivers\downld\4603620.exe
c:\windows\system32\drivers\downld\4631170.exe
c:\windows\system32\drivers\downld\4634742.exe
c:\windows\system32\drivers\downld\4708110.exe
c:\windows\system32\drivers\downld\4763942.exe
c:\windows\system32\drivers\downld\66768.exe
c:\windows\system32\drivers\downld\70434.exe
c:\windows\system32\drivers\downld\733735.exe
c:\windows\system32\drivers\downld\755559.exe
c:\windows\system32\drivers\downld\757322.exe
c:\windows\system32\drivers\downld\761862.exe
c:\windows\system32\drivers\downld\764170.exe
c:\windows\system32\drivers\downld\819161.exe
c:\windows\system32\drivers\downld\837740.exe
c:\windows\system32\drivers\hldrrr.exe
c:\windows\system32\drivers\mdelk.exe
c:\windows\system32\jusched.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
0
Réponse 22 / 27
flonad33 Messages postés 19 Statut Membre
 
voilà, j'ai copier coller le texte dans un post, j'ai redémarré, j'ai réinstallé AVAST (il marche maintenant), puis j'ai fait la manip avec OTMovelt dont voici le rapport :

File/Folder c:\users\pause\appdata\roaming\m\flec006.exe not found.
File/Folder c:\windows\system32\drivers\downld\12644770.exe not found.
File/Folder c:\windows\system32\drivers\downld\136953.exe not found.
File/Folder c:\windows\system32\drivers\downld\137811.exe not found.
File/Folder c:\windows\system32\drivers\downld\141227.exe not found.
File/Folder c:\windows\system32\drivers\downld\14824556.exe not found.
File/Folder c:\windows\system32\drivers\downld\14832512.exe not found.
File/Folder c:\windows\system32\drivers\downld\14843198.exe not found.
File/Folder c:\windows\system32\drivers\downld\14844883.exe not found.
File/Folder c:\windows\system32\drivers\downld\14853479.exe not found.
File/Folder c:\windows\system32\drivers\downld\14857582.exe not found.
File/Folder c:\windows\system32\drivers\downld\14929030.exe not found.
File/Folder c:\windows\system32\drivers\downld\14946986.exe not found.
File/Folder c:\windows\system32\drivers\downld\150353.exe not found.
File/Folder c:\windows\system32\drivers\downld\150618.exe not found.
File/Folder c:\windows\system32\drivers\downld\1549869.exe not found.
File/Folder c:\windows\system32\drivers\downld\160400.exe not found.
File/Folder c:\windows\system32\drivers\downld\162943.exe not found.
File/Folder c:\windows\system32\drivers\downld\163816.exe not found.
File/Folder c:\windows\system32\drivers\downld\171008.exe not found.
File/Folder c:\windows\system32\drivers\downld\173051.exe not found.
File/Folder c:\windows\system32\drivers\downld\175750.exe not found.
File/Folder c:\windows\system32\drivers\downld\182848.exe not found.
File/Folder c:\windows\system32\drivers\downld\186249.exe not found.
File/Folder c:\windows\system32\drivers\downld\191397.exe not found.
File/Folder c:\windows\system32\drivers\downld\200866.exe not found.
File/Folder c:\windows\system32\drivers\downld\203128.exe not found.
File/Folder c:\windows\system32\drivers\downld\214563.exe not found.
File/Folder c:\windows\system32\drivers\downld\217808.exe not found.
File/Folder c:\windows\system32\drivers\downld\229680.exe not found.
File/Folder c:\windows\system32\drivers\downld\232004.exe not found.
File/Folder c:\windows\system32\drivers\downld\233549.exe not found.
File/Folder c:\windows\system32\drivers\downld\235608.exe not found.
File/Folder c:\windows\system32\drivers\downld\243377.exe not found.
File/Folder c:\windows\system32\drivers\downld\243486.exe not found.
File/Folder c:\windows\system32\drivers\downld\248025.exe not found.
File/Folder c:\windows\system32\drivers\downld\252269.exe not found.
File/Folder c:\windows\system32\drivers\downld\255872.exe not found.
File/Folder c:\windows\system32\drivers\downld\271410.exe not found.
File/Folder c:\windows\system32\drivers\downld\286729.exe not found.
File/Folder c:\windows\system32\drivers\downld\298414.exe not found.
File/Folder c:\windows\system32\drivers\downld\305621.exe not found.
File/Folder c:\windows\system32\drivers\downld\316416.exe not found.
File/Folder c:\windows\system32\drivers\downld\327555.exe not found.
File/Folder c:\windows\system32\drivers\downld\337149.exe not found.
File/Folder c:\windows\system32\drivers\downld\345261.exe not found.
File/Folder c:\windows\system32\drivers\downld\360455.exe not found.
File/Folder c:\windows\system32\drivers\downld\362125.exe not found.
File/Folder c:\windows\system32\drivers\downld\367273.exe not found.
File/Folder c:\windows\system32\drivers\downld\370611.exe not found.
File/Folder c:\windows\system32\drivers\downld\399939.exe not found.
File/Folder c:\windows\system32\drivers\downld\406023.exe not found.
File/Folder c:\windows\system32\drivers\downld\431436.exe not found.
File/Folder c:\windows\system32\drivers\downld\442028.exe not found.
File/Folder c:\windows\system32\drivers\downld\4556617.exe not found.
File/Folder c:\windows\system32\drivers\downld\4578348.exe not found.
File/Folder c:\windows\system32\drivers\downld\4588613.exe not found.
File/Folder c:\windows\system32\drivers\downld\4591764.exe not found.
File/Folder c:\windows\system32\drivers\downld\4601311.exe not found.
File/Folder c:\windows\system32\drivers\downld\4603620.exe not found.
File/Folder c:\windows\system32\drivers\downld\4631170.exe not found.
File/Folder c:\windows\system32\drivers\downld\4634742.exe not found.
File/Folder c:\windows\system32\drivers\downld\4708110.exe not found.
File/Folder c:\windows\system32\drivers\downld\4763942.exe not found.
File/Folder c:\windows\system32\drivers\downld\66768.exe not found.
File/Folder c:\windows\system32\drivers\downld\70434.exe not found.
File/Folder c:\windows\system32\drivers\downld\733735.exe not found.
File/Folder c:\windows\system32\drivers\downld\755559.exe not found.
File/Folder c:\windows\system32\drivers\downld\757322.exe not found.
File/Folder c:\windows\system32\drivers\downld\761862.exe not found.
File/Folder c:\windows\system32\drivers\downld\764170.exe not found.
File/Folder c:\windows\system32\drivers\downld\819161.exe not found.
File/Folder c:\windows\system32\drivers\downld\837740.exe not found.
File/Folder c:\windows\system32\drivers\hldrrr.exe not found.
File/Folder c:\windows\system32\drivers\mdelk.exe not found.
File/Folder c:\windows\system32\jusched.exe not found.
File/Folder c:\windows\system32\mdelk.exe not found.
File/Folder c:\windows\system32\wintems.exe not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08122008_191233
0
Réponse 23 / 27
flonad33 Messages postés 19 Statut Membre
 
Dois-je supprimer les programmes Elibagla, Malwarebytes, OTMovelt de mon PC ou dois-je les garder ?
Merci
0
Réponse 24 / 27
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour, si tout est ok tu metston sujet en résolu et puis tu supprimes tous les outils et les rapports générés par contre conserves malwarebytes tu l'utiliseras régulièrement en complément de ton anti-virus qui est loin d'être le plus performant des gratuit mais toujours faire la mise à jour de malwarebytes avant de faire l'analyse
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 27
flonad33 Messages postés 19 Statut Membre
 
je te remercie de ton aide, tu m'as été d'un grand secours.
Heureusement que des personnes comme toi pédale à notre place (nous les novies) !!!!!
Merci encore.
Je ne te dirais pas à bientôt, cela voudrait dire que j'ai un problème inforamtique.
Bonne continuation.
0
Réponse 26 / 27
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour si tu veux aussi pédaller pour les autres, tu peux aussi car perso mon premier pc et ma première connection sur le net non que 3 1/2 ans donc il suffit de se donner la peinne de chercher sur le net et de passer plus de 70 heures par semaine sur le net et les forums d'aide et tu finis par comprendre pas mal de chose sauf que ma femme ne comprend pas le temps que j'y passe mais bon !!!! @+
0
flonad33 Messages postés 19 Statut Membre
 
Bonjour,
C'est vrai ce que tu dis, si on se donne la peine, on trouve pas mal de truc mais pour un problème comme celui-là (un PC est tellement compliqué à comprendre), je préfère faire appel à des personnes qui s'y connaisse un minimum. Avant de passer mon message, j'ai été sur le net pour voir les différentes résolutions ( je savais que je devais avoir mon PC infecté) mais fallait-il savoir dans quel ordre faire toutes ses manip.
Petit hors sujet : je comprends ta femme qui ne comprends (excuse pour la redondance) pas le temps que tu y passes car mon mari est pareil, je cherche plein d'info que ce soit pour le PC, la musique ou tout autre infos. Mais cette fois, il était content que j'y ai passé autant de temps car plutôt que d'amener mon PC en réparation, j'ai trouvé la solution sur le net. Elle comprendras quand elle verra l'utilité du net pour des choses comme celle-là !!!!!!!!!!!!!
A bientôt
0
Réponse 27 / 27
superyo40 Messages postés 10 Statut Membre
 
Désinstalle Avast proprement et ré-installe le
0

Discussions similaires

SMS message vocal arnaque ?
kikidefer -
Stepik -

10 réponses
Phishing faux mail d'avast
Colette34 -
Gerper -

2 réponses
Signification de ^^
takataka26 -
Adraen -

13 réponses
Arnaque installation Avast Premium security
Eldanield -
bazfile -

9 réponses
Erreur 3005 sur France TV
Cambodgil -
JeanPierre -

6 réponses