Aemeth

Hello tout le monde! Je suis désolé de poster mon premier message sur ce forum comme une demande d'aide mais bon, il faut ce qu'il faut... Espérons qu'un bonne ame sera prête à me filer un petit coup de main Alors voilà, j'ai installé windows 7 il y a peu et depuis j'ai déjà eu 2 virus signalés par nod 32, j'ai eu un problème avec autorun.inf et aujourd'hui un autre avec un trojan qui infectait explorer.exe. J'ai un peu cherché sur le net et j'ai lancé combofix. Il etait marqué sur le site que je pouvais demander des conseils sur ce site et me voilà donc. Voici mon rapport combofix : ComboFix 10-02-12.01 - Aemeth 16/02/2010 11:45:22.2.2 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.32.1036.18.3327.2385 [GMT 1:00] Lancé depuis: c:\users\Aemeth\Downloads\ComboFix.exe * Un antivirus résident est actif . ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-16 au 2010-02-16 )))))))))))))))))))))))))))))))))))) . 2010-02-16 10:49 . 2010-02-16 10:49 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-02-16 10:49 . 2010-02-16 10:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-02-16 09:58 . 2010-02-16 10:49 -------- d-----w- c:\users\Aemeth\AppData\Local\temp 2010-02-15 16:29 . 2010-02-15 16:29 -------- d-----w- c:\users\Aemeth\AppData\Roaming\XRay Engine 2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Canneverbe Limited 2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\programdata\Canneverbe Limited 2010-02-13 13:51 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\program files\CDBurnerXP 2010-02-13 13:12 . 2010-02-13 13:20 -------- d-----w- c:\users\Aemeth\AppData\Local\Ahead 2010-02-13 13:12 . 2010-02-13 13:21 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Ahead 2010-02-13 13:11 . 2010-02-13 13:11 -------- d-----w- c:\programdata\Ahead 2010-02-13 13:10 . 2010-02-13 13:11 -------- d-----w- c:\program files\Common Files\Ahead 2010-02-13 13:04 . 2010-02-13 13:04 -------- d-----w- c:\users\Aemeth\AppData\Local\ESET 2010-02-12 12:15 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll 2010-02-12 12:03 . 2010-02-12 12:03 -------- d-----w- c:\program files\bitComposer Games 2010-02-10 05:18 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-10 05:18 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll 2010-02-10 05:18 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-10 05:18 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-10 05:18 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-10 05:18 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-10 05:18 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-10 05:18 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-07 13:47 . 2010-02-07 13:47 -------- d-----w- c:\windows\Sun 2010-02-06 20:02 . 2010-02-13 12:06 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Nero 2010-02-06 15:09 . 2010-02-13 13:10 -------- d-----w- c:\program files\Nero 2010-02-06 15:09 . 2010-02-13 13:10 -------- d-----w- c:\programdata\Nero 2010-02-06 15:09 . 2010-02-13 12:53 -------- d-----w- c:\program files\Common Files\Nero 2010-02-04 02:11 . 2010-02-04 02:11 -------- d-----w- c:\users\Aemeth\AppData\Local\WahOO 2010-02-03 23:18 . 2010-02-03 23:18 -------- d-----w- c:\users\Aemeth\.gstreamer-0.10 2010-02-03 23:18 . 2010-02-12 11:20 -------- d-----w- c:\users\Aemeth\amsn 2010-02-03 23:16 . 2010-02-03 23:16 -------- d-----w- c:\program files\aMSN 2010-02-02 16:44 . 2010-02-02 16:51 -------- d-----w- c:\program files\ESET 2010-02-02 14:26 . 2010-02-02 14:26 -------- d-----w- c:\program files\UlisesSoft 2010-02-02 14:18 . 2010-02-02 14:18 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2010-02-02 14:18 . 2010-02-02 14:18 -------- d-----w- c:\windows\PCHEALTH 2010-01-31 23:18 . 2010-01-31 23:18 -------- d-----w- c:\program files\MSXML 4.0 2010-01-31 17:45 . 2010-01-31 17:45 -------- d-----w- c:\users\Aemeth\AppData\Local\MicroVision Applications 2010-01-31 11:39 . 2010-01-31 11:39 -------- d-----w- C:\Rushs 2010-01-31 11:32 . 2010-01-31 17:45 -------- d-----w- c:\program files\SureThing Express Labeler 2010-01-31 11:32 . 2010-01-31 11:32 -------- d-----w- c:\program files\Common Files\SureThing Shared 2010-01-31 11:30 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe 2010-01-31 11:30 . 2010-01-31 11:30 -------- d-----w- c:\program files\LooksBuilderSE 2010-01-31 11:29 . 2010-01-31 11:29 29926 ----a-r- c:\users\Aemeth\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe 2010-01-31 11:29 . 2010-01-31 11:29 -------- d-----w- c:\program files\Common Files\Pinnacle 2010-01-31 11:28 . 2010-01-31 11:28 -------- d-----w- c:\users\Aemeth\AppData\Local\Downloaded Installations 2010-01-31 11:28 . 2010-02-01 18:44 -------- d-----w- c:\users\Aemeth\AppData\Local\Pinnacle 2010-01-31 11:28 . 2010-01-31 11:28 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection 2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\program files\Common Files\Yahoo! 2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\program files\Common Files\Pegasus Imaging 2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\programdata\Studio 14 2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\programdata\Pinnacle Studio Plus 2010-01-31 11:22 . 2010-01-31 11:30 -------- d-----w- c:\program files\Pinnacle 2010-01-31 11:20 . 2010-01-31 11:27 -------- d-----w- c:\programdata\Pinnacle 2010-01-31 11:18 . 2010-02-02 16:07 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Ulead Systems 2010-01-31 01:21 . 2010-01-31 01:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-31 01:20 . 2010-01-31 01:21 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-01-31 01:20 . 2010-01-31 11:20 -------- d-----w- c:\users\Aemeth\AppData\Roaming\DAEMON Tools Lite 2010-01-31 01:20 . 2010-01-31 01:20 -------- d-----w- c:\programdata\DAEMON Tools Lite 2010-01-31 01:15 . 2010-01-31 01:15 -------- d-----w- c:\users\Aemeth\AppData\Roaming\DAEMON Tools Pro 2010-01-31 01:15 . 2010-01-31 01:15 -------- d-----w- c:\programdata\DAEMON Tools Pro 2010-01-30 20:08 . 2010-01-30 20:09 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Media Player Classic 2010-01-30 18:02 . 2010-01-30 18:02 -------- d-----w- c:\program files\Common Files\InterVideo 2010-01-30 17:57 . 2010-01-30 17:57 -------- d-----w- c:\program files\Windows Media Components 2010-01-30 17:56 . 2010-02-02 16:10 -------- d-----w- c:\programdata\Ulead Systems 2010-01-30 17:54 . 2010-02-02 16:07 -------- d-----w- c:\program files\Corel 2010-01-30 11:57 . 2010-02-07 19:53 -------- d-----w- c:\program files\JkDefrag 2010-01-30 11:31 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll 2010-01-30 11:31 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll 2010-01-30 11:31 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll 2010-01-30 11:31 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-01-30 11:31 . 2010-01-05 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-01-30 11:31 . 2010-01-30 11:33 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-01-30 11:30 . 2010-01-30 11:30 -------- d-----w- c:\program files\Google 2010-01-30 00:34 . 2010-01-30 00:34 -------- d-----w- c:\windows\system32\Macromed 2010-01-30 00:31 . 2010-01-30 19:45 -------- d-----w- c:\users\Aemeth\AppData\Local\ElevatedDiagnostics 2010-01-29 23:47 . 2010-01-29 23:47 98304 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{C185760C-B5A7-F913-7CE5-F53EA7A1825A}-CLIStart.exe 2010-01-29 23:29 . 2010-02-13 08:14 -------- d-----w- c:\program files\uTorrent 2010-01-29 23:29 . 2010-02-15 14:17 -------- d-----w- c:\users\Aemeth\AppData\Roaming\uTorrent 2010-01-29 23:19 . 2009-06-16 11:05 53248 ----a-w- c:\windows\system32\CSVer.dll 2010-01-29 23:18 . 2010-01-29 23:19 -------- d-----w- c:\program files\Intel 2010-01-29 23:18 . 2010-01-29 23:18 -------- d-----w- c:\users\Aemeth\AppData\Roaming\InstallShield 2010-01-29 23:13 . 2010-01-29 23:13 53248 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{1012FB02-2899-B345-7FFA-9B35C1E27B83}-MMLoadDrv.exe 2010-01-29 23:13 . 2010-01-29 23:13 102400 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{2D9B8FC3-B4E3-3937-2CCE-F15740DAB556}-MMACEPrev.exe 2010-01-29 23:06 . 2010-01-29 23:06 -------- d-----w- c:\windows\system32\Atheros_L1e 2010-01-29 23:03 . 2007-12-17 16:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys 2010-01-29 23:03 . 2006-01-10 15:50 24576 ----a-w- c:\windows\system32\AsIO.dll 2010-01-29 23:03 . 2010-01-29 23:27 -------- d-----w- c:\program files\ASUS 2010-01-29 23:03 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys 2010-01-29 23:03 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys 2010-01-29 23:03 . 2010-02-02 16:10 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-29 23:02 . 2010-01-29 23:02 499712 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{76CA6F4D-B268-EB89-5FA2-3258BB11158E}-CCCPrev.exe 2010-01-29 22:51 . 2010-02-02 16:48 105184 ----a-w- c:\users\Aemeth\AppData\Local\GDIPFONTCACHEV1.DAT 2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\users\Aemeth\AppData\Roaming\ATI 2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\users\Aemeth\AppData\Local\ATI 2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\programdata\ATI 2010-01-29 22:47 . 2010-01-29 23:32 -------- d-----w- c:\program files\Common Files\InstallShield 2010-01-29 22:42 . 2010-01-29 22:42 -------- d-----w- c:\program files\Common Files\ATI Technologies 2010-01-29 22:41 . 2010-01-29 22:41 10134 ----a-r- c:\users\Aemeth\AppData\Roaming\Microsoft\Installer\{810C21DD-0E77-D5A2-25F7-F4C924C79708}\ARPPRODUCTICON.exe 2010-01-29 22:40 . 2010-02-13 13:13 -------- d-sh--w- c:\windows\Installer 2010-01-29 22:40 . 2010-01-29 22:42 -------- d-----w- c:\program files\ATI Technologies 2010-01-29 22:40 . 2010-01-29 22:42 -------- d-----w- c:\program files\ATI 2010-01-29 22:37 . 2010-01-29 22:37 -------- d-----w- c:\users\Aemeth\AppData\Local\Mozilla 2010-01-29 22:36 . 2010-01-14 10:12 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-29 22:36 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll 2010-01-29 22:32 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll 2010-01-29 22:27 . 2010-02-16 09:54 -------- d-----w- c:\windows\system32\wbem\Performance 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Modèles 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Menu Démarrer 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Favoris 2010-01-29 21:53 . 2010-01-29 22:06 -------- d-----w- C:\Boot . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-16 09:54 . 2009-07-14 08:39 694766 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-16 09:54 . 2009-07-14 08:39 127478 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-15 15:06 . 2010-02-01 20:33 1 ----a-w- c:\users\Aemeth\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-02-02 14:10 . 2010-02-01 20:03 -------- d-----w- c:\program files\Java 2010-02-02 13:25 . 2010-02-02 13:25 -------- d-----w- c:\program files\CPUID 2010-02-01 20:32 . 2010-02-01 20:32 -------- d-----w- c:\users\Aemeth\AppData\Roaming\OpenOffice.org 2010-02-01 20:06 . 2010-02-01 20:06 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Foxit 2010-02-01 20:06 . 2010-02-01 20:06 -------- d-----w- c:\program files\Foxit Software 2010-02-01 20:04 . 2010-02-01 20:04 -------- d-----w- c:\program files\JRE 2010-02-01 20:04 . 2010-02-01 20:04 -------- d-----w- c:\program files\OpenOffice.org 3 2010-01-31 20:53 . 2010-01-31 20:53 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-01-29 23:32 . 2010-01-29 23:32 -------- d-----w- c:\program files\Realtek 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Modèles 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Menu Démarrer 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Bureau 2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\program files\Fichiers communs 2010-01-29 22:11 . 2010-01-29 22:11 0 ----a-w- c:\windows\ativpsrm.bin 2010-01-08 03:18 . 2010-02-10 05:19 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-01-08 03:17 . 2010-02-10 05:19 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-12-19 09:02 . 2010-01-29 22:31 977920 ----a-w- c:\windows\system32\wininet.dll 2009-12-19 09:02 . 2010-02-10 05:19 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-19 09:02 . 2010-02-10 05:19 1328640 ----a-w- c:\windows\system32\quartz.dll 2009-12-19 09:02 . 2010-02-10 05:19 22016 ----a-w- c:\windows\system32\msyuv.dll 2009-12-19 09:02 . 2010-02-10 05:19 31744 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-19 09:02 . 2010-02-10 05:19 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-19 09:02 . 2010-02-10 05:19 84480 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-19 09:02 . 2010-02-10 05:19 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-19 09:02 . 2010-02-10 05:19 91648 ----a-w- c:\windows\system32\avifil32.dll 2009-12-11 21:03 . 2009-12-11 21:03 5188096 ----a-w- c:\windows\system32\drivers\atipmdag.sys 2009-12-11 21:03 . 2009-12-11 21:03 5188096 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2009-12-11 20:45 . 2009-12-11 20:45 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2009-12-11 20:45 . 2009-12-11 20:45 372736 ----a-w- c:\windows\system32\atieclxx.exe 2009-12-11 20:44 . 2009-12-11 20:44 172032 ----a-w- c:\windows\system32\atiesrxx.exe 2009-12-11 20:43 . 2009-12-11 20:43 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2009-12-11 20:42 . 2009-12-11 20:42 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2009-12-11 20:42 . 2009-12-11 20:42 274432 ----a-w- c:\windows\system32\Oemdspif.dll 2009-12-11 20:42 . 2009-12-11 20:42 11776 ----a-w- c:\windows\system32\atimuixx.dll 2009-12-11 20:42 . 2009-12-11 20:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2009-12-11 20:39 . 2009-07-13 22:09 3060224 ----a-w- c:\windows\system32\atidxx32.dll 2009-12-11 20:35 . 2009-12-11 20:35 400384 ----a-w- c:\windows\system32\aticfx32.dll 2009-12-11 20:26 . 2009-12-11 20:26 13383168 ----a-w- c:\windows\system32\atioglxx.dll 2009-12-11 20:22 . 2009-12-11 20:22 3601920 ----a-w- c:\windows\system32\atiumdag.dll 2009-12-11 20:11 . 2009-12-11 20:11 50176 ----a-w- c:\windows\system32\coinst.dll 2009-12-11 20:04 . 2009-12-11 20:04 53248 ----a-w- c:\windows\system32\aticalrt.dll 2009-12-11 20:04 . 2009-12-11 20:04 2912768 ----a-w- c:\windows\system32\atiumdva.dll 2009-12-11 20:04 . 2009-12-11 20:04 53248 ----a-w- c:\windows\system32\aticalcl.dll 2009-12-11 20:03 . 2009-12-11 20:03 3641344 ----a-w- c:\windows\system32\aticaldd.dll 2009-12-11 19:52 . 2009-12-11 19:52 52224 ----a-w- c:\windows\system32\atimpc32.dll 2009-12-11 19:52 . 2009-12-11 19:52 52224 ----a-w- c:\windows\system32\amdpcom32.dll 2009-12-11 19:52 . 2009-12-11 19:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2009-12-11 19:51 . 2009-12-11 19:51 225280 ----a-w- c:\windows\system32\atiadlxx.dll 2009-12-11 19:51 . 2009-12-11 19:51 12800 ----a-w- c:\windows\system32\atiglpxx.dll 2009-12-11 19:51 . 2009-12-11 19:51 15360 ----a-w- c:\windows\system32\atigktxx.dll 2009-12-11 19:50 . 2009-12-11 19:50 125440 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2009-12-11 19:50 . 2009-12-11 19:50 27136 ----a-w- c:\windows\system32\atiuxpag.dll 2009-12-11 19:50 . 2009-12-11 19:50 20480 ----a-w- c:\windows\system32\atiu9pag.dll 2009-12-08 11:40 . 2010-02-10 05:19 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 11:40 . 2010-02-10 05:19 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 11:32 . 2010-02-10 05:19 292864 ----a-w- c:\windows\system32\apphelp.dll 2009-12-08 08:05 . 2010-02-10 05:19 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-08 08:05 . 2010-02-10 05:19 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2009-11-18 23:25 . 2009-11-18 23:25 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys 2009-11-18 15:11 . 2009-11-18 15:11 197624 ----a-w- c:\windows\system32\atiicdxx.dat 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304] "ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap] 2009-07-01 19:23 1435136 ----a-w- c:\program files\ASUS\AI Suite\AiNap\AiNap.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpu Level Up help] 2007-11-30 19:03 881152 ----a-w- c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help] 2009-07-01 19:19 601088 ----a-w- c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip] 2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2010-02-11 08:10 319280 ----a-w- c:\program files\uTorrent\uTorrent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WahOO] 2009-12-06 19:45 1841152 ----a-w- c:\users\Aemeth\AppData\Local\WahOO\WahOO.exe R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [9/04/2009 15:18 107256] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [11/12/2009 21:44 172032] R2 cpuz132;cpuz132;c:\windows\System32\drivers\cpuz132_x32.sys [2/02/2010 14:25 12672] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/04/2009 15:19 731840] R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [9/04/2009 15:21 93312] R3 amdkmdag;amdkmdag;c:\windows\System32\drivers\atipmdag.sys [11/12/2009 22:03 5188096] R3 amdkmdap;amdkmdap;c:\windows\System32\drivers\atikmpag.sys [11/12/2009 20:50 125440] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [31/01/2010 02:21 691696] . . ------- Examen supplémentaire ------- . FF - ProfilePath - c:\users\Aemeth\AppData\Roaming\Mozilla\Firefox\Profiles\4du0q91i.default\ FF - prefs.js: browser.startup.homepage - www.journaldugamer.com FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2010-02-16 11:51:04 ComboFix-quarantined-files.txt 2010-02-16 10:51 ComboFix2.txt 2010-02-16 09:58 Avant-CF: 828.447.899.648 octets libres Après-CF: 828.396.752.896 octets libres - - End Of File - - F6B3BE85BAA3532FD6B5490DD41FD236 Merci à tous! Julien