Aller au contenu

steve77

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

steve77's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. steve77
    Bonjour, J'avais un problème de redirection de recherche google. J'ai éxecuté ComboFix en suivant ce tuto ICI Le problème a leur réglé mais a la fin du tuto il recommande de poster le rapport, donc le voila : ComboFix 10-09-17.04 - Steve Rolland 20/09/2010 0:13.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.687 [GMT 2:00] Lancé depuis: c:\documents and settings\Steve Rolland\Bureau\ComboFi.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Steve Rolland\Recent\Anthony Kavanagh.com (2).pif c:\documents and settings\Steve Rolland\Recent\Anthony Kavanagh.com.pif C:\Install.exe Une copie infectée de c:\windows\system32\drivers\WudfPf.sys a été trouvée et désinfectée Copie restaurée à partir de - Kitty had a snack . ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-19 au 2010-09-19 )))))))))))))))))))))))))))))))))))) . 2010-09-18 15:32 . 2010-09-18 15:32 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\XWare 2010-09-18 15:32 . 2010-09-18 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\XWare 2010-09-18 08:20 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-09-18 08:20 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-09-18 08:20 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-09-18 08:20 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-09-18 08:20 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-09-18 08:20 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-09-18 08:20 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-09-18 08:20 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr 2010-09-18 08:20 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe 2010-09-18 08:20 . 2010-09-18 08:20 -------- d-----w- c:\program files\Alwil Software 2010-09-18 08:20 . 2010-09-18 08:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-09-17 17:02 . 2010-09-17 17:02 -------- d-----w- c:\program files\CCleaner 2010-09-13 07:22 . 2010-09-13 07:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-09-12 09:19 . 2010-09-12 09:19 -------- d-s---w- c:\documents and settings\LocalService\Favoris 2010-09-12 08:58 . 2010-09-12 08:58 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\Malwarebytes 2010-09-12 08:42 . 2010-09-12 08:45 -------- d-----w- C:\WORT 2010-09-12 08:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-12 08:29 . 2010-09-12 08:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-12 08:29 . 2010-09-12 08:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-12 08:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-12 07:25 . 2010-09-17 16:59 -------- d-----w- c:\program files\ZHPDiag 2010-09-11 23:33 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-09-11 14:49 . 2009-03-24 12:43 43008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll 2010-09-11 14:49 . 2009-03-24 12:43 43008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2010-09-11 14:49 . 2009-03-24 12:43 338432 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2010-09-11 14:49 . 2009-03-24 12:42 345088 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2010-09-11 14:49 . 2009-03-24 12:43 235520 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff2.dll 2010-09-11 14:49 . 2009-03-24 12:42 235008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff3.dll 2010-09-11 13:52 . 2010-09-11 13:52 -------- d-----w- c:\windows\system32\wbem\Repository 2010-09-11 08:25 . 2010-09-11 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-08-23 11:00 . 2010-08-29 14:16 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\vlc . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-19 22:23 . 2004-08-05 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-19 22:23 . 2004-08-05 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-18 18:05 . 2009-12-28 14:42 1 ----a-w- c:\documents and settings\Steve Rolland\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-09-17 21:41 . 2009-12-30 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-09-17 16:56 . 2010-05-12 20:08 -------- d-----w- c:\program files\PC Connectivity Solution 2010-09-11 23:46 . 2009-12-28 11:53 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-09-11 23:46 . 2010-05-22 18:08 -------- d-----w- c:\program files\Microsoft ActiveSync 2010-09-11 23:30 . 2010-07-10 08:27 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\Broad Intelligence 2010-09-11 23:28 . 2009-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-09-04 09:15 . 2010-01-16 11:59 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-08-29 11:30 . 2009-12-28 20:48 -------- d-----w- c:\program files\Opera 2010-08-23 10:50 . 2010-01-01 01:39 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\dvdcss 2010-08-17 13:17 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-13 16:16 . 2009-12-28 15:40 -------- d-----w- c:\program files\Mozilla Thunderbird 2010-08-11 23:52 . 2010-08-13 17:00 85464 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll 2010-08-11 23:52 . 2010-08-13 17:00 38872 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINCE\components\WeaveCrypto.dll 2010-08-07 01:46 . 2010-08-07 01:46 503808 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\msvcp71.dll 2010-08-07 01:46 . 2010-08-07 01:46 499712 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\jmc.dll 2010-08-07 01:46 . 2010-08-07 01:46 348160 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\msvcr71.dll 2010-08-07 01:46 . 2010-08-07 01:46 61440 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d67d9ba-n\decora-sse.dll 2010-08-07 01:46 . 2010-08-07 01:46 12800 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d67d9ba-n\decora-d3d.dll 2010-07-27 19:53 . 2010-02-18 17:16 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\PC Suite 2010-07-25 07:30 . 2010-07-25 07:30 -------- d-----w- c:\program files\Microsoft Silverlight 2010-07-24 14:07 . 2009-12-28 20:15 -------- d-----w- c:\program files\Messenger Plus! Live 2010-07-22 15:48 . 2004-08-05 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll 2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2010-06-30 12:32 . 2004-08-05 12:00 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:25 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:02 . 2004-08-05 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys 1995-09-20 15:16 . 1995-09-20 15:16 456976 ----a-w- c:\program files\Fichiers communs\dao3032.dll 2010-08-06 22:08 . 2009-12-28 13:52 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2010-02-03 11:51 . 2010-02-03 11:51 8192 --sha-w- c:\windows\o2cLicStore.bin 2006-05-03 09:06 . 2010-07-10 08:11 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2010-07-10 08:11 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2010-07-10 08:11 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wallpaper"="c:\program files\Wallpaper\Wallpaper.exe" [2007-08-20 233472] "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "eMuleAutoStart"="c:\program files\eMule\eMule.exe" [2010-04-07 5758976] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-29 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-29 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-29 141848] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-08-03 1044480] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-06 30192] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "WinVNC"="c:\program files\UltraVNC\WinVNC.exe" [2006-07-17 364544] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-01-30 126976] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-31 813584] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 11:28 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Fichiers communs\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] 2010-04-07 13:00 5758976 ----a-w- c:\program files\eMule\emule.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD] 2009-10-05 17:03 2174976 ----a-w- c:\program files\EXPERTool\TBPANEL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] 2010-01-30 21:49 126976 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Updater] 2010-02-03 18:47 160752 ----a-w- c:\program files\Google\Google Updater\GoogleUpdater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-01-22 18:16 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-13 18:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\UltraVNC\\winvnc.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Steve Rolland\\temp\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/09/2010 10:20 165584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/09/2010 10:20 17744] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [31/12/2009 01:20 10384] R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [19/11/2004 19:07 101488] R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?] R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [02/01/2010 19:51 6016] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [10/02/2010 23:57 28160] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/01/2010 16:34 133104] S3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [13/07/2007 21:42 152832] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [28/12/2009 22:22 30192] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12/05/2010 22:06 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12/05/2010 22:06 8320] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2010-09-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-31 18:47] 2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 14:34] 2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 14:34] 2010-09-19 c:\windows\Tasks\User_Feed_Synchronization-{AF03C099-2871-4A0D-9E50-46DA08EB6A37}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1263138696&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1036&id=64855&mkt=fr-FR uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - component: c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll FF - plugin: c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll FF - plugin: c:\documents and settings\Steve Rolland\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\nptidfusionplugin.dll FF - plugin: c:\program files\Opera\program\plugins\NPO2C.DLL FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) HKCU-Run-RocketDock - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe HKLM-Run-Waiting1690 - c:\windows\stid1690.exe MSConfigStartUp-Waiting1690 - c:\windows\stid1690.exe AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe AddRemove-UnityWebPlayer - c:\documents and settings\Steve Rolland\Local Settings\Application Data\Unity\WebPlayer\Uninstall.exe ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(716) c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(3964) c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Google\Update\1.2.183.29\GoogleCrashHandler.exe c:\windows\system32\libusbd-nt.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\rundll32.exe c:\windows\system32\RUNDLL32.EXE c:\windows\system32\wscntfy.exe c:\program files\Microsoft ActiveSync\WCESCOMM.EXE c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE . ************************************************************************** . Heure de fin: 2010-09-20 00:26:13 - La machine a redémarré ComboFix-quarantined-files.txt 2010-09-19 22:26 Avant-CF: 112 535 183 360 octets libres Après-CF: 118 332 133 376 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(1)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 9EAE85F13B6513DCA66CB73794175AC5 Merci de votre aide.
×
×
  • Créer...