analyse rapport combofix

[benoit22]

est ce que quelqu'un peut il analyser ce rapport combofix afin de me donner des conseils.

 

ComboFix 08-07-05.1 - Benoît 2008-07-06 14:00:07.1 - NTFSx86

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1906 [GMT 2:00]

Endroit: C:\Users\Benoît\Downloads\ComboFix.exe

* Création d'un nouveau point de restauration

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\DRV\Tuner\Yuan\Resources\_desktop.ini

C:\Windows\PLFSet.dll

C:\Windows\system32\ACER.exe

C:\Windows\system32\x64

C:\Windows\system32\x64\csnp2uvc.dll

C:\Windows\system32\x64\rsnpvc64.dll

C:\Windows\system32\x64\sncduvc.sys

C:\Windows\system32\x64\snp2uvc.sys

C:\Windows\system32\x64\vsnpvc64.dll

 

.

((((((((((((((((((((((((((((( Fichiers créés 2008-06-06 to 2008-07-06 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-06 13:09 . 2008-07-06 13:11 <REP> d-------- C:\Windows\System32\drivers\Avg

2008-07-06 13:09 . 2008-07-06 13:09 <REP> d-------- C:\Program Files\AVG

2008-07-06 13:09 . 2008-07-06 13:09 96,520 --a------ C:\Windows\System32\drivers\avgldx86.sys

2008-07-06 13:09 . 2008-07-06 13:09 67,080 --a------ C:\Windows\System32\drivers\avgwfpx.sys

2008-07-06 13:09 . 2008-07-06 13:09 10,520 --a------ C:\Windows\System32\avgrsstx.dll

2008-07-06 13:02 . 2008-07-06 13:02 <REP> d-------- C:\Users\Benoît\AppData\Roaming\Desktopicon

2008-07-06 13:02 . 2008-07-06 13:03 <REP> d-------- C:\Program Files\Unlocker

2008-07-06 09:55 . 2008-07-06 10:28 <REP> d-------- C:\Lop SD

2008-07-06 09:43 . 2008-07-06 09:43 <REP> d-------- C:\Program Files\Lopxp

2008-07-06 09:21 . 2008-07-06 11:30 <REP> d--h----- C:\$AVG8.VAULT$

2008-07-06 09:08 . 2008-07-06 13:09 <REP> d-------- C:\Users\All Users\avg8

2008-07-06 09:08 . 2008-07-06 13:09 <REP> d-------- C:\ProgramData\avg8

2008-07-01 17:13 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Common Files\Adobe

2008-06-29 17:14 . 2008-06-29 17:15 <REP> d-------- C:\Users\Benoît\AppData\Roaming\DVD Flick

2008-06-29 16:54 . 2008-06-29 16:54 <REP> d-------- C:\Users\All Users\DVD Shrink

2008-06-29 16:54 . 2008-06-29 16:54 <REP> d-------- C:\ProgramData\DVD Shrink

2008-06-29 16:54 . 2004-03-09 00:00 662,288 --a------ C:\Windows\System32\mscomct2.ocx

2008-06-29 16:54 . 2004-03-09 00:00 212,240 --a------ C:\Windows\System32\richtx32.ocx

2008-06-29 16:54 . 2000-05-19 17:56 81,920 --a------ C:\Windows\System32\mbmouse.ocx

2008-06-29 16:54 . 2000-11-05 15:27 36,864 --a------ C:\Windows\System32\trayicon.ocx

2008-06-29 11:04 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Lavasoft

2008-06-29 11:03 . 2008-06-29 11:03 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-06-21 12:01 . 2008-07-06 11:47 <REP> d-------- C:\Users\Benoît\AppData\Roaming\Adobe

2008-06-20 22:29 . 2008-06-20 22:35 <REP> d-------- C:\Program Files\PhotoFiltre

2008-06-17 06:30 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll

2008-06-17 06:30 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml

2008-06-17 06:30 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml

2008-06-16 18:32 . 2008-06-16 18:32 376 --a------ C:\Windows\ODBC.INI

2008-06-16 18:31 . 2008-06-16 18:31 <REP> d-------- C:\Users\Benoît\AppData\Roaming\Microsoft Web Folders

2008-06-14 19:05 . 2008-06-14 19:05 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-06-14 13:19 . 2008-06-14 13:19 28,190 --a------ C:\Users\Benoît\AppData\Roaming\nvModes.dat

2008-06-13 20:17 . 2008-07-05 20:57 <REP> d-------- C:\Users\Benoît\Incomplete

2008-06-13 20:17 . 2008-07-05 20:57 <REP> d-------- C:\Users\Benoît\Incomplete

2008-06-13 20:16 . 2008-06-30 19:46 <REP> d-------- C:\Users\Benoît\AppData\Roaming\LimeWire

2008-06-13 19:33 . 2007-08-08 09:29 2,772,992 --a------ C:\Windows\System32\NETw4r32.dll

2008-06-13 19:33 . 2007-08-08 02:26 2,226,688 --a------ C:\Windows\System32\drivers\NETw4v32.sys

2008-06-13 19:33 . 2007-08-08 09:28 684,032 --a------ C:\Windows\System32\NETw4c32.dll

2008-06-13 18:10 . 2008-06-13 18:10 <REP> d-------- C:\PerfLogs

2008-06-13 17:59 . 2008-06-13 17:43 152,576 --a------ C:\Windows\System32\SPWizUI.dll

2008-06-13 17:59 . 2008-06-13 17:43 47,560 --a------ C:\Windows\System32\SPReview.exe

2008-06-13 17:45 . 2008-01-18 21:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll

2008-06-13 17:44 . 2008-01-18 23:33 44,032 --a------ C:\Windows\System32\cbsra.exe

2008-06-13 17:43 . 2008-06-13 17:59 196,608 --a------ C:\Windows\SPInstall.etl

2008-06-13 15:28 . 2008-06-13 15:28 <REP> d-------- C:\Users\Benoît\AppData\Roaming\DivX

2008-06-13 15:28 . 2008-07-06 11:47 <REP> d-------- C:\Program Files\DivX

2008-06-13 15:28 . 2008-06-13 15:28 <REP> d-------- C:\Program Files\Common Files\PX Storage Engine

2008-06-13 15:17 . 2008-06-13 15:21 <REP> d-------- C:\Users\Benoît\AppData\Roaming\U3

2008-06-13 14:18 . 2008-06-13 14:18 <REP> d-------- C:\Program Files\Microsoft Silverlight

2008-06-13 12:05 . 2008-06-13 12:05 1,820 --a------ C:\Windows\System32\rasctrnm.h

2008-06-13 11:56 . 2008-06-13 11:56 988,216 --a------ C:\Windows\System32\winload.exe

2008-06-13 11:56 . 2008-06-13 11:56 927,288 --a------ C:\Windows\System32\winresume.exe

2008-06-13 11:56 . 2008-06-13 11:56 615,992 --a------ C:\Windows\System32\ci.dll

2008-06-13 11:56 . 2008-06-13 11:56 378,368 --a------ C:\Windows\System32\srcore.dll

2008-06-13 11:56 . 2008-06-13 11:56 318,464 --a------ C:\Windows\System32\rstrui.exe

2008-06-13 11:56 . 2008-06-13 11:56 46,592 --a------ C:\Windows\System32\setbcdlocale.dll

2008-06-13 11:56 . 2008-06-13 11:56 40,960 --a------ C:\Windows\System32\srclient.dll

2008-06-13 11:56 . 2008-06-13 11:56 19,000 --a------ C:\Windows\System32\kd1394.dll

2008-06-13 11:56 . 2008-06-13 11:56 14,848 --a------ C:\Windows\System32\srdelayed.exe

2008-06-13 11:56 . 2008-06-13 11:56 6,656 --a------ C:\Windows\System32\kbd106n.dll

2008-06-13 11:55 . 2008-06-13 11:55 2,032,128 --a------ C:\Windows\System32\win32k.sys

2008-06-13 11:52 . 2008-06-13 11:52 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys

2008-06-13 11:50 . 2008-07-06 11:47 <REP> d-------- C:\Users\All Users\Lavasoft

2008-06-13 11:50 . 2008-07-06 11:47 <REP> d-------- C:\ProgramData\Lavasoft

2008-06-13 11:50 . 2008-06-13 11:50 1,314,816 --a------ C:\Windows\System32\quartz.dll

2008-06-13 11:49 . 2008-06-13 11:49 428,544 --a------ C:\Windows\System32\EncDec.dll

2008-06-13 11:49 . 2008-06-13 11:49 293,376 --a------ C:\Windows\System32\psisdecd.dll

2008-06-13 11:49 . 2008-06-13 11:49 218,624 --a------ C:\Windows\System32\psisrndr.ax

2008-06-13 11:49 . 2008-06-13 11:49 80,896 --a------ C:\Windows\System32\MSNP.ax

2008-06-13 11:49 . 2008-06-13 11:49 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax

2008-06-13 11:49 . 2008-06-13 11:49 57,856 --a------ C:\Windows\System32\MSDvbNP.ax

2008-06-13 11:47 . 2008-06-13 11:47 1,383,424 --a------ C:\Windows\System32\mshtml.tlb

2008-06-13 11:47 . 2008-06-13 11:47 826,880 --a------ C:\Windows\System32\wininet.dll

2008-06-13 11:45 . 2008-06-20 22:29 434 --a------ C:\Windows\BRWMARK.INI

2008-06-13 11:45 . 2008-06-20 22:29 27 --a------ C:\Windows\BRPP2KA.INI

2008-06-13 11:44 . 2008-06-13 11:44 <REP> d-------- C:\Program Files\Java

2008-06-13 11:41 . 2008-07-06 11:47 <REP> d-------- C:\Program Files\Common Files\Java

2008-06-13 11:39 . 2008-07-06 11:47 <REP> d-------- C:\Program Files\LimeWire

2008-06-13 11:32 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll

2008-06-13 11:32 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll

2008-06-13 11:31 . 2008-06-13 11:31 <REP> d-------- C:\Program Files\MSXML 4.0

2008-06-13 11:31 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-06-13 11:24 . 2008-06-13 11:24 <REP> d-------- C:\Windows\PCHEALTH

2008-06-13 11:23 . 2008-06-13 11:26 <REP> d-------- C:\Users\Benoît\AppData\Roaming\Lavasoft

2008-06-13 11:22 . 2008-06-13 11:22 21,467,136 --a------ C:\Windows\System32\imageres.dll

2008-06-13 11:18 . 2008-07-06 11:46 <REP> d-------- C:\Users\All Users\Stardock

2008-06-13 11:18 . 2008-07-06 11:46 <REP> d-------- C:\ProgramData\Stardock

2008-06-13 11:18 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Stardock

2008-06-13 11:18 . 2007-06-05 11:26 567,040 --a------ C:\Windows\System32\wbocx.ocx

2008-06-13 11:18 . 2007-06-05 11:26 56,496 --a------ C:\Windows\System32\wbhelp2.dll

2008-06-13 11:17 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Windows Live

2008-06-13 11:17 . 2008-07-06 11:46 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller

2008-06-13 11:16 . 2008-06-13 11:16 <REP> d-------- C:\Users\All Users\WLInstaller

2008-06-13 11:16 . 2008-06-13 11:16 <REP> d-------- C:\ProgramData\WLInstaller

2008-06-13 11:08 . 2008-06-18 18:23 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy

2008-06-13 11:08 . 2008-06-18 18:23 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy

2008-06-13 11:08 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

2008-06-13 11:07 . 2008-06-13 11:07 <REP> d-------- C:\Program Files\Alwil Software

2008-06-13 11:07 . 2008-05-16 01:18 50,768 --a------ C:\Windows\System32\drivers\aswMonFlt.sys

2008-06-13 11:06 . 2008-06-13 11:06 <REP> d-------- C:\Program Files\CCleaner

2008-06-13 10:58 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Neuf

2008-06-13 10:05 . 2008-06-13 10:05 92 --a------ C:\Windows\GridV.UNI

2008-06-13 10:00 . 2007-05-08 15:26 368,640 --a------ C:\Windows\System32\CheckD2DSystem.exe

2008-06-13 10:00 . 2006-11-12 11:54 327,680 --a------ C:\Windows\System32\Remove_eRecovery.exe

2008-06-13 10:00 . 2006-11-10 17:27 16,384 --a------ C:\Windows\System32\LauncheRyAgentUser.exe

2008-06-13 10:00 . 2005-12-09 09:12 16,384 --a------ C:\Windows\System32\ClearEvent.exe

2008-06-13 10:00 . 2006-02-24 11:28 552 --a------ C:\Windows\System32\setup.iss

2008-06-13 09:59 . 2008-07-06 11:47 <REP> d-------- C:\Program Files\Apoint2K

2008-06-13 09:59 . 2008-06-13 09:59 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf

2008-06-13 09:57 . 2008-06-13 09:57 <REP> d-------- C:\Windows\System32\ENU

2008-06-13 09:57 . 2007-03-21 12:58 304,920 --a------ C:\Windows\System32\drivers\iaStor.sys

2008-06-13 09:56 . 2006-11-22 22:26 1,706,800 --a------ C:\Windows\System32\gdiplus.dll

2008-06-13 09:56 . 2005-08-16 08:49 40,960 --------- C:\junction.exe

2008-06-13 09:54 . 2008-06-13 12:13 <REP> dr------- C:\Users\Benoît\Searches

2008-06-13 09:54 . 2008-06-13 12:13 <REP> dr------- C:\Users\Benoît\Searches

2008-06-13 09:54 . 2008-06-13 09:54 <REP> d-------- C:\Users\Benoît\AppData\Roaming\Identities

2008-06-13 09:54 . 2008-06-13 09:54 <REP> d-------- C:\Users\All Users\NVIDIA

2008-06-13 09:54 . 2008-06-13 09:54 <REP> d-------- C:\ProgramData\NVIDIA

2008-06-13 09:54 . 2008-07-06 11:46 <REP> d-------- C:\Program Files\Launch Manager

2008-06-13 09:54 . 2008-07-06 11:46 <REP> d--hs---- C:\$RECYCLE.BIN

2008-06-13 09:54 . 2008-06-13 09:54 83 --a------ C:\Windows\LManager.UNI

2008-06-13 09:53 . 2008-06-13 11:25 <REP> dr------- C:\Users\Benoît\Contacts

2008-06-13 09:53 . 2008-06-13 11:25 <REP> dr------- C:\Users\Benoît\Contacts

2008-06-13 09:52 . 2008-06-13 09:52 <REP> d-------- C:\Windows\ACER

2008-06-13 09:52 . 2008-06-13 15:28 <REP> dr------- C:\Users\Benoît\Videos

2008-06-13 09:52 . 2008-06-13 15:28 <REP> dr------- C:\Users\Benoît\Videos

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-06 12:02 2,621,440 --sha-w C:\Users\Benoît\ntuser.dat

2008-07-06 12:02 2,621,440 --sha-w C:\Users\Benoît\ntuser.dat

2008-07-06 11:09 --------- d-s---w C:\Users\Benoît\AppData\Roaming\Microsoft

2008-07-06 11:02 --------- d-----w C:\Users\Benoît\AppData\Roaming\Desktopicon

2008-07-06 09:47 --------- d-----w C:\Users\Benoît\AppData\Roaming\Adobe

2008-07-06 09:47 --------- d-----w C:\Program Files\Windows Sidebar

2008-07-06 09:47 --------- d-----w C:\Program Files\Acer Arcade Deluxe

2008-06-30 17:46 --------- d-----w C:\Users\Benoît\AppData\Roaming\LimeWire

2008-06-29 15:15 --------- d-----w C:\Users\Benoît\AppData\Roaming\DVD Flick

2008-06-16 16:31 --------- d-----w C:\Users\Benoît\AppData\Roaming\Microsoft Web Folders

2008-06-14 11:19 28,190 ----a-w C:\Users\Benoît\AppData\Roaming\nvModes.dat

2008-06-13 16:17 174 --sha-w C:\Program Files\desktop.ini

2008-06-13 16:03 82,432 ----a-w C:\Windows\System32\axaltocm.dll

2008-06-13 16:03 101,888 ----a-w C:\Windows\System32\ifxcardm.dll

2008-06-13 13:28 --------- d-----w C:\Users\Benoît\AppData\Roaming\DivX

2008-06-13 13:21 --------- d-----w C:\Users\Benoît\AppData\Roaming\U3

2008-06-13 09:26 --------- d-----w C:\Users\Benoît\AppData\Roaming\Lavasoft

2008-06-13 08:24 --------- d-----w C:\ProgramData\Symantec

2008-06-13 08:17 --------- d-----w C:\ProgramData\Microsoft Help

2008-06-13 07:54 --------- d-----w C:\Users\Benoît\AppData\Roaming\Identities

2008-06-13 07:52 1,550 ----a-w C:\Windows\CLEANUP.CMD

2008-06-13 07:52 --------- d-----w C:\Users\Benoît\AppData\Roaming\Macromedia

2008-06-13 07:52 --------- d-----w C:\Users\Benoît\AppData\Roaming\InstallShield

2008-06-13 07:49 --------- d-sh--w C:\ProgramData\Modèles

2008-06-13 07:49 --------- d-sh--w C:\ProgramData\Menu Démarrer

2008-06-13 07:49 --------- d-sh--w C:\ProgramData\Favoris

2008-06-13 07:49 --------- d-sh--w C:\ProgramData\Bureau

2008-06-13 07:49 --------- d-sh--w C:\Program Files\Fichiers communs

2008-06-13 07:43 --------- d-----w C:\Program Files\Intel

2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll

2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx07.dll

2008-05-30 23:22 815,104 ----a-w C:\Windows\System32\divx_xx0a.dll

2008-05-30 23:22 802,816 ----a-w C:\Windows\System32\divx_xx11.dll

2008-05-30 23:22 683,520 ----a-w C:\Windows\System32\DivX.dll

2008-05-30 23:22 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll

2008-05-30 23:22 57,344 ----a-w C:\Windows\System32\dpv11.dll

2008-05-30 23:22 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll

2008-05-30 23:22 344,064 ----a-w C:\Windows\System32\dpus11.dll

2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu11.dll

2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu10.dll

2008-05-22 22:22 524,288 ----a-w C:\Windows\System32\DivXsm.exe

2008-05-22 22:22 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll

2008-05-22 22:20 200,704 ----a-w C:\Windows\System32\ssldivx.dll

2008-05-22 22:20 1,044,480 ----a-w C:\Windows\System32\libdivx.dll

2008-05-22 22:19 81,920 ----a-w C:\Windows\System32\dpl100.dll

2008-05-22 22:19 196,608 ----a-w C:\Windows\System32\dtu100.dll

2008-05-22 22:19 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe

2008-05-22 22:18 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll

2008-05-16 09:58 12,632 ----a-w C:\Windows\System32\lsdelete.exe

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-18 23:33 1233920]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 23:33 202240]

"Foxmail"="C:\Users\Benoît\Documents\A garder\Foxmail\Foxmail.exe" [2004-04-27 11:28 3279872]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2007-06-06 10:06 159744]

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 06:15 15872]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-06 13:09 1177368]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=eNetHook.dll,avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk

backup=C:\Windows\pss\Empowering Technology Launcher.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]

path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

backup=C:\Windows\pss\Microsoft Office.lnk.CommonStartup

backupExtension=.CommonStartup

 

[HKLM\~\startupfolder\C:^Users^Benoît^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DreamMail.lnk]

path=C:\Users\Benoît\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DreamMail.lnk

backup=C:\Windows\pss\DreamMail.lnk.Startup

backupExtension=.Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]

--a------ 2007-05-22 15:49 151552 C:\Acer\AcerTour\Reminder.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]

--------- 2007-06-11 14:54 1286144 C:\Acer\Empowering Technology\eAudio\eAudio.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

--a------ 2007-04-25 16:33 457216 C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

--a------ 2007-03-21 13:00 174872 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

--a------ 2007-06-27 11:15 752136 C:\PROGRA~1\LAUNCH~1\LManager.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-07-25 17:39 8470528 C:\Windows\System32\nvcpl.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2007-07-25 17:39 81920 C:\Windows\System32\nvmctray.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

--a------ 2007-07-25 17:39 86016 C:\Windows\System32\nvsvc.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]

--------- 2007-05-24 13:38 206952 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]

--a------ 2007-07-05 12:35 94208 C:\Windows\PLFSetL.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]

--a------ 2006-11-05 21:48 57344 C:\Acer\WR_PopUp\WarReg_PopUp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

--a------ 2008-01-18 23:38 1008184 C:\Program Files\Windows Defender\MSASCui.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

--a------ 2007-07-06 05:06 4669440 C:\Windows\RtHDVCpl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

--a------ 2007-06-15 10:45 1826816 C:\Windows\SkyTel.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{1ACDC690-E812-4BF4-8277-CADB310BB196}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{975C10A6-89E7-450F-8386-9F6BEC5992B5}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician

"{4B2A96AC-90BB-469D-96F2-1E462E2F2103}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia

"{CB0A5015-2744-4511-8C92-B47FF3948EAF}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard

"{4D657FB7-90F1-4687-8767-1A5E9F82A3B4}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine

"{BA4204CD-A774-4ACB-833E-DED5F58DB84E}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie

"{8E59AA51-194A-4D26-96F6-D1ACAC49C966}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program

"{E87801FE-95A0-43FE-96B5-E693A347B765}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{7D9B8AAB-7998-413E-8F1F-DA4537A1C762}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{05A4454F-3913-4365-8CB5-EC0AC2749337}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire

"TCP Query User{38B414C1-DAEA-4669-B118-AB5D937C3A7C}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{FB75D67D-7DCF-4384-8232-93D287163A83}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"TCP Query User{D67442CE-3195-4049-AF38-8F87E344976C}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{D8093FA6-EC25-41A6-AD3F-BF4A9C881DE0}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire

"{869E207B-2F29-4019-B686-8EA0407FA20B}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

"{23878910-276A-4CFC-B384-D2309FF5412F}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe

 

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-07-06 13:09]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 16:51]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]

R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-06 13:09]

R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-06 13:09]

R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-07-06 13:09]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 10:57]

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 10:26]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2437ad2-3949-11dd-a82a-806e6f6e6963}]

\shell\AutoRun\command - F:\LaunchU3.exe -a

 

*Newly Created Service* - CATCHME

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-Acer Tour - (no file)

HKLM-Run-eRecoveryService - (no file)

MSConfigStartUp-avast! - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

MSConfigStartUp-HotKeysCmds - C:\Windows\system32\hkcmd.exe

MSConfigStartUp-IgfxTray - C:\Windows\system32\igfxtray.exe

MSConfigStartUp-Persistence - C:\Windows\system32\igfxpers.exe

MSConfigStartUp-SetPanel - C:\Acer\APanel\APanel.cmd

MSConfigStartUp-SpybotSD TeaTimer - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

 

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-06 14:02:46

Windows 6.0.6001 Service Pack 1 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-07-06 14:03:46

ComboFix-quarantined-files.txt 2008-07-06 12:03:42

 

Pre-Run: 58,034,925,568 octets libres

Post-Run: 57,813,942,272 octets libres

 

323 --- E O F --- 2008-07-06 09:55:56

[Falkra]

Bonjour,

 

ComboFix n'est pas un outil de diagnostic et ne doit pas être utilisé à la légère, juste pour voir. A n'utilsier que prescrit par un helper formé à l'outil, autrement ça peut être dangereux pour le système !

 

Poste un rapport hijackThis dans ta prochaine réponse stp.

 

Clique sur ce lien pour télécharger HijackThis 2.0.2 :

http://www.trendsecure.com/portal/en-US/_d.../HiJackThis.exe

Cette version est sans installateur ou Zip à décompresser, choisis de l'enregistrer sur le bureau.

 

Double-clique sur l'icône HijackThis :

 

HijackThis démarre, c'est le premier bouton qui nous intéresse "Do a system scan and save a logfile" (le fichier "log" est le rapport).

Clique dessus.

 

Copie-colle le contenu du rapport qui va s'afficher dans le Bloc-notes dans ta prochaine réponse.