infection par exoclick[résolu]

[Falkra]

Ha oui ok, tu as la grosse bête du moment.

 

Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.

Ne pas utiliser en dehors de ce cas de figure ou seul : dangereux.

 

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).

• Assure toi que tous les programmes sont fermés avant de commencer.
  
• Désactive l'antivirus, sinon combofix va te mettre un message (sinon, dis ok au message).
  
• Double-clique combofix.exe afin de l'exécuter.
  
• Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  
• Si on te propose de redémarrer parc qu'un rootkit a été trouvé, fais-le.
  
• On va te proposer de télécharger et installer la console de récupération, clique sur "Oui" au message, autorise le téléchargement dans ton firewall si demandé, puis accepte le message de contrat utilisateur final.
  
• Le bureau disparaît, c'est normal, et il va revenir.
  
• Ne ferme pas la fenêtre qui s'ouvre, tu te retrouverais avec un bureau vide.
  
• Lorsque l'analyse sera terminée, un rapport apparaîtra.
  
• Copie-colle ce rapport dans ta prochaine réponse.
  Le rapport se trouve dans : C:\Combofix.txt (si jamais).
  

[Ethan Powel]

ComboFix 09-08-04.03 - mika 05/08/2009 16:14.1.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1535.1071 [GMT 2:00]

Running from: c:\documents and settings\mika\Bureau\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\mika\Application Data\BITS

c:\documents and settings\mika\Application Data\BITS\BITS.ini

c:\documents and settings\mika\Application Data\BITS\UPnP.ini

c:\documents and settings\mika\Application Data\inst.exe

c:\documents and settings\mika\Application Data\Microsoft\Internet Explorer\Quick Launch\Arovax AntiSpyware.lnk

c:\documents and settings\mika\Bureau\Windows Live Messenger .lnk

c:\documents and settings\mika\Favoris\CDISCOUNT N°1 de la vente de DVD, Informatique, Image et son, Musique, Electroménager ... !!!.URL

c:\documents and settings\mika\Favoris\Cinéma , Action Nancy Résultats de votre recherche .URL

c:\documents and settings\mika\Favoris\http fr.truveo.com .URL

c:\documents and settings\mika\Favoris\http www.cahiersducinema.com .URL

c:\documents and settings\mika\Favoris\http www.mcomet.com .URL

c:\documents and settings\mika\Favoris\leboncoin .fr le bon coin des petites annonces.URL

c:\documents and settings\parents\Bureau\Windows Live Messenger .lnk

c:\program files\FlashGet Network

c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log

c:\program files\FlashGet Network\FlashGet universal\fgoption.ini

c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini

c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat

c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat

c:\program files\FlashGet Network\FlashGet universal\transaction.log

c:\program files\Search Settings

c:\program files\Search Settings\kb127\SearchSettingsRes409.dll

c:\program files\Search Settings\SearchSettings.exe

c:\windows\10578zro54de9.dll

c:\windows\105z6spamb5t2719.cpl

c:\windows\109859t-a-virzs6f7.bin

c:\windows\10z06sp9m5ot712.exe

c:\windows\1109szarse1955.cpl

c:\windows\11135n9t-a-viruz491.bin

c:\windows\1115baczdoor1955.exe

c:\windows\11221spz2579.ocx

c:\windows\115585pyz99.bin

c:\windows\12030vzrus95.exe

c:\windows\12115pyz9.ocx

c:\windows\127czhie918985.dll

c:\windows\128noz-a-v9rus655.dll

c:\windows\13509h5cktozl6959.ocx

c:\windows\13790n5t-a-vizus5e0.dll

c:\windows\13869s5yz43.cpl

c:\windows\13901not-a-viru56z0.exe

c:\windows\14044no9-a-5irus42z.ocx

c:\windows\1405st9alz347.bin

c:\windows\14069hr5az18219.ocx

c:\windows\1412addz5re9300.ocx

c:\windows\14165vi95szd9.cpl

c:\windows\14346no5-azvir9s231.cpl

c:\windows\14428nzt-a-vir9s568.ocx

c:\windows\1455tzie917.ocx

c:\windows\14590spy17z5.dll

c:\windows\14669spz509.bin

c:\windows\14954zorm558.dll

c:\windows\14z07v9rus2825.exe

c:\windows\15201szam9ot2515.bin

c:\windows\15557no9-a-viruz157.bin

c:\windows\15595spa9zot3c25.exe

c:\windows\1561z9rm176.cpl

c:\windows\15659hac9tozl4e3.bin

c:\windows\15799ddware2329z.bin

c:\windows\15838no9-z5virus6e7.exe

c:\windows\15925hac9tool670z.cpl

c:\windows\15cz9own5oader2498.dll

c:\windows\15z95troj34a.bin

c:\windows\163599zy732.dll

c:\windows\1651zw9rm36b.dll

c:\windows\16860not-a5v9ruzf7.ocx

c:\windows\16fthz5a918747.bin

c:\windows\16z025orm6d69.ocx

c:\windows\17557zroj1c29.cpl

c:\windows\1796v5z2921.cpl

c:\windows\17d59ir4z6.cpl

c:\windows\17z51tr9j6e5.cpl

c:\windows\1860znot-a-v9rus2cc5.cpl

c:\windows\18748tr9j65ez.ocx

c:\windows\19045w5zm529.exe

c:\windows\191z5orm494.cpl

c:\windows\19215not-a-v5ruz7c9.exe

c:\windows\192z95oj5ca.dll

c:\windows\194z4sp9650.dll

c:\windows\19542not-a-v9zus267.ocx

c:\windows\19548szam9ot459.cpl

c:\windows\19753tzoj70.exe

c:\windows\19897zo5-a-virus444.exe

c:\windows\19a4vir1z85.bin

c:\windows\19z16hac5tool5d6.dll

c:\windows\19z99v5rus115.exe

c:\windows\1aa09ddwzre3151.bin

c:\windows\1bfaadzw9r52127.dll

c:\windows\1cczspa9s51826.cpl

c:\windows\1cz7vi59004.exe

c:\windows\1d8zthi9f2538.dll

c:\windows\1f75addwar9z227.exe

c:\windows\202z9s9a5bot2fe.cpl

c:\windows\20434spamb9tzf5.bin

c:\windows\2070hac5tzol569.ocx

c:\windows\2136z5py499.ocx

c:\windows\21559szy240.ocx

c:\windows\2166hacktooz5fb9.exe

c:\windows\21770noz5a9virus586.ocx

c:\windows\21z30tr9j519.exe

c:\windows\22d9v9r305z.ocx

c:\windows\23149teal1515z.dll

c:\windows\24010sp5z59.ocx

c:\windows\24959z5y385.ocx

c:\windows\24b35z9ef1009.dll

c:\windows\25205z9y524.bin

c:\windows\25438s9zmbot40b5.dll

c:\windows\25523ziru974c.ocx

c:\windows\25554hzc9tool28c.bin

c:\windows\25559trzj148.bin

c:\windows\25963n5t-a-viruz34f.exe

c:\windows\25999virzs4cb.exe

c:\windows\26377wo9m5z35.exe

c:\windows\26695zy7109.bin

c:\windows\269zspy9are17215.ocx

c:\windows\26c5t9iez1559.exe

c:\windows\26z07wo5m4529.exe

c:\windows\27248nzt9a5virus2fb.cpl

c:\windows\2741not-a-5iruz96a.cpl

c:\windows\27592vizus599.dll

c:\windows\27720hzc95ool13c.exe

c:\windows\27b95ddwarz973.ocx

c:\windows\284995acktzol94a.cpl

c:\windows\28499w5rm599z.dll

c:\windows\288095acktzol19f.dll

c:\windows\28993worm56z.dll

c:\windows\2945hackt9oz6e0.bin

c:\windows\2955znot-a-v9r5s37a.dll

c:\windows\2958spz59c.bin

c:\windows\29591worm7f0z.exe

c:\windows\29789s59z93.cpl

c:\windows\2987vz5us3199.exe

c:\windows\29893not-a-vir5s365z.dll

c:\windows\298not-z-v9ru539c.dll

c:\windows\29z44troj2245.bin

c:\windows\29z98tro9545.dll

c:\windows\2a19sparsz655.exe

c:\windows\2ac3tzreat56198.dll

c:\windows\2c0aad59arz322.dll

c:\windows\2c0e5zief1294.bin

c:\windows\2debz5arse2295.exe

c:\windows\2dfzadd9are2785.cpl

c:\windows\2ff5backdo9r5z0.exe

c:\windows\2z35worm1c39.bin

c:\windows\2z6435p94d5.dll

c:\windows\2z69s59rse3210.cpl

c:\windows\2z69ste951586.dll

c:\windows\2z779not-a-viru56699.ocx

c:\windows\2z798viru925f.bin

c:\windows\2z879ir5s1fc.cpl

c:\windows\30291not-azvirus566.cpl

c:\windows\303dsp59ze936.bin

c:\windows\30955trz5476.ocx

c:\windows\30dbzhi9f5219.bin

c:\windows\30z59hackt5o9297.bin

c:\windows\31257no9-a-virus355z.bin

c:\windows\31546spam9ot31z.cpl

c:\windows\31857ha9ktool5z65.bin

c:\windows\31934sz5mb9t77a.dll

c:\windows\32054zacktool593.dll

c:\windows\32088sp59bzt43b.ocx

c:\windows\3399bac5door29z5.dll

c:\windows\35538virz97c2.ocx

c:\windows\3588not-a-9iru54ze.exe

c:\windows\35b9sp59aze1390.dll

c:\windows\35f6st9al248z.bin

c:\windows\3650s95mbozcd.exe

c:\windows\37zebackdoor9350.dll

c:\windows\388esteaz1759.exe

c:\windows\38c8sp5r9z1202.ocx

c:\windows\392d5ddzare3159.bin

c:\windows\39417not5a-virusz03.dll

c:\windows\39477vir5z289.exe

c:\windows\3977add9aze9895.cpl

c:\windows\39b35iz2844.exe

c:\windows\3a0dszar9e25995.exe

c:\windows\3b8a5p9waze2331.cpl

c:\windows\3c59zir2676.exe

c:\windows\3dz8t9ief3235.bin

c:\windows\3ed9spz5are1194.cpl

c:\windows\3f8fbackdzor10695.cpl

c:\windows\3z25t9reat228085.cpl

c:\windows\3z267spamb9t7f85.cpl

c:\windows\3z7759rus455.exe

c:\windows\3z939orm3745.bin

c:\windows\42925pamb9t67z.ocx

c:\windows\4389threaz15533.exe

c:\windows\43fz9ownload5r2074.cpl

c:\windows\4560bzckdoor9175.dll

c:\windows\4576back5ooz28369.dll

c:\windows\461zspamb5t6bf9.cpl

c:\windows\466z9ackdoo51752.exe

c:\windows\467a95zware1312.bin

c:\windows\475zs9ywa5e1620.dll

c:\windows\480bac9zo5r1425.ocx

c:\windows\4908hacktz5l795.bin

c:\windows\4914s5y2z6.dll

c:\windows\496bthrezt555.bin

c:\windows\49z9pambot5ea.bin

c:\windows\4a5ddozn9oader855.bin

c:\windows\4b5edowzloa9er3121.exe

c:\windows\4c5as5zware18059.dll

c:\windows\4ca8ste9lz295.dll

c:\windows\4dd9zreat295905.ocx

c:\windows\4e83st9az595.ocx

c:\windows\4f12backdoo59179z.ocx

c:\windows\4f2zspar9e26285.ocx

c:\windows\4f325h9efz595.bin

c:\windows\4f8zbackdoo911515.bin

c:\windows\4faethre5z30969.dll

c:\windows\4z56th9ef275.bin

c:\windows\50469vizus966.exe

c:\windows\50z9spyware2591.dll

c:\windows\5119n9tza-virus1e2.bin

c:\windows\5119ro5zb.ocx

c:\windows\5166hazkt9o55dd.bin

c:\windows\51980not-a-v9zus727.cpl

c:\windows\519bviz546.ocx

c:\windows\51c5spa9se970z.exe

c:\windows\52092not-a-virzs565.cpl

c:\windows\520bba59zoor1720.bin

c:\windows\525z2spy249.ocx

c:\windows\52931nzt-a-virus388.exe

c:\windows\52c3addw9ze751.bin

c:\windows\5311z5r9140.bin

c:\windows\53b8sparse2z469.exe

c:\windows\53c6addware9z3.exe

c:\windows\53de59ief62z.dll

c:\windows\53fbs9eal1z48.exe

c:\windows\5459thizf3189.ocx

c:\windows\54899ozm35b.dll

c:\windows\5495s5amzot7bb.ocx

c:\windows\54f1azdwar9730.ocx

c:\windows\553bspyware9920z.exe

c:\windows\553zst9al135.dll

c:\windows\5555sparze993.bin

c:\windows\5579bac5dooz2900.ocx

c:\windows\5594troj9z.bin

c:\windows\5597thrz9t8427.ocx

c:\windows\55a9sp9ware17z4.ocx

c:\windows\55abspywar5960z.ocx

c:\windows\569evi59973z.ocx

c:\windows\57ee9zreat1194.exe

c:\windows\585dbazkdoor9605.ocx

c:\windows\58z9spambotc9.ocx

c:\windows\5905spambot95z.cpl

c:\windows\5910zi51914.dll

c:\windows\59409spz69b.dll

c:\windows\594at5reaz16642.exe

c:\windows\595athief1572z.cpl

c:\windows\5965thiez2749.exe

c:\windows\59776troj3z0.dll

c:\windows\5992spars55z4.exe

c:\windows\59f79pa5se134z.exe

c:\windows\59fzthief2195.ocx

c:\windows\5a91st5az1994.exe

c:\windows\5az4thre5t28599.cpl

c:\windows\5be75hief95z.dll

c:\windows\5c58th9eatz5185.exe

c:\windows\5c6zvi9448.bin

c:\windows\5c9bzckd9or2935.ocx

c:\windows\5cz7stea9112.bin

c:\windows\5d19z5eal3099.exe

c:\windows\5dc1bazkdo5r1924.dll

c:\windows\5e31dowzl9ade52963.cpl

c:\windows\5e69stea9316z.ocx

c:\windows\5e7bba5kdz9r2406.cpl

c:\windows\5f99sz5ware977.dll

c:\windows\5fbz9ddware2281.bin

c:\windows\5z519not-a-viru9f2.bin

c:\windows\5z9vir2254.dll

c:\windows\5zdav5r9159.ocx

c:\windows\61635hze91975.bin

c:\windows\6190downloade597z.cpl

c:\windows\6192addwzr5748.ocx

c:\windows\623z59y75c.exe

c:\windows\625cspa9sz2455.dll

c:\windows\6276thrz5t25909.cpl

c:\windows\6286wz5m964.cpl

c:\windows\639csp5rs9z57.ocx

c:\windows\639zt59ef1002.bin

c:\windows\63a5tz9ef383.bin

c:\windows\6535spywarz2594.cpl

c:\windows\659dspywa9e2680z.cpl

c:\windows\65c9spzware598.bin

c:\windows\6805downz5ade9596.ocx

c:\windows\6979spambotz5c.ocx

c:\windows\69d5spz9se1427.bin

c:\windows\69z9t5ief1504.ocx

c:\windows\6a07stealz6519.ocx

c:\windows\6a17zhief9550.ocx

c:\windows\6b49downloadez55229.bin

c:\windows\6be5zownload9r1549.cpl

c:\windows\6d769pzrse1925.dll

c:\windows\6e73st59z718.dll

c:\windows\6f0th9eaz752.cpl

c:\windows\6f99stza9495.ocx

c:\windows\6z989ackdoor535.dll

c:\windows\7005zack5ool13a9.ocx

c:\windows\7151steaz2329.ocx

c:\windows\73e99zr2556.cpl

c:\windows\7533st9al3z94.exe

c:\windows\7551worz4259.cpl

c:\windows\7560threat319z.bin

c:\windows\7564not-a-v9ru54zf.bin

c:\windows\758fba5kdoor29z89.cpl

c:\windows\75d1z5dware2954.exe

c:\windows\76159h5ef1188z.cpl

c:\windows\7707zh5eat9977.cpl

c:\windows\773zsp5rse9780.dll

c:\windows\77719zwnloader5047.bin

c:\windows\7784t5zea932287.cpl

c:\windows\7878thr5zt29095.bin

c:\windows\7b1z9p5ware182.exe

c:\windows\7b7a5zdware2994.bin

c:\windows\7c1a9hi5f637z.dll

c:\windows\7c51thzea920341.exe

c:\windows\7e67zp9r5e2506.exe

c:\windows\7e7fad5wzre2974.bin

c:\windows\7f53t5ie9313z.exe

c:\windows\7f5fvzr986.dll

c:\windows\7z6bstea93215.ocx

c:\windows\85ethzef619.exe

c:\windows\8959sp52zc9.bin

c:\windows\897th5ef1z1.bin

c:\windows\9059zirus4b9.bin

c:\windows\909spambot257z.ocx

c:\windows\916t9re5t1z727.cpl

c:\windows\92z7spy15d5.ocx

c:\windows\9369zrus505.ocx

c:\windows\93dzsteal9415.bin

c:\windows\93f5tzief1032.dll

c:\windows\9427spywzr5590.exe

c:\windows\9490spamzo55bf.ocx

c:\windows\9549vir5159z.dll

c:\windows\9565vir9sz2b.dll

c:\windows\9566spyzare221.exe

c:\windows\9589vzr1311.exe

c:\windows\95929worm56dz.cpl

c:\windows\9597zteal1772.cpl

c:\windows\959z5troj6fb.bin

c:\windows\95cezpyware635.dll

c:\windows\95z14virus58.exe

c:\windows\9616hzcktool5a.cpl

c:\windows\96855szy478.exe

c:\windows\97626sp5mbot3z6.bin

c:\windows\98052virus6ecz.bin

c:\windows\982hzck5ool19.exe

c:\windows\989spzmbot2715.bin

c:\windows\9925vir2z27.ocx

c:\windows\9950s5arsz2011.exe

c:\windows\9971tro5553z.bin

c:\windows\9975szy5e.exe

c:\windows\9b21zownloader2553.bin

c:\windows\9b8ds5zal797.bin

c:\windows\9c3spzr5e119.dll

c:\windows\9cezthief519.ocx

c:\windows\9d3downlozder2555.ocx

c:\windows\9za4addware539.bin

c:\windows\aas95al2319z.bin

c:\windows\b2ba5k9oor95z.ocx

c:\windows\b35tzi5f11779.exe

c:\windows\bc4s9arsz2255.dll

c:\windows\be75ir9z56.dll

c:\windows\bf1th5eat2040z9.cpl

c:\windows\c52v9r1z05.cpl

c:\windows\e94zpars51940.dll

c:\windows\jestertb.dll

c:\windows\system32\106599pambzt731.ocx

c:\windows\system32\109z9not-a5virus2db.exe

c:\windows\system32\115azddwa9e1057.exe

c:\windows\system32\11650viruz4169.exe

c:\windows\system32\11c9threa5z9698.dll

c:\windows\system32\12599z9y59c.cpl

c:\windows\system32\1281za5kdoor990.cpl

c:\windows\system32\13bac9dozr5564.ocx

c:\windows\system32\143549zam5ot5d5.cpl

c:\windows\system32\1440wor519z.bin

c:\windows\system32\14509spambot4z5.ocx

c:\windows\system32\14582vizus293.exe

c:\windows\system32\145cthi9z200.dll

c:\windows\system32\15093zpy5ca.cpl

c:\windows\system32\1525add9arz1017.cpl

c:\windows\system32\1555ztro92d4.ocx

c:\windows\system32\15565tr9j526z.exe

c:\windows\system32\15572vi9uz7ca.bin

c:\windows\system32\158dback9ooz2853.bin

c:\windows\system32\15f7zir9795.exe

c:\windows\system32\15z03wo9m755.bin

c:\windows\system32\16257viz9s509.dll

c:\windows\system32\166625acktool39z.bin

c:\windows\system32\169not-9-vi5us4fdz.dll

c:\windows\system32\17033tr5j1z9.bin

c:\windows\system32\17769zac9t5olef.exe

c:\windows\system32\18565sp9mbot737z.ocx

c:\windows\system32\18592s5z213.dll

c:\windows\system32\185z9ir445.bin

c:\windows\system32\18953wormza5.bin

c:\windows\system32\189zthief7005.exe

c:\windows\system32\194edow5lzader649.cpl

c:\windows\system32\1955trojz71.bin

c:\windows\system32\19592zot-a-virus2795.cpl

c:\windows\system32\1985addware14z9.dll

c:\windows\system32\1989sparsez058.dll

c:\windows\system32\19939not-59zirus74c.bin

c:\windows\system32\19981n5t-z-virus601.ocx

c:\windows\system32\199z2t5oj647.ocx

c:\windows\system32\1a09d5wnlozder1399.exe

c:\windows\system32\1a72spa95e53z.bin

c:\windows\system32\1b0z9pyware265.exe

c:\windows\system32\1b50vzr6529.exe

c:\windows\system32\1b59thzef2129.bin

c:\windows\system32\1d08a9dware2455z.exe

c:\windows\system32\1dethi5z12339.cpl

c:\windows\system32\1ea5az9war51964.cpl

c:\windows\system32\1f93thrzat914515.bin

c:\windows\system32\1z297troj25e.cpl

c:\windows\system32\1z318spa5bot692.ocx

c:\windows\system32\1z550spy9e5.exe

c:\windows\system32\1zaespy9are585.dll

c:\windows\system32\1zd5back5oor3049.cpl

c:\windows\system32\1zf5vir9360.bin

c:\windows\system32\1zfa9ir5164.exe

c:\windows\system32\20785vizu57d9.exe

c:\windows\system32\20b3thizf1579.bin

c:\windows\system32\21265spambo91ez.exe

c:\windows\system32\21595hz9ktool181.dll

c:\windows\system32\216eaddwa5z579.cpl

c:\windows\system32\21883w9r55fz.bin

c:\windows\system32\21980hackt5zl6a9.bin

c:\windows\system32\21e7spyw95z1786.exe

c:\windows\system32\22a9zpy5are1909.ocx

c:\windows\system32\23890noz-a-9iru5721.cpl

c:\windows\system32\23z70vir5955a.exe

c:\windows\system32\24053hacztoo5389.dll

c:\windows\system32\241ca5d9are19z3.ocx

c:\windows\system32\24327vir95296z.exe

c:\windows\system32\24560not-a-viru9z235.dll

c:\windows\system32\24a95ackdoo92350z.exe

c:\windows\system32\24a9zhr5at2891.cpl

c:\windows\system32\24z825acktool599.ocx

c:\windows\system32\25018not-a-vz5us952.ocx

c:\windows\system32\2506a9dzare1050.exe

c:\windows\system32\25493vizus500.cpl

c:\windows\system32\254dspa9sez6485.dll

c:\windows\system32\25507zot-a-v5rus958.cpl

c:\windows\system32\259bzpyware1965.ocx

c:\windows\system32\25cbsparz92651.bin

c:\windows\system32\25z58sp5987.bin

c:\windows\system32\25z99hrea57568.dll

c:\windows\system32\2640thiefz519.ocx

c:\windows\system32\2695zwor9751.bin

c:\windows\system32\27057v5r9z4d6.exe

c:\windows\system32\27e5zpyware98665.dll

c:\windows\system32\2804spyw9re5837z.ocx

c:\windows\system32\286609py4z5.bin

c:\windows\system32\28988not9a-v5ruszc.cpl

c:\windows\system32\29210zot-a-virus6bc5.ocx

c:\windows\system32\29259s5y7z7.dll

c:\windows\system32\29329hackt5zl6ba9.dll

c:\windows\system32\2968zt9o5719.exe

c:\windows\system32\297735zt-a9virus773.bin

c:\windows\system32\29784not-a-vizu54d4.exe

c:\windows\system32\2992not-z-vir5s4e0.ocx

c:\windows\system32\2a29t9zef5019.exe

c:\windows\system32\2a8f95zkdoor978.ocx

c:\windows\system32\2a90azd5ar92067.dll

c:\windows\system32\2ad4backdz953135.bin

c:\windows\system32\2bd5st9zl3529.ocx

c:\windows\system32\2e51szarse28819.cpl

c:\windows\system32\2ez69ir25175.ocx

c:\windows\system32\2z09ste5l2429.ocx

c:\windows\system32\300a9pars51670z.ocx

c:\windows\system32\30239zpy2815.exe

c:\windows\system32\30592trzj4e55.exe

c:\windows\system32\30652t9oz11f.dll

c:\windows\system32\30z4ste5l2948.exe

c:\windows\system32\31229ac5dzor2964.bin

c:\windows\system32\314245o9mzd8.exe

c:\windows\system32\31933sp57z9.ocx

c:\windows\system32\32019not5a-virus19dz.dll

c:\windows\system32\322365pa9bot1d6z.exe

c:\windows\system32\32395virus9bdz.bin

c:\windows\system32\325ad95are2240z.dll

c:\windows\system32\325z7virus90d5.cpl

c:\windows\system32\3459steal425z.dll

c:\windows\system32\3478zd59are1508.exe

c:\windows\system32\3492zparse19585.dll

c:\windows\system32\35609zpy30.exe

c:\windows\system32\35badownl9adez949.dll

c:\windows\system32\35d0a9dzare2106.dll

c:\windows\system32\36ebdown5oadzr26579.bin

c:\windows\system32\3793wozm49e5.bin

c:\windows\system32\3895baczdoo52502.exe

c:\windows\system32\39115ownloader3z049.ocx

c:\windows\system32\39115wzrm24a.ocx

c:\windows\system32\3967zvirus28f5.exe

c:\windows\system32\3989vzr9s1c5.ocx

c:\windows\system32\3beaad9warz541.exe

c:\windows\system32\3bz5thief2459.ocx

c:\windows\system32\3d35dow9lzader239.ocx

c:\windows\system32\3f30downz5ad9r182.exe

c:\windows\system32\3f7dszar5e3958.cpl

c:\windows\system32\3z30spar5e30349.dll

c:\windows\system32\3z4fste5l639.ocx

c:\windows\system32\3z62th9ef257.exe

c:\windows\system32\4071viru5z29.exe

c:\windows\system32\4175st95l29z8.cpl

c:\windows\system32\4271sz9mbot545.ocx

c:\windows\system32\4327stez91075.dll

c:\windows\system32\43705ddwzre239.dll

c:\windows\system32\43z5s5arse26059.ocx

c:\windows\system32\4550thrzat90947.ocx

c:\windows\system32\45945zoj3b59.dll

c:\windows\system32\45f6szarse5619.cpl

c:\windows\system32\4825zo5m69f.dll

c:\windows\system32\486zdow9loader556.ocx

c:\windows\system32\48d6z9ckdoor23495.dll

c:\windows\system32\4912zor5307.ocx

c:\windows\system32\492fadd5are1652z.cpl

c:\windows\system32\4980spz599.bin

c:\windows\system32\49cdvzr5925.bin

c:\windows\system32\4a91threa536z4.ocx

c:\windows\system32\4b0zdo5nloader907.exe

c:\windows\system32\4b43stea950z1.exe

c:\windows\system32\4bb49te5l2969z.cpl

c:\windows\system32\4eeza9dware2856.exe

c:\windows\system32\4z0as5eal9346.dll

c:\windows\system32\4z22addw5r91969.bin

c:\windows\system32\4z28th5eat3029.dll

c:\windows\system32\501zsp9455.exe

c:\windows\system32\5054not59-virus5z0.cpl

c:\windows\system32\505z4not-9-virus403.bin

c:\windows\system32\51296s9z6fe.exe

c:\windows\system32\5158zpyware923.exe

c:\windows\system32\5192spazse5999.exe

c:\windows\system32\5192zteal789.bin

c:\windows\system32\52542sp9742z.exe

c:\windows\system32\532w5rmz90.dll

c:\windows\system32\5347t5iefz329.ocx

c:\windows\system32\534ethie52993z.cpl

c:\windows\system32\535abzckdoor2291.ocx

c:\windows\system32\535fbazkd9or1034.bin

c:\windows\system32\53cvir90z.ocx

c:\windows\system32\53z9spar9e1866.ocx

c:\windows\system32\53zes95rse667.ocx

c:\windows\system32\5428s9ambotz5d.ocx

c:\windows\system32\54d0dow9loade51933z.bin

c:\windows\system32\54z7sp9782.cpl

c:\windows\system32\55410spy3z9.dll

c:\windows\system32\555athi9f59z.cpl

c:\windows\system32\55casparse90z8.ocx

c:\windows\system32\5603hackto9l2z5.ocx

c:\windows\system32\564bbackzoor9251.cpl

c:\windows\system32\5663spa5s98z.cpl

c:\windows\system32\5664thief329z.bin

c:\windows\system32\5727spar5e192z9.dll

c:\windows\system32\57d7do5nlzader1039.exe

c:\windows\system32\5835steal96z85.dll

c:\windows\system32\5870vizus6999.bin

c:\windows\system32\589csteal22z99.bin

c:\windows\system32\58c3spzw95e661.dll

c:\windows\system32\5904zir1105.cpl

c:\windows\system32\5909szeal1120.bin

c:\windows\system32\5923baz9door30215.bin

c:\windows\system32\5959virz158.bin

c:\windows\system32\595fzhre9t29108.dll

c:\windows\system32\59835ir559z.ocx

c:\windows\system32\598athre9tz0786.dll

c:\windows\system32\599fztea5459.ocx

c:\windows\system32\59addwaze30295.exe

c:\windows\system32\59c9stezl425.exe

c:\windows\system32\59z79teal303.cpl

c:\windows\system32\5b58down9oader205z.bin

c:\windows\system32\5b8fdo5nlzader299.dll

c:\windows\system32\5bddspa9sez559.dll

c:\windows\system32\5e52v9r17z6.dll

c:\windows\system32\5e8evir9z69.exe

c:\windows\system32\5f59spyzare843.dll

c:\windows\system32\5f5b9ckdooz55.ocx

c:\windows\system32\5f5vir29z9.exe

c:\windows\system32\5z71st9al1462.ocx

c:\windows\system32\5za5ackdoor998.cpl

c:\windows\system32\5za9backdoor1325.bin

c:\windows\system32\5zccs9yware94.ocx

c:\windows\system32\5zd5ad9ware2523.cpl

c:\windows\system32\5ze5addware2792.exe

c:\windows\system32\5zef9ir635.cpl

c:\windows\system32\5zf2vir2930.cpl

c:\windows\system32\60655zreat97059.cpl

c:\windows\system32\6295hief5z69.dll

c:\windows\system32\62dethi5f1495z.cpl

c:\windows\system32\6417spyw95z1191.cpl

c:\windows\system32\641dzo5nlo9der139.dll

c:\windows\system32\6525down9oader51z3.exe

c:\windows\system32\665zaddware9773.exe

c:\windows\system32\67bad9z5re1740.bin

c:\windows\system32\68z8st5al16509.ocx

c:\windows\system32\69a4addzar52485.ocx

c:\windows\system32\6a5sz5ware2954.dll

c:\windows\system32\6a95virz720.ocx

c:\windows\system32\6bb1do5nloaderz982.ocx

c:\windows\system32\6bz5vir9112.ocx

c:\windows\system32\6c975pyware287z.bin

c:\windows\system32\6d5faddwaze23339.cpl

c:\windows\system32\6d879hizf2205.ocx

c:\windows\system32\6d9azir4635.cpl

c:\windows\system32\6db8t9rez517448.dll

c:\windows\system32\6za69hief3335.cpl

c:\windows\system32\6zf5thief14239.dll

c:\windows\system32\7151hackzo9l225.cpl

c:\windows\system32\7191baczdoo52997.bin

c:\windows\system32\719c5oznloader9665.dll

c:\windows\system32\72259azkdoo51903.cpl

c:\windows\system32\7285no5-a-ziru920c.bin

c:\windows\system32\751ethie9287z.cpl

c:\windows\system32\755fthrzat12915.cpl

c:\windows\system32\7565virzs975.ocx

c:\windows\system32\757zspambo9578.dll

c:\windows\system32\75abzhreat11925.ocx

c:\windows\system32\7655backdooz2955.exe

c:\windows\system32\7662spars9z529.exe

c:\windows\system32\787v9r5s19az.dll

c:\windows\system32\7896t5reatz9076.cpl

c:\windows\system32\793dviz1597.dll

c:\windows\system32\794ft9i5f369z.cpl

c:\windows\system32\7b56zddw9re5255.dll

c:\windows\system32\7c13sp9rse5z9.dll

c:\windows\system32\7c29stea56z1.dll

c:\windows\system32\7c95spyware1932z.dll

c:\windows\system32\7cz9b5ckdoor507.cpl

c:\windows\system32\7e0z5parse1293.exe

c:\windows\system32\7e55thi9f18z8.cpl

c:\windows\system32\7eae5pzrse9059.ocx

c:\windows\system32\7f9dz5r2658.cpl

c:\windows\system32\7z2dt5ief2797.cpl

c:\windows\system32\7z525pambot1f9.cpl

c:\windows\system32\7z66not-a-9irus685.bin

c:\windows\system32\7z72threat19195.dll

c:\windows\system32\7ze09hreat5539.ocx

c:\windows\system32\MSIVXcoun_

c:\windows\z094sparse2955.exe

c:\windows\z157h5c9tool404.dll

c:\windows\z235t9ief532.exe

c:\windows\z2f6spa9se17865.exe

c:\windows\z34sparse9215.exe

c:\windows\z35cb9ckdoor1281.exe

c:\windows\z38dthie5797.cpl

c:\windows\z40espar59194.dll

c:\windows\z5000spam95t6bc.cpl

c:\windows\z559vir2496.bin

c:\windows\z62039r5j1e1.bin

c:\windows\z7437troj559.exe

c:\windows\z75445orm596.bin

c:\windows\z8775troj29f.cpl

c:\windows\z8837not9a-vi5us2bf.bin

c:\windows\z8f995r1526.ocx

c:\windows\z95worm305.dll

c:\windows\z9636h59ktool54.bin

c:\windows\z9ethief5195.cpl

c:\windows\zcaestea9255.cpl

c:\windows\ze40back9oor756.cpl

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_MSIVXserv.sys

 

 

((((((((((((((((((((((((( Files Created from 2009-07-05 to 2009-08-05 )))))))))))))))))))))))))))))))

.

 

2009-12-24 15:26 . 2009-12-24 15:26 15520 ----a-w- c:\windows\system32\z7c4s9ar5e1759.dll

2009-11-28 05:36 . 2009-11-28 05:36 5701 ----a-w- c:\windows\system32\z824addw95e56.bin

2009-11-24 07:20 . 2009-11-24 07:20 6888 ----a-w- c:\windows\system32\z1525s9y39a.bin

2009-11-14 07:55 . 2009-11-14 07:55 3519 ----a-w- c:\windows\z1875s9y5.exe

2009-10-19 07:40 . 2009-10-19 07:40 8909 ----a-w- c:\windows\system32\9154zorm4fc.bin

2009-10-15 11:15 . 2009-10-15 11:15 3144 ----a-w- c:\windows\system32\b925ackdooz908.exe

2009-10-13 09:38 . 2009-10-13 09:38 3192 ----a-w- c:\windows\system32\c955pyware3273z.exe

2009-08-05 13:55 . 2009-08-05 13:55 -------- d-----w- c:\documents and settings\mika\Local Settings\Application Data\Temp

2009-08-04 23:29 . 2009-08-04 23:29 152576 ----a-w- c:\documents and settings\mika\Application Data\Sun\Java\jre1.6.0_15\lzma.dll

2009-08-04 16:12 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys

2009-08-01 10:43 . 2009-08-01 10:43 14869 ----a-w- c:\windows\system32\zd99threat182995.dll

2009-07-29 17:08 . 2009-07-29 17:08 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.4\itstv.exe

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\windows\system32\temp

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\documents and settings\All Users\Application Data\PassMark

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\program files\BurnInTest

2009-07-29 01:41 . 2009-07-29 01:41 -------- d-----w- c:\windows\system32\AGEIA

2009-07-29 01:41 . 2009-07-29 01:41 -------- d-----w- c:\program files\AGEIA Technologies

2009-07-29 01:40 . 2009-07-29 01:41 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard

2009-07-29 01:40 . 2009-07-29 01:40 -------- d-----w- c:\program files\NVIDIA Corporation

2009-07-29 01:40 . 2009-07-29 01:40 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation

2009-07-29 01:39 . 2009-07-14 18:54 2189856 ----a-w- c:\windows\system32\nvcuvid.dll

2009-07-29 01:39 . 2009-07-14 18:54 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll

2009-07-29 01:39 . 2009-07-14 18:54 1597690 ----a-w- c:\windows\system32\nvdata.bin

2009-07-29 01:38 . 2009-07-29 01:38 -------- d-----w- C:\NVIDIA

2009-07-29 01:32 . 2009-07-29 16:29 -------- d-----w- c:\program files\SystemRequirementsLab

2009-07-29 01:32 . 2009-07-29 16:29 -------- d-----w- c:\documents and settings\mika\Application Data\SystemRequirementsLab

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll

2009-07-28 15:31 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys

2009-07-28 15:29 . 2009-07-28 15:29 -------- d-----w- c:\program files\Panda Security

2009-07-28 14:47 . 2009-07-28 14:47 -------- d-----w- c:\documents and settings\LocalService\Bureau

2009-07-28 14:45 . 2009-08-04 19:48 -------- d-----w- c:\program files\Lavasoft

2009-07-28 02:59 . 2009-07-29 01:40 -------- d-----w- c:\program files\trend micro

2009-07-28 02:59 . 2009-07-28 03:00 -------- d-----w- C:\rsit

2009-07-28 02:06 . 2009-07-28 02:06 12542 ----a-w- c:\windows\system32\9z99backdoor1547.bin

2009-07-28 02:06 . 2009-07-28 02:06 8771 ----a-w- c:\windows\system32\84985roz230.dll

2009-07-28 02:06 . 2009-07-28 02:06 2803 ----a-w- c:\windows\system32\83559o5-a-vizusd8.dll

2009-07-28 02:06 . 2009-07-28 02:06 16906 ----a-w- c:\windows\system32\8918n9t-a-v5rus32z.exe

2009-07-28 02:06 . 2009-07-28 02:06 16031 ----a-w- c:\windows\system32\z517spamb5933d.exe

2009-07-28 02:06 . 2009-07-28 02:06 15840 ----a-w- c:\windows\system32\97802sza5bot61a.dll

2009-07-28 02:06 . 2009-07-28 02:06 13785 ----a-w- c:\windows\system32\z4b39ir5677.dll

2009-07-28 02:06 . 2009-07-28 02:06 12854 ----a-w- c:\windows\system32\d95spy9are1196z.dll

2009-07-27 01:46 . 2009-07-27 14:20 -------- d-----w- c:\program files\RapidCheck

2009-07-24 17:21 . 2009-07-24 17:21 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3\itstv.exe

2009-07-21 01:32 . 2009-07-21 01:33 -------- d-----w- c:\documents and settings\mika\Application Data\DeepBurner

2009-07-21 01:31 . 2009-07-21 02:10 -------- d-----w- c:\program files\Astonsoft

2009-07-21 01:24 . 2009-07-21 01:29 -------- d-----w- c:\documents and settings\mika\Application Data\Color7 DVD Creator

2009-07-21 01:22 . 2009-07-21 01:22 81920 ----a-w- c:\documents and settings\mika\Application Data\ezpinst.exe

2009-07-20 15:11 . 2003-01-26 10:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll

2009-07-20 02:13 . 2009-07-20 02:13 -------- d-----w- c:\documents and settings\mika\Application Data\Canneverbe_Limited

2009-07-19 02:22 . 2009-07-19 02:22 7669 ----a-w- c:\windows\system32\z6159spy9b6.bin

2009-07-18 14:46 . 2009-07-18 14:46 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2\itstv.exe

2009-07-18 00:55 . 2009-07-18 00:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp

2009-07-14 11:34 . 2009-07-14 11:34 86016 ----a-w- c:\windows\system32\nvmctray.dll

2009-07-14 11:34 . 2009-07-14 11:34 8085504 ----a-w- c:\windows\system32\nvdispsr.dll

2009-07-14 11:34 . 2009-07-14 11:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll

2009-07-14 11:34 . 2009-07-14 11:34 4640768 ----a-w- c:\windows\system32\nvgamesr.dll

2009-07-14 11:34 . 2009-07-14 11:34 458752 ----a-w- c:\windows\system32\nvmccssr.dll

2009-07-14 11:34 . 2009-07-14 11:34 3547136 ----a-w- c:\windows\system32\nvgames.dll

2009-07-14 11:34 . 2009-07-14 11:34 2854912 ----a-w- c:\windows\system32\nvmoblsr.dll

2009-07-14 11:34 . 2009-07-14 11:34 188416 ----a-w- c:\windows\system32\nvmccss.dll

2009-07-14 11:34 . 2009-07-14 11:34 168004 ----a-w- c:\windows\system32\nvsvc32.exe

2009-07-14 11:34 . 2009-07-14 11:34 143360 ----a-w- c:\windows\system32\nvcolor.exe

2009-07-14 11:34 . 2009-07-14 11:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll

2009-07-14 11:34 . 2009-07-14 11:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll

2009-07-14 11:34 . 2009-07-14 11:34 229376 ----a-w- c:\windows\system32\nvmccs.dll

2009-07-10 22:43 . 2009-07-10 22:43 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1\itstv.exe

2009-07-06 17:31 . 2009-07-06 17:31 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0\itstv.exe

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-04 23:31 . 2009-02-06 21:53 -------- d-----w- c:\program files\Java

2009-08-04 21:26 . 2008-11-11 20:25 -------- d-----w- c:\documents and settings\mika\Application Data\BitTorrent

2009-08-04 21:17 . 2008-11-11 00:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-04 19:48 . 2008-11-11 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-08-04 18:14 . 2009-06-07 15:22 -------- d-----w- c:\documents and settings\mika\Application Data\Spyware Terminator

2009-08-04 18:14 . 2009-06-07 15:22 -------- d-----w- c:\program files\Spyware Terminator

2009-08-04 17:41 . 2008-11-10 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2009-08-04 15:42 . 2009-06-07 15:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator

2009-08-04 15:21 . 2008-12-19 17:59 -------- d-----w- c:\program files\Arovax AntiSpyware

2009-08-03 11:36 . 2008-11-11 00:20 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-03 11:36 . 2008-11-11 00:20 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-03 03:43 . 2008-11-11 20:15 -------- d-----w- c:\documents and settings\mika\Application Data\dvdcss

2009-08-02 12:50 . 2008-11-11 00:13 -------- d-----w- c:\documents and settings\mika\Application Data\uTorrent

2009-07-31 02:53 . 2008-11-11 21:00 -------- d-----w- c:\documents and settings\mika\Application Data\Azureus

2009-07-29 02:58 . 2009-06-02 18:12 -------- d-----w- c:\program files\Conquete 2.0

2009-07-29 02:45 . 2008-11-11 00:17 -------- d-----w- c:\documents and settings\mika\Application Data\DNA

2009-07-29 01:44 . 2008-11-11 00:17 -------- d-----w- c:\program files\DNA

2009-07-29 01:30 . 2009-07-29 01:30 1801 ----a-w- c:\documents and settings\All Users\Application Data\xml10F.tmp

2009-07-29 01:30 . 2009-07-29 01:30 0 ----a-w- c:\documents and settings\All Users\Application Data\xml10E.tmp

2009-07-29 01:30 . 2009-07-29 01:30 13657 ----a-w- c:\documents and settings\All Users\Application Data\xml10D.tmp

2009-07-29 01:30 . 2009-07-29 01:30 8858 ----a-w- c:\documents and settings\All Users\Application Data\xml10C.tmp

2009-07-28 15:45 . 2009-06-06 23:53 -------- d-----w- c:\program files\VS Revo Group

2009-07-25 15:36 . 2008-11-11 20:59 -------- d-----w- c:\program files\Azureus

2009-07-25 03:23 . 2009-02-06 21:54 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-07-23 00:51 . 2009-04-09 14:55 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-21 01:23 . 2009-02-09 18:11 -------- d-----w- c:\documents and settings\mika\Application Data\Vso

2009-07-21 01:22 . 2009-02-09 18:11 47360 ----a-w- c:\documents and settings\mika\Application Data\pcouffin.sys

2009-07-21 01:22 . 2009-02-09 18:11 47360 ----a-w- c:\documents and settings\mika\Application Data\pcouffin.sys

2009-07-21 00:59 . 2008-11-11 00:25 -------- d-----w- c:\program files\Fichiers communs\Apple

2009-07-21 00:55 . 2009-06-07 00:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-07-14 18:54 . 2008-11-10 20:56 485920 ----a-w- c:\windows\system32\nvudisp.exe

2009-07-14 18:54 . 2008-06-26 01:57 868352 ----a-w- c:\windows\system32\nvapi.dll

2009-07-14 18:54 . 2008-06-26 01:57 7741664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2009-07-14 18:54 . 2008-06-26 01:57 5842816 ----a-w- c:\windows\system32\nv4_disp.dll

2009-07-14 18:54 . 2008-06-26 01:57 2002944 ----a-w- c:\windows\system32\nvcuda.dll

2009-07-14 18:54 . 2008-06-26 01:57 151552 ----a-w- c:\windows\system32\nvcodins.dll

2009-07-14 18:54 . 2008-06-26 01:57 151552 ----a-w- c:\windows\system32\nvcod.dll

2009-07-14 18:54 . 2008-06-26 01:57 10457088 ----a-w- c:\windows\system32\nvoglnt.dll

2009-07-10 05:01 . 2008-11-10 20:52 485920 ----a-w- c:\windows\system32\NVUNINST.EXE

2009-07-05 23:21 . 2009-07-05 23:21 -------- d-----w- c:\program files\K-Lite Codec Pack

2009-07-05 00:19 . 2009-07-05 00:18 -------- d-----w- c:\program files\AVIcodec

2009-07-05 00:14 . 2009-07-05 00:14 -------- d-----w- c:\program files\FormatFactory

2009-07-05 00:05 . 2009-04-23 23:08 -------- d-----w- c:\documents and settings\mika\Application Data\AVI ReComp

2009-07-04 01:48 . 2008-11-08 15:10 37680 ----a-w- c:\documents and settings\mika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-07-04 01:48 . 2009-07-04 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe

2009-07-04 01:48 . 2009-07-04 01:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Droppix

2009-07-04 01:46 . 2009-07-04 01:46 -------- d-----w- c:\documents and settings\mika\Application Data\Droppix

2009-07-04 01:46 . 2009-07-04 01:46 -------- d-----w- c:\program files\illiminable

2009-07-04 01:45 . 2009-07-04 01:45 -------- d-----w- c:\program files\Fichiers communs\Droppix

2009-07-04 01:45 . 2009-07-04 01:45 -------- d-----w- c:\program files\Droppix

2009-06-28 20:37 . 2009-06-28 20:37 -------- d-----w- c:\program files\WinDirStat

2009-06-25 17:53 . 2009-06-25 17:53 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9\itstv.exe

2009-06-20 22:47 . 2009-06-20 22:47 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8\itstv.exe

2009-06-20 20:07 . 2008-11-10 22:39 -------- d-----w- c:\program files\USB Disk Win98 Driver

2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 00:25 . 2009-06-15 00:25 -------- d-----w- c:\documents and settings\LocalService\Application Data\Media Player Classic

2009-06-13 12:26 . 2009-06-13 12:26 -------- d-----w- c:\program files\VirginMega

2009-06-13 12:26 . 2009-06-13 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-06-12 15:19 . 2008-11-10 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-06-10 17:58 . 2009-06-10 17:58 20480 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7\itstv.exe

2009-06-08 23:12 . 2009-06-08 22:59 -------- d-----w- c:\documents and settings\mika\Application Data\EoRezo

2009-06-08 22:59 . 2009-06-08 22:59 698903 ----a-w- c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\unins000.exe

2009-06-08 20:38 . 2009-06-08 20:23 91221 ----a-w- c:\windows\hpoins06.dat

2009-06-08 20:01 . 2008-11-16 18:51 -------- d-----w- c:\documents and settings\mika\Application Data\Image Zone Express

2009-06-08 19:55 . 2009-06-08 19:55 71519 ----a-w- c:\windows\hpqins05.dat

2009-06-08 18:16 . 2009-06-08 18:16 -------- d-----w- c:\program files\CCleaner

2009-06-08 18:14 . 2009-06-08 18:12 -------- d-----w- c:\program files\LiveRadio

2009-06-08 18:09 . 2009-06-08 18:07 -------- d-----w- c:\program files\RegCleaner

2009-06-07 15:22 . 2009-06-07 15:22 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe

2009-06-07 15:22 . 2009-06-07 15:22 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys

2009-06-07 15:22 . 2009-06-07 15:22 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2009-06-07 02:42 . 2009-06-07 02:30 -------- d-----w- c:\program files\Web Media Player

2009-06-07 00:48 . 2009-06-07 00:48 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-06-06 19:50 . 2009-06-06 19:15 -------- d-----w- c:\program files\Navilog1

2009-06-05 16:42 . 2009-06-05 16:42 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2009-06-03 19:10 . 2006-03-02 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll

2009-06-03 18:10 . 2009-06-03 18:10 165376 ----a-w- c:\windows\system32\drivers\atksgt.sys

2009-06-03 18:10 . 2009-06-03 18:10 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys

2009-05-30 18:14 . 2009-05-30 18:14 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2009-05-30 18:14 . 2009-05-30 18:14 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2009-05-29 21:37 . 2009-07-05 23:21 205824 ----a-w- c:\windows\system32\xvidvfw.dll

2009-05-29 21:31 . 2009-07-05 23:21 881664 ----a-w- c:\windows\system32\xvidcore.dll

2009-05-16 06:14 . 2009-05-16 06:14 12530 ----a-w- c:\windows\system32\9z3downloader1585.exe

2009-05-15 22:26 . 2009-05-15 22:26 27632 ---ha-w- c:\windows\system32\mlfcache.dat

2009-05-13 05:04 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-07 15:33 . 2006-03-02 12:00 348672 ----a-w- c:\windows\system32\localspl.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-11-11 185872]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-07-21 2173440]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-01-29 16859648]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk

backup=c:\windows\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Lavasoft Ad-Aware Service"=2 (0x2)

"Droppix Service"=3 (0x3)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Ares\\Ares.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\Program Files\\Glest_3.2.2\\glest.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=

"c:\\Program Files\\Sunflowers\\ParaWorld\\bin\\PWServer.exe"=

"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"16290:TCP"= 16290:TCP:BitComet 16290 TCP

"16290:UDP"= 16290:UDP:BitComet 16290 UDP

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [28/07/2009 17:31 28544]

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [07/06/2009 17:22 142592]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/05/2009 17:32 108289]

R3 hpnuhst;HP NUSB Host;c:\windows\system32\drivers\hpnuhst.sys [16/11/2008 19:36 10752]

R3 HPNUHUB;HP NUSB Hub;c:\windows\system32\drivers\hpnuhub.sys [16/11/2008 19:36 37120]

S2 gupdate1c9bab67262b7fa;Service Google Update (gupdate1c9bab67262b7fa);c:\program files\Google\Update\GoogleUpdate.exe [11/04/2009 17:01 133104]

S3 HPNUCMP;HP NUSB Composite;c:\windows\system32\drivers\hpnucmp.sys [16/11/2008 19:36 11648]

S3 MRVW225;802.11g/b Wireless LAN Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [22/01/2009 20:00 299904]

S3 RTLWUSB;Wireless Adapter;c:\windows\system32\DRIVERS\hpl8187.sys --> c:\windows\system32\DRIVERS\hpl8187.sys [?]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]

S4 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [04/07/2009 03:45 221184]

.

Contents of the 'Scheduled Tasks' folder

 

2009-06-25 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

 

2009-08-05 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-10 13:12]

 

2009-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-11 15:01]

 

2009-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-11 15:01]

 

2009-08-05 c:\windows\Tasks\User_Feed_Synchronization-{218DC838-FC98-4069-8B1A-40C90B2B6747}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

- - - - ORPHANS REMOVED - - - -

 

Notify-dimsntfy - (no file)

 

 

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.missim.org/

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

mStart Page = hxxp://www.missim.org/

uInternet Settings,ProxyOverride = *.local

IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm

IE: ÓñÈÌؾ«ÁéÏÂÔØ(&B)

IE: { - c:\program files\Messenger\msmsgs.exe

IE: {{EF761701-4352-4F93-9B44-A8C65B1A79E3} - c:\program files\FreshDevices\FreshDownload\fd.exe

TCP: {F15CBD83-A2CF-46CE-A4F3-C654B0090C9B} = 208.67.220.220,208.67.222.222

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

FF - ProfilePath - c:\documents and settings\mika\Application Data\Mozilla\Firefox\Profiles\k38xr0s8.default\

FF - prefs.js: browser.startup.homepage - hxxp://y.lo.st

FF - prefs.js: browser.search.selectedEngine - Orbit Search (Powered By Google)

FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=

FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=

FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/);0 series

FF - component: c:\documents and settings\mika\Application Data\Mozilla\Firefox\Profiles\k38xr0s8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\program files\Picasa2\npPicasa2.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-05 16:25

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-2000478354-879983540-839522115-1004\Software\SecuROM\License information*]

"datasecu"=hex:0e,bd,c2,34,0c,5e,f4,d4,32,7a,99,06,72,41,1d,53,28,e4,3c,fa,f1,

86,9d,7d,19,bb,85,3f,27,a4,78,da,3a,71,0a,7d,31,f8,8b,41,81,b9,bf,b2,75,86,\

"rkeysecu"=hex:e2,94,de,14,a3,0e,78,6c,6b,88,d2,3e,8e,95,86,d3

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{019e0f7a-fa99-4723-a684-a09aa1ed4a8e}]

@Denied: (Full) (Everyone)

"Model"=dword:0000015a

"Therad"=dword:00000020

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):2e,b3,a2,ed,bf,66,4c,f1,42,d4,04,cb,5e,35,fd,e6,02,e5,fa,b5,28,

37,0e,71,b4,ab,95,6f,10,01,81,57,f7,7f,9e,4d,de,31,33,3e,00,00,00,00,00,00,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'explorer.exe'(3996)

c:\windows\system32\eappprxy.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\FTRTSVC.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\IoctlSvc.exe

c:\windows\system32\HPZipm12.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Spyware Terminator\sp_rsser.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2009-08-05 16:33 - machine was rebooted

ComboFix-quarantined-files.txt 2009-08-05 14:33

 

Pre-Run: 205 008 236 544 octets libres

Post-Run: 205 689 044 992 octets libres

 

1019 --- E O F --- 2009-07-22 15:46

[Falkra]

La machine est surinfectée, et par plein de trucs là. Tout ça vient du p2p, ça grouille dans la machine. faux moteur de recherche lo.st, eorezo, sans parler des malwares à la pelle.

 

Ce qui suit n'est que pour cette machine, et cette machine seulement.

Ne surtout pas utiliser sur une autre machine : dangereux.

 

 

• Télécharge le fichier CFscriptEP2.txt depuis ce site :
  http://senduit.com/6d1b25
   
  
• Place-le sur le bureau, près de l'icône de combofix.
  
• Fais un glisser/déposer de ce fichier CFscriptEP2 sur le fichier ComboFix.exe comme sur la capture
  

• Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
  
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
  
• Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
  

[Ethan Powel]

ComboFix 09-08-04.03 - mika 05/08/2009 16:51.2.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1535.1034 [GMT 2:00]

Running from: c:\documents and settings\mika\Bureau\ComboFix.exe

Command switches used :: c:\documents and settings\mika\Bureau\CFscriptEP2.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

 

FILE ::

"c:\windows\system32\83559o5-a-vizusd8.dll"

"c:\windows\system32\84985roz230.dll"

"c:\windows\system32\8918n9t-a-v5rus32z.exe"

"c:\windows\system32\9154zorm4fc.bin"

"c:\windows\system32\97802sza5bot61a.dll"

"c:\windows\system32\9z3downloader1585.exe"

"c:\windows\system32\9z99backdoor1547.bin"

"c:\windows\system32\b925ackdooz908.exe"

"c:\windows\system32\c955pyware3273z.exe"

"c:\windows\system32\d95spy9are1196z.dll"

"c:\windows\system32\z1525s9y39a.bin"

"c:\windows\system32\z4b39ir5677.dll"

"c:\windows\system32\z517spamb5933d.exe"

"c:\windows\system32\z7c4s9ar5e1759.dll"

"c:\windows\system32\z824addw95e56.bin"

"c:\windows\z1875s9y5.exe"

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\mika\Application Data\EoRezo

c:\documents and settings\mika\Application Data\EoRezo\cache

c:\documents and settings\mika\Application Data\EoRezo\cmhost.cyp

c:\documents and settings\mika\Application Data\EoRezo\ConfMedia.cyp

c:\documents and settings\mika\Application Data\EoRezo\eoDesktop\config.xml

c:\documents and settings\mika\Application Data\EoRezo\eoDesktop\eoDesktop.html

c:\documents and settings\mika\Application Data\EoRezo\eoDesktop\userConfig.xml

c:\documents and settings\mika\Application Data\EoRezo\host.cyp

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\help_config.cyp

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.4\itstv.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\unins000.dat

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\unins000.exe

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\user_config.cyp

c:\documents and settings\mika\Application Data\EoRezo\SoftwareUpdate\user_profil.cyp

c:\documents and settings\mika\Application Data\EoRezo\user.cyp

c:\windows\system32\8015v9ru513az.bin

c:\windows\system32\8034ha5ktoo92ez.cpl

c:\windows\system32\809zspam5ot9a6.ocx

c:\windows\system32\815ztroj925.exe

c:\windows\system32\83559o5-a-vizusd8.dll

c:\windows\system32\846notz9-v5rus48e.ocx

c:\windows\system32\84985roz230.dll

c:\windows\system32\8549s9a5bzt5c9.dll

c:\windows\system32\8616hackzo9l555.exe

c:\windows\system32\8916spambz545f.dll

c:\windows\system32\8918n9t-a-v5rus32z.exe

c:\windows\system32\90128ha5ktool2z5.bin

c:\windows\system32\9032spamb9tz5.ocx

c:\windows\system32\90573zorm5d2.exe

c:\windows\system32\90798tzo5513.ocx

c:\windows\system32\908d5wnlo9der32z2.cpl

c:\windows\system32\91145virus12z.cpl

c:\windows\system32\9154zorm4fc.bin

c:\windows\system32\9163zac9tool55d.exe

c:\windows\system32\91798z5rm765.bin

c:\windows\system32\922fdownloazer1055.ocx

c:\windows\system32\938virz05.exe

c:\windows\system32\93z85teal1375.exe

c:\windows\system32\9420t5rzat9594.exe

c:\windows\system32\9489wzrm695.exe

c:\windows\system32\9521trzj511.dll

c:\windows\system32\9555zrojac.cpl

c:\windows\system32\95a0spyware3z39.cpl

c:\windows\system32\9684szyware5013.cpl

c:\windows\system32\97802sza5bot61a.dll

c:\windows\system32\985zsteal15675.cpl

c:\windows\system32\98930szam5ot5a6.exe

c:\windows\system32\99135s5ambot49z.ocx

c:\windows\system32\9985pambotzc.ocx

c:\windows\system32\99924spzmbo512.ocx

c:\windows\system32\9b405ir21z6.dll

c:\windows\system32\9be0spar5e28z.cpl

c:\windows\system32\9bf8backdooz1597.bin

c:\windows\system32\9f5bzackdoor1115.ocx

c:\windows\system32\9f7dzwnloade92335.dll

c:\windows\system32\9z3downloader1585.exe

c:\windows\system32\9z99backdoor1547.bin

c:\windows\system32\b085pars9104z.ocx

c:\windows\system32\b925ackdooz908.exe

c:\windows\system32\be4t5ie9781z.cpl

c:\windows\system32\c955pyware3273z.exe

c:\windows\system32\d95spy9are1196z.dll

c:\windows\system32\e45a9dware155z.cpl

c:\windows\system32\z092addware5995.bin

c:\windows\system32\z1525s9y39a.bin

c:\windows\system32\z1839w9r57dc.cpl

c:\windows\system32\z275h9cktoo577.dll

c:\windows\system32\z44945irus5ab.exe

c:\windows\system32\z4b39ir5677.dll

c:\windows\system32\z517spamb5933d.exe

c:\windows\system32\z5d0sp9rse1974.dll

c:\windows\system32\z6159spy9b6.bin

c:\windows\system32\z6263viru5597.ocx

c:\windows\system32\z6589not-a5virus8c.exe

c:\windows\system32\z6591spy27e5.exe

c:\windows\system32\z7c4s9ar5e1759.dll

c:\windows\system32\z824addw95e56.bin

c:\windows\system32\z9a2st5al2906.dll

c:\windows\system32\zb55h9eat14707.cpl

c:\windows\system32\zd99threat182995.dll

c:\windows\z1875s9y5.exe

 

.

((((((((((((((((((((((((( Files Created from 2009-07-05 to 2009-08-05 )))))))))))))))))))))))))))))))

.

 

2009-08-05 13:55 . 2009-08-05 13:55 -------- d-----w- c:\documents and settings\mika\Local Settings\Application Data\Temp

2009-08-04 23:29 . 2009-08-04 23:29 152576 ----a-w- c:\documents and settings\mika\Application Data\Sun\Java\jre1.6.0_15\lzma.dll

2009-08-04 16:12 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll

2009-07-29 16:29 . 2009-07-29 16:29 207872 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\windows\system32\temp

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\documents and settings\All Users\Application Data\PassMark

2009-07-29 16:08 . 2009-07-29 16:08 -------- d-----w- c:\program files\BurnInTest

2009-07-29 01:41 . 2009-07-29 01:41 -------- d-----w- c:\windows\system32\AGEIA

2009-07-29 01:41 . 2009-07-29 01:41 -------- d-----w- c:\program files\AGEIA Technologies

2009-07-29 01:40 . 2009-07-29 01:41 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard

2009-07-29 01:40 . 2009-07-29 01:40 -------- d-----w- c:\program files\NVIDIA Corporation

2009-07-29 01:40 . 2009-07-29 01:40 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation

2009-07-29 01:39 . 2009-07-14 18:54 2189856 ----a-w- c:\windows\system32\nvcuvid.dll

2009-07-29 01:39 . 2009-07-14 18:54 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll

2009-07-29 01:39 . 2009-07-14 18:54 1597690 ----a-w- c:\windows\system32\nvdata.bin

2009-07-29 01:38 . 2009-07-29 01:38 -------- d-----w- C:\NVIDIA

2009-07-29 01:32 . 2009-07-29 16:29 -------- d-----w- c:\program files\SystemRequirementsLab

2009-07-29 01:32 . 2009-07-29 16:29 -------- d-----w- c:\documents and settings\mika\Application Data\SystemRequirementsLab

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll

2009-07-29 01:32 . 2009-07-29 01:32 290816 ----a-w- c:\documents and settings\mika\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll

2009-07-28 15:31 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys

2009-07-28 15:29 . 2009-07-28 15:29 -------- d-----w- c:\program files\Panda Security

2009-07-28 14:47 . 2009-07-28 14:47 -------- d-----w- c:\documents and settings\LocalService\Bureau

2009-07-28 14:45 . 2009-08-04 19:48 -------- d-----w- c:\program files\Lavasoft

2009-07-28 02:59 . 2009-07-29 01:40 -------- d-----w- c:\program files\trend micro

2009-07-28 02:59 . 2009-07-28 03:00 -------- d-----w- C:\rsit

2009-07-27 01:46 . 2009-07-27 14:20 -------- d-----w- c:\program files\RapidCheck

2009-07-21 01:32 . 2009-07-21 01:33 -------- d-----w- c:\documents and settings\mika\Application Data\DeepBurner

2009-07-21 01:31 . 2009-07-21 02:10 -------- d-----w- c:\program files\Astonsoft

2009-07-21 01:24 . 2009-07-21 01:29 -------- d-----w- c:\documents and settings\mika\Application Data\Color7 DVD Creator

2009-07-21 01:22 . 2009-07-21 01:22 81920 ----a-w- c:\documents and settings\mika\Application Data\ezpinst.exe

2009-07-20 15:11 . 2003-01-26 10:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll

2009-07-20 02:13 . 2009-07-20 02:13 -------- d-----w- c:\documents and settings\mika\Application Data\Canneverbe_Limited

2009-07-18 00:55 . 2009-07-18 00:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp

2009-07-14 11:34 . 2009-07-14 11:34 86016 ----a-w- c:\windows\system32\nvmctray.dll

2009-07-14 11:34 . 2009-07-14 11:34 8085504 ----a-w- c:\windows\system32\nvdispsr.dll

2009-07-14 11:34 . 2009-07-14 11:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll

2009-07-14 11:34 . 2009-07-14 11:34 4640768 ----a-w- c:\windows\system32\nvgamesr.dll

2009-07-14 11:34 . 2009-07-14 11:34 458752 ----a-w- c:\windows\system32\nvmccssr.dll

2009-07-14 11:34 . 2009-07-14 11:34 3547136 ----a-w- c:\windows\system32\nvgames.dll

2009-07-14 11:34 . 2009-07-14 11:34 2854912 ----a-w- c:\windows\system32\nvmoblsr.dll

2009-07-14 11:34 . 2009-07-14 11:34 188416 ----a-w- c:\windows\system32\nvmccss.dll

2009-07-14 11:34 . 2009-07-14 11:34 168004 ----a-w- c:\windows\system32\nvsvc32.exe

2009-07-14 11:34 . 2009-07-14 11:34 143360 ----a-w- c:\windows\system32\nvcolor.exe

2009-07-14 11:34 . 2009-07-14 11:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll

2009-07-14 11:34 . 2009-07-14 11:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll

2009-07-14 11:34 . 2009-07-14 11:34 229376 ----a-w- c:\windows\system32\nvmccs.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-05 14:36 . 2009-06-07 15:22 -------- d-----w- c:\documents and settings\mika\Application Data\Spyware Terminator

2009-08-04 23:31 . 2009-02-06 21:53 -------- d-----w- c:\program files\Java

2009-08-04 21:26 . 2008-11-11 20:25 -------- d-----w- c:\documents and settings\mika\Application Data\BitTorrent

2009-08-04 21:17 . 2008-11-11 00:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-04 19:48 . 2008-11-11 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-08-04 18:14 . 2009-06-07 15:22 -------- d-----w- c:\program files\Spyware Terminator

2009-08-04 17:41 . 2008-11-10 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2009-08-04 15:42 . 2009-06-07 15:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator

2009-08-04 15:21 . 2008-12-19 17:59 -------- d-----w- c:\program files\Arovax AntiSpyware

2009-08-03 11:36 . 2008-11-11 00:20 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-03 11:36 . 2008-11-11 00:20 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-03 03:43 . 2008-11-11 20:15 -------- d-----w- c:\documents and settings\mika\Application Data\dvdcss

2009-08-02 12:50 . 2008-11-11 00:13 -------- d-----w- c:\documents and settings\mika\Application Data\uTorrent

2009-07-31 02:53 . 2008-11-11 21:00 -------- d-----w- c:\documents and settings\mika\Application Data\Azureus

2009-07-29 02:58 . 2009-06-02 18:12 -------- d-----w- c:\program files\Conquete 2.0

2009-07-29 02:45 . 2008-11-11 00:17 -------- d-----w- c:\documents and settings\mika\Application Data\DNA

2009-07-29 01:44 . 2008-11-11 00:17 -------- d-----w- c:\program files\DNA

2009-07-29 01:30 . 2009-07-29 01:30 1801 ----a-w- c:\documents and settings\All Users\Application Data\xml10F.tmp

2009-07-29 01:30 . 2009-07-29 01:30 0 ----a-w- c:\documents and settings\All Users\Application Data\xml10E.tmp

2009-07-29 01:30 . 2009-07-29 01:30 13657 ----a-w- c:\documents and settings\All Users\Application Data\xml10D.tmp

2009-07-29 01:30 . 2009-07-29 01:30 8858 ----a-w- c:\documents and settings\All Users\Application Data\xml10C.tmp

2009-07-28 15:45 . 2009-06-06 23:53 -------- d-----w- c:\program files\VS Revo Group

2009-07-25 15:36 . 2008-11-11 20:59 -------- d-----w- c:\program files\Azureus

2009-07-25 03:23 . 2009-02-06 21:54 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-07-23 00:51 . 2009-04-09 14:55 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-21 01:23 . 2009-02-09 18:11 -------- d-----w- c:\documents and settings\mika\Application Data\Vso

2009-07-21 01:22 . 2009-02-09 18:11 47360 ----a-w- c:\documents and settings\mika\Application Data\pcouffin.sys

2009-07-21 01:22 . 2009-02-09 18:11 47360 ----a-w- c:\documents and settings\mika\Application Data\pcouffin.sys

2009-07-21 00:59 . 2008-11-11 00:25 -------- d-----w- c:\program files\Fichiers communs\Apple

2009-07-21 00:55 . 2009-06-07 00:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-07-14 18:54 . 2008-11-10 20:56 485920 ----a-w- c:\windows\system32\nvudisp.exe

2009-07-14 18:54 . 2008-06-26 01:57 868352 ----a-w- c:\windows\system32\nvapi.dll

2009-07-14 18:54 . 2008-06-26 01:57 7741664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2009-07-14 18:54 . 2008-06-26 01:57 5842816 ----a-w- c:\windows\system32\nv4_disp.dll

2009-07-14 18:54 . 2008-06-26 01:57 2002944 ----a-w- c:\windows\system32\nvcuda.dll

2009-07-14 18:54 . 2008-06-26 01:57 151552 ----a-w- c:\windows\system32\nvcodins.dll

2009-07-14 18:54 . 2008-06-26 01:57 151552 ----a-w- c:\windows\system32\nvcod.dll

2009-07-14 18:54 . 2008-06-26 01:57 10457088 ----a-w- c:\windows\system32\nvoglnt.dll

2009-07-10 05:01 . 2008-11-10 20:52 485920 ----a-w- c:\windows\system32\NVUNINST.EXE

2009-07-05 23:21 . 2009-07-05 23:21 -------- d-----w- c:\program files\K-Lite Codec Pack

2009-07-05 00:19 . 2009-07-05 00:18 -------- d-----w- c:\program files\AVIcodec

2009-07-05 00:14 . 2009-07-05 00:14 -------- d-----w- c:\program files\FormatFactory

2009-07-05 00:05 . 2009-04-23 23:08 -------- d-----w- c:\documents and settings\mika\Application Data\AVI ReComp

2009-07-04 01:48 . 2008-11-08 15:10 37680 ----a-w- c:\documents and settings\mika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-07-04 01:48 . 2009-07-04 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe

2009-07-04 01:48 . 2009-07-04 01:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Droppix

2009-07-04 01:46 . 2009-07-04 01:46 -------- d-----w- c:\documents and settings\mika\Application Data\Droppix

2009-07-04 01:46 . 2009-07-04 01:46 -------- d-----w- c:\program files\illiminable

2009-07-04 01:45 . 2009-07-04 01:45 -------- d-----w- c:\program files\Fichiers communs\Droppix

2009-07-04 01:45 . 2009-07-04 01:45 -------- d-----w- c:\program files\Droppix

2009-06-28 20:37 . 2009-06-28 20:37 -------- d-----w- c:\program files\WinDirStat

2009-06-20 20:07 . 2008-11-10 22:39 -------- d-----w- c:\program files\USB Disk Win98 Driver

2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 00:25 . 2009-06-15 00:25 -------- d-----w- c:\documents and settings\LocalService\Application Data\Media Player Classic

2009-06-13 12:26 . 2009-06-13 12:26 -------- d-----w- c:\program files\VirginMega

2009-06-13 12:26 . 2009-06-13 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-06-12 15:19 . 2008-11-10 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-06-08 20:38 . 2009-06-08 20:23 91221 ----a-w- c:\windows\hpoins06.dat

2009-06-08 20:01 . 2008-11-16 18:51 -------- d-----w- c:\documents and settings\mika\Application Data\Image Zone Express

2009-06-08 19:55 . 2009-06-08 19:55 71519 ----a-w- c:\windows\hpqins05.dat

2009-06-08 18:16 . 2009-06-08 18:16 -------- d-----w- c:\program files\CCleaner

2009-06-08 18:14 . 2009-06-08 18:12 -------- d-----w- c:\program files\LiveRadio

2009-06-08 18:09 . 2009-06-08 18:07 -------- d-----w- c:\program files\RegCleaner

2009-06-07 15:22 . 2009-06-07 15:22 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe

2009-06-07 15:22 . 2009-06-07 15:22 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys

2009-06-07 15:22 . 2009-06-07 15:22 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2009-06-07 02:42 . 2009-06-07 02:30 -------- d-----w- c:\program files\Web Media Player

2009-06-07 00:48 . 2009-06-07 00:48 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-06-06 19:50 . 2009-06-06 19:15 -------- d-----w- c:\program files\Navilog1

2009-06-05 16:42 . 2009-06-05 16:42 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2009-06-03 19:10 . 2006-03-02 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll

2009-06-03 18:10 . 2009-06-03 18:10 165376 ----a-w- c:\windows\system32\drivers\atksgt.sys

2009-06-03 18:10 . 2009-06-03 18:10 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys

2009-05-30 18:14 . 2009-05-30 18:14 413696 ----a-w- c:\windows\system32\wrap_oal.dll

2009-05-30 18:14 . 2009-05-30 18:14 110592 ----a-w- c:\windows\system32\OpenAL32.dll

2009-05-29 21:37 . 2009-07-05 23:21 205824 ----a-w- c:\windows\system32\xvidvfw.dll

2009-05-29 21:31 . 2009-07-05 23:21 881664 ----a-w- c:\windows\system32\xvidcore.dll

2009-05-15 22:26 . 2009-05-15 22:26 27632 ---ha-w- c:\windows\system32\mlfcache.dat

2009-05-13 05:04 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-07 15:33 . 2006-03-02 12:00 348672 ----a-w- c:\windows\system32\localspl.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

 

((((((((((((((((((((((((((((( SnapShot@2009-08-05_14.25.50 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-08-05 14:56 . 2009-08-05 14:56 16384 c:\windows\temp\Perflib_Perfdata_6d8.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-11-11 185872]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-21 2173440]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-01-29 16859648]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk

backup=c:\windows\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Lavasoft Ad-Aware Service"=2 (0x2)

"Droppix Service"=3 (0x3)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Ares\\Ares.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\Program Files\\Glest_3.2.2\\glest.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=

"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=

"c:\\Program Files\\Sunflowers\\ParaWorld\\bin\\PWServer.exe"=

"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"16290:TCP"= 16290:TCP:BitComet 16290 TCP

"16290:UDP"= 16290:UDP:BitComet 16290 UDP

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [28/07/2009 17:31 28544]

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [07/06/2009 17:22 142592]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/05/2009 17:32 108289]

R3 hpnuhst;HP NUSB Host;c:\windows\system32\drivers\hpnuhst.sys [16/11/2008 19:36 10752]

R3 HPNUHUB;HP NUSB Hub;c:\windows\system32\drivers\hpnuhub.sys [16/11/2008 19:36 37120]

S2 gupdate1c9bab67262b7fa;Service Google Update (gupdate1c9bab67262b7fa);c:\program files\Google\Update\GoogleUpdate.exe [11/04/2009 17:01 133104]

S3 HPNUCMP;HP NUSB Composite;c:\windows\system32\drivers\hpnucmp.sys [16/11/2008 19:36 11648]

S3 MRVW225;802.11g/b Wireless LAN Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [22/01/2009 20:00 299904]

S3 RTLWUSB;Wireless Adapter;c:\windows\system32\DRIVERS\hpl8187.sys --> c:\windows\system32\DRIVERS\hpl8187.sys [?]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]

S4 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [04/07/2009 03:45 221184]

.

Contents of the 'Scheduled Tasks' folder

 

2009-06-25 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

 

2009-08-05 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-10 13:12]

 

2009-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-11 15:01]

 

2009-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-11 15:01]

 

2009-08-05 c:\windows\Tasks\User_Feed_Synchronization-{218DC838-FC98-4069-8B1A-40C90B2B6747}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.missim.org/

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

mStart Page = hxxp://www.missim.org/

uInternet Settings,ProxyOverride = *.local

IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm

IE: ÓñÈÌؾ«ÁéÏÂÔØ(&B)

IE: { - c:\program files\Messenger\msmsgs.exe

IE: {{EF761701-4352-4F93-9B44-A8C65B1A79E3} - c:\program files\FreshDevices\FreshDownload\fd.exe

TCP: {F15CBD83-A2CF-46CE-A4F3-C654B0090C9B} = 208.67.220.220,208.67.222.222

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

FF - ProfilePath - c:\documents and settings\mika\Application Data\Mozilla\Firefox\Profiles\k38xr0s8.default\

FF - component: c:\documents and settings\mika\Application Data\Mozilla\Firefox\Profiles\k38xr0s8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-05 16:57

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-2000478354-879983540-839522115-1004\Software\SecuROM\License information*]

"datasecu"=hex:0e,bd,c2,34,0c,5e,f4,d4,32,7a,99,06,72,41,1d,53,28,e4,3c,fa,f1,

86,9d,7d,19,bb,85,3f,27,a4,78,da,3a,71,0a,7d,31,f8,8b,41,81,b9,bf,b2,75,86,\

"rkeysecu"=hex:e2,94,de,14,a3,0e,78,6c,6b,88,d2,3e,8e,95,86,d3

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{019e0f7a-fa99-4723-a684-a09aa1ed4a8e}]

@Denied: (Full) (Everyone)

"Model"=dword:0000015a

"Therad"=dword:00000020

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):2e,b3,a2,ed,bf,66,4c,f1,42,d4,04,cb,5e,35,fd,e6,02,e5,fa,b5,28,

37,0e,71,b4,ab,95,6f,10,01,81,57,f7,7f,9e,4d,de,31,33,3e,00,00,00,00,00,00,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'explorer.exe'(752)

c:\windows\system32\eappprxy.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\FTRTSVC.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\IoctlSvc.exe

c:\windows\system32\HPZipm12.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Spyware Terminator\sp_rsser.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2009-08-05 17:03 - machine was rebooted

ComboFix-quarantined-files.txt 2009-08-05 15:03

ComboFix2.txt 2009-08-05 14:33

 

Pre-Run: 205 676 769 280 octets libres

Post-Run: 205 622 304 768 octets libres

 

429 --- E O F --- 2009-07-22 15:46

[Falkra]

Ca a une meilleure tête.

Ca tourne mieux ?

 

Poste un nouveau rapport HijackThis stp.

[Ethan Powel]

oui, ça a l'air de mieux tourner! (confirmation dans quelque temps) Merci pour ton aide précieuse

 

voici:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:25:48, on 05/08/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

C:\Documents and Settings\mika\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.missim.org/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.missim.org/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: FreshDownload - {EF761701-4352-4F93-9B44-A8C65B1A79E3} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F15CBD83-A2CF-46CE-A4F3-C654B0090C9B}: NameServer = 208.67.220.220,208.67.222.222

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Service Google Update (gupdate1c9bab67262b7fa) (gupdate1c9bab67262b7fa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

 

--

End of file - 9283 bytes

[Falkra]

Clean.

Ne touche pas à combofix (n'essaie pas de le virer, on va faire ça avec une manip spéciale ou deux).

 

Laisse tourner un peu et vois si les symptômes ont tous disparu, ensuite on nettoie ce qu'on a utilisé.

[Ethan Powel]

effectivement, maintenant, je surf sur internet sans problème !

[Falkra]

Désinstalle combofix : entre combofix /u dans la boite exécuter du menu démarrer.

Après cela, efface ce dossier s'il existe encore.

C:\QooBox

 

---------

 

Télécharge ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

http://pc-system.fr/TC/ToolsCleaner2.exe

* Enregistre ToolsCleaner2.exe sur le Bureau.

 

* Double-clique dessus, puis clique sur Recherche --> Le programme va chercher les utilitaires installés

------> Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal !

* Copie-colle le contenu du rapport qui apparait dans la fenêtre blanche.

 

Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, choisis "Suppression" afin de les supprimer.

Ferme le programme en cliquant sur "Quitter ".

 

Poste le rapport qui se trouve ici >>> C:\TCleaner.txt

[Ethan Powel]

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

 

--> Recherche:

 

C:\Combofix.txt: trouvé !

C:\fixnavi.txt: trouvé !

C:\cleannavi.txt: trouvé !

C:\Combofix: trouvé !

C:\Rsit: trouvé !

C:\Documents and Settings\mika\Bureau\Gmer.exe: trouvé !

C:\Documents and Settings\mika\Bureau\HijackThis.exe: trouvé !

C:\Documents and Settings\mika\Bureau\hijackthis.log: trouvé !

C:\Documents and Settings\mika\Bureau\Rsit.exe: trouvé !

C:\Program Files\Navilog1: trouvé !

 

---------------------------------

--> Suppression:

 

C:\Documents and Settings\mika\Bureau\Gmer.exe: supprimé !

C:\Documents and Settings\mika\Bureau\HijackThis.exe: supprimé !

C:\Combofix.txt: supprimé !

C:\fixnavi.txt: supprimé !

C:\cleannavi.txt: supprimé !

C:\Documents and Settings\mika\Bureau\hijackthis.log: supprimé !

C:\Documents and Settings\mika\Bureau\Rsit.exe: supprimé !

C:\Combofix: supprimé !

C:\Rsit: supprimé !

C:\Program Files\Navilog1: supprimé !