Problème virus

Aemeth · le 16 février 2010

Hello tout le monde!

Je suis désolé de poster mon premier message sur ce forum comme une demande d'aide mais bon, il faut ce qu'il faut... Espérons qu'un bonne ame sera prête à me filer un petit coup de main

Alors voilà, j'ai installé windows 7 il y a peu et depuis j'ai déjà eu 2 virus signalés par nod 32, j'ai eu un problème avec autorun.inf et aujourd'hui un autre avec un trojan qui infectait explorer.exe. J'ai un peu cherché sur le net et j'ai lancé combofix. Il etait marqué sur le site que je pouvais demander des conseils sur ce site et me voilà donc.

Voici mon rapport combofix :

ComboFix 10-02-12.01 - Aemeth 16/02/2010 11:45:22.2.2 - x86

Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.32.1036.18.3327.2385 [GMT 1:00]

Lancé depuis: c:\users\Aemeth\Downloads\ComboFix.exe

* Un antivirus résident est actif

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-01-16 au 2010-02-16 ))))))))))))))))))))))))))))))))))))

.

2010-02-16 10:49 . 2010-02-16 10:49 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-02-16 10:49 . 2010-02-16 10:49 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-02-16 09:58 . 2010-02-16 10:49 -------- d-----w- c:\users\Aemeth\AppData\Local\temp

2010-02-15 16:29 . 2010-02-15 16:29 -------- d-----w- c:\users\Aemeth\AppData\Roaming\XRay Engine

2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Canneverbe Limited

2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\programdata\Canneverbe Limited

2010-02-13 13:51 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys

2010-02-13 13:51 . 2010-02-13 13:51 -------- d-----w- c:\program files\CDBurnerXP

2010-02-13 13:12 . 2010-02-13 13:20 -------- d-----w- c:\users\Aemeth\AppData\Local\Ahead

2010-02-13 13:12 . 2010-02-13 13:21 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Ahead

2010-02-13 13:11 . 2010-02-13 13:11 -------- d-----w- c:\programdata\Ahead

2010-02-13 13:10 . 2010-02-13 13:11 -------- d-----w- c:\program files\Common Files\Ahead

2010-02-13 13:04 . 2010-02-13 13:04 -------- d-----w- c:\users\Aemeth\AppData\Local\ESET

2010-02-12 12:15 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2010-02-12 12:03 . 2010-02-12 12:03 -------- d-----w- c:\program files\bitComposer Games

2010-02-10 05:18 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll

2010-02-10 05:18 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll

2010-02-10 05:18 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2010-02-10 05:18 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll

2010-02-10 05:18 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-02-10 05:18 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe

2010-02-10 05:18 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2010-02-10 05:18 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2010-02-07 13:47 . 2010-02-07 13:47 -------- d-----w- c:\windows\Sun

2010-02-06 20:02 . 2010-02-13 12:06 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Nero

2010-02-06 15:09 . 2010-02-13 13:10 -------- d-----w- c:\program files\Nero

2010-02-06 15:09 . 2010-02-13 13:10 -------- d-----w- c:\programdata\Nero

2010-02-06 15:09 . 2010-02-13 12:53 -------- d-----w- c:\program files\Common Files\Nero

2010-02-04 02:11 . 2010-02-04 02:11 -------- d-----w- c:\users\Aemeth\AppData\Local\WahOO

2010-02-03 23:18 . 2010-02-03 23:18 -------- d-----w- c:\users\Aemeth\.gstreamer-0.10

2010-02-03 23:18 . 2010-02-12 11:20 -------- d-----w- c:\users\Aemeth\amsn

2010-02-03 23:16 . 2010-02-03 23:16 -------- d-----w- c:\program files\aMSN

2010-02-02 16:44 . 2010-02-02 16:51 -------- d-----w- c:\program files\ESET

2010-02-02 14:26 . 2010-02-02 14:26 -------- d-----w- c:\program files\UlisesSoft

2010-02-02 14:18 . 2010-02-02 14:18 -------- d-----w- c:\program files\Microsoft IntelliType Pro

2010-02-02 14:18 . 2010-02-02 14:18 -------- d-----w- c:\windows\PCHEALTH

2010-01-31 23:18 . 2010-01-31 23:18 -------- d-----w- c:\program files\MSXML 4.0

2010-01-31 17:45 . 2010-01-31 17:45 -------- d-----w- c:\users\Aemeth\AppData\Local\MicroVision Applications

2010-01-31 11:39 . 2010-01-31 11:39 -------- d-----w- C:\Rushs

2010-01-31 11:32 . 2010-01-31 17:45 -------- d-----w- c:\program files\SureThing Express Labeler

2010-01-31 11:32 . 2010-01-31 11:32 -------- d-----w- c:\program files\Common Files\SureThing Shared

2010-01-31 11:30 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe

2010-01-31 11:30 . 2010-01-31 11:30 -------- d-----w- c:\program files\LooksBuilderSE

2010-01-31 11:29 . 2010-01-31 11:29 29926 ----a-r- c:\users\Aemeth\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe

2010-01-31 11:29 . 2010-01-31 11:29 -------- d-----w- c:\program files\Common Files\Pinnacle

2010-01-31 11:28 . 2010-01-31 11:28 -------- d-----w- c:\users\Aemeth\AppData\Local\Downloaded Installations

2010-01-31 11:28 . 2010-02-01 18:44 -------- d-----w- c:\users\Aemeth\AppData\Local\Pinnacle

2010-01-31 11:28 . 2010-01-31 11:28 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection

2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\program files\Common Files\Yahoo!

2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\program files\Common Files\Pegasus Imaging

2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\programdata\Studio 14

2010-01-31 11:24 . 2010-01-31 11:24 -------- d-----w- c:\programdata\Pinnacle Studio Plus

2010-01-31 11:22 . 2010-01-31 11:30 -------- d-----w- c:\program files\Pinnacle

2010-01-31 11:20 . 2010-01-31 11:27 -------- d-----w- c:\programdata\Pinnacle

2010-01-31 11:18 . 2010-02-02 16:07 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Ulead Systems

2010-01-31 01:21 . 2010-01-31 01:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-01-31 01:20 . 2010-01-31 01:21 -------- d-----w- c:\program files\DAEMON Tools Lite

2010-01-31 01:20 . 2010-01-31 11:20 -------- d-----w- c:\users\Aemeth\AppData\Roaming\DAEMON Tools Lite

2010-01-31 01:20 . 2010-01-31 01:20 -------- d-----w- c:\programdata\DAEMON Tools Lite

2010-01-31 01:15 . 2010-01-31 01:15 -------- d-----w- c:\users\Aemeth\AppData\Roaming\DAEMON Tools Pro

2010-01-31 01:15 . 2010-01-31 01:15 -------- d-----w- c:\programdata\DAEMON Tools Pro

2010-01-30 20:08 . 2010-01-30 20:09 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Media Player Classic

2010-01-30 18:02 . 2010-01-30 18:02 -------- d-----w- c:\program files\Common Files\InterVideo

2010-01-30 17:57 . 2010-01-30 17:57 -------- d-----w- c:\program files\Windows Media Components

2010-01-30 17:56 . 2010-02-02 16:10 -------- d-----w- c:\programdata\Ulead Systems

2010-01-30 17:54 . 2010-02-02 16:07 -------- d-----w- c:\program files\Corel

2010-01-30 11:57 . 2010-02-07 19:53 -------- d-----w- c:\program files\JkDefrag

2010-01-30 11:31 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll

2010-01-30 11:31 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll

2010-01-30 11:31 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll

2010-01-30 11:31 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2010-01-30 11:31 . 2010-01-05 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2010-01-30 11:31 . 2010-01-30 11:33 -------- d-----w- c:\program files\K-Lite Codec Pack

2010-01-30 11:30 . 2010-01-30 11:30 -------- d-----w- c:\program files\Google

2010-01-30 00:34 . 2010-01-30 00:34 -------- d-----w- c:\windows\system32\Macromed

2010-01-30 00:31 . 2010-01-30 19:45 -------- d-----w- c:\users\Aemeth\AppData\Local\ElevatedDiagnostics

2010-01-29 23:47 . 2010-01-29 23:47 98304 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{C185760C-B5A7-F913-7CE5-F53EA7A1825A}-CLIStart.exe

2010-01-29 23:29 . 2010-02-13 08:14 -------- d-----w- c:\program files\uTorrent

2010-01-29 23:29 . 2010-02-15 14:17 -------- d-----w- c:\users\Aemeth\AppData\Roaming\uTorrent

2010-01-29 23:19 . 2009-06-16 11:05 53248 ----a-w- c:\windows\system32\CSVer.dll

2010-01-29 23:18 . 2010-01-29 23:19 -------- d-----w- c:\program files\Intel

2010-01-29 23:18 . 2010-01-29 23:18 -------- d-----w- c:\users\Aemeth\AppData\Roaming\InstallShield

2010-01-29 23:13 . 2010-01-29 23:13 53248 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{1012FB02-2899-B345-7FFA-9B35C1E27B83}-MMLoadDrv.exe

2010-01-29 23:13 . 2010-01-29 23:13 102400 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{2D9B8FC3-B4E3-3937-2CCE-F15740DAB556}-MMACEPrev.exe

2010-01-29 23:06 . 2010-01-29 23:06 -------- d-----w- c:\windows\system32\Atheros_L1e

2010-01-29 23:03 . 2007-12-17 16:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys

2010-01-29 23:03 . 2006-01-10 15:50 24576 ----a-w- c:\windows\system32\AsIO.dll

2010-01-29 23:03 . 2010-01-29 23:27 -------- d-----w- c:\program files\ASUS

2010-01-29 23:03 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys

2010-01-29 23:03 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys

2010-01-29 23:03 . 2010-02-02 16:10 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-01-29 23:02 . 2010-01-29 23:02 499712 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{76CA6F4D-B268-EB89-5FA2-3258BB11158E}-CCCPrev.exe

2010-01-29 22:51 . 2010-02-02 16:48 105184 ----a-w- c:\users\Aemeth\AppData\Local\GDIPFONTCACHEV1.DAT

2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\users\Aemeth\AppData\Roaming\ATI

2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\users\Aemeth\AppData\Local\ATI

2010-01-29 22:50 . 2010-01-29 22:50 -------- d-----w- c:\programdata\ATI

2010-01-29 22:47 . 2010-01-29 23:32 -------- d-----w- c:\program files\Common Files\InstallShield

2010-01-29 22:42 . 2010-01-29 22:42 -------- d-----w- c:\program files\Common Files\ATI Technologies

2010-01-29 22:41 . 2010-01-29 22:41 10134 ----a-r- c:\users\Aemeth\AppData\Roaming\Microsoft\Installer\{810C21DD-0E77-D5A2-25F7-F4C924C79708}\ARPPRODUCTICON.exe

2010-01-29 22:40 . 2010-02-13 13:13 -------- d-sh--w- c:\windows\Installer

2010-01-29 22:40 . 2010-01-29 22:42 -------- d-----w- c:\program files\ATI Technologies

2010-01-29 22:40 . 2010-01-29 22:42 -------- d-----w- c:\program files\ATI

2010-01-29 22:37 . 2010-01-29 22:37 -------- d-----w- c:\users\Aemeth\AppData\Local\Mozilla

2010-01-29 22:36 . 2010-01-14 10:12 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-01-29 22:36 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll

2010-01-29 22:32 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll

2010-01-29 22:27 . 2010-02-16 09:54 -------- d-----w- c:\windows\system32\wbem\Performance

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Modèles

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Menu Démarrer

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Favoris

2010-01-29 21:53 . 2010-01-29 22:06 -------- d-----w- C:\Boot

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-16 09:54 . 2009-07-14 08:39 694766 ----a-w- c:\windows\system32\perfh00C.dat

2010-02-16 09:54 . 2009-07-14 08:39 127478 ----a-w- c:\windows\system32\perfc00C.dat

2010-02-15 15:06 . 2010-02-01 20:33 1 ----a-w- c:\users\Aemeth\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-02-02 14:10 . 2010-02-01 20:03 -------- d-----w- c:\program files\Java

2010-02-02 13:25 . 2010-02-02 13:25 -------- d-----w- c:\program files\CPUID

2010-02-01 20:32 . 2010-02-01 20:32 -------- d-----w- c:\users\Aemeth\AppData\Roaming\OpenOffice.org

2010-02-01 20:06 . 2010-02-01 20:06 -------- d-----w- c:\users\Aemeth\AppData\Roaming\Foxit

2010-02-01 20:06 . 2010-02-01 20:06 -------- d-----w- c:\program files\Foxit Software

2010-02-01 20:04 . 2010-02-01 20:04 -------- d-----w- c:\program files\JRE

2010-02-01 20:04 . 2010-02-01 20:04 -------- d-----w- c:\program files\OpenOffice.org 3

2010-01-31 20:53 . 2010-01-31 20:53 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf

2010-01-29 23:32 . 2010-01-29 23:32 -------- d-----w- c:\program files\Realtek

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Modèles

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Menu Démarrer

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\programdata\Bureau

2010-01-29 22:23 . 2010-01-29 22:23 -------- d-sh--we c:\program files\Fichiers communs

2010-01-29 22:11 . 2010-01-29 22:11 0 ----a-w- c:\windows\ativpsrm.bin

2010-01-08 03:18 . 2010-02-10 05:19 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2010-01-08 03:17 . 2010-02-10 05:19 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2009-12-19 09:02 . 2010-01-29 22:31 977920 ----a-w- c:\windows\system32\wininet.dll

2009-12-19 09:02 . 2010-02-10 05:19 12288 ----a-w- c:\windows\system32\tsbyuv.dll

2009-12-19 09:02 . 2010-02-10 05:19 1328640 ----a-w- c:\windows\system32\quartz.dll

2009-12-19 09:02 . 2010-02-10 05:19 22016 ----a-w- c:\windows\system32\msyuv.dll

2009-12-19 09:02 . 2010-02-10 05:19 31744 ----a-w- c:\windows\system32\msvidc32.dll

2009-12-19 09:02 . 2010-02-10 05:19 13312 ----a-w- c:\windows\system32\msrle32.dll

2009-12-19 09:02 . 2010-02-10 05:19 84480 ----a-w- c:\windows\system32\mciavi32.dll

2009-12-19 09:02 . 2010-02-10 05:19 50176 ----a-w- c:\windows\system32\iyuv_32.dll

2009-12-19 09:02 . 2010-02-10 05:19 91648 ----a-w- c:\windows\system32\avifil32.dll

2009-12-11 21:03 . 2009-12-11 21:03 5188096 ----a-w- c:\windows\system32\drivers\atipmdag.sys

2009-12-11 21:03 . 2009-12-11 21:03 5188096 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2009-12-11 20:45 . 2009-12-11 20:45 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll

2009-12-11 20:45 . 2009-12-11 20:45 372736 ----a-w- c:\windows\system32\atieclxx.exe

2009-12-11 20:44 . 2009-12-11 20:44 172032 ----a-w- c:\windows\system32\atiesrxx.exe

2009-12-11 20:43 . 2009-12-11 20:43 159744 ----a-w- c:\windows\system32\atitmmxx.dll

2009-12-11 20:42 . 2009-12-11 20:42 356352 ----a-w- c:\windows\system32\atipdlxx.dll

2009-12-11 20:42 . 2009-12-11 20:42 274432 ----a-w- c:\windows\system32\Oemdspif.dll

2009-12-11 20:42 . 2009-12-11 20:42 11776 ----a-w- c:\windows\system32\atimuixx.dll

2009-12-11 20:42 . 2009-12-11 20:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2009-12-11 20:39 . 2009-07-13 22:09 3060224 ----a-w- c:\windows\system32\atidxx32.dll

2009-12-11 20:35 . 2009-12-11 20:35 400384 ----a-w- c:\windows\system32\aticfx32.dll

2009-12-11 20:26 . 2009-12-11 20:26 13383168 ----a-w- c:\windows\system32\atioglxx.dll

2009-12-11 20:22 . 2009-12-11 20:22 3601920 ----a-w- c:\windows\system32\atiumdag.dll

2009-12-11 20:11 . 2009-12-11 20:11 50176 ----a-w- c:\windows\system32\coinst.dll

2009-12-11 20:04 . 2009-12-11 20:04 53248 ----a-w- c:\windows\system32\aticalrt.dll

2009-12-11 20:04 . 2009-12-11 20:04 2912768 ----a-w- c:\windows\system32\atiumdva.dll

2009-12-11 20:04 . 2009-12-11 20:04 53248 ----a-w- c:\windows\system32\aticalcl.dll

2009-12-11 20:03 . 2009-12-11 20:03 3641344 ----a-w- c:\windows\system32\aticaldd.dll

2009-12-11 19:52 . 2009-12-11 19:52 52224 ----a-w- c:\windows\system32\atimpc32.dll

2009-12-11 19:52 . 2009-12-11 19:52 52224 ----a-w- c:\windows\system32\amdpcom32.dll

2009-12-11 19:52 . 2009-12-11 19:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2009-12-11 19:51 . 2009-12-11 19:51 225280 ----a-w- c:\windows\system32\atiadlxx.dll

2009-12-11 19:51 . 2009-12-11 19:51 12800 ----a-w- c:\windows\system32\atiglpxx.dll

2009-12-11 19:51 . 2009-12-11 19:51 15360 ----a-w- c:\windows\system32\atigktxx.dll

2009-12-11 19:50 . 2009-12-11 19:50 125440 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2009-12-11 19:50 . 2009-12-11 19:50 27136 ----a-w- c:\windows\system32\atiuxpag.dll

2009-12-11 19:50 . 2009-12-11 19:50 20480 ----a-w- c:\windows\system32\atiu9pag.dll

2009-12-08 11:40 . 2010-02-10 05:19 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe

2009-12-08 11:40 . 2010-02-10 05:19 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-12-08 11:32 . 2010-02-10 05:19 292864 ----a-w- c:\windows\system32\apphelp.dll

2009-12-08 08:05 . 2010-02-10 05:19 310784 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-08 08:05 . 2010-02-10 05:19 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys

2009-11-18 23:25 . 2009-11-18 23:25 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys

2009-11-18 15:11 . 2009-11-18 15:11 197624 ----a-w- c:\windows\system32\atiicdxx.dat

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]

"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]

2009-07-01 19:23 1435136 ----a-w- c:\program files\ASUS\AI Suite\AiNap\AiNap.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpu Level Up help]

2007-11-30 19:03 881152 ----a-w- c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help]

2009-07-01 19:19 601088 ----a-w- c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]

2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2010-02-11 08:10 319280 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WahOO]

2009-12-06 19:45 1841152 ----a-w- c:\users\Aemeth\AppData\Local\WahOO\WahOO.exe

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [9/04/2009 15:18 107256]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [11/12/2009 21:44 172032]

R2 cpuz132;cpuz132;c:\windows\System32\drivers\cpuz132_x32.sys [2/02/2010 14:25 12672]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/04/2009 15:19 731840]

R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [9/04/2009 15:21 93312]

R3 amdkmdag;amdkmdag;c:\windows\System32\drivers\atipmdag.sys [11/12/2009 22:03 5188096]

R3 amdkmdap;amdkmdap;c:\windows\System32\drivers\atikmpag.sys [11/12/2009 20:50 125440]

S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [31/01/2010 02:21 691696]

.

------- Examen supplémentaire -------

.

FF - ProfilePath - c:\users\Aemeth\AppData\Roaming\Mozilla\Firefox\Profiles\4du0q91i.default\

FF - prefs.js: browser.startup.homepage - www.journaldugamer.com

FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

---- PARAMETRES FIREFOX ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2010-02-16 11:51:04

ComboFix-quarantined-files.txt 2010-02-16 10:51

ComboFix2.txt 2010-02-16 09:58

Avant-CF: 828.447.899.648 octets libres

Après-CF: 828.396.752.896 octets libres

- - End Of File - - F6B3BE85BAA3532FD6B5490DD41FD236

Merci à tous!

Julien

Connexion

Pas encore inscrit ?

Problème virus

Messages recommandés

Aemeth

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer