combo fix

[Invité sofiane]

ComboFix 11-03-17.02 - soso 18-Mar-11 10:41:50.1.2 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.2300 [GMT -8:00]

Running from: c:\users\soso\Downloads\ComboFix.exe

AV: avast! Internet Security *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

FW: avast! Internet Security *Disabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}

SP: avast! Internet Security *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Dealio Toolbar

c:\program files (x86)\Dealio Toolbar\IE\4.3\config.ini

c:\program files (x86)\Dealio Toolbar\IE\4.3\deALiotoolbarie.dll

c:\program files (x86)\Dealio Toolbar\Res\amazon.gif

c:\program files (x86)\Dealio Toolbar\Res\apple.gif

c:\program files (x86)\Dealio Toolbar\Res\barnes.gif

c:\program files (x86)\Dealio Toolbar\Res\bestbuy.gif

c:\program files (x86)\Dealio Toolbar\Res\dealio_logo.gif

c:\program files (x86)\Dealio Toolbar\Res\dealio_logo_hover.gif

c:\program files (x86)\Dealio Toolbar\Res\ebay.gif

c:\program files (x86)\Dealio Toolbar\Res\icon_settings.gif

c:\program files (x86)\Dealio Toolbar\Res\macys.gif

c:\program files (x86)\Dealio Toolbar\Res\newegg.gif

c:\program files (x86)\Dealio Toolbar\Res\overstock.gif

c:\program files (x86)\Dealio Toolbar\Res\search-button-hover.gif

c:\program files (x86)\Dealio Toolbar\Res\search-button.gif

c:\program files (x86)\Dealio Toolbar\Res\search-chevron-hover.gif

c:\program files (x86)\Dealio Toolbar\Res\search-chevron.gif

c:\program files (x86)\Dealio Toolbar\Res\search_amazon.gif

c:\program files (x86)\Dealio Toolbar\Res\search_dealio.gif

c:\program files (x86)\Dealio Toolbar\Res\search_ebay.gif

c:\program files (x86)\Dealio Toolbar\Res\search_yahoo.gif

c:\program files (x86)\Dealio Toolbar\Res\target.gif

c:\program files (x86)\Dealio Toolbar\Res\walmart.gif

c:\program files (x86)\Dealio Toolbar\Res\widgets.xml

c:\program files (x86)\Dealio Toolbar\WidgiHelper.exe

c:\program files (x86)\ShopperReports3

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\BRNStie.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\CmNDff.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\LaunchHelp.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\link.ico

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\mozillaps.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\Pltfrm.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\ShopperReports.dll

c:\program files (x86)\ShopperReports3\bin\3.1.22.0\ShopperReportsUninstaller.exe

c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports

c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk

c:\users\soso\AppData\Roaming\ShopperReports3

D:\install.exe

.

.

((((((((((((((((((((((((( Files Created from 2011-02-18 to 2011-03-18 )))))))))))))))))))))))))))))))

.

.

2011-03-18 18:53 . 2011-03-18 18:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-03-18 17:43 . 2011-03-18 17:43 512 ----a-w- C:\PhysicalDisk0_MBR.bin

2011-03-18 16:02 . 2011-03-18 17:43 -------- d-----w- c:\program files (x86)\ZHPDiag

2011-03-15 18:56 . 2011-03-15 18:56 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2011-03-15 18:56 . 2011-03-18 11:00 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2011-03-15 18:56 . 2011-03-18 11:00 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2011-03-14 17:41 . 2011-03-14 17:41 -------- d-----w- c:\programdata\ALM

2011-03-14 15:54 . 2011-03-14 15:54 -------- d-----w- c:\program files (x86)\Bonjour

2011-03-14 15:51 . 2011-03-14 15:51 -------- d-----w- c:\windows\SysWow64\spool

2011-03-14 15:48 . 2011-03-14 15:48 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared

2011-03-13 16:58 . 2011-03-13 16:58 -------- d-----w- c:\program files\Microsoft Synchronization Services

2011-03-13 16:57 . 2011-03-13 16:57 -------- d-----w- c:\windows\PCHEALTH

2011-03-13 16:57 . 2011-03-13 16:57 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2011-03-13 16:56 . 2011-03-13 17:01 -------- d-----w- c:\programdata\Microsoft Help

2011-03-13 16:55 . 2011-03-13 16:55 -------- d-----r- C:\MSOCache

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-03-12 11:51 . 2011-03-12 11:51 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-03-12 11:33 . 2011-03-12 11:33 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2011-03-12 11:33 . 2011-03-18 09:59 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2011-03-12 11:32 . 2011-03-18 09:59 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-03-12 11:32 . 2011-03-12 11:32 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\program files (x86)\Desktop Quran

2011-03-11 13:05 . 2011-03-11 13:15 -------- d-----w- c:\program files (x86)\AbiWord

2011-03-10 21:00 . 2004-03-30 00:23 90112 ----a-w- c:\windows\unvise32.exe

2011-03-10 15:35 . 2011-03-12 11:57 -------- d-----w- c:\program files (x86)\QuickTime

2011-03-10 15:35 . 2011-03-10 15:35 -------- d-----w- c:\programdata\Apple Computer

2011-03-09 17:05 . 2011-03-09 17:07 -------- d-----w- c:\program files (x86)\ZiggyTV

2011-03-05 16:01 . 2011-03-05 16:01 -------- d-----w- c:\program files\e-on software

2011-03-04 09:28 . 2011-03-04 09:28 -------- d-----w- c:\program files (x86)\Application Updater

2011-03-04 09:28 . 2011-03-04 09:28 -------- d-----w- c:\program files (x86)\Common Files\Spigot

2011-03-02 13:10 . 2011-03-02 13:11 -------- d-----w- c:\programdata\Abvent

2011-03-01 20:16 . 2011-03-01 20:16 -------- d-----w- c:\program files (x86)\Free Video Converter

2011-03-01 20:03 . 2011-03-11 20:52 -------- d-----w- c:\program files (x86)\MazdaCall-V5.7.8

2011-02-27 15:42 . 2005-05-26 23:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll

2011-02-27 15:42 . 2005-05-26 23:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll

2011-02-27 15:39 . 2011-02-27 15:40 -------- d-----w- C:\3dsmax9Trial

2011-02-25 09:55 . 2008-06-26 10:00 28672 ----a-w- c:\windows\SysWow64\WkWin32.lbr

2011-02-23 17:15 . 2011-02-23 17:15 -------- d-----w- c:\programdata\Hewlett-Packard

2011-02-23 17:15 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll

2011-02-23 16:19 . 2011-02-23 16:19 -------- d-----w- c:\program files (x86)\freeTVRadio

2011-02-23 16:18 . 2011-02-23 16:18 -------- d-----w- c:\program files (x86)\VideoLAN

2011-02-21 19:18 . 2011-02-21 19:18 -------- d-----w- c:\programdata\CyberLink

2011-02-21 18:15 . 2011-02-21 18:15 -------- d-----w- c:\program files (x86)\FLVPlayer4Free

2011-02-21 17:59 . 2011-02-21 17:59 -------- d-----w- c:\program files (x86)\InstallShield Installation Information

2011-02-21 17:57 . 2011-02-21 17:57 -------- d-----w- c:\program files (x86)\Hewlett-Packard

2011-02-21 17:54 . 2011-02-21 17:54 -------- d-----w- C:\HP

2011-02-21 15:18 . 2011-02-21 15:18 -------- d-----w- c:\program files (x86)\Multiskype

2011-02-21 15:11 . 2011-02-21 16:42 -------- d-----w- c:\programdata\e-onsoftware

2011-02-21 15:11 . 2011-02-21 15:11 72 ----a-w- c:\windows\Vue 7.5 xStream.reg

2011-02-21 15:11 . 2011-02-21 15:11 70 ----a-w- c:\windows\Vue 7 xStream.reg

2011-02-21 15:11 . 2011-02-21 15:11 70 ----a-w- c:\windows\Vue 6 xStream.reg

2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\users\AppData

2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\program files (x86)\DVDVideoSoftTB

2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft

2011-02-19 17:48 . 2008-08-14 01:48 203264 ----a-w- C:\wkwin32.DLL

2011-02-19 17:48 . 2008-08-14 01:48 28392448 ----a-w- C:\ArchiCAD.exe

2011-02-19 17:39 . 2011-02-19 17:39 -------- d-----w- c:\programdata\Apple

2011-02-19 17:32 . 2007-09-25 07:31 69632 ----a-w- c:\windows\SysWow64\javacpl.cpl

2011-02-19 17:31 . 2011-02-19 17:32 -------- d-----w- c:\program files (x86)\Java

2011-02-19 17:31 . 2011-02-19 17:31 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-02-19 16:00 . 2011-03-05 16:03 276 ----a-w- c:\windows\Vue 6 xStream PLE.reg

2011-02-19 15:45 . 2011-02-19 15:45 -------- d-----w- c:\program files (x86)\Microsoft

2011-02-19 15:33 . 2011-02-19 15:33 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive

2011-02-19 15:32 . 2011-02-19 15:33 -------- d-----w- c:\program files (x86)\Windows Live

2011-02-19 15:13 . 2011-02-19 15:13 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2011-02-19 14:48 . 2011-02-19 14:49 -------- d-----w- c:\program files (x86)\AnswerWorks 4.0

2011-02-19 14:45 . 2011-02-27 15:49 -------- d-----w- c:\program files (x86)\Autodesk

2011-02-19 14:09 . 2011-03-15 18:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2011-02-19 13:23 . 2011-02-19 13:23 -------- d-----w- c:\program files (x86)\Ask.com

2011-02-19 13:23 . 2011-02-19 13:23 -------- d-----w- c:\programdata\HideIPEasy

2011-02-19 13:00 . 2008-12-05 05:42 815104 ----a-w- c:\windows\SysWow64\xvidcore.dll

2011-02-19 13:00 . 2008-12-14 04:01 77824 ----a-w- c:\windows\SysWow64\xvid.ax

2011-02-19 13:00 . 2008-12-05 05:46 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll

2011-02-19 13:00 . 2011-02-21 18:42 652794 ----a-w- c:\temp\xvid-win32.exe

2011-02-19 13:00 . 2006-01-17 21:25 -------- d-----w- C:\Temp

2011-02-19 12:01 . 2011-03-14 15:57 -------- d-----w- c:\programdata\FLEXnet

2011-02-19 11:51 . 2011-02-19 11:51 -------- d-----w- c:\programdata\Skype

2011-02-19 11:49 . 2006-01-17 18:58 -------- d-----w- c:\windows\system32\appmgmt

2011-02-19 11:35 . 2011-02-19 11:41 -------- d-----w- c:\program files\Common Files\Autodesk Shared

2011-02-19 11:13 . 2011-02-19 11:13 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2011-02-19 11:09 . 2009-03-09 23:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll

2011-02-19 11:09 . 2009-03-09 23:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll

2011-02-19 11:09 . 2009-03-09 23:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll

2011-02-19 11:09 . 2009-03-09 23:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll

2011-02-19 11:09 . 2009-03-09 23:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll

2011-02-19 11:09 . 2009-03-09 23:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll

2011-02-19 11:08 . 2011-02-27 15:49 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared

2011-02-19 11:04 . 2011-02-27 15:51 -------- d-----w- c:\programdata\Autodesk

2011-02-19 03:50 . 2011-03-11 13:09 -------- d-----w- c:\users\soso

2011-02-19 03:49 . 2011-02-19 03:49 -------- d-----w- C:\Recovery

2011-02-19 03:16 . 2011-02-19 03:16 0 ----a-w- c:\windows\ativpsrm.bin

2011-02-19 03:12 . 2011-02-19 03:50 -------- d-----w- c:\windows\Panther

2011-02-18 21:49 . 2011-02-18 21:49 -------- d-----w- c:\windows\SysWow64\Macromed

2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- c:\program files (x86)\Conduit

2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- C:\extensions

2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- c:\program files (x86)\uTorrent

2011-02-18 19:19 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe

2011-02-18 19:11 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-02-18 19:11 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-02-18 19:11 . 2011-01-13 08:41 490064 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-02-18 19:11 . 2011-01-13 08:42 125520 ----a-w- c:\windows\system32\drivers\aswFW.sys

2011-02-18 19:11 . 2011-01-13 08:41 250448 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2011-02-18 19:11 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-02-18 19:11 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-02-18 19:11 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-02-18 19:10 . 2010-09-07 15:24 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2011-02-18 19:10 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr

2011-02-18 19:10 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe

2011-02-18 19:10 . 2011-02-18 19:10 -------- d-----w- c:\programdata\Alwil Software

2011-02-18 19:10 . 2011-02-18 19:10 -------- d-----w- c:\program files\Alwil Software

2011-02-18 19:05 . 2011-02-03 01:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{600ACD07-82AA-4818-AE17-5AE21A18C9EA}\mpengine.dll

2011-02-18 19:05 . 2011-02-03 01:11 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-02-18 19:03 . 2011-02-18 19:03 -------- d-----w- c:\programdata\WinZip

2011-02-18 19:02 . 2006-01-17 21:36 -------- d-sh--w- c:\windows\Installer

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2006-05-03 09:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll

2007-02-21 10:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]

"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

.

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-12-09 20:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{416ae1cb-7257-484a-b912-aebc7fdad4ce}]

2011-01-14 09:00 134816 ----a-w- c:\program files (x86)\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

2010-04-27 18:08 2393184 ----a-w- c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

2010-12-09 20:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2010-09-29 06:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-18 396152]

"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"Google Update"="c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-21 136176]

"Skype"="d:\skype\Phone\Skype.exe" [2011-01-03 16943496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]

"SunJavaUpdateSched"="c:\program files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]

"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-29 526336]

"QuickTime Task"="d:\archicad 12\QuickTime\QTTask.exe" [2007-10-20 286720]

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2006-01-17 273544]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AutoCAD Startup Accelerator.lnk - c:\program files (x86)\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]

Billeo.lnk - c:\program files (x86)\Billeo\billeo.exe [2011-2-15 1448272]

Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2011-2-25 3768320]

ZiggyTV (Minimized).lnk - c:\program files (x86)\ZiggyTV\ZiggyTV.exe [2010-6-28 208384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-02-19 1436424]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 WkSvw32.exe;WIBU-KEY Server;c:\program files (x86)\WIBUKEY\Server\WkSvw32.exe [2008-06-26 577536]

S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]

S0 aswNdis2;avast! Firewall Core Firewall Service; [x]

S1 aswFW;avast! TDI Firewall driver; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-29 387072]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2011-01-13 119200]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2583156382-3155780529-2842962338-1000Core.job

- c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:58]

.

2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2583156382-3155780529-2842962338-1000UA.job

- c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:58]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-01-13 08:47 132584 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = local;*.local

IE: E&xport to Microsoft Excel - d:\applic~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

WebBrowser-{E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

AddRemove-Free 3GP Video Converter_is1 - d:\free 3gp video converter\unins000.exe

AddRemove-Xvid_is1 - d:\ (x86)\Xvid\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-03-18 11:17:43

ComboFix-quarantined-files.txt 2011-03-18 19:17

.

Pre-Run: 75,719,766,016 bytes free

Post-Run: 76,359,176,192 bytes free

.

- - End Of File - - BC696FFB9DDE95C0A54C43CBAABDB1E0

 

 

reponse SVP [édité]

Modifié le 19 mars 2011 par Gof

[Tibonhomme]

Bonjour sofiane,

Bienvenue sur le forum

 

ComboFix est un outil de désinfection très puissant qu'il ne convient d'utiliser que sous le contrôle d'un helper confirmé. Ceci est clairement rappelé dans les instructions d'utilisation de cet outil :

Extrait tutoriel officiel ComboFix traduit par nickW :

Vous ne devez pas utiliser ComboFix sans qu'un assistant vous demande expressément de le faire. De plus, en raison de la puissance de cet outil, il vous est fortement conseillé de ne pas essayer de traiter les informations affichées par ComboFix sans l'aide de quelqu'un qui a suivi une formation adéquate. Si vous le faites quand même, seul, sachez qu'une mauvaise utilisation du programme pourrait entraîner des problèmes dans le fonctionnement normal de votre ordinateur.

 

Je constate du reste que tu ne l'a pas lancé depuis le bureau comme il est indispensable de le faire :

Running from: c:\users\soso\Downloads\ComboFix.exe

Ne refais pas une nouvelle analyse, s'il te plaît.

 

Au vu de ce rapport, je me demande bien du reste pour quelle raison tu en es venu à utiliser d'emblée ce programme et où il t'a été conseillé!

 

Ton rapport ne peut être analysé que dans la section Sécurité / Analyses et éradication malwares, l'inscription en tant que membre étant requise.

 

D'autre part efface ton adresse email de ton message. Pour cela, clique sur "Modifier" en-dessous de ton message pour pouvoir y apporter des correction.

Inscris-toi sur le forum.

Poste dans la section du forum que je t'ai indiquée.

Je constate que tu as installé aujourd'hui ZHPDiag, si tu as utilisé cet outil d'analyse, il serait bon d'en poster le rapport également.

 

Bonne continuation

Modifié le 18 mars 2011 par Tibonhomme