annalyse de hijackthis, virus mechant non identifie
Dernière réponse : dans Sécurité
bonjour je pense que j ai un virus sur mon ordi et je ne sais pas si je dois le formater, avg n arrive pas a le detecter et des petis points apparaissent derriere le curseur, des fichiers s effacent il se met plus en veille... pourriez vs annaliser mon hijackthis svp. grand merci a vs...
Logfile of HijackThis v1.99.1
Scan saved at 14:43:10, on 02/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\architecture\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wpabaln.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\micha\Bureau\HijackThis.exe
C:\Documents and Settings\micha\Bureau\Scanner.rxr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fujitsu-siemens.fr/home/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.yahoo.com/fsc/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InstantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe" /c
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\architecture\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454041 6
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\architecture\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 14:43:10, on 02/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\architecture\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wpabaln.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\micha\Bureau\HijackThis.exe
C:\Documents and Settings\micha\Bureau\Scanner.rxr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fujitsu-siemens.fr/home/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.yahoo.com/fsc/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InstantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe" /c
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\architecture\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454041 6
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\architecture\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Autres pages sur : annalyse hijackthis virus mechant identifie
Lassé par la pub ? Créez un compte
avec combofix
micha - 06-12-04 14:27:10.06 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\micha\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-04 14:25 8,192 --a------ C:\Documents and Settings\micha\RestartIt.exe
2006-12-04 14:25 5,158 --a------ C:\Documents and Settings\micha\NTP.EXE
2006-12-04 14:25 42,496 --a------ C:\Documents and Settings\micha\swreg.exe
2006-12-04 14:25 39,184 --a------ C:\Documents and Settings\micha\Ntrights.exe
2006-12-04 14:25 26,112 --a------ C:\Documents and Settings\micha\nircmd.exe
2006-12-04 14:25 181,776 --a------ C:\Documents and Settings\micha\handle.exe
2006-12-04 14:25 123,904 --a------ C:\Documents and Settings\micha\swsc.exe
2006-12-02 18:32 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-12-02 17:13 <REP> d-------- C:\WINDOWS\Cache
2006-12-01 19:22 <REP> d-------- C:\Program Files\VectorWorks 10
2006-12-01 18:32 54,784 --a------ C:\WINDOWS\system32\drivers\CDAC11BA.EXE
2006-12-01 18:32 12,464 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2006-12-01 18:32 <REP> d-------- C:\WINDOWS\system32\Common Files
2006-12-01 18:32 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2006-12-01 18:31 <REP> d-------- C:\Program Files\AutoCAD 2004
2006-12-01 17:17 <REP> d-------- C:\Program Files\Microsoft Office
2006-12-01 17:17 <REP> d-------- C:\Program Files\Fichiers communs\Designer
2006-12-01 17:17 <REP> d-------- C:\Program Files\AnswerWorks 4.0
2006-12-01 17:15 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2006-12-01 17:15 <REP> d-------- C:\Program Files\AutoCAD 2005
2006-12-01 17:08 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-12-01 17:07 <REP> d--hs---- C:\Config.Msi
2006-11-29 20:51 <REP> d-------- C:\WINDOWS\Prefetch
2006-11-29 10:33 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-11-29 10:33 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2006-11-29 10:33 154,112 --a------ C:\WINDOWS\system32\irftp.exe
2006-11-29 10:29 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-11-29 10:29 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-11-29 00:22 <REP> d-------- C:\WINDOWS\setup.pss
2006-11-28 23:33 <REP> d-------- C:\WINDOWS\WBEM
2006-11-28 22:58 <REP> d--hs---- C:\WINDOWS\CSC
2006-11-28 22:42 180,224 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-11-28 22:42 <REP> d-------- C:\WINDOWS\nview
2006-11-28 22:35 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-11-28 22:34 <REP> d-------- C:\NVIDIA
2006-11-24 19:58 <REP> d--h-c--- C:\WINDOWS\ie7
2006-11-24 19:58 <REP> d-------- C:\WINDOWS\system32\en-US
2006-11-24 19:57 121,856 --a------ C:\WINDOWS\system32\xmllite.dll
2006-11-24 19:57 <REP> d-------- C:\WINDOWS\network diagnostic
2006-11-24 19:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-11-22 09:53 <REP> d-------- C:\Documents and Settings\micha\Application Data\U3
2006-11-22 00:12 <REP> d-------- C:\WINDOWS\Minidump
2006-11-20 00:42 <REP> d-------- C:\Program Files\WinRAR
2006-11-20 00:42 <REP> d-------- C:\Program Files\eMule
2006-11-17 03:00 <REP> d-------- C:\Program Files\MSXML 4.0
2006-11-17 03:00 <REP> d-------- C:\650b8c2c98cd6eaf87ef280ee5f8
2006-11-15 16:02 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2006-11-14 03:08 <REP> d-------- C:\Documents and Settings\micha\Application Data\CyberLink
2006-11-12 00:23 680 --a------ C:\Program Files\mpc2.reg
2006-11-12 00:23 596 --a------ C:\Program Files\mpc1.reg
2006-11-12 00:23 568 --a------ C:\Program Files\mpc4.reg
2006-11-12 00:23 30,772 --a------ C:\Program Files\ffdsvsetts.reg
2006-11-12 00:23 3,476 --a------ C:\Program Files\mpc7.reg
2006-11-12 00:23 3,026 --a------ C:\Program Files\mpc3.reg
2006-11-12 00:23 18,156 --a------ C:\Program Files\mpc6.reg
2006-11-12 00:23 16,280 --a------ C:\Program Files\mpc5.reg
2006-11-12 00:23 1,446 --a------ C:\Program Files\ffdssetts.reg
2006-11-12 00:23 1,172 --a------ C:\Program Files\ffdsasetts.reg
2006-11-10 19:57 <REP> dr-h----- C:\$VAULT$.AVG
2006-11-10 19:57 <REP> d-------- C:\Documents and Settings\micha\Application Data\AVG7
2006-11-10 19:52 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-10 19:52 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-10 19:52 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-10 19:52 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-10 19:52 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-10 19:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2006-11-10 19:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2006-11-10 16:51 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-11-10 15:15 <REP> d-------- C:\Documents and Settings\micha\Application Data\Media Player Classic
2006-11-09 00:24 <REP> d-------- C:\Program Files\merde
2006-11-08 15:32 4 --a------ C:\WINDOWS\IEdate.dll
2006-11-08 00:38 <REP> d-------- C:\WINDOWS\Sun
2006-11-08 00:38 <REP> d-------- C:\Documents and Settings\micha\Application Data\Sun
2006-11-08 00:20 <REP> d--hs---- C:\Documents and Settings\All Users\DRM
2006-11-07 23:34 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-11-07 23:34 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-11-07 23:34 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-11-07 23:34 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-11-07 23:34 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-11-07 23:33 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-11-07 23:28 90,112 --a------ C:\WINDOWS\system32\LQCUI2.dll
2006-11-07 23:28 856,064 --a------ C:\WINDOWS\system32\Ltwvc12n.dll
2006-11-07 23:28 78,336 --a------ C:\WINDOWS\system32\lffax12n.dll
2006-11-07 23:28 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2006-11-07 23:28 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2006-11-07 23:28 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2006-11-07 23:28 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2006-11-07 23:28 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2006-11-07 23:28 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2006-11-07 23:28 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2006-11-07 23:28 466,944 --a------ C:\WINDOWS\system32\QCUI2.dll
2006-11-07 23:28 462,848 --a------ C:\WINDOWS\system32\LCamCpl.dll
2006-11-07 23:28 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2006-11-07 23:28 406,016 --a------ C:\WINDOWS\system32\ltkrn12n.dll
2006-11-07 23:28 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2006-11-07 23:28 372,736 --a------ C:\WINDOWS\system32\LVUI2RC.dll
2006-11-07 23:28 328,704 --a------ C:\WINDOWS\system32\LFCMP12n.DLL
2006-11-07 23:28 30,720 --a------ C:\WINDOWS\system32\lfbmp12n.dll
2006-11-07 23:28 259,072 --a------ C:\WINDOWS\system32\LTDIS12n.dll
2006-11-07 23:28 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2006-11-07 23:28 215,552 --a------ C:\WINDOWS\system32\Lvkrn12n.dll
2006-11-07 23:28 207,872 --a------ C:\WINDOWS\system32\ltefx12n.dll
2006-11-07 23:28 204,800 --a------ C:\WINDOWS\system32\LVUI2.dll
2006-11-07 23:28 204,800 --a------ C:\WINDOWS\system32\lvcodec2.dll
2006-11-07 23:28 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2006-11-07 23:28 164,864 --a------ C:\WINDOWS\system32\ltimg12n.dll
2006-11-07 23:28 141,312 --a------ C:\WINDOWS\system32\lftif12n.dll
2006-11-07 23:28 131,072 --a------ C:\WINDOWS\system32\ltfil12n.DLL
2006-11-07 23:28 106,496 --a------ C:\WINDOWS\system32\lvcoinst.dll
2006-11-07 23:28 1,317,152 --a------ C:\WINDOWS\system32\drivers\lvcm.sys
2006-11-07 23:28 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2006-11-07 23:25 <REP> d-------- C:\Documents and Settings\micha\Shared
2006-11-07 23:25 <REP> d-------- C:\Documents and Settings\micha\Incomplete
2006-11-07 23:19 <REP> d-------- C:\Program Files\Logitech
2006-11-07 22:54 <REP> d-------- C:\Program Files\Java
2006-11-07 22:53 <REP> d-------- C:\Program Files\Fichiers communs\Java
2006-11-07 22:48 <REP> d-------- C:\Program Files\iTunes
2006-11-07 22:48 <REP> d-------- C:\Program Files\iPod
2006-11-07 22:48 <REP> d-------- C:\Documents and Settings\micha\Application Data\Apple Computer
2006-11-07 22:47 <REP> d-------- C:\Program Files\QuickTime
2006-11-07 22:46 <REP> d-------- C:\Program Files\Apple Software Update
2006-11-07 22:41 <REP> d-------- C:\Program Files\LimeWire
2006-11-07 22:40 <REP> d-------- C:\Documents and Settings\micha\.limewire
2006-11-07 22:30 <REP> d-------- C:\Program Files\Satsuki Decoder Pack
2006-11-07 22:20 <REP> d-------- C:\Documents and Settings\micha\Application Data\AdobeUM
2006-11-07 22:18 <REP> d-------- C:\Program Files\ITEKSOFT
2006-11-07 22:10 <REP> d-------- C:\Program Files\Mozilla Firefox
2006-11-07 22:10 <REP> d-------- C:\Documents and Settings\micha\Application Data\Mozilla
2006-11-07 21:03 6,049,280 --a------ C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50,688 --a------ C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458,752 --a------ C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 180,736 --a------ C:\WINDOWS\system32\ieui.dll
2006-11-07 16:20 <REP> d-------- C:\Program Files\MSN Apps
2006-11-07 15:18 <REP> d-------- C:\Program Files\MSN Messenger
2006-11-07 15:13 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-11-07 15:13 <REP> d-------- C:\Documents and Settings\micha\Application Data\Google
2006-11-07 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-07 03:26 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-06 15:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-06 15:15 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-06 15:15 <REP> d-------- C:\Program Files\Grisoft
2006-11-06 14:24 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-11-06 14:24 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2006-11-06 14:20 <REP> d-------- C:\Documents and Settings\micha\Application Data\Abvent
2006-11-06 14:14 <REP> d-------- C:\Program Files\architectue
2006-11-06 12:20 <REP> d-------- C:\Program Files\WinZip
2006-11-06 12:20 <REP> d-------- C:\Program Files\Google
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 13:46 -------- d-------- C:\Documents and Settings\micha\Application Data\Adobe
2006-12-04 01:44 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-04 01:43 -------- d---s---- C:\Documents and Settings\micha\Application Data\Microsoft
2006-12-02 18:32 -------- d-------- C:\Program Files\Fichiers communs
2006-12-02 17:27 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-12-02 17:25 -------- d-------- C:\Program Files\Adobe
2006-12-01 18:32 -------- d-------- C:\Program Files\Autodesk
2006-12-01 18:31 -------- d-------- C:\Documents and Settings\micha\Application Data\Autodesk
2006-12-01 17:17 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-29 20:40 -------- d-------- C:\Program Files\Internet Explorer
2006-11-29 20:33 -------- d-------- C:\Program Files\Windows Media Player
2006-11-29 20:33 -------- d-------- C:\Program Files\Outlook Express
2006-11-29 20:33 -------- d-------- C:\Program Files\Fichiers communs\System
2006-11-08 00:12 -------- d-------- C:\Program Files\Messenger
2006-11-07 21:13 -------- d-------- C:\Program Files\MSN
2006-11-02 18:03 -------- d-------- C:\Program Files\architecture
2006-11-01 19:59 -------- d-------- C:\Documents and Settings\micha\Application Data\Help
2006-11-01 19:49 -------- d--h----- C:\Program Files\Uninstall Information
2006-11-01 19:30 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-11-01 19:26 -------- d-------- C:\Program Files\CyberLink
2006-11-01 19:25 -------- d-------- C:\Program Files\Raccourcis de programmes
2006-10-17 12:05 206336 --a------ C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 11:58 61952 --a------ C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --a------ C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:27 380928 --a------ C:\WINDOWS\system32\ieapfltr.dll
2006-10-02 13:44 5120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2006-09-30 08:33 62 --ahs---- C:\Documents and Settings\micha\Application Data\desktop.ini
2006-09-30 06:39 0 -rahs---- C:\MSDOS.SYS
2006-09-30 06:39 0 -rahs---- C:\IO.SYS
2006-09-30 06:39 0 --a------ C:\CONFIG.SYS
2006-09-30 06:39 0 --a------ C:\AUTOEXEC.BAT
2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll
2006-09-06 16:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"fsc-reminder.exe"="C:\\WINDOWS\\reminder\\fsc-reminder.exe 2454041 6"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"SMSERIAL"="sm56hlpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Muscbrigade"="c:\\Musicbrigade\\Musicbrigade.exe check"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,62,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-04 14:28:30.46
C:\ComboFix.txt ... 06-12-04 14:28
micha - 06-12-04 14:27:10.06 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\micha\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))
2006-12-04 14:25 8,192 --a------ C:\Documents and Settings\micha\RestartIt.exe
2006-12-04 14:25 5,158 --a------ C:\Documents and Settings\micha\NTP.EXE
2006-12-04 14:25 42,496 --a------ C:\Documents and Settings\micha\swreg.exe
2006-12-04 14:25 39,184 --a------ C:\Documents and Settings\micha\Ntrights.exe
2006-12-04 14:25 26,112 --a------ C:\Documents and Settings\micha\nircmd.exe
2006-12-04 14:25 181,776 --a------ C:\Documents and Settings\micha\handle.exe
2006-12-04 14:25 123,904 --a------ C:\Documents and Settings\micha\swsc.exe
2006-12-02 18:32 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-12-02 17:13 <REP> d-------- C:\WINDOWS\Cache
2006-12-01 19:22 <REP> d-------- C:\Program Files\VectorWorks 10
2006-12-01 18:32 54,784 --a------ C:\WINDOWS\system32\drivers\CDAC11BA.EXE
2006-12-01 18:32 12,464 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2006-12-01 18:32 <REP> d-------- C:\WINDOWS\system32\Common Files
2006-12-01 18:32 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2006-12-01 18:31 <REP> d-------- C:\Program Files\AutoCAD 2004
2006-12-01 17:17 <REP> d-------- C:\Program Files\Microsoft Office
2006-12-01 17:17 <REP> d-------- C:\Program Files\Fichiers communs\Designer
2006-12-01 17:17 <REP> d-------- C:\Program Files\AnswerWorks 4.0
2006-12-01 17:15 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2006-12-01 17:15 <REP> d-------- C:\Program Files\AutoCAD 2005
2006-12-01 17:08 <REP> d-------- C:\WINDOWS\system32\appmgmt
2006-12-01 17:07 <REP> d--hs---- C:\Config.Msi
2006-11-29 20:51 <REP> d-------- C:\WINDOWS\Prefetch
2006-11-29 10:33 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-11-29 10:33 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2006-11-29 10:33 154,112 --a------ C:\WINDOWS\system32\irftp.exe
2006-11-29 10:29 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-11-29 10:29 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-11-29 00:22 <REP> d-------- C:\WINDOWS\setup.pss
2006-11-28 23:33 <REP> d-------- C:\WINDOWS\WBEM
2006-11-28 22:58 <REP> d--hs---- C:\WINDOWS\CSC
2006-11-28 22:42 180,224 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-11-28 22:42 <REP> d-------- C:\WINDOWS\nview
2006-11-28 22:35 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-11-28 22:34 <REP> d-------- C:\NVIDIA
2006-11-24 19:58 <REP> d--h-c--- C:\WINDOWS\ie7
2006-11-24 19:58 <REP> d-------- C:\WINDOWS\system32\en-US
2006-11-24 19:57 121,856 --a------ C:\WINDOWS\system32\xmllite.dll
2006-11-24 19:57 <REP> d-------- C:\WINDOWS\network diagnostic
2006-11-24 19:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-11-22 09:53 <REP> d-------- C:\Documents and Settings\micha\Application Data\U3
2006-11-22 00:12 <REP> d-------- C:\WINDOWS\Minidump
2006-11-20 00:42 <REP> d-------- C:\Program Files\WinRAR
2006-11-20 00:42 <REP> d-------- C:\Program Files\eMule
2006-11-17 03:00 <REP> d-------- C:\Program Files\MSXML 4.0
2006-11-17 03:00 <REP> d-------- C:\650b8c2c98cd6eaf87ef280ee5f8
2006-11-15 16:02 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2006-11-14 03:08 <REP> d-------- C:\Documents and Settings\micha\Application Data\CyberLink
2006-11-12 00:23 680 --a------ C:\Program Files\mpc2.reg
2006-11-12 00:23 596 --a------ C:\Program Files\mpc1.reg
2006-11-12 00:23 568 --a------ C:\Program Files\mpc4.reg
2006-11-12 00:23 30,772 --a------ C:\Program Files\ffdsvsetts.reg
2006-11-12 00:23 3,476 --a------ C:\Program Files\mpc7.reg
2006-11-12 00:23 3,026 --a------ C:\Program Files\mpc3.reg
2006-11-12 00:23 18,156 --a------ C:\Program Files\mpc6.reg
2006-11-12 00:23 16,280 --a------ C:\Program Files\mpc5.reg
2006-11-12 00:23 1,446 --a------ C:\Program Files\ffdssetts.reg
2006-11-12 00:23 1,172 --a------ C:\Program Files\ffdsasetts.reg
2006-11-10 19:57 <REP> dr-h----- C:\$VAULT$.AVG
2006-11-10 19:57 <REP> d-------- C:\Documents and Settings\micha\Application Data\AVG7
2006-11-10 19:52 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-10 19:52 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-10 19:52 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-10 19:52 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-10 19:52 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-10 19:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2006-11-10 19:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2006-11-10 16:51 <REP> d-------- C:\WINDOWS\system32\LogFiles
2006-11-10 15:15 <REP> d-------- C:\Documents and Settings\micha\Application Data\Media Player Classic
2006-11-09 00:24 <REP> d-------- C:\Program Files\merde
2006-11-08 15:32 4 --a------ C:\WINDOWS\IEdate.dll
2006-11-08 00:38 <REP> d-------- C:\WINDOWS\Sun
2006-11-08 00:38 <REP> d-------- C:\Documents and Settings\micha\Application Data\Sun
2006-11-08 00:20 <REP> d--hs---- C:\Documents and Settings\All Users\DRM
2006-11-07 23:34 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-11-07 23:34 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-11-07 23:34 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-11-07 23:34 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-11-07 23:34 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-11-07 23:33 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-11-07 23:28 90,112 --a------ C:\WINDOWS\system32\LQCUI2.dll
2006-11-07 23:28 856,064 --a------ C:\WINDOWS\system32\Ltwvc12n.dll
2006-11-07 23:28 78,336 --a------ C:\WINDOWS\system32\lffax12n.dll
2006-11-07 23:28 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2006-11-07 23:28 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2006-11-07 23:28 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2006-11-07 23:28 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2006-11-07 23:28 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2006-11-07 23:28 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2006-11-07 23:28 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2006-11-07 23:28 466,944 --a------ C:\WINDOWS\system32\QCUI2.dll
2006-11-07 23:28 462,848 --a------ C:\WINDOWS\system32\LCamCpl.dll
2006-11-07 23:28 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2006-11-07 23:28 406,016 --a------ C:\WINDOWS\system32\ltkrn12n.dll
2006-11-07 23:28 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2006-11-07 23:28 372,736 --a------ C:\WINDOWS\system32\LVUI2RC.dll
2006-11-07 23:28 328,704 --a------ C:\WINDOWS\system32\LFCMP12n.DLL
2006-11-07 23:28 30,720 --a------ C:\WINDOWS\system32\lfbmp12n.dll
2006-11-07 23:28 259,072 --a------ C:\WINDOWS\system32\LTDIS12n.dll
2006-11-07 23:28 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2006-11-07 23:28 215,552 --a------ C:\WINDOWS\system32\Lvkrn12n.dll
2006-11-07 23:28 207,872 --a------ C:\WINDOWS\system32\ltefx12n.dll
2006-11-07 23:28 204,800 --a------ C:\WINDOWS\system32\LVUI2.dll
2006-11-07 23:28 204,800 --a------ C:\WINDOWS\system32\lvcodec2.dll
2006-11-07 23:28 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2006-11-07 23:28 164,864 --a------ C:\WINDOWS\system32\ltimg12n.dll
2006-11-07 23:28 141,312 --a------ C:\WINDOWS\system32\lftif12n.dll
2006-11-07 23:28 131,072 --a------ C:\WINDOWS\system32\ltfil12n.DLL
2006-11-07 23:28 106,496 --a------ C:\WINDOWS\system32\lvcoinst.dll
2006-11-07 23:28 1,317,152 --a------ C:\WINDOWS\system32\drivers\lvcm.sys
2006-11-07 23:28 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2006-11-07 23:25 <REP> d-------- C:\Documents and Settings\micha\Shared
2006-11-07 23:25 <REP> d-------- C:\Documents and Settings\micha\Incomplete
2006-11-07 23:19 <REP> d-------- C:\Program Files\Logitech
2006-11-07 22:54 <REP> d-------- C:\Program Files\Java
2006-11-07 22:53 <REP> d-------- C:\Program Files\Fichiers communs\Java
2006-11-07 22:48 <REP> d-------- C:\Program Files\iTunes
2006-11-07 22:48 <REP> d-------- C:\Program Files\iPod
2006-11-07 22:48 <REP> d-------- C:\Documents and Settings\micha\Application Data\Apple Computer
2006-11-07 22:47 <REP> d-------- C:\Program Files\QuickTime
2006-11-07 22:46 <REP> d-------- C:\Program Files\Apple Software Update
2006-11-07 22:41 <REP> d-------- C:\Program Files\LimeWire
2006-11-07 22:40 <REP> d-------- C:\Documents and Settings\micha\.limewire
2006-11-07 22:30 <REP> d-------- C:\Program Files\Satsuki Decoder Pack
2006-11-07 22:20 <REP> d-------- C:\Documents and Settings\micha\Application Data\AdobeUM
2006-11-07 22:18 <REP> d-------- C:\Program Files\ITEKSOFT
2006-11-07 22:10 <REP> d-------- C:\Program Files\Mozilla Firefox
2006-11-07 22:10 <REP> d-------- C:\Documents and Settings\micha\Application Data\Mozilla
2006-11-07 21:03 6,049,280 --a------ C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50,688 --a------ C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458,752 --a------ C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 180,736 --a------ C:\WINDOWS\system32\ieui.dll
2006-11-07 16:20 <REP> d-------- C:\Program Files\MSN Apps
2006-11-07 15:18 <REP> d-------- C:\Program Files\MSN Messenger
2006-11-07 15:13 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-11-07 15:13 <REP> d-------- C:\Documents and Settings\micha\Application Data\Google
2006-11-07 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-07 03:26 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-06 15:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-06 15:15 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-06 15:15 <REP> d-------- C:\Program Files\Grisoft
2006-11-06 14:24 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-11-06 14:24 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2006-11-06 14:20 <REP> d-------- C:\Documents and Settings\micha\Application Data\Abvent
2006-11-06 14:14 <REP> d-------- C:\Program Files\architectue
2006-11-06 12:20 <REP> d-------- C:\Program Files\WinZip
2006-11-06 12:20 <REP> d-------- C:\Program Files\Google
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-04 13:46 -------- d-------- C:\Documents and Settings\micha\Application Data\Adobe
2006-12-04 01:44 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-04 01:43 -------- d---s---- C:\Documents and Settings\micha\Application Data\Microsoft
2006-12-02 18:32 -------- d-------- C:\Program Files\Fichiers communs
2006-12-02 17:27 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-12-02 17:25 -------- d-------- C:\Program Files\Adobe
2006-12-01 18:32 -------- d-------- C:\Program Files\Autodesk
2006-12-01 18:31 -------- d-------- C:\Documents and Settings\micha\Application Data\Autodesk
2006-12-01 17:17 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-29 20:40 -------- d-------- C:\Program Files\Internet Explorer
2006-11-29 20:33 -------- d-------- C:\Program Files\Windows Media Player
2006-11-29 20:33 -------- d-------- C:\Program Files\Outlook Express
2006-11-29 20:33 -------- d-------- C:\Program Files\Fichiers communs\System
2006-11-08 00:12 -------- d-------- C:\Program Files\Messenger
2006-11-07 21:13 -------- d-------- C:\Program Files\MSN
2006-11-02 18:03 -------- d-------- C:\Program Files\architecture
2006-11-01 19:59 -------- d-------- C:\Documents and Settings\micha\Application Data\Help
2006-11-01 19:49 -------- d--h----- C:\Program Files\Uninstall Information
2006-11-01 19:30 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-11-01 19:26 -------- d-------- C:\Program Files\CyberLink
2006-11-01 19:25 -------- d-------- C:\Program Files\Raccourcis de programmes
2006-10-17 12:05 206336 --a------ C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 11:58 61952 --a------ C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --a------ C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:27 380928 --a------ C:\WINDOWS\system32\ieapfltr.dll
2006-10-02 13:44 5120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2006-09-30 08:33 62 --ahs---- C:\Documents and Settings\micha\Application Data\desktop.ini
2006-09-30 06:39 0 -rahs---- C:\MSDOS.SYS
2006-09-30 06:39 0 -rahs---- C:\IO.SYS
2006-09-30 06:39 0 --a------ C:\CONFIG.SYS
2006-09-30 06:39 0 --a------ C:\AUTOEXEC.BAT
2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll
2006-09-06 16:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"fsc-reminder.exe"="C:\\WINDOWS\\reminder\\fsc-reminder.exe 2454041 6"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"SMSERIAL"="sm56hlpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Muscbrigade"="c:\\Musicbrigade\\Musicbrigade.exe check"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,62,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-04 14:28:30.46
C:\ComboFix.txt ... 06-12-04 14:28
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus le mechant winantivirus pro 2006
- ForumRaport hijackthis virus.
- ForumAnalyse scan hijackthis virus
- ForumVirus mechant sous windows linux
- ForumRapport hijackthis pour virus artemis
- ForumHijackthis virus
- ForumVirus pas mechant
- ForumRapport hijackthis virus
- ForumGros virus mechant
- ForumAnalyse de mon hijackthis virus suspecte
- Voir plus
