Avast ne démarre plus
Dernière réponse : dans Sécurité
Bonjour à tous
Voila depuis plusieurs démarrage, avast a la petite icône interdit et ne démarre pas, mon pc met aussi bcp de temps a démarrer, j'ai désinstallé/réinstaller avast, il a marché, puis un démarrage plus tard il s'est de nouveau arrêté... J'ai cherché sur internet et j'ai vu qu il fallait faire un scan Combofix que voila:
ComboFix 09-01-04.01 - Bromm 2009-01-05 14:17:30.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2046.1568 [GMT 1:00]
Lancé depuis: h:\documents and settings\Bromm\Bureau\text.exe
* Un nouveau point de restauration a été créé
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-05 au 2009-01-05 ))))))))))))))))))))))))))))))))))))
.
2009-01-05 14:07 . 2009-01-05 14:09 <REP> d-------- H:\ComboFix
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\program files\Red Kawa
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\program files\AviSynth 2.5
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\documents and settings\Bromm\Application Data\Red Kawa
2008-12-30 21:07 . 2008-12-30 21:07 603,904 --a------ h:\windows\system32\TUProgSt.exe
2008-12-30 21:07 . 2008-12-30 21:07 360,192 --a------ h:\windows\system32\TuneUpDefragService.exe
2008-12-30 21:07 . 2008-12-11 13:31 27,904 --a------ h:\windows\system32\uxtuneup.dll
2008-12-30 19:37 . 2008-12-30 19:38 <REP> d-------- h:\windows\nview
2008-12-30 19:37 . 2006-10-22 12:22 208,896 --a------ h:\windows\system32\nvudisp.exe
2008-12-30 19:37 . 2009-01-05 14:06 88,566 --a------ h:\windows\system32\nvapps.xml
2008-12-30 19:37 . 2006-10-22 12:22 17,056 --a------ h:\windows\system32\nvdisp.nvu
2008-12-30 19:36 . 2006-10-22 15:06 208,896 --a------ h:\windows\system32\NVUNINST.EXE
2008-12-30 19:03 . 2008-12-30 19:04 <REP> d-------- h:\program files\SystemRequirementsLab
2008-12-30 19:03 . 2008-12-30 19:03 <REP> d-------- h:\documents and settings\Bromm\Application Data\SystemRequirementsLab
2008-12-30 19:01 . 2008-12-30 19:01 10 --a------ h:\windows\WININIT.INI
2008-12-16 18:07 . 2008-12-16 18:07 <REP> d-------- h:\program files\MSECache
2008-12-15 21:01 . 2008-12-15 21:03 <REP> d-------- H:\CsLan
2008-12-14 13:47 . 2008-12-14 13:48 <REP> d-------- h:\documents and settings\Bromm\Application Data\vlc
2008-12-11 21:58 . 2008-12-11 22:00 1,393 --a------ h:\windows\imsins.BAK
2008-12-11 20:15 . 2008-12-11 20:15 <REP> d-------- h:\documents and settings\All Users\Application Data\ATI
2008-12-10 18:06 . 2008-12-10 18:06 <REP> d-------- h:\documents and settings\NetworkService\Bureau
2008-12-09 19:38 . 2008-12-09 19:38 <REP> d-------- h:\documents and settings\LocalService\Bureau
2008-12-09 18:38 . 2008-12-30 21:07 <REP> d-------- h:\program files\TuneUp Utilities 2009
2008-12-09 18:37 . 2008-12-09 18:37 <REP> d--hs---- h:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-08 21:54 . 2008-12-08 21:58 <REP> d-------- h:\program files\RocketDock
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-05 13:18 16,608 ----a-w h:\windows\gdrv.sys
2009-01-05 13:11 24,944 ----a-w h:\windows\system32\drivers\GVTDrv.sys
2009-01-04 21:43 --------- d-----w h:\documents and settings\Bromm\Application Data\uTorrent
2009-01-04 21:42 --------- d-----w h:\documents and settings\Bromm\Application Data\Skype
2009-01-04 20:56 --------- d-----w h:\documents and settings\Bromm\Application Data\OpenOffice.org2
2009-01-04 19:35 --------- d-----w h:\documents and settings\Bromm\Application Data\skypePM
2009-01-04 15:13 --------- d-----w h:\program files\a-squared Free
2009-01-03 13:54 --------- d-----w h:\program files\Steam
2008-12-30 18:05 --------- d--h--w h:\program files\InstallShield Installation Information
2008-12-30 18:05 --------- d-----w h:\program files\ASUS
2008-12-23 01:31 22,328 ----a-w h:\windows\system32\drivers\PnkBstrK.sys
2008-12-23 01:31 103,736 ----a-w h:\windows\system32\PnkBstrB.exe
2008-12-22 17:19 --------- d-----w h:\documents and settings\Bromm\Application Data\dvdcss
2008-12-13 14:16 --------- d-----w h:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-09 19:16 --------- d---a-w h:\documents and settings\All Users\Application Data\TEMP
2008-12-09 17:39 --------- d-----w h:\program files\TuneUp Utilities 2008
2008-12-04 21:06 --------- d-----w h:\program files\Bit Che
2008-12-04 21:06 --------- d-----w h:\documents and settings\Bromm\Application Data\Convivea
2008-12-03 18:11 --------- d-----w h:\program files\MSNImageText
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\Teleca
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\Logitech
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\ATI
2008-11-29 13:40 --------- d-----w h:\documents and settings\Bromm\Application Data\Uniblue
2008-11-29 13:39 --------- dc-h--w h:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-11-29 13:39 --------- d-----w h:\program files\Uniblue
2008-11-29 13:30 --------- d-----w h:\program files\Reference Assemblies
2008-11-29 13:30 --------- d-----w h:\program files\MSBuild
2008-11-28 18:34 --------- d-----w h:\program files\Spybot - Search & Destroy
2008-11-28 16:00 --------- d-----w h:\program files\ma-config.com
2008-11-28 16:00 --------- d-----w h:\documents and settings\All Users\Application Data\ma-config.com
2008-11-27 16:23 --------- d-----w h:\windows\system32\config\systemprofile\Application Data\ATI
2008-11-25 20:22 32 ----a-w h:\documents and settings\All Users\Application Data\ezsid.dat
2008-11-23 15:45 --------- d-----w h:\program files\iTunes
2008-11-23 15:45 --------- d-----w h:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-23 15:44 --------- d-----w h:\program files\QuickTime
2008-11-23 15:44 --------- d-----w h:\program files\iPod
2008-11-23 15:44 --------- d-----w h:\program files\Fichiers communs\Apple
2008-11-20 19:27 107,888 ----a-w h:\windows\system32\CmdLineExt.dll
2008-11-18 21:06 --------- d-----w h:\program files\Wolfenstein - Enemy Territory
2008-11-18 17:07 --------- d-----w h:\program files\GDTrackEditor
2008-11-18 16:59 --------- d-----w h:\program files\Sjboy Emulator
2008-11-17 19:39 --------- d-----w h:\program files\Free Audio Pack
2008-11-16 15:51 --------- d-----w h:\documents and settings\Bromm\Application Data\Apple Computer
2008-11-13 21:27 --------- d-----w h:\documents and settings\Bromm\Application Data\LimeWire
2008-11-13 20:48 --------- d-----w h:\program files\LimeWire
2008-11-13 17:26 --------- d-----w h:\program files\Skype
2008-11-13 17:26 --------- d-----w h:\program files\Fichiers communs\Skype
2008-11-13 17:26 --------- d-----w h:\documents and settings\All Users\Application Data\Skype
2008-11-12 17:44 --------- d-----w h:\program files\AMX Mod X
2008-10-23 12:36 286,720 ----a-w h:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w h:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w h:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w h:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w h:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w h:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w h:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w h:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w h:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w h:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w h:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w h:\windows\system32\muweb.dll
2008-09-25 16:14 22,328 ----a-w h:\documents and settings\Bromm\Application Data\PnkBstrK.sys
2008-09-23 16:09 798 ----a-w h:\documents and settings\All Users\Application Data\amlistx.dat
2008-09-23 16:09 54 ----a-w h:\documents and settings\Bromm\Application Data\amopn.dat
2008-02-06 14:24 0 ----a-w h:\documents and settings\All Users\Application Data\amsrv.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="h:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-06 5724184]
"ctfmon.exe"="h:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Vista Rainbar"="h:\program files\Vista Rainbar\Rainmeter.exe" [2006-01-21 118784]
"RocketDock"="h:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Google Update"="h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-15 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Suite"="h:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"EasyTuneVI"="h:\program files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 20480]
"ISUSPM Startup"="h:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="h:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="h:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"avast!"="h:\program files\Alwil Software\Avast4\ashDisp.exe" [2008-11-26 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 h:\windows\KHALMNPR.Exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 h:\windows\RTHDCPL.exe]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 h:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 h:\windows\alcwzrd.exe]
"nwiz"="nwiz.exe" [2006-10-22 h:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
h:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - h:\program files\Logitech\SetPoint\SetPoint.exe [2008-09-07 805392]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "h:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 h:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"VIDC.XFR1"= xfcodec.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=h:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=h:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\H:^Documents and Settings^Bromm^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=h:\documents and settings\Bromm\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=h:\windows\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\filehippo.com]
--a------ 2008-10-22 13:51 147968 h:\program files\filehippo.com\UpdateChecker.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 h:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
--a------ 2008-09-04 05:01 2524416 h:\windows\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 h:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 02:42 144784 h:\program files\Java\jre1.6.0_04\bin\jusched.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="h:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="h:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="h:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier"=h:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"h:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"h:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"h:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"h:\\Program Files\\Steam\\steamapps\\jacko1162\\counter-strike\\hl.exe"=
"h:\\Program Files\\uTorrent\\uTorrent.exe"=
"h:\\Program Files\\Xfire\\xfire.exe"=
"h:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"h:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\WINDOWS\\system32\\dxdiag.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\UpdExe.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\GBTUpd.exe"=
"h:\\Program Files\\iTunes\\iTunes.exe"=
"h:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"h:\\Program Files\\Messenger\\msmsgs.exe"=
"h:\\Program Files\\Steam\\steamapps\\jacko1162\\condition zero\\hl.exe"=
"h:\\CsLan\\counter strike lan\\hl.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;avast! Self Protection;h:\windows\system32\drivers\aswSP.sys [2009-01-04 111184]
R1 EIO_XP;EIO_XP;h:\windows\system32\drivers\EIO_XP.sys [2008-08-24 12288]
R4 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [2009-01-04 20560]
R4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-17 80392]
R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;h:\windows\system32\TUProgSt.exe [2008-12-30 603904]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;h:\windows\system32\drivers\AtiHdmi.sys [2008-08-22 89600]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-09-09 23152]
S3 maconfservice;Ma-Config Service;h:\program files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 NPF;NetGroup Packet Filter Driver;h:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 Video3D;ASUS Video3D Service;h:\windows\system32\Drivers\Video3D32.sys --> h:\windows\system32\Drivers\Video3D32.sys [?]
S4 GVTDrv;GVTDrv; [x]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7fd3cda-80c6-11dd-822b-001fd021adf6}]
\Shell\AutoRun\command - D:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0d41af4-8c11-11dd-8248-001fd021ae26}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"h:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2008-10-21 h:\windows\Tasks\AppleSoftwareUpdate.job
- h:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-01-04 h:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1336601894-725345543-1004.job
- h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-15 18:45]
2009-01-04 h:\windows\Tasks\Maintenance en 1 clic.job
- h:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04]
.
- - - - ORPHELINS SUPPRIMES - - - -
Notify-AtiExtEvent - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - h:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://h:\windows\Java\classes\dajava.cab
h:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - h:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: h:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}\plugins\npagent.dll
FF - plugin: h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: h:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: h:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: h:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
ATTENTION: FIREFOX POLICES IS IN FORCE
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-05 14:18:27
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\h:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1704)
h:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
h:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-01-05 14:18:56
ComboFix-quarantined-files.txt 2009-01-05 13:18:54
Avant-CF: 226'997'583'872 octets libres
Après-CF: 227,073,990,656 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
279 --- E O F --- 2008-12-19 11:55:56
Si qqn pouvait m'aider svp!
Voila depuis plusieurs démarrage, avast a la petite icône interdit et ne démarre pas, mon pc met aussi bcp de temps a démarrer, j'ai désinstallé/réinstaller avast, il a marché, puis un démarrage plus tard il s'est de nouveau arrêté... J'ai cherché sur internet et j'ai vu qu il fallait faire un scan Combofix que voila:
ComboFix 09-01-04.01 - Bromm 2009-01-05 14:17:30.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2046.1568 [GMT 1:00]
Lancé depuis: h:\documents and settings\Bromm\Bureau\text.exe
* Un nouveau point de restauration a été créé
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-05 au 2009-01-05 ))))))))))))))))))))))))))))))))))))
.
2009-01-05 14:07 . 2009-01-05 14:09 <REP> d-------- H:\ComboFix
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\program files\Red Kawa
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\program files\AviSynth 2.5
2008-12-30 22:34 . 2008-12-30 22:34 <REP> d-------- h:\documents and settings\Bromm\Application Data\Red Kawa
2008-12-30 21:07 . 2008-12-30 21:07 603,904 --a------ h:\windows\system32\TUProgSt.exe
2008-12-30 21:07 . 2008-12-30 21:07 360,192 --a------ h:\windows\system32\TuneUpDefragService.exe
2008-12-30 21:07 . 2008-12-11 13:31 27,904 --a------ h:\windows\system32\uxtuneup.dll
2008-12-30 19:37 . 2008-12-30 19:38 <REP> d-------- h:\windows\nview
2008-12-30 19:37 . 2006-10-22 12:22 208,896 --a------ h:\windows\system32\nvudisp.exe
2008-12-30 19:37 . 2009-01-05 14:06 88,566 --a------ h:\windows\system32\nvapps.xml
2008-12-30 19:37 . 2006-10-22 12:22 17,056 --a------ h:\windows\system32\nvdisp.nvu
2008-12-30 19:36 . 2006-10-22 15:06 208,896 --a------ h:\windows\system32\NVUNINST.EXE
2008-12-30 19:03 . 2008-12-30 19:04 <REP> d-------- h:\program files\SystemRequirementsLab
2008-12-30 19:03 . 2008-12-30 19:03 <REP> d-------- h:\documents and settings\Bromm\Application Data\SystemRequirementsLab
2008-12-30 19:01 . 2008-12-30 19:01 10 --a------ h:\windows\WININIT.INI
2008-12-16 18:07 . 2008-12-16 18:07 <REP> d-------- h:\program files\MSECache
2008-12-15 21:01 . 2008-12-15 21:03 <REP> d-------- H:\CsLan
2008-12-14 13:47 . 2008-12-14 13:48 <REP> d-------- h:\documents and settings\Bromm\Application Data\vlc
2008-12-11 21:58 . 2008-12-11 22:00 1,393 --a------ h:\windows\imsins.BAK
2008-12-11 20:15 . 2008-12-11 20:15 <REP> d-------- h:\documents and settings\All Users\Application Data\ATI
2008-12-10 18:06 . 2008-12-10 18:06 <REP> d-------- h:\documents and settings\NetworkService\Bureau
2008-12-09 19:38 . 2008-12-09 19:38 <REP> d-------- h:\documents and settings\LocalService\Bureau
2008-12-09 18:38 . 2008-12-30 21:07 <REP> d-------- h:\program files\TuneUp Utilities 2009
2008-12-09 18:37 . 2008-12-09 18:37 <REP> d--hs---- h:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-08 21:54 . 2008-12-08 21:58 <REP> d-------- h:\program files\RocketDock
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-05 13:18 16,608 ----a-w h:\windows\gdrv.sys
2009-01-05 13:11 24,944 ----a-w h:\windows\system32\drivers\GVTDrv.sys
2009-01-04 21:43 --------- d-----w h:\documents and settings\Bromm\Application Data\uTorrent
2009-01-04 21:42 --------- d-----w h:\documents and settings\Bromm\Application Data\Skype
2009-01-04 20:56 --------- d-----w h:\documents and settings\Bromm\Application Data\OpenOffice.org2
2009-01-04 19:35 --------- d-----w h:\documents and settings\Bromm\Application Data\skypePM
2009-01-04 15:13 --------- d-----w h:\program files\a-squared Free
2009-01-03 13:54 --------- d-----w h:\program files\Steam
2008-12-30 18:05 --------- d--h--w h:\program files\InstallShield Installation Information
2008-12-30 18:05 --------- d-----w h:\program files\ASUS
2008-12-23 01:31 22,328 ----a-w h:\windows\system32\drivers\PnkBstrK.sys
2008-12-23 01:31 103,736 ----a-w h:\windows\system32\PnkBstrB.exe
2008-12-22 17:19 --------- d-----w h:\documents and settings\Bromm\Application Data\dvdcss
2008-12-13 14:16 --------- d-----w h:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-09 19:16 --------- d---a-w h:\documents and settings\All Users\Application Data\TEMP
2008-12-09 17:39 --------- d-----w h:\program files\TuneUp Utilities 2008
2008-12-04 21:06 --------- d-----w h:\program files\Bit Che
2008-12-04 21:06 --------- d-----w h:\documents and settings\Bromm\Application Data\Convivea
2008-12-03 18:11 --------- d-----w h:\program files\MSNImageText
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\Teleca
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\Logitech
2008-11-30 21:06 --------- d-----w h:\documents and settings\Invité\Application Data\ATI
2008-11-29 13:40 --------- d-----w h:\documents and settings\Bromm\Application Data\Uniblue
2008-11-29 13:39 --------- dc-h--w h:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-11-29 13:39 --------- d-----w h:\program files\Uniblue
2008-11-29 13:30 --------- d-----w h:\program files\Reference Assemblies
2008-11-29 13:30 --------- d-----w h:\program files\MSBuild
2008-11-28 18:34 --------- d-----w h:\program files\Spybot - Search & Destroy
2008-11-28 16:00 --------- d-----w h:\program files\ma-config.com
2008-11-28 16:00 --------- d-----w h:\documents and settings\All Users\Application Data\ma-config.com
2008-11-27 16:23 --------- d-----w h:\windows\system32\config\systemprofile\Application Data\ATI
2008-11-25 20:22 32 ----a-w h:\documents and settings\All Users\Application Data\ezsid.dat
2008-11-23 15:45 --------- d-----w h:\program files\iTunes
2008-11-23 15:45 --------- d-----w h:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-23 15:44 --------- d-----w h:\program files\QuickTime
2008-11-23 15:44 --------- d-----w h:\program files\iPod
2008-11-23 15:44 --------- d-----w h:\program files\Fichiers communs\Apple
2008-11-20 19:27 107,888 ----a-w h:\windows\system32\CmdLineExt.dll
2008-11-18 21:06 --------- d-----w h:\program files\Wolfenstein - Enemy Territory
2008-11-18 17:07 --------- d-----w h:\program files\GDTrackEditor
2008-11-18 16:59 --------- d-----w h:\program files\Sjboy Emulator
2008-11-17 19:39 --------- d-----w h:\program files\Free Audio Pack
2008-11-16 15:51 --------- d-----w h:\documents and settings\Bromm\Application Data\Apple Computer
2008-11-13 21:27 --------- d-----w h:\documents and settings\Bromm\Application Data\LimeWire
2008-11-13 20:48 --------- d-----w h:\program files\LimeWire
2008-11-13 17:26 --------- d-----w h:\program files\Skype
2008-11-13 17:26 --------- d-----w h:\program files\Fichiers communs\Skype
2008-11-13 17:26 --------- d-----w h:\documents and settings\All Users\Application Data\Skype
2008-11-12 17:44 --------- d-----w h:\program files\AMX Mod X
2008-10-23 12:36 286,720 ----a-w h:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w h:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w h:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w h:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w h:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w h:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w h:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w h:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w h:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w h:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w h:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w h:\windows\system32\muweb.dll
2008-09-25 16:14 22,328 ----a-w h:\documents and settings\Bromm\Application Data\PnkBstrK.sys
2008-09-23 16:09 798 ----a-w h:\documents and settings\All Users\Application Data\amlistx.dat
2008-09-23 16:09 54 ----a-w h:\documents and settings\Bromm\Application Data\amopn.dat
2008-02-06 14:24 0 ----a-w h:\documents and settings\All Users\Application Data\amsrv.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="h:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-06 5724184]
"ctfmon.exe"="h:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Vista Rainbar"="h:\program files\Vista Rainbar\Rainmeter.exe" [2006-01-21 118784]
"RocketDock"="h:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Google Update"="h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-15 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Suite"="h:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"EasyTuneVI"="h:\program files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 20480]
"ISUSPM Startup"="h:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="h:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="h:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"avast!"="h:\program files\Alwil Software\Avast4\ashDisp.exe" [2008-11-26 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 h:\windows\KHALMNPR.Exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 h:\windows\RTHDCPL.exe]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 h:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 h:\windows\alcwzrd.exe]
"nwiz"="nwiz.exe" [2006-10-22 h:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
h:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - h:\program files\Logitech\SetPoint\SetPoint.exe [2008-09-07 805392]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "h:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 h:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"VIDC.XFR1"= xfcodec.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=h:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=h:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\H:^Documents and Settings^Bromm^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=h:\documents and settings\Bromm\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=h:\windows\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\filehippo.com]
--a------ 2008-10-22 13:51 147968 h:\program files\filehippo.com\UpdateChecker.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 h:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
--a------ 2008-09-04 05:01 2524416 h:\windows\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 h:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 02:42 144784 h:\program files\Java\jre1.6.0_04\bin\jusched.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="h:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="h:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="h:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier"=h:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"h:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"h:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"h:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"h:\\Program Files\\Steam\\steamapps\\jacko1162\\counter-strike\\hl.exe"=
"h:\\Program Files\\uTorrent\\uTorrent.exe"=
"h:\\Program Files\\Xfire\\xfire.exe"=
"h:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"h:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\WINDOWS\\system32\\dxdiag.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\UpdExe.exe"=
"h:\\Program Files\\GIGABYTE\\@BIOS\\GBTUpd.exe"=
"h:\\Program Files\\iTunes\\iTunes.exe"=
"h:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"h:\\Program Files\\Messenger\\msmsgs.exe"=
"h:\\Program Files\\Steam\\steamapps\\jacko1162\\condition zero\\hl.exe"=
"h:\\CsLan\\counter strike lan\\hl.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;avast! Self Protection;h:\windows\system32\drivers\aswSP.sys [2009-01-04 111184]
R1 EIO_XP;EIO_XP;h:\windows\system32\drivers\EIO_XP.sys [2008-08-24 12288]
R4 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [2009-01-04 20560]
R4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-17 80392]
R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;h:\windows\system32\TUProgSt.exe [2008-12-30 603904]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;h:\windows\system32\drivers\AtiHdmi.sys [2008-08-22 89600]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-09-09 23152]
S3 maconfservice;Ma-Config Service;h:\program files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 NPF;NetGroup Packet Filter Driver;h:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 Video3D;ASUS Video3D Service;h:\windows\system32\Drivers\Video3D32.sys --> h:\windows\system32\Drivers\Video3D32.sys [?]
S4 GVTDrv;GVTDrv; [x]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7fd3cda-80c6-11dd-822b-001fd021adf6}]
\Shell\AutoRun\command - D:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0d41af4-8c11-11dd-8248-001fd021ae26}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"h:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2008-10-21 h:\windows\Tasks\AppleSoftwareUpdate.job
- h:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-01-04 h:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1336601894-725345543-1004.job
- h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-15 18:45]
2009-01-04 h:\windows\Tasks\Maintenance en 1 clic.job
- h:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04]
.
- - - - ORPHELINS SUPPRIMES - - - -
Notify-AtiExtEvent - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - h:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://h:\windows\Java\classes\dajava.cab
h:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - h:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: h:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: h:\documents and settings\Bromm\Application Data\Mozilla\Firefox\Profiles\9i8l7mbr.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}\plugins\npagent.dll
FF - plugin: h:\documents and settings\Bromm\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: h:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: h:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: h:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
ATTENTION: FIREFOX POLICES IS IN FORCE
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-05 14:18:27
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\h:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1704)
h:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
h:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-01-05 14:18:56
ComboFix-quarantined-files.txt 2009-01-05 13:18:54
Avant-CF: 226'997'583'872 octets libres
Après-CF: 227,073,990,656 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
279 --- E O F --- 2008-12-19 11:55:56
Si qqn pouvait m'aider svp!
Autres pages sur : avast demarre
Lassé par la pub ? Créez un compte
Lassé par la pub ? Créez un compte
- Contenus similaires :
- SolutionsMSE ou Avast
- SolutionsToshiba satellite p200d ne demarre pas
- SolutionsMon ordinateur ne démarre qu\'après 4 ou 5 essais. je dois débrancher et recomme
- SolutionsSeven ne démarre pas
- SolutionsInterface graphique avast
- SolutionsMon avast ne veut pas s'activer
- SolutionsBonjour - Avast et problème avec Free mp3 converter
- SolutionsBackup Pc (conflit Avast et NOD32 )
- SolutionsProbleme carte mere pc demarre plus
- Voir plus
