Se connecter / S'enregistrer
Votre question

Iexplorer se lance tout seul

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Juillet 2010 14:12:48

Salut,

depuis quelques jours, j'ai Iexplorer qui se lance tout seul et le volume du son passe au mute.

J'ai installé Spybot ainsi que Malwarebyte mais rien n'y fait malgrés un scan complet. J'ai aussi checker que mon antivirus était bien à jour et j'ai aussi fait un scan.

Je viens de lancer hijackthis et en voilà le resultat :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:25, on 02/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\notes\nsd.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\notes\ntmulti.exe
C:\PROGRA~1\AT&TNE~2\netcfgsvr.exe
C:\Program Files\AT&T Network Client\NetClientSvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\svchost.exe
c:\notes\NLNOTES.EXE
c:\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.0.200811140851\win32\x86\notes2.exe
c:\notes\ntaskldr.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AT&T Network Client\NetClient.exe
C:\Program Files\AT&T Network Client\NetMsg.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\IBM\Sametime Connect\sametime.exe
C:\PROGRA~1\IBM\SAMETI~1\jre\bin\sametime75.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Spotify\spotify.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://w3-01.ibm.com/tools/wam/assetcenter
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:8080
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [ipmcmu] c:\Program Files\IBM\IPM Client Migration Utility\ipmcmu.exe "c:\Program Files\IBM\IPM Client Migration Utility"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FastStone Capture.lnk = C:\Program Files\FastStone Capture\FSCapture.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://quickrdomino.tap.ibm.com/qp2.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {91BDCA0D-3272-44FB-A99D-685ABFC734A1} (WindowControl Class) - https://w3.sdportal.ibm.com/wps/PA_1_M37III4200VL4023G3...
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} (gpwsx.plugin) - http://w3.ibm.com/tools/print/plugin/gpwsx.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BFFFEE0-B329-4C37-8464-01E35BA55FA3}: Domain = ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BFFFEE0-B329-4C37-8464-01E35BA55FA3}: NameServer = 9.64.162.21
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = brno-centrum.cz.ibm.com,praha.cz.ibm.com,cz.ibm.com,IBM.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BFFFEE0-B329-4C37-8464-01E35BA55FA3}: Domain = ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BFFFEE0-B329-4C37-8464-01E35BA55FA3}: NameServer = 9.64.162.21
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = brno-centrum.cz.ibm.com,praha.cz.ibm.com,cz.ibm.com,IBM.COM
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = brno-centrum.cz.ibm.com,praha.cz.ibm.com,cz.ibm.com,IBM.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = brno-centrum.cz.ibm.com,praha.cz.ibm.com,cz.ibm.com,IBM.COM
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lotus Notes NSD Service (Lotus Notes Diagnostics) - IBM - c:\notes\nsd.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - c:\notes\ntmulti.exe
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\PROGRA~1\AT&TNE~2\netcfgsvr.exe
O23 - Service: AT&T Global Network Client Service (NetClientSvc) - AT&T - C:\Program Files\AT&T Network Client\NetClientSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O24 - Desktop Component 1: Shared Infra - http://www.google.com/calendar/embed?src=4eprqecb3ovjm3...

--
End of file - 18560 bytes


Merci de votre aide.

Autres pages sur : iexplorer lance seul

2 Juillet 2010 15:02:12

Bon, j'avoue être un peu jaloux, seulement 6 lectures de mon poste après 35mn alors que d'autres post plus récent ont déjà eu des réponses :-)

Remonte petit topic :-P
3 Juillet 2010 00:39:20

Toujours pas de réponses, help help, Iexplore commence sérieusement à me les briser menu...
Contenus similaires
3 Juillet 2010 10:51:29

Je continue mon analyse tout seul, mais j'ai tout de même peur de faire des bétises.
J'ai trouver des utilitaires qui sont censé aider tel que : Combofix et AD-R

AD-R ne trouve rien
Combofix à supprimé 2 fichiers.

mon probleme iexplorer avait l'air d'avoir disparu mais finalement non.
Le son se met également toujours automatiquement en mute.
3 Juillet 2010 11:01:33

Voilà les log :

AD-R

======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======

Updated by C_XX on 23/06/10 at 19:20
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Launched at 01:22:55 on 03/07/2010, Normal boot

Microsoft Windows XP Professional Service Pack 3 (X86)
nbruneau@L34191B ( )

============== SEARCH ==============




============== ADDITIONNAL SCAN ==============

** Mozilla Firefox Version [3.6.6 (fr)] **

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4peekrci.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Administrator\\Desktop
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.6

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4peekrci.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Administrator\\Desktop
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.6

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4peekrci.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Administrator\\Desktop
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.6

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4peekrci.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Administrator\\Desktop
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.6

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\4peekrci.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Administrator\\Desktop
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.6

========================================

** Internet Explorer Version [6.0.2900.5512] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 35 File(s)
C:\Program Files\Ad-Remover\Backup: 17 File(s)

C:\Ad-Report-CLEAN[1].txt - 01/07/2010 (6666 Byte(s))
C:\Ad-Report-SCAN[1].txt - 01/07/2010 (9956 Byte(s))
C:\Ad-Report-SCAN[2].txt - 03/07/2010 (1670 Byte(s))

End at: 01:33:00, 03/07/2010

============== E.O.F ==============


Combofix :

ComboFix 10-07-01.02 - nbruneau 03/07/2010 2:13.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.2047.1431 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Client Firewall *enabled* {5CB76A43-5FAD-476B-B9FF-26FA61F13187}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Internet Explorer.lnk
c:\windows\system\MSNDF.DLL

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-01 05:43 . 2010-07-01 06:32 -------- d--h--w- c:\windows\$hf_mig$
2010-06-30 22:35 . 2010-06-30 22:35 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Google
2010-06-30 22:29 . 2010-06-30 22:29 -------- d-----w- c:\program files\CodeStuff
2010-06-30 22:25 . 2010-07-02 23:32 -------- d-----w- c:\program files\Ad-Remover
2010-06-30 12:00 . 2010-07-02 23:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-30 12:00 . 2010-07-02 23:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-30 11:14 . 2010-06-30 11:14 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Search Settings
2010-06-30 11:14 . 2010-06-30 11:14 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\pdfforge
2010-06-28 16:32 . 2010-06-28 16:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Western_Digital
2010-06-28 16:20 . 2010-06-28 16:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Western Digital
2010-06-28 16:19 . 2010-06-28 16:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Western Digital
2010-06-28 16:19 . 2010-06-28 16:19 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2010-06-28 16:19 . 2009-02-13 09:02 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys
2010-06-28 16:18 . 2010-06-28 16:18 -------- d-----w- c:\program files\Western Digital
2010-06-28 16:18 . 2010-06-28 16:18 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Western Digital
2010-06-23 19:35 . 2010-06-23 19:35 -------- d-----w- c:\program files\iPod
2010-06-23 19:35 . 2010-06-23 19:36 -------- d-----w- c:\program files\iTunes
2010-06-23 19:24 . 2010-06-23 19:24 -------- d-----w- c:\program files\Bonjour
2010-06-18 08:22 . 2010-06-18 08:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\WDPlugin
2010-06-18 08:17 . 2010-06-18 08:18 -------- d-----w- c:\program files\LotusLive Meetings for IBM
2010-06-14 09:49 . 2010-06-14 09:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\Obsidium
2010-06-14 09:49 . 2010-06-20 08:33 -------- d-----w- c:\documents and settings\All Users\Application Data\AllMyMovies
2010-06-07 23:17 . 2010-06-20 07:23 -------- d-----w- c:\program files\AllMyMovies
2010-06-07 14:35 . 2010-06-07 14:35 548832 ----a-w- C:\table_analysis.zip
2010-06-06 16:07 . 2010-06-06 16:08 -------- d-----w- c:\documents and settings\Administrator\Application Data\Filmotech_prefs

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-02 23:57 . 2006-07-17 20:56 -------- d-----w- c:\program files\IBM Ayudame
2010-07-02 15:22 . 2009-09-11 07:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spotify
2010-07-01 19:16 . 2009-10-23 14:34 -------- d-----w- c:\program files\RAR Password Recovery Magic
2010-07-01 06:46 . 2009-11-27 13:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-30 22:36 . 2007-03-05 22:09 40 ----a-w- c:\windows\system32\profile.dat
2010-06-30 21:56 . 2005-04-05 17:21 -------- d-----w- c:\program files\C4ebreg
2010-06-30 12:08 . 2006-01-24 00:45 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-06-30 11:43 . 2006-03-27 21:50 -------- d-----w- c:\program files\WST
2010-06-30 09:49 . 2009-05-26 06:16 98304 ----a-w- c:\windows\DUMPf8e9.tmp
2010-06-26 17:19 . 2010-03-29 18:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2010-06-23 19:35 . 2008-09-25 17:44 -------- d-----w- c:\program files\Common Files\Apple
2010-06-18 08:17 . 2005-04-05 19:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-18 07:36 . 2009-12-03 09:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-05 14:01 . 2010-05-09 12:19 -------- d-----w- c:\documents and settings\Administrator\Application Data\MediaRenamer
2010-05-30 10:00 . 2008-09-28 15:27 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-28 06:34 . 2010-05-28 06:34 -------- d-----w- c:\program files\PGP Corporation
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-17 17:08 . 2008-07-09 20:15 -------- d-----w- c:\program files\Google
2010-05-14 08:31 . 2010-05-14 08:31 -------- d-----w- c:\program files\Moleskinsoft Clone Remover 3.8
2010-05-09 12:17 . 2010-05-09 12:17 -------- d-----w- c:\program files\Media Renamer
2010-05-07 09:09 . 2007-12-03 10:51 -------- d-----w- c:\program files\AT&T Network Client
2010-05-07 06:51 . 2007-09-05 21:03 -------- d-----w- c:\program files\AT&T Network Client Install
2010-05-07 06:51 . 2010-05-07 06:51 -------- d-----w- c:\program files\AT&T Global Network Client
2010-05-07 06:51 . 2010-05-07 06:51 -------- d-----w- c:\documents and settings\All Users\Application Data\AGNS
2010-05-03 12:38 . 2005-04-04 18:17 101912 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 05:22 . 2004-08-04 05:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2009-11-27 13:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-11-27 13:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-20 05:30 . 2004-08-04 05:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-19 18:47 . 2009-03-13 10:36 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2008-09-25 17:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-16 16:09 . 2004-08-04 05:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-04-16 16:09 . 2004-08-04 05:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-11-30 12:48 . 2009-11-30 12:48 937433 ----a-w- c:\program files\QuickPar.rar
2009-01-31 03:02 . 2009-01-31 03:02 24 ----a-w- c:\program files\satsukidecodersettings.ini
2009-01-31 03:02 . 2009-01-31 03:02 3436 ----a-w- c:\program files\mpc7.reg
2009-01-31 03:02 . 2009-01-31 03:02 15378 ----a-w- c:\program files\mpc6.reg
2009-01-31 03:02 . 2009-01-31 03:02 680 ----a-w- c:\program files\mpc2.reg
2009-01-31 03:02 . 2009-01-31 03:02 596 ----a-w- c:\program files\mpc1.reg
2009-01-31 03:02 . 2009-01-31 03:02 2910 ----a-w- c:\program files\mpc3.reg
2009-01-31 03:02 . 2009-01-31 03:02 16142 ----a-w- c:\program files\mpc5.reg
2010-02-27 05:04 . 2009-07-09 11:23 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-07-03 08:05 . 2008-11-28 09:33 27976 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll
2009-07-03 08:05 . 2008-11-28 09:33 126360 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll
2008-11-28 09:33 . 2008-11-28 09:33 98712 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-10 58416]
"BMMGAG"="c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll" [2005-04-20 110592]
"BMMLREF"="c:\program files\ThinkPad\Utilities\BMMLREF.EXE" [2005-04-20 20480]
"BMMMONWND"="c:\progra~1\ThinkPad\UTILIT~1\BatInfEx.dll" [2005-04-20 396288]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2005-04-20 208896]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-06-24 126976]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-06-24 561152]
"TP4EX"="tp4ex.exe" [2005-10-17 65536]
"TpShocks"="TpShocks.exe" [2007-03-29 181808]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2008-09-30 68976]
"ipmcmu"="c:\program files\IBM\IPM Client Migration Utility\ipmcmu.exe" [2009-06-16 204800]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-27 30192]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2008-08-15 143360]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2008-08-15 425984]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
FastStone Capture.lnk - c:\program files\FastStone Capture\FSCapture.exe [2007-2-23 1115136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pcsinst]
2005-09-06 18:43 49152 ----a-w- c:\windows\system32\pcsinst.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 14:37 34344 ----a-w- c:\program files\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 17:14 28672 ----a-w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Logitech Touch Mouse Server.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk
backup=c:\windows\pss\Logitech Touch Mouse Server.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Lotus Quickr Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Lotus Quickr Monitor.lnk
backup=c:\windows\pss\Lotus Quickr Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Lotus QuickStart.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Lotus QuickStart.lnk
backup=c:\windows\pss\Lotus QuickStart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pmonmh]
c:\program files\IBM\My Help\plugins\\com.ibm.myhelp.common_1.4.19 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C4EBReg]
2010-02-25 18:10 482584 ----a-w- c:\program files\C4ebreg\c4ebreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 11:39 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 05:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Isamtray]
2010-02-25 18:11 285976 ----a-w- c:\program files\C4ebreg\isamtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISSI Service]
2010-02-11 11:29 241392 ----a-w- c:\sdwork\issimsvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyHelpService]
2009-03-13 02:59 94208 ----a-w- c:\program files\IBM\My Help\workspace\service\delayStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetSP - restore settings on power failure]
2009-10-07 10:36 87392 ----a-w- c:\program files\AT&T Network Client\NetSP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 05:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 05:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sametime Connect 7.5]
2007-04-16 14:59 565248 ----a-w- c:\program files\IBM\Sametime Connect\sametime.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-03-20 22:16 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TomTomHOMEService"=2 (0x2)
"btwdins"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"RDSessMgr"=2 (0x2)
"odserv"=3 (0x3)
"ISSIMon"=2 (0x2)
"ISAMSvc"=2 (0x2)
"ISAMsmt"=2 (0x2)
"gusvc"=3 (0x3)
"gupdate1c981603ae21690"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"Eventlog"=2 (0x2)
"BthServ"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\putty\\PUTTY.EXE"=
"c:\\Program Files\\sappc\\SAPgui\\saplogon.exe"=
"c:\\Program Files\\IBM\\My Help\\jre\\bin\\myhelpw.exe"=
"c:\\sdwork\\W32MAIN2.EXE"=
"c:\\Program Files\\AT&T Network Client\\NetClient.exe"=
"c:\\Program Files\\IBM\\Infoprint Select\\ipnotify.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\IBM Ayudame\\ayudame.exe"=
"c:\\Program Files\\IBM\\Sametime Connect\\jre\\bin\\sametime75.exe"=
"c:\\Program Files\\GRETECH\\GomPlayer\\GOM.exe"=
"c:\\WINDOWS\\system32\\mstsc.exe"=
"c:\\sdwork\\w32maing.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\notes\\framework\\rcp\\eclipse\\plugins\\com.ibm.rcp.base_6.2.0.200811140851\\win32\\x86\\notes2.exe"=
"c:\\Program Files\\mbpowertools\\iReceiver.exe"=
"c:\\Program Files\\iPhone Tunnel Suite\\iTunnel\\iTunnel.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Synology Download Redirector\\Redirector.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\java.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Contacts\\wlcomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Logitech Touch Mouse Server\\iTouch-Server-Win.exe"=
"c:\\Program Files\\Mojo\\Mojo.exe"=
"c:\\Program Files\\Synology Assistant\\DSAssistant.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"7898:TCP"= 7898:TCP:test
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"34641:TCP"= 34641:TCP:iReceiver
"5000:TCP"= 5000:TCP:Syno
"500:UDP"= 500:UDP:Synologie

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [02/03/2007 19:47 19760]
R1 TPPWR;TPPWR;c:\windows\system32\drivers\TPPWR.SYS [03/12/2007 12:44 16384]
R2 Lotus Notes Diagnostics;Lotus Notes NSD Service;c:\notes\nsd.exe -svcinvoke -ini "c:\notes\notes.ini" --> c:\notes\nsd.exe -svcinvoke -ini c:\notes\notes.ini [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [27/11/2009 15:30 304464]
R2 NetClientSvc;AT&T Global Network Client Service;c:\program files\AT&T Network Client\NetClientSvc.exe [07/10/2009 12:36 263520]
R2 SavRoam;SAVRoam;c:\program files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe [27/09/2006 22:33 116464]
R2 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [06/08/2007 14:36 557056]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13/11/2009 11:28 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 08:58 20480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28/05/2010 00:53 102448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [27/11/2009 15:30 20952]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [09/07/2009 13:23 30192]
S3 IsamFilter;IsamFilter;c:\windows\system32\drivers\isamfilter.sys [06/10/2009 22:28 6400]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [02/06/2009 00:18 17408]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\DRIVERS\RT2860.sys --> c:\windows\system32\DRIVERS\RT2860.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [28/06/2010 18:19 11520]
S4 gupdate1c981603ae21690;Google Update Service (gupdate1c981603ae21690);c:\program files\Google\Update\GoogleUpdate.exe [28/01/2009 17:51 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/05/2008 21:22 717296]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 13:31 92008]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - mchInjDrv
.
Obsah adresáře 'Naplánované úlohy'

2010-06-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-06-30 c:\windows\Tasks\At2.job
- c:\program files\IBM\IPM Client Migration Utility\ipmcmu.exe [2009-06-16 07:02]

2010-05-21 c:\windows\Tasks\BMMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2007-12-03 00:00]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-28 15:50]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-28 15:50]

2010-07-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-12-12 21:18]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://w3-01.ibm.com/tools/wam/assetcenter
uInternet Settings,ProxyServer = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:8080
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: ibm.com\w3.sdportal
Trusted Zone: ibm.com \w3.sdportal-preprod.uk
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {91BDCA0D-3272-44FB-A99D-685ABFC734A1} - hxxps://w3.sdportal.ibm.com/wps/PA_1_M37III4200VL4023G3G35N3000/tsac/tsacmanager.dll
DPF: {9519B2A2-6592-4E41-8290-D0298459270C} - hxxp://w3.ibm.com/bluepages/scripts/lnwebassist.cab
DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} - hxxp://w3.ibm.com/tools/print/plugin/gpwsx.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4peekrci.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - localhost
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 2
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npcpsweb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwdplugin821.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
PK í‘ě6“žŰĽ ˇ user.jsíÔM
Â0†á˝ŕ¤+‰Öńß•'‘1ťbplC’
Ţ^¤>×J—IŕŮL%|r˜Yö|tęŇÍřZťí®Š/łń ÓÚ˛–NE]uŽŮh×ď5źžżÎ›čRűĎ)%żťLbnRŕ«ăĘ”aĐĹŠ„âĹŠKW(®QÜ ˜OQőśîA+A,A-A.A/A0A1A2a3˝CÓ_ýS꯷€=‰=kÍEś‘ŠŹ*Ĺc)°ęŢZ‰í^yž;PK í‘ě6“žŰĽ ˇ user.jsPK 5 á c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.bookmark_page", false);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.current_page", false);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.restore_default", false);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importBookmarksHTML", true);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importDefaults", false);
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.search.selectedEngine", "xeoo.com");
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("keyword.URL", "http://xeoo.com/?p=url&a=firefox&k=");
c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.startup.homepage", "http://www.xeoo.com/?p=h&a=firefox");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Notify-ACNotify - ACNotify.dll
Notify-atmgrtok - atmgrtok.dll
MSConfigStartUp-LELA - c:\program files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 02:35
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ipmcmu = c:\program files\IBM\IPM Client Migration Utility\ipmcmu.exe "c:\program files\IBM\IPM Client Migration Utility"?run key ipmcmu was set successfully?run key ipmcmu was not set successfully?Error, Windows run key not found?The service "Task Scheduler" is not ru

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
called modules: >>UNKNOWN [0x804D7000]<< >>UNKNOWN [0xF76B7000]<< >>UNKNOWN [0xF76A7000]<< >>UNKNOWN [0xF75A8000]<< >>UNKNOWN [0x806EE000]<< >>UNKNOWN [0xF7464000]<< >>UNKNOWN [0xF7A4F000]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> 0xf76bbf28
\Driver\ACPI -> 0xf75aecb8
\Driver\atapi -> 0xf746a852
\Driver\iaStor -> 0xf7b1bb58
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Intel(R) PRO/Wireless 2200BG Network Connection -> SendCompleteHandler -> 0xba62dbb0
PacketIndicateHandler -> 0xba61ca0d
SendHandler -> 0xba630b40
Warning: possible MBR rootkit infection !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\mc24.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(788)
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\Lenovo\HOTKEY\tphklock.dll
c:\program files\IBM\Personal Communications\atmgrtok.dll
c:\program files\IBM\Personal Communications\MILLUTIL.DLL
c:\windows\system32\pcsinst.dll

- - - - - - - > 'explorer.exe'(5100)
c:\program files\SuperCopier2\SC2Hook.dll
c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\ccProxy.exe
c:\program files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
c:\program files\IBM\Personal Communications\PCS_AGNT.EXE
c:\program files\Common Files\Symantec Shared\SNDSrvc.exe
c:\windows\system32\Drivers\trcboot.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\notes\nsd.exe
c:\program files\Internet Explorer\iexplore.exe
c:\notes\ntmulti.exe
c:\windows\system32\Ati2evxx.exe
c:\progra~1\AT&TNE~2\netcfgsvr.exe
c:\windows\system32\WgaTray.exe
c:\program files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
c:\windows\System32\TPHDEXLG.exe
c:\windows\system32\TpKmpSVC.exe
c:\windows\System32\vssvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\windows\system32\Drivers\ldlcserv.exe
c:\windows\system32\RunDll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\TpShocks.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 02:55:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 00:55

Před spuštěním: 16 908 886 016 bytes free
Po spuštění: 17 370 898 432 bytes free

- - End Of File - - D16BEABC5F964FE2A933D9E40D133FF3

Désolé pour Combofix, le résultat est en Tchèque, probablement du fait de certains settings de mon portable vu que je suis en Tchéquie.
3 Juillet 2010 11:18:39

Alors la suite de mes élèvements :

Suite au resultat de Combofix, j'ai fais un fox du mbr.
J'ai ensuite rebooté. Plus de process Iexplorer qui tourne. Mais il me semble qu'hier c'était pareil et que c'est revenu un peu plus tard...
7 Juillet 2010 15:14:36

Bon ben juste pour dire que j'ai finalement réussi à me débarasser de mon iexplorer.
Merci de votre aide à tous... :-D
14 Juillet 2010 01:49:58

J'ai le meme probleme mais je ne suis pas sur de comprendre la solution que tu as trouve .... Pourrais tu etre un peu plus explicite? Merci d'avance.
19 Juillet 2010 16:55:42

@ckloeckner : Ouvre ton propre sujet, chaque cas est différent
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS