Bonjour,pouvez vous donner un avis sur ce rendu de scan.il est un peu ancien pues en refaire.un ComboFix 09-03-29.02 - ced 2009-03-30 13:48:14.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.2047.1438 [GMT 2:00] Lancé depuis: c:\documents and settings\ced\Bureau\Bibitte.exe Commutateurs utilisés :: c:\documents and settings\ced\Mes documents\CFScript.txt * Un nouveau point de restauration a été créé FILE :: c:\program files\AskBarDis\bar\bin\AskService.exe c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe c:\windows\system32\DA9F6BC5AD.sys . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\AskBarDis\bar\bin\AskService.exe c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe c:\windows\system32\DA9F6BC5AD.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASKSERVICE -------\Legacy_ASKUPGRADE -------\Service_ASKService -------\Service_ASKUpgrade ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-28 au 2009-03-30 )))))))))))))))))))))))))))))))))))) . 2009-03-29 14:55 . 2009-03-29 14:55 <REP> d-------- c:\documents and settings\All Users\Application Data\HP 2009-03-29 14:53 . 2009-03-29 14:56 19,554 --a------ c:\windows\hpqins13.dat 2009-03-14 09:11 . 2009-03-14 09:11 <REP> d---s---- c:\documents and settings\ced\UserData 2009-03-14 09:11 . 2008-10-16 15:06 268,648 --a------ c:\windows\system32\mucltui.dll 2009-03-14 09:11 . 2008-10-16 15:06 208,744 --a------ c:\windows\system32\muweb.dll 2009-03-14 09:11 . 2008-10-16 15:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2009-03-13 14:58 . 2009-03-30 13:50 <REP> d-------- c:\documents and settings\ced\Tracing 2009-03-13 14:55 . 2009-03-17 09:22 <REP> d-------- c:\program files\Microsoft Silverlight 2009-03-13 14:55 . 2009-03-13 14:55 <REP> d-------- c:\program files\Microsoft 2009-03-13 14:54 . 2009-03-13 14:54 <REP> d-------- c:\program files\Windows Live SkyDrive 2009-03-13 14:54 . 2009-03-13 14:55 <REP> d-------- c:\program files\Windows Live 2009-03-13 14:50 . 2009-03-13 14:50 <REP> d-------- c:\program files\Fichiers communs\Windows Live 2009-02-25 22:29 . 2009-02-25 22:29 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-25 22:29 . 2009-02-25 22:29 <REP> d-------- c:\documents and settings\ced\Application Data\Malwarebytes 2009-02-25 22:29 . 2009-02-25 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-25 22:29 . 2009-02-11 11:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-25 22:29 . 2009-02-11 11:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-25 21:43 . 2009-03-01 22:21 <REP> d-------- C:\rsit 2009-02-25 21:43 . 2009-03-24 09:17 <REP> d-------- c:\program files\trend micro 2009-02-25 20:35 . 2009-02-25 21:42 <REP> d-------- c:\program files\Navilog1 2009-02-25 13:19 . 2009-02-25 13:19 <REP> d-------- c:\program files\Fichiers communs\DirectX 2009-02-22 22:58 . 2009-02-25 13:19 <REP> d-------- c:\program files\Bagger-Simulator 2008 Demo 2009-02-22 20:40 . 2009-02-25 13:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Trymedia 2009-02-22 19:07 . 2009-02-25 13:19 <REP> d-------- c:\program files\Trymedia 2009-02-22 19:07 . 2009-02-23 22:42 36,734 --a------ c:\windows\system32\OggDSuninst.exe 2009-02-22 11:29 . 2009-03-01 20:51 <REP> d--h----- c:\documents and settings\ced\Application Data\drivers 2009-02-22 00:49 . 2009-03-24 09:19 <REP> d-------- c:\program files\sixteen tons entertainment 2009-02-16 20:46 . 2009-02-16 20:46 <REP> d-------- c:\documents and settings\ced\Application Data\Corel 2009-02-16 20:46 . 2009-02-16 20:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Corel 2009-02-16 20:44 . 2009-02-16 20:45 <REP> d-------- c:\program files\Fichiers communs\Corel 2009-02-16 20:40 . 2009-03-29 14:00 2,516 --ahs---- c:\windows\system32\KGyGaAvL.sys 2009-02-16 20:38 . 2009-02-16 20:38 <REP> d-------- c:\documents and settings\ced\Application Data\InstallShield 2009-02-06 19:52 . 2009-02-06 19:52 49,504 --a------ c:\windows\system32\sirenacm.dll 2009-02-05 22:47 . 2009-02-05 22:47 <REP> d-------- c:\program files\AskSearch 2009-02-05 22:47 . 2009-02-05 22:47 <REP> d-------- c:\program files\AskBarDis 2009-02-05 22:47 . 2009-03-29 23:09 <REP> d-------- c:\documents and settings\ced\Application Data\Azureus 2009-02-05 22:47 . 2009-02-05 22:47 <REP> d-------- c:\documents and settings\All Users\Application Data\Azureus 2009-02-05 22:45 . 2009-02-05 22:45 <REP> d-------- c:\program files\Fichiers communs\i4j_jres . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-30 10:20 --------- d-----w c:\documents and settings\ced\Application Data\EoRezo 2009-03-30 08:08 --------- d-----w c:\program files\EoRezo 2009-03-29 15:54 --------- d-----w c:\documents and settings\ced\Application Data\Apple Computer 2009-03-26 12:40 --------- d-----w c:\program files\DAEMON Tools Toolbar 2009-03-25 07:05 --------- d--h--w c:\program files\InstallShield Installation Information 2008-10-27 10:46 26,596,640 -c--a-w c:\program files\AdbeRdr90_fr_FR.exe . ((((((((((((((((((((((((((((( SnapShot@2009-03-01_19.53.44.59 ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-09 13:59:50 1,847,680 ----a-w c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys + 2008-07-09 07:40:22 18,296 ----a-w c:\windows\$hf_mig$\KB958690\spmsg.dll + 2008-07-09 07:40:24 234,872 ----a-w c:\windows\$hf_mig$\KB958690\spuninst.exe + 2008-07-09 07:40:22 26,488 ----a-w c:\windows\$hf_mig$\KB958690\update\spcustom.dll + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB958690\update\update.exe + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB958690\update\updspapi.dll + 2008-12-05 06:59:36 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB960225\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB960225\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB960225\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB960225\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB960225\update\updspapi.dll + 2008-06-17 19:04:03 8,518,144 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll + 2008-07-09 07:40:22 18,296 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll + 2008-07-09 07:40:24 234,872 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe + 2008-07-09 07:40:22 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll - 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE + 2005-10-20 18:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE - 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE + 2005-10-20 18:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE - 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe + 2000-08-31 06:00:00 89,504 ----a-w c:\windows\fdsv.exe - 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe + 2000-08-31 06:00:00 80,412 ----a-w c:\windows\grep.exe + 2009-03-13 12:55:24 80,395 ----a-r c:\windows\Installer\{059C042E-796A-4ACC-A81A-ECC2010BB78C}\MsblIco.Exe + 2009-03-13 12:54:50 62,304 ----a-r c:\windows\Installer\{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}\IconWlc.exe - 2008-11-01 09:59:39 167,936 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe + 2009-03-18 12:31:40 167,936 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe - 2008-11-01 09:59:39 2,560 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2009-03-18 12:31:40 2,560 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe - 2008-11-01 09:59:39 81,920 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe + 2009-03-18 12:31:40 81,920 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe - 2008-11-01 09:59:39 34,304 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe + 2009-03-18 12:31:40 34,304 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe - 2008-11-01 09:59:39 8,192 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe + 2009-03-18 12:31:40 8,192 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-11-01 09:59:39 3,584 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe + 2009-03-18 12:31:40 3,584 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe - 2008-11-01 09:59:39 114,688 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe + 2009-03-18 12:31:40 114,688 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe - 2008-11-01 09:59:39 16,384 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe + 2009-03-18 12:31:40 16,384 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe - 2008-11-01 09:59:39 30,720 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe + 2009-03-18 12:31:40 30,720 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe - 2008-11-01 09:59:39 22,528 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe + 2009-03-18 12:31:40 22,528 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe - 2008-11-01 09:59:39 45,056 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe + 2009-03-18 12:31:40 45,056 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe - 2008-11-01 09:59:39 90,112 -c--a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe + 2009-03-18 12:31:40 90,112 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut10.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut11.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut12.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut13.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut14.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut15.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut16.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut17.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut18.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut19.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut2_1.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut20.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut21.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut22.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut23.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut24.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut25.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut26.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut27.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut28.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut5.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut6.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut7.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut8.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe + 2009-03-29 12:55:44 25,214 ----a-r c:\windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut9.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe - 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe + 2000-08-31 06:00:00 29,696 ----a-w c:\windows\NIRCMD.exe - 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe + 2000-08-31 06:00:00 98,816 ----a-w c:\windows\sed.exe - 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe + 2000-08-31 06:00:00 161,792 ----a-w c:\windows\SWREG.exe - 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe + 2000-08-31 06:00:00 136,704 ----a-w c:\windows\SWSC.exe - 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe + 2000-08-31 06:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe + 2008-08-20 08:54:00 287,256 ----a-r c:\windows\system32\AbaleZip.dll - 2001-01-22 02:25:24 32,768 -c--a-w c:\windows\system32\ATHPRXY.DLL + 2004-01-29 14:08:23 32,768 ----a-w c:\windows\system32\ATHPRXY.DLL + 2008-12-05 06:57:24 144,896 -c----w c:\windows\system32\dllcache\schannel.dll + 2008-06-17 19:02:15 8,517,632 -c----w c:\windows\system32\dllcache\shell32.dll - 2008-09-15 15:26:07 1,846,528 -c----w c:\windows\system32\dllcache\win32k.sys + 2009-02-09 14:05:54 1,846,912 -c----w c:\windows\system32\dllcache\win32k.sys - 2007-06-11 22:51:12 10,834,944 -c--a-w c:\windows\system32\dllcache\wmp.dll + 2008-11-11 17:34:42 10,838,016 -c--a-w c:\windows\system32\dllcache\wmp.dll - 1999-10-18 02:01:42 1,129,232 -c--a-w c:\windows\system32\FM20.DLL + 2003-09-25 11:07:00 1,139,472 ----a-w c:\windows\system32\FM20.DLL - 2001-02-21 10:02:06 29,456 -c--a-w c:\windows\system32\FM20FRA.DLL + 2003-10-29 13:05:10 28,672 ----a-w c:\windows\system32\FM20FRA.DLL - 2008-11-05 11:20:59 172,280 ----a-w c:\windows\system32\FNTCACHE.DAT + 2009-03-14 07:10:22 175,464 ----a-w c:\windows\system32\FNTCACHE.DAT - 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe + 2009-02-25 11:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe - 2008-12-11 19:45:43 59,916 -c--a-w c:\windows\system32\perfc009.dat + 2009-03-29 07:46:30 59,916 ----a-w c:\windows\system32\perfc009.dat - 2008-12-11 19:45:43 73,260 -c--a-w c:\windows\system32\perfc00C.dat + 2009-03-29 07:46:30 73,260 ----a-w c:\windows\system32\perfc00C.dat - 2008-12-11 19:45:43 397,696 -c--a-w c:\windows\system32\perfh009.dat + 2009-03-29 07:46:30 397,696 ----a-w c:\windows\system32\perfh009.dat - 2008-12-11 19:45:43 464,892 -c--a-w c:\windows\system32\perfh00C.dat + 2009-03-29 07:46:30 464,892 ----a-w c:\windows\system32\perfh00C.dat - 2008-04-14 02:33:40 144,384 ----a-w c:\windows\system32\schannel.dll + 2008-12-05 06:57:24 144,896 ----a-w c:\windows\system32\schannel.dll - 2008-04-14 02:33:41 8,517,632 ----a-w c:\windows\system32\shell32.dll + 2008-06-17 19:02:15 8,517,632 ----a-w c:\windows\system32\shell32.dll - 2008-07-09 07:40:22 18,296 ------w c:\windows\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll - 2007-08-10 06:18:14 26,488 -c--a-w c:\windows\system32\spupdsvc.exe + 2007-07-27 08:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe - 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\system32\win32k.sys + 2009-02-09 14:05:54 1,846,912 ----a-w c:\windows\system32\win32k.sys - 2007-06-11 22:51:12 10,834,944 ----a-w c:\windows\system32\wmp.dll + 2008-11-11 17:34:42 10,838,016 ----a-w c:\windows\system32\wmp.dll - 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe + 2000-08-31 06:00:00 49,152 ----a-w c:\windows\VFIND.exe + 2008-08-20 08:54:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_6e85597b\ATL80.dll + 2008-08-20 08:54:00 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcm80.dll + 2008-08-20 08:54:00 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcp80.dll + 2008-08-20 08:54:00 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll + 2007-11-06 19:23:58 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 00:19:34 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 00:19:34 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2008-04-15 17:49:31 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll - 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe + 2000-08-31 06:00:00 68,096 ----a-w c:\windows\zip.exe . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864] "JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576] "avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-03-01 78008] "hpqSRMon"="d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "Corel Photo Downloader"="c:\program files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272] "nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - d:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "d:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "d:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "d:\\Program Files\\Zattoo\\zattood.exe"= "d:\\Program Files\\Zattoo\\Zattoo1.exe"= "d:\\Program Files\\SecondLife\\SLVoice.exe"= "d:\\Program Files\\Vuze\\Azureus.exe"= "d:\\Program Files\\eChanblard\\emule.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"= "d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "31336:TCP"= 31336:TCP:adsltv S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78cdbb55-9fa2-11dd-95f7-d9ab3be3e37b}] \Shell\Auto\command - cxfgamhao.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL . Contenu du dossier 'Tâches planifiées' 2009-03-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.ustart.org mStart Page = hxxp://www.ustart.org uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=%s IE: E&xporter vers Microsoft Excel - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-30 13:50:23 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1935655697-1364589140-1801674531-1004\Software\SecuROM\License information*] "datasecu"=hex:d8,69,ec,3a,82,0e,ee,c7,d8,28,20,89,8e,1d,76,ba,c1,4c,3a,2c,40, 5a,bb,0b,1f,4a,15,ac,cc,95,d1,4f,ce,59,0f,1b,25,30,bd,58,e3,bd,83,31,13,4d,\ "rkeysecu"=hex:27,b1,27,38,9b,e2,2e,93,76,ca,4a,07,08,8b,e2,e8 . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\rundll32.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PSIService.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe c:\program files\Windows Live\Contacts\wlcomm.exe d:\program files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************************************** . Heure de fin: 2009-03-30 13:52:05 - La machine a redémarré ComboFix-quarantined-files.txt 2009-03-30 11:51:36 ComboFix2.txt 2009-03-01 18:56:13 Avant-CF: 13 065 318 400 octets libres Après-CF: 13,883,219,968 octets libres Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 327 --- E O F --- 2009-03-18 12:31:41

Scan combofix apres un souci antivirus

Réponse 21 / 27

CED

c fait mais jai pas de rapport

Utilisateur anonyme

Re
Aprés avoir fixer ;on quitte hijackthis
Et on le relance pour une nouvelle analyse.

Réponse 22 / 27

CED

le probleme c que jai plus les fichier que tu ma demandé de fixer

Utilisateur anonyme

Re
Poste le scan hijackthis merci

Réponse 23 / 27

CED

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:28, on 08/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Landwirtschafts-Simulator 2009\game.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: MaxTV.lnk = D:\Program Files\DMV\MaxTV4\maxtv.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

Utilisateur anonyme

Re
Impeccable
1)Télécharges tools cleaner afin de supprimer les logiciels de désinfection inutiles

---> Télécharge Toolscleaner sur ton Bureau.
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
* Double-clique sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport.
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

2)Ensuite dis moi si tu as encore des problèmes

Réponse 24 / 27

CED

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\hijackthis.log: trouvé !
C:\TB.txt: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\ced\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\ced\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\ced\Bureau\Ad-remover.lnk: trouvé !
C:\Documents and Settings\ced\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\ced\Menu Démarrer\Programmes\Ad-remover: trouvé !
C:\Documents and Settings\ced\Recent\HijackThis.lnk: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\Ad-remover\TOOLS\BACKUP\Ad-R.exe: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\ced\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\ced\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\ced\Bureau\Ad-remover.lnk: supprimé !
C:\Documents and Settings\ced\Bureau\ToolBarSD.exe: supprimé !
C:\Documents and Settings\ced\Recent\HijackThis.lnk: supprimé !
C:\Program Files\Ad-remover\TOOLS\BACKUP\Ad-R.exe: supprimé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\hijackthis.log: supprimé !
C:\TB.txt: supprimé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\ced\Menu Démarrer\Programmes\Ad-remover: supprimé !
C:\Program Files\Ad-remover: supprimé !
C:\Program Files\trend micro\HijackThis: ERREUR DE SUPPRESSION !!

Utilisateur anonyme

Re
Supprime manuellementceci:
C:\Program Files\trend micro\HijackThis

Ton PC va bien?

Réponse 25 / 27

CED

c bon. sinon tu conseille quoi comme antivirus jai avast

Utilisateur anonyme

Re

Tu as le choix entre :

1)Antivir(français):http://www.commentcamarche.net/telecharger/telecharger 55 antivir personal.

Tuto ici:http://www.libellules.ch/tuto_antivir.php

2)AVG 8.5(anglais):https://www.avg.com/fr-fr/free-antivirus-download?prd=afe

Réponse 26 / 27

CED

avast c pas bon ou kaspersky

Utilisateur anonyme

Re
A choisir en gratuit:Antivir ou AVG 8.5
payant:kaspersky

Réponse 27 / 27

CED

ok ben je te remerci pour toute ton aide et a+

Scan combofix apres un souci antivirus - Page 2

Discussions similaires

Newsletters