Sujet Précédent Sujet Suivant

Rapport Hijackthis

Chayan -  
 Chayan -
Salut les gars,

Jme suis acheté un portable Acer avec vista et j'ai noté quelques anomalies:
-Cession qui se verrouille toute seul (sans avoir mis l'ecran de veille)
-Icones du bureau qui disparaissent au démarrage
-Impossibilité de lire les images .gif
-Icone audio Ffdshow manquante lors de lecture de tous les fichiers audio
- et enfin pc qui rame un peu (plusieures heures pour deplacer des films dans un autre dossier!)

J'ai annalysé avec Malwarebite et Avira antivir et hier j'ai installé une livebox de chez orange.
Pouvez-vous jetter un oeil sur mon rapport hijackthis?
Merci de votre aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:41, on 05/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program files\P4G\BatteryLife.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\microsoft shared\Works Shared\WkUFind.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus.msn.com&ocid=ASUDHP&pc=ASU2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF4017CF-0E97-4E5A-92D7-0CE4B708EC12}: NameServer = 192.168.1.1
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
End of file - 8721 bytes
A voir également:

3 réponses

Réponse 1 / 3
Lck
 
Ton log est correct.

Installe ComboFix : https://forospyware.com

Cliquez sur le bouton Enregistrer, puis lorsqu'il vous est demandé à quel emplacement l'enregistrer, assurez-vous de l'enregistrer directement sur votre Bureau Windows.

# Fermez toutes les fenêtres de programme ouvertes, y compris celle-ci.
# Fermez ou désactivez tous les programmes Antivirus, Antispyware, ainsi que tout pare-feu en cours d'exécution car ils pourraient perturber le fonctionnement de ComboFix.

Lance ComboFix via l'icône du bureau.

Si une fenêtre "Limitation de garantie du logiciel" de ComboFix" s'ouvre, clic sur Oui.

ComboFix: Console de récupération, clic aussi sur Oui.

ComboFix: fin d'installation de la Console de récupération, clic aussi sur Oui.

Le programme va ensuite se lancer tout seul, ne touche à rien et patiente jusqu'à la fin.

Poste ensuite ton rapport qui est dans C:\COMBOFIX.txt
0
Chayan
 
Merci pr ton aide.A quoii cela me servirai de faire ce que tu m'as dit?
0
Réponse 2 / 3
Lck
 
Ca va permettre de voir ce qu'il y a de mauvais en fournissant un rapport, voire supprimer certaines nuisibles.
0
Réponse 3 / 3
Lck
 
Certains nuisibles*
0
Chayan
 
Voilà j'ai fait cke tu m'as dit.Ca a pris du temps.

ComboFix 09-11-05.01 - ùj 05/11/2009 21:52.1.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.1776 [GMT 1:00]
Lancé depuis: c:\users\ùj\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-10-05 au 2009-11-05 ))))))))))))))))))))))))))))))))))))
.

2009-11-05 21:15 . 2009-11-05 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-05 16:16 . 2009-11-05 16:16 -------- d-----w- c:\program files\Trend Micro
2009-11-05 10:29 . 2009-11-05 20:27 4096 d-----w- c:\program files\FairUse Wizard 2
2009-11-04 18:16 . 2006-11-28 19:46 28224 ----a-w- c:\windows\system32\drivers\PCAMp50.sys
2009-11-04 18:16 . 2006-11-28 19:46 27072 ----a-w- c:\windows\system32\drivers\PCASp50.sys
2009-11-04 18:15 . 2009-11-04 18:15 -------- d-----w- c:\program files\Securitoo
2009-11-04 18:14 . 2007-12-11 19:22 65536 ----a-w- c:\windows\system32\Autodial2000.dll
2009-11-04 18:14 . 2009-11-04 18:36 4096 d-----w- c:\program files\OrangeHSS
2009-11-04 18:13 . 2009-11-04 18:13 -------- d-----w- c:\program files\Common Files\France Telecom
2009-11-04 18:13 . 2003-03-19 04:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-10-29 11:51 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-29 11:51 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-29 11:51 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-29 11:51 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-29 11:51 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-29 11:51 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-29 11:51 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-29 11:51 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-29 11:51 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-29 10:08 . 2009-10-29 10:08 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-29 10:07 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-10-29 10:03 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-10-27 23:58 . 2009-10-28 00:00 4096 d-----w- c:\program files\QuickTime
2009-10-27 23:58 . 2009-10-27 23:58 -------- d-----w- c:\programdata\Apple Computer
2009-10-27 23:54 . 2009-10-27 23:54 -------- d-----w- c:\program files\Common Files\Apple
2009-10-27 23:54 . 2009-10-27 23:54 4096 d-----w- c:\program files\Apple Software Update
2009-10-27 23:54 . 2009-10-27 23:54 -------- d-----w- c:\programdata\Apple
2009-10-27 18:56 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 18:56 . 2009-09-10 15:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-26 12:44 . 2002-11-18 15:02 40960 ----a-w- c:\windows\system32\MMAVILNG.exe
2009-10-26 12:44 . 2009-10-26 12:46 -------- d-----w- c:\program files\Morgan
2009-10-23 15:03 . 2009-10-23 15:03 16384 d-----w- c:\temp\HP_WebRelease
2009-10-23 15:03 . 2009-10-23 15:03 -------- d-----w- C:\temp
2009-10-23 13:46 . 2009-10-23 13:47 8192 d-----w- c:\program files\Microsoft Picture It! 9
2009-10-22 12:47 . 2009-10-22 12:51 160634 ----a-w- c:\windows\hpqins00.dat
2009-10-22 12:45 . 2009-10-22 12:45 -------- d-----w- c:\programdata\HP Product Assistant
2009-10-22 09:44 . 2009-10-22 09:44 -------- d-----w- c:\windows\Hewlett-Packard
2009-10-21 17:15 . 2009-10-21 17:15 -------- d-----w- c:\program files\MSXML 4.0
2009-10-21 13:09 . 2009-10-21 13:09 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-10-20 19:41 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-10-20 19:41 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-10-20 19:41 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-10-20 19:41 . 2009-10-17 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-20 19:41 . 2009-10-20 19:42 4096 d-----w- c:\program files\K-Lite Codec Pack
2009-10-20 17:01 . 2009-10-20 17:01 -------- d-----w- c:\programdata\WEBREG
2009-10-20 16:58 . 2009-10-20 16:58 -------- d-----w- c:\programdata\HPSSUPPLY
2009-10-20 16:54 . 2009-10-20 16:54 -------- d-----w- c:\program files\Hewlett-Packard
2009-10-20 16:54 . 2009-10-20 16:54 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-10-20 16:53 . 2009-10-23 15:50 -------- d-----w- c:\program files\Common Files\HP
2009-10-20 16:46 . 2009-10-23 15:50 4096 d-----w- c:\program files\HP
2009-10-20 16:44 . 2009-10-23 15:53 163790 ----a-w- c:\windows\hpoins19.dat
2009-10-20 16:44 . 2009-10-21 08:37 4096 d-----w- c:\programdata\HP
2009-10-20 16:44 . 2006-12-16 06:19 675840 ----a-w- c:\windows\system32\hpowiav1.dll
2009-10-20 16:44 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll
2009-10-20 16:44 . 2006-11-20 21:36 258048 ----a-w- c:\windows\system32\hpzids01.dll
2009-10-20 16:44 . 2006-12-16 06:19 897024 ----a-w- c:\windows\system32\hpotiop1.dll
2009-10-20 16:43 . 2007-03-13 19:55 26952 ------w- c:\windows\hpomdl19.dat
2009-10-19 12:02 . 2009-10-19 12:02 -------- d-----w- c:\programdata\ASUS
2009-10-19 12:02 . 2008-07-01 14:09 100920 ----a-w- c:\programdata\ASUS\NB Probe\GetUserinfo.exe
2009-10-18 17:21 . 2009-10-21 08:34 8192 d-----w- c:\program files\ffdshow
2009-10-18 16:59 . 2009-08-28 16:33 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2009-10-18 16:59 . 2009-03-28 14:30 312320 ----a-w- c:\windows\system32\proppage.dll
2009-10-18 16:59 . 2009-10-18 16:59 8192 d-----w- c:\program files\Media Control
2009-10-18 16:59 . 2009-03-28 14:30 655872 ----a-w- c:\windows\system32\msvcr90.dll
2009-10-18 16:44 . 2009-10-18 16:44 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-18 16:44 . 2009-10-18 16:44 -------- d-----w- c:\program files\Real
2009-10-18 16:44 . 2009-10-18 16:44 4096 d-----w- c:\program files\Common Files\Real
2009-10-18 16:34 . 2009-10-20 19:30 -------- d-----w- c:\program files\VideoLAN
2009-10-17 17:29 . 2009-10-17 17:29 -------- d-----w- c:\windows\system32\Adobe
2009-10-17 17:01 . 2009-10-17 17:01 4096 d-----w- c:\program files\Common Files\PX Storage Engine
2009-10-17 16:58 . 2009-10-17 17:00 4096 d-----w- c:\program files\Common Files\DivX Shared
2009-10-17 16:58 . 2009-10-17 17:01 8192 d-----w- c:\program files\DivX
2009-10-17 04:15 . 2009-10-17 04:15 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-16 18:45 . 2009-10-27 23:18 4096 d-----w- c:\program files\PeerGuardian2
2009-10-16 15:37 . 2009-10-16 15:40 8192 d-----w- c:\program files\eMule
2009-10-16 14:54 . 2009-10-16 15:02 4096 d-----w- c:\program files\Satsuki Decoder Pack
2009-10-16 13:49 . 2009-10-16 13:49 0 ----a-w- c:\windows\nsreg.dat
2009-10-15 20:49 . 2009-10-15 20:49 -------- d-----w- c:\programdata\Messenger Plus!
2009-10-15 19:44 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-15 19:26 . 2009-10-15 19:26 4096 d-----w- c:\program files\Messenger Plus! Live
2009-10-15 13:14 . 2009-10-15 13:14 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-10-14 19:46 . 2009-10-14 19:46 -------- d-----w- c:\program files\Auslogics
2009-10-14 17:26 . 2009-10-14 17:26 279172 ----a-w- c:\programdata\eSellerate\eWebClient.dll
2009-10-14 17:26 . 2009-10-14 17:26 -------- d-----w- c:\programdata\eSellerate
2009-10-14 17:26 . 2009-10-14 17:26 -------- d-----w- c:\program files\Common Files\eSellerate
2009-10-14 17:25 . 2009-10-14 17:25 -------- d-----w- c:\windows\system32\EWS
2009-10-14 17:17 . 2009-10-14 17:17 -------- d-----w- c:\program files\adni18
2009-10-14 17:17 . 2009-10-14 17:17 729686 ----a-w- c:\windows\system32\Alpha Galaxy 1280.scr
2009-10-14 14:35 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-14 14:35 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-14 14:35 . 2009-10-14 14:35 -------- d-----w- c:\programdata\Avira
2009-10-14 14:35 . 2009-10-14 14:35 -------- d-----w- c:\program files\Avira
2009-10-14 14:32 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-14 14:12 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-14 14:12 . 2009-10-14 14:12 -------- d-----w- c:\programdata\Malwarebytes
2009-10-14 14:12 . 2009-10-14 14:12 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-14 14:12 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 12:44 . 2006-11-10 14:05 240640 ----a-w- c:\windows\system32\uxtheme.dll
2009-10-14 12:44 . 2006-11-10 14:03 615424 ----a-w- c:\windows\system32\themeui.dll
2009-10-14 11:01 . 2009-10-14 11:01 -------- d-----w- c:\program files\CCleaner
2009-10-14 10:54 . 2009-10-14 10:54 -------- d-----w- c:\program files\VS Revo Group
2009-10-14 10:47 . 2009-10-14 10:47 4096 d-----w- c:\program files\IZArc
2009-10-12 22:02 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-12 21:15 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-10-12 21:15 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-10-12 21:15 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-10-12 21:15 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-10-12 21:15 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-10-12 21:15 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-10-12 21:15 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-10-12 21:09 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-10-12 21:09 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-10-12 21:08 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-10-12 21:08 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-10-12 21:08 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-10-12 21:01 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-10-12 21:01 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-10-12 21:01 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-10-12 21:01 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-10-12 21:01 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-10-12 21:01 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-10-12 21:01 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-10-12 21:01 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-10-12 21:01 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-10-12 21:01 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-05 21:24 . 2009-08-19 23:05 45056 ----a-w- c:\windows\system32\acovcnt.exe
2009-11-05 09:53 . 2008-04-16 11:26 659556 ----a-w- c:\windows\system32\perfh013.dat
2009-11-05 09:53 . 2008-04-16 11:26 127108 ----a-w- c:\windows\system32\perfc013.dat
2009-11-05 09:53 . 2008-04-16 11:21 655938 ----a-w- c:\windows\system32\perfh010.dat
2009-11-05 09:53 . 2008-04-16 11:21 120594 ----a-w- c:\windows\system32\perfc010.dat
2009-11-05 09:53 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-05 09:53 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-21 13:17 . 2009-08-19 21:46 65536 d-----w- c:\programdata\Microsoft Help
2009-10-19 12:22 . 2009-08-19 22:04 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2009-10-19 12:20 . 2009-08-19 22:03 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-10-19 12:04 . 2009-08-19 22:10 4096 d-----w- c:\program files\ASUS
2009-10-19 12:03 . 2009-08-19 22:04 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-10-15 19:42 . 2009-10-15 19:41 -------- d-----w- c:\program files\Common Files\InterVideo
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\InterVideo
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\InterActual
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\Creative
2009-10-15 17:39 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-14 14:24 . 2009-08-19 22:06 -------- d-----w- c:\programdata\Norton
2009-10-14 13:40 . 2009-10-14 13:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-10-12 21:39 . 2009-08-19 21:54 4096 d-----w- c:\program files\Microsoft Works
2009-10-12 20:53 . 2009-08-19 22:06 -------- d-----w- c:\programdata\Symantec
2009-10-10 22:34 . 2009-10-10 22:34 84 ---ha-w- c:\programdata\aspg.dat
2009-09-25 16:41 . 2009-09-25 16:41 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-09-25 16:41 . 2009-09-25 16:41 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41 . 2009-09-25 16:41 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-09-25 16:41 . 2009-09-25 16:41 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-09-25 16:41 . 2009-09-25 16:41 696320 ----a-w- c:\windows\system32\DivX.dll
2009-09-14 09:44 . 2009-10-15 11:35 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-10 17:30 . 2009-10-15 11:35 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 12:24 . 2009-10-15 11:35 61440 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 13:55 . 2009-10-15 11:35 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-08-31 13:55 . 2009-10-15 11:35 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-08-28 12:39 . 2009-10-12 21:00 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-10-12 21:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 13:32 . 2009-10-15 11:35 833024 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 13:29 . 2009-10-15 11:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-27 10:58 . 2009-10-15 11:35 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-19 22:57 . 2009-08-19 22:57 3054136 ----a-w- c:\windows\AsScrPro.exe
2009-08-19 22:57 . 2009-08-19 22:57 520192 ----a-w- c:\windows\system32\Asus_Camera_ScreenSaver.scr
2009-08-19 22:57 . 2009-08-19 22:57 4814371 ----a-w- c:\windows\ASUS Camera ScreenSaver.exe
2009-08-19 22:57 . 2009-08-19 22:57 47672 ----a-w- c:\windows\AsScrProlog.exe
2009-08-19 22:57 . 2009-08-19 22:57 281144 ----a-w- c:\windows\ASUS Camera ScreenSaver Uninstaller.exe
2009-08-19 22:53 . 2009-08-19 22:53 30264 ----a-w- c:\windows\system32\drivers\AsDsm.sys
2009-08-19 22:49 . 2009-08-19 22:49 0 ----a-w- c:\windows\ativpsrm.bin
2009-08-19 22:48 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-19 22:29 . 2009-08-19 22:29 636928 ----a-w- c:\windows\system32\localspl.dll
2009-08-19 22:29 . 2009-08-19 22:29 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-08-19 22:28 . 2009-08-19 22:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-08-19 22:24 . 2009-08-19 22:24 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-08-19 22:24 . 2009-08-19 22:24 24064 ----a-w- c:\windows\system32\amxread.dll
2009-08-19 22:24 . 2009-08-19 22:24 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-08-19 22:23 . 2009-08-19 22:23 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-08-19 22:23 . 2009-08-19 22:23 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-08-19 22:23 . 2009-08-19 22:23 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-08-19 22:23 . 2009-08-19 22:23 54784 ----a-w- c:\windows\system32\iasads.dll
2009-08-19 22:23 . 2009-08-19 22:23 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-08-19 22:23 . 2009-08-19 22:23 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2009-08-19 22:23 . 2009-08-19 22:23 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-08-19 22:23 . 2009-08-19 22:23 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-08-19 22:23 . 2009-08-19 22:23 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-08-19 22:23 . 2009-08-19 22:23 98304 ----a-w- c:\windows\system32\iasrecst.dll
2009-08-19 22:23 . 2009-08-19 22:23 183296 ----a-w- c:\windows\system32\sdohlp.dll
2009-08-19 22:23 . 2009-08-19 22:23 17408 ----a-w- c:\windows\system32\iashost.exe
2009-08-19 22:22 . 2009-08-19 22:22 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-08-19 22:22 . 2009-08-19 22:22 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-08-19 22:17 . 2009-08-19 22:17 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-08-19 22:16 . 2009-08-19 22:16 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-08-19 22:16 . 2009-08-19 22:16 94720 ----a-w- c:\windows\system32\logagent.exe
2009-08-19 22:14 . 2009-08-19 22:14 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-08-19 22:14 . 2009-08-19 22:14 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-08-19 22:14 . 2009-08-19 22:14 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-08-19 22:14 . 2009-08-19 22:14 347648 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-08-19 22:09 . 2009-08-19 22:09 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-08-19 22:09 . 2009-08-19 22:09 2927104 ----a-w- c:\windows\explorer.exe
2009-08-19 22:08 . 2009-08-19 22:08 1645568 ----a-w- c:\windows\system32\connect.dll
2009-08-19 22:07 . 2009-08-19 22:07 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-08-19 22:07 . 2009-08-19 22:07 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-08-19 22:06 . 2009-08-19 22:06 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-08-19 22:06 . 2009-08-19 22:06 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-08-19 22:03 . 2009-08-19 22:03 53319 ----a-w- c:\programdata\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
2009-08-19 22:00 . 2009-08-19 22:00 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-08-19 21:59 . 2009-08-19 21:59 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-08-19 21:59 . 2009-08-19 21:59 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2009-08-19 21:59 . 2009-08-19 21:59 45056 ----a-w- c:\windows\system32\dataclen.dll
2009-08-19 21:59 . 2009-08-19 21:59 36864 ----a-w- c:\windows\system32\cdd.dll
2009-08-19 21:59 . 2009-08-19 21:59 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-08-19 21:56 . 2009-08-19 21:56 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-08-19 21:55 . 2009-08-19 21:55 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-08-19 21:55 . 2009-08-19 21:55 269312 ----a-w- c:\windows\system32\es.dll
2009-08-19 21:53 . 2009-08-19 21:53 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-08-19 21:53 . 2009-08-19 21:53 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-08-19 21:53 . 2009-08-19 21:53 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-08-19 21:52 . 2009-08-19 21:52 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-08-19 21:52 . 2009-08-19 21:52 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-08-19 21:51 . 2009-08-19 21:51 180224 ----a-w- c:\windows\system32\scrobj.dll
2009-08-19 21:51 . 2009-08-19 21:51 172032 ----a-w- c:\windows\system32\scrrun.dll
2009-08-19 21:51 . 2009-08-19 21:51 155648 ----a-w- c:\windows\system32\wscript.exe
2009-08-19 21:51 . 2009-08-19 21:51 135168 ----a-w- c:\windows\system32\cscript.exe
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2006-11-10 . 921D359C1168867B515C219ACCED9609 . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-03 8105984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-19 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-30 1392640]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 540576]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-19 47672]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-19 3054136]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-18 198160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{567C654B-7FE9-4970-8323-56E8191D1941}\_71A97E24F422AA49EDBF39.exe [2009-8-19 12862]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2009-10-15 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [19/08/2009 23:54 15416]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [14/10/2009 15:35 108289]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [07/04/2009 18:04 70880]
R3 amdkmdag;amdkmdag;c:\windows\System32\drivers\atipmdag.sys [19/03/2009 04:06 4386304]
R3 amdkmdap;amdkmdap;c:\windows\System32\drivers\atikmpag.sys [19/03/2009 02:33 93184]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys [21/04/2009 11:43 90112]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\System32\drivers\SRS_PremiumSound_i386.sys [19/08/2009 23:54 233128]
R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [19/08/2009 23:25 22072]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\System32\drivers\viahduaa.sys [28/04/2009 04:16 1019392]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29/10/2009 11:07 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [04/11/2009 19:16 28224]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.duxet.com/
mStart Page = hxxp://www.duxet.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {BF4017CF-0E97-4E5A-92D7-0CE4B708EC12} = 192.168.1.1
FF - ProfilePath - c:\users\ùj\AppData\Roaming\Mozilla\Firefox\Profiles\ph8jk4ra.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-05 22:27
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????

Recherche de fichiers cachés ...


C:\ADSM_PData_0150

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5460)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\Ati2evxx.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Net4Switch\Net4Switch.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\presentationsettings.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\progra~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\OrangeHSS\systray\systrayapp.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Heure de fin: 2009-11-05 22:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-05 21:36

Avant-CF: 154 365 259 776 octets libres
Après-CF: 154 047 463 424 octets libres

- - End Of File - - E8BCF2A870075A0113084652BC3D0F72
0
Chayan
 
Voilà j'ai fait cke tu m'as dit.Ca a pris du temps.

ComboFix 09-11-05.01 - ùj 05/11/2009 21:52.1.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.1776 [GMT 1:00]
Lancé depuis: c:\users\ùj\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-10-05 au 2009-11-05 ))))))))))))))))))))))))))))))))))))
.

2009-11-05 21:15 . 2009-11-05 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-05 16:16 . 2009-11-05 16:16 -------- d-----w- c:\program files\Trend Micro
2009-11-05 10:29 . 2009-11-05 20:27 4096 d-----w- c:\program files\FairUse Wizard 2
2009-11-04 18:16 . 2006-11-28 19:46 28224 ----a-w- c:\windows\system32\drivers\PCAMp50.sys­
2009-11-04 18:16 . 2006-11-28 19:46 27072 ----a-w- c:\windows\system32\drivers\PCASp50.sys­
2009-11-04 18:15 . 2009-11-04 18:15 -------- d-----w- c:\program files\Securitoo
2009-11-04 18:14 . 2007-12-11 19:22 65536 ----a-w- c:\windows\system32\Autodial2000.dll
2009-11-04 18:14 . 2009-11-04 18:36 4096 d-----w- c:\program files\OrangeHSS
2009-11-04 18:13 . 2009-11-04 18:13 -------- d-----w- c:\program files\Common Files\France Telecom
2009-11-04 18:13 . 2003-03-19 04:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-10-29 11:51 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-29 11:51 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-29 11:51 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-29 11:51 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-29 11:51 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-29 11:51 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-29 11:51 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-29 11:51 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-29 11:51 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-29 10:08 . 2009-10-29 10:08 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-29 10:07 . 2009-08-05 21:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys­
2009-10-29 10:03 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-10-27 23:58 . 2009-10-28 00:00 4096 d-----w- c:\program files\QuickTime
2009-10-27 23:58 . 2009-10-27 23:58 -------- d-----w- c:\programdata\Apple Computer
2009-10-27 23:54 . 2009-10-27 23:54 -------- d-----w- c:\program files\Common Files\Apple
2009-10-27 23:54 . 2009-10-27 23:54 4096 d-----w- c:\program files\Apple Software Update
2009-10-27 23:54 . 2009-10-27 23:54 -------- d-----w- c:\programdata\Apple
2009-10-27 18:56 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 18:56 . 2009-09-10 15:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-26 12:44 . 2002-11-18 15:02 40960 ----a-w- c:\windows\system32\MMAVILNG.exe
2009-10-26 12:44 . 2009-10-26 12:46 -------- d-----w- c:\program files\Morgan
2009-10-23 15:03 . 2009-10-23 15:03 16384 d-----w- c:\temp\HP_WebRelease
2009-10-23 15:03 . 2009-10-23 15:03 -------- d-----w- C:\temp
2009-10-23 13:46 . 2009-10-23 13:47 8192 d-----w- c:\program files\Microsoft Picture It! 9
2009-10-22 12:47 . 2009-10-22 12:51 160634 ----a-w- c:\windows\hpqins00.dat
2009-10-22 12:45 . 2009-10-22 12:45 -------- d-----w- c:\programdata\HP Product Assistant
2009-10-22 09:44 . 2009-10-22 09:44 -------- d-----w- c:\windows\Hewlett-Packard
2009-10-21 17:15 . 2009-10-21 17:15 -------- d-----w- c:\program files\MSXML 4.0
2009-10-21 13:09 . 2009-10-21 13:09 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-10-20 19:41 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-10-20 19:41 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-10-20 19:41 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-10-20 19:41 . 2009-10-17 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-20 19:41 . 2009-10-20 19:42 4096 d-----w- c:\program files\K-Lite Codec Pack
2009-10-20 17:01 . 2009-10-20 17:01 -------- d-----w- c:\programdata\WEBREG
2009-10-20 16:58 . 2009-10-20 16:58 -------- d-----w- c:\programdata\HPSSUPPLY
2009-10-20 16:54 . 2009-10-20 16:54 -------- d-----w- c:\program files\Hewlett-Packard
2009-10-20 16:54 . 2009-10-20 16:54 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-10-20 16:53 . 2009-10-23 15:50 -------- d-----w- c:\program files\Common Files\HP
2009-10-20 16:46 . 2009-10-23 15:50 4096 d-----w- c:\program files\HP
2009-10-20 16:44 . 2009-10-23 15:53 163790 ----a-w- c:\windows\hpoins19.dat
2009-10-20 16:44 . 2009-10-21 08:37 4096 d-----w- c:\programdata\HP
2009-10-20 16:44 . 2006-12-16 06:19 675840 ----a-w- c:\windows\system32\hpowiav1.dll
2009-10-20 16:44 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll
2009-10-20 16:44 . 2006-11-20 21:36 258048 ----a-w- c:\windows\system32\hpzids01.dll
2009-10-20 16:44 . 2006-12-16 06:19 897024 ----a-w- c:\windows\system32\hpotiop1.dll
2009-10-20 16:43 . 2007-03-13 19:55 26952 ------w- c:\windows\hpomdl19.dat
2009-10-19 12:02 . 2009-10-19 12:02 -------- d-----w- c:\programdata\ASUS
2009-10-19 12:02 . 2008-07-01 14:09 100920 ----a-w- c:\programdata\ASUS\NB Probe\GetUserinfo.exe
2009-10-18 17:21 . 2009-10-21 08:34 8192 d-----w- c:\program files\ffdshow
2009-10-18 16:59 . 2009-08-28 16:33 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2009-10-18 16:59 . 2009-03-28 14:30 312320 ----a-w- c:\windows\system32\proppage.dll
2009-10-18 16:59 . 2009-10-18 16:59 8192 d-----w- c:\program files\Media Control
2009-10-18 16:59 . 2009-03-28 14:30 655872 ----a-w- c:\windows\system32\msvcr90.dll
2009-10-18 16:44 . 2009-10-18 16:44 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-18 16:44 . 2009-10-18 16:44 -------- d-----w- c:\program files\Real
2009-10-18 16:44 . 2009-10-18 16:44 4096 d-----w- c:\program files\Common Files\Real
2009-10-18 16:34 . 2009-10-20 19:30 -------- d-----w- c:\program files\VideoLAN
2009-10-17 17:29 . 2009-10-17 17:29 -------- d-----w- c:\windows\system32\Adobe
2009-10-17 17:01 . 2009-10-17 17:01 4096 d-----w- c:\program files\Common Files\PX Storage Engine
2009-10-17 16:58 . 2009-10-17 17:00 4096 d-----w- c:\program files\Common Files\DivX Shared
2009-10-17 16:58 . 2009-10-17 17:01 8192 d-----w- c:\program files\DivX
2009-10-17 04:15 . 2009-10-17 04:15 653560 ----a-w- c:\programdata\Microsoft\eHome\Package­s\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-16 18:45 . 2009-10-27 23:18 4096 d-----w- c:\program files\PeerGuardian2
2009-10-16 15:37 . 2009-10-16 15:40 8192 d-----w- c:\program files\eMule
2009-10-16 14:54 . 2009-10-16 15:02 4096 d-----w- c:\program files\Satsuki Decoder Pack
2009-10-16 13:49 . 2009-10-16 13:49 0 ----a-w- c:\windows\nsreg.dat
2009-10-15 20:49 . 2009-10-15 20:49 -------- d-----w- c:\programdata\Messenger Plus!
2009-10-15 19:44 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-15 19:26 . 2009-10-15 19:26 4096 d-----w- c:\program files\Messenger Plus! Live
2009-10-15 13:14 . 2009-10-15 13:14 -------- d-----w- c:\users\Default\AppData\Local\Micro­soft Help
2009-10-14 19:46 . 2009-10-14 19:46 -------- d-----w- c:\program files\Auslogics
2009-10-14 17:26 . 2009-10-14 17:26 279172 ----a-w- c:\programdata\eSellerate\eWebClient.d­ll
2009-10-14 17:26 . 2009-10-14 17:26 -------- d-----w- c:\programdata\eSellerate
2009-10-14 17:26 . 2009-10-14 17:26 -------- d-----w- c:\program files\Common Files\eSellerate
2009-10-14 17:25 . 2009-10-14 17:25 -------- d-----w- c:\windows\system32\EWS
2009-10-14 17:17 . 2009-10-14 17:17 -------- d-----w- c:\program files\adni18
2009-10-14 17:17 . 2009-10-14 17:17 729686 ----a-w- c:\windows\system32\Alpha Galaxy 1280.scr
2009-10-14 14:35 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sy­s
2009-10-14 14:35 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-14 14:35 . 2009-10-14 14:35 -------- d-----w- c:\programdata\Avira
2009-10-14 14:35 . 2009-10-14 14:35 -------- d-----w- c:\program files\Avira
2009-10-14 14:32 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-14 14:12 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissar­my.sys
2009-10-14 14:12 . 2009-10-14 14:12 -------- d-----w- c:\programdata\Malwarebytes
2009-10-14 14:12 . 2009-10-14 14:12 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-14 14:12 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 12:44 . 2006-11-10 14:05 240640 ----a-w- c:\windows\system32\uxtheme.dll
2009-10-14 12:44 . 2006-11-10 14:03 615424 ----a-w- c:\windows\system32\themeui.dll
2009-10-14 11:01 . 2009-10-14 11:01 -------- d-----w- c:\program files\CCleaner
2009-10-14 10:54 . 2009-10-14 10:54 -------- d-----w- c:\program files\VS Revo Group
2009-10-14 10:47 . 2009-10-14 10:47 4096 d-----w- c:\program files\IZArc
2009-10-12 22:02 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-12 21:15 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRas­terizerNative_v0300.dll
2009-10-12 21:15 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-10-12 21:15 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostPro­xy.dll
2009-10-12 21:15 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-10-12 21:15 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-10-12 21:15 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative­_v0300.dll
2009-10-12 21:15 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.e­xe
2009-10-12 21:09 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-10-12 21:09 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-10-12 21:08 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-10-12 21:08 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-10-12 21:08 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-10-12 21:01 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-10-12 21:01 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-10-12 21:01 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-10-12 21:01 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-10-12 21:01 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-10-12 21:01 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-10-12 21:01 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-10-12 21:01 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-10-12 21:01 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-10-12 21:01 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-05 21:24 . 2009-08-19 23:05 45056 ----a-w- c:\windows\system32\acovcnt.exe
2009-11-05 09:53 . 2008-04-16 11:26 659556 ----a-w- c:\windows\system32\perfh013.dat
2009-11-05 09:53 . 2008-04-16 11:26 127108 ----a-w- c:\windows\system32\perfc013.dat
2009-11-05 09:53 . 2008-04-16 11:21 655938 ----a-w- c:\windows\system32\perfh010.dat
2009-11-05 09:53 . 2008-04-16 11:21 120594 ----a-w- c:\windows\system32\perfc010.dat
2009-11-05 09:53 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-05 09:53 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-21 13:17 . 2009-08-19 21:46 65536 d-----w- c:\programdata\Microsoft Help
2009-10-19 12:22 . 2009-08-19 22:04 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8­-97C5-0009C5020658}\PostBuild.exe
2009-10-19 12:20 . 2009-08-19 22:03 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362­-8A6D-CEFDFB036E41}\PostBuild.exe
2009-10-19 12:04 . 2009-08-19 22:10 4096 d-----w- c:\program files\ASUS
2009-10-19 12:03 . 2009-08-19 22:04 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-10-15 19:42 . 2009-10-15 19:41 -------- d-----w- c:\program files\Common Files\InterVideo
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\InterVideo
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\InterActual
2009-10-15 19:41 . 2009-10-15 19:41 -------- d-----w- c:\program files\Creative
2009-10-15 17:39 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-14 14:24 . 2009-08-19 22:06 -------- d-----w- c:\programdata\Norton
2009-10-14 13:40 . 2009-10-14 13:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMt­pDr_01_00_00.Wdf
2009-10-12 21:39 . 2009-08-19 21:54 4096 d-----w- c:\program files\Microsoft Works
2009-10-12 20:53 . 2009-08-19 22:06 -------- d-----w- c:\programdata\Symantec
2009-10-10 22:34 . 2009-10-10 22:34 84 ---ha-w- c:\programdata\aspg.dat
2009-09-25 16:41 . 2009-09-25 16:41 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-09-25 16:41 . 2009-09-25 16:41 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41 . 2009-09-25 16:41 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-09-25 16:41 . 2009-09-25 16:41 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-09-25 16:41 . 2009-09-25 16:41 696320 ----a-w- c:\windows\system32\DivX.dll
2009-09-14 09:44 . 2009-10-15 11:35 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-10 17:30 . 2009-10-15 11:35 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 12:24 . 2009-10-15 11:35 61440 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 13:55 . 2009-10-15 11:35 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-08-31 13:55 . 2009-10-15 11:35 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-08-28 12:39 . 2009-10-12 21:00 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-10-12 21:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.­dll
2009-08-27 13:32 . 2009-10-15 11:35 833024 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 13:29 . 2009-10-15 11:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-27 10:58 . 2009-10-15 11:35 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-19 22:57 . 2009-08-19 22:57 3054136 ----a-w- c:\windows\AsScrPro.exe
2009-08-19 22:57 . 2009-08-19 22:57 520192 ----a-w- c:\windows\system32\Asus_Camera_Screen­Saver.scr
2009-08-19 22:57 . 2009-08-19 22:57 4814371 ----a-w- c:\windows\ASUS Camera ScreenSaver.exe
2009-08-19 22:57 . 2009-08-19 22:57 47672 ----a-w- c:\windows\AsScrProlog.exe
2009-08-19 22:57 . 2009-08-19 22:57 281144 ----a-w- c:\windows\ASUS Camera ScreenSaver Uninstaller.exe
2009-08-19 22:53 . 2009-08-19 22:53 30264 ----a-w- c:\windows\system32\drivers\AsDsm.sys
2009-08-19 22:49 . 2009-08-19 22:49 0 ----a-w- c:\windows\ativpsrm.bin
2009-08-19 22:48 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-19 22:29 . 2009-08-19 22:29 636928 ----a-w- c:\windows\system32\localspl.dll
2009-08-19 22:29 . 2009-08-19 22:29 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-08-19 22:28 . 2009-08-19 22:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-08-19 22:24 . 2009-08-19 22:24 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-08-19 22:24 . 2009-08-19 22:24 24064 ----a-w- c:\windows\system32\amxread.dll
2009-08-19 22:24 . 2009-08-19 22:24 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-08-19 22:23 . 2009-08-19 22:23 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-08-19 22:23 . 2009-08-19 22:23 666624 ----a-w- c:\windows\system32\printfilterpipelin­esvc.exe
2009-08-19 22:23 . 2009-08-19 22:23 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-08-19 22:23 . 2009-08-19 22:23 54784 ----a-w- c:\windows\system32\iasads.dll
2009-08-19 22:23 . 2009-08-19 22:23 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-08-19 22:23 . 2009-08-19 22:23 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2009-08-19 22:23 . 2009-08-19 22:23 26112 ----a-w- c:\windows\system32\printfilterpipeline­prxy.dll
2009-08-19 22:23 . 2009-08-19 22:23 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-08-19 22:23 . 2009-08-19 22:23 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-08-19 22:23 . 2009-08-19 22:23 98304 ----a-w- c:\windows\system32\iasrecst.dll
2009-08-19 22:23 . 2009-08-19 22:23 183296 ----a-w- c:\windows\system32\sdohlp.dll
2009-08-19 22:23 . 2009-08-19 22:23 17408 ----a-w- c:\windows\system32\iashost.exe
2009-08-19 22:22 . 2009-08-19 22:22 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-08-19 22:22 . 2009-08-19 22:22 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-08-19 22:17 . 2009-08-19 22:17 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-08-19 22:16 . 2009-08-19 22:16 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-08-19 22:16 . 2009-08-19 22:16 94720 ----a-w- c:\windows\system32\logagent.exe
2009-08-19 22:14 . 2009-08-19 22:14 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-08-19 22:14 . 2009-08-19 22:14 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-08-19 22:14 . 2009-08-19 22:14 425472 ----a-w- c:\windows\system32\PhotoMetadataHandl­er.dll
2009-08-19 22:14 . 2009-08-19 22:14 347648 ----a-w- c:\windows\system32\WindowsCodecsExt.d­ll
2009-08-19 22:09 . 2009-08-19 22:09 241152 ----a-w- c:\windows\system32\PortableDeviceApi.­dll
2009-08-19 22:09 . 2009-08-19 22:09 2927104 ----a-w- c:\windows\explorer.exe
2009-08-19 22:08 . 2009-08-19 22:08 1645568 ----a-w- c:\windows\system32\connect.dll
2009-08-19 22:07 . 2009-08-19 22:07 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.s­ys
2009-08-19 22:07 . 2009-08-19 22:07 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-08-19 22:06 . 2009-08-19 22:06 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-08-19 22:06 . 2009-08-19 22:06 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-08-19 22:03 . 2009-08-19 22:03 53319 ----a-w- c:\programdata\Temp\{C59C179C-668D-49A9­-B6EA-0121CCFC1243}\PostBuild.exe
2009-08-19 22:00 . 2009-08-19 22:00 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-08-19 21:59 . 2009-08-19 21:59 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sy­s
2009-08-19 21:59 . 2009-08-19 21:59 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2009-08-19 21:59 . 2009-08-19 21:59 45056 ----a-w- c:\windows\system32\dataclen.dll
2009-08-19 21:59 . 2009-08-19 21:59 36864 ----a-w- c:\windows\system32\cdd.dll
2009-08-19 21:59 . 2009-08-19 21:59 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-08-19 21:56 . 2009-08-19 21:56 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-08-19 21:55 . 2009-08-19 21:55 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-08-19 21:55 . 2009-08-19 21:55 269312 ----a-w- c:\windows\system32\es.dll
2009-08-19 21:53 . 2009-08-19 21:53 801280 ----a-w- c:\windows\system32\NaturalLanguage6.d­ll
2009-08-19 21:53 . 2009-08-19 21:53 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.d­ll
2009-08-19 21:53 . 2009-08-19 21:53 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.­dll
2009-08-19 21:52 . 2009-08-19 21:52 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-08-19 21:52 . 2009-08-19 21:52 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-08-19 21:51 . 2009-08-19 21:51 180224 ----a-w- c:\windows\system32\scrobj.dll
2009-08-19 21:51 . 2009-08-19 21:51 172032 ----a-w- c:\windows\system32\scrrun.dll
2009-08-19 21:51 . 2009-08-19 21:51 155648 ----a-w- c:\windows\system32\wscript.exe
2009-08-19 21:51 . 2009-08-19 21:51 135168 ----a-w- c:\windows\system32\cscript.exe
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2006-11-10 . 921D359C1168867B515C219ACCED9609 . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-03 8105984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-19 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-30 1392640]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 540576]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-19 47672]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-19 3054136]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-18 198160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{567C654B-7FE9-4970-8323-56E8191D1941}\_71A97E24F422AA49EDBF39.exe [2009-8-19 12862]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2009-10-15 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [19/08/2009 23:54 15416]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [14/10/2009 15:35 108289]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [07/04/2009 18:04 70880]
R3 amdkmdag;amdkmdag;c:\windows\System32\drivers\atipmdag.sys [19/03/2009 04:06 4386304]
R3 amdkmdap;amdkmdap;c:\windows\System32\drivers\atikmpag.sys [19/03/2009 02:33 93184]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys [21/04/2009 11:43 90112]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\System32\drivers\SRS_PremiumSound_i386.sys [19/08/2009 23:54 233128]
R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [19/08/2009 23:25 22072]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\System32\drivers\viahduaa.sys [28/04/2009 04:16 1019392]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29/10/2009 11:07 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [04/11/2009 19:16 28224]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.duxet.com/
mStart Page = hxxp://www.duxet.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {BF4017CF-0E97-4E5A-92D7-0CE4B708EC12} = 192.168.1.1
FF - ProfilePath - c:\users\ùj\AppData\Roaming\Mozilla\Firefox\Profiles\ph8jk4ra.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-05 22:27
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????

Recherche de fichiers cachés ...


C:\ADSM_PData_0150

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(5460)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\Ati2evxx.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Net4Switch\Net4Switch.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\presentationsettings.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\progra~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\OrangeHSS\systray\systrayapp.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Heure de fin: 2009-11-05 22:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-05 21:36

Avant-CF: 154 365 259 776 octets libres
Après-CF: 154 047 463 424 octets libres

- - End Of File - - E8BCF2A870075A0113084652BC3D0F72
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses