Sujet Précédent Sujet Suivant

Impossible installer antivirus

Fermé
Eysteban Messages postés 1 Date d'inscription mardi 28 septembre 2010 Statut Membre Dernière intervention 28 septembre 2010 - 28 sept. 2010 à 19:58
zigzag84 Messages postés 232 Date d'inscription dimanche 7 février 2010 Statut Membre Dernière intervention 20 novembre 2012 - 28 sept. 2010 à 20:00
Bonjour,

Je n'arrive à installer aucun antivirus, je pense que mon pc est infecté par Bagle. J'ai besoin de votre aide, voici le rapport Combofix.


ComboFix 10-09-27.05 - Propriétaire 28/09/2010 19:07:56.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2038.1441 [GMT 2:00]
Lancé depuis: c:\documents and settings\Propriétaire\Mes documents\Downloads\CCM.exe.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3360PR
-------\Service_asc3360pr


((((((((((((((((((((((((((((( Fichiers créés du 2010-08-28 au 2010-09-28 ))))))))))))))))))))))))))))))))))))
.

2010-09-28 15:55 . 2010-09-28 16:06 -------- d-----w- C:\FyK
2010-09-28 13:44 . 2010-09-28 13:44 -------- d-----w- c:\program files\CCleaner
2010-09-27 22:48 . 2007-07-27 21:11 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2010-09-27 22:45 . 2010-09-27 22:45 -------- d-----w- c:\program files\MSXML 4.0
2010-09-27 22:42 . 2010-09-27 22:42 -------- d-----w- c:\windows\system32\wbem\Repository
2010-09-27 22:35 . 2010-09-27 22:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-27 22:35 . 2010-09-27 22:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-27 22:08 . 2010-09-27 22:42 -------- d-----w- c:\program files\USB-set
2010-09-27 22:08 . 2010-09-27 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\usb-set
2010-09-27 10:09 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-09-27 10:09 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\drivers\bthport.sys
2010-09-27 10:08 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-09-27 10:07 . 2010-02-12 10:03 367104 ------w- c:\windows\system32\browserchoice.exe
2010-09-27 10:07 . 2010-04-28 05:43 2148352 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-09-27 10:07 . 2010-04-28 18:13 2192000 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-09-27 10:07 . 2010-04-28 05:43 2068864 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-09-27 10:07 . 2010-04-28 05:43 2026496 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-09-27 09:59 . 2010-09-27 22:56 -------- d-----w- c:\windows\$hf_mig$
2010-09-26 13:25 . 2010-09-26 13:25 -------- d-----w- c:\program files\uTorrent
2010-09-26 12:44 . 2010-09-26 12:44 -------- d-----w- C:\VritualRoot
2010-09-26 12:12 . 2010-09-26 12:37 56432 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-09-26 12:10 . 2010-09-26 12:10 -------- d-----w- c:\program files\COMODO
2010-09-26 12:09 . 2010-09-26 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2010-09-26 02:51 . 2010-09-26 02:54 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-09-26 02:46 . 2010-09-26 02:53 -------- d-----w- c:\program files\7-Zip
2010-09-23 11:11 . 2010-09-23 11:11 -------- d-----w- c:\program files\Microsoft
2010-09-23 11:10 . 2010-09-23 11:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-09-23 11:10 . 2010-09-23 11:11 -------- d-----w- c:\program files\Windows Live
2010-09-23 11:08 . 2010-09-23 11:08 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2010-09-21 15:02 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2010-09-21 15:02 . 2003-02-21 16:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-21 15:02 . 2010-09-21 15:02 -------- d-----w- c:\program files\DIFX
2010-09-21 15:01 . 2010-09-21 15:01 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-09-21 15:01 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-09-21 15:01 . 2010-09-21 15:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-21 15:01 . 2010-09-21 15:01 -------- d-----w- c:\program files\Samsung
2010-09-21 12:36 . 2010-09-21 12:36 -------- d-----w- c:\program files\Conduit
2010-09-21 12:36 . 2010-09-26 12:44 -------- d-----w- c:\program files\Audacity-tools
2010-09-21 12:36 . 2010-09-26 12:30 -------- d-----w- c:\program files\MultimediaTools
2010-09-21 12:20 . 2005-05-09 18:08 33792 ----a-w- c:\windows\system32\drivers\cledx.sys
2010-09-21 12:19 . 2002-11-25 03:46 16896 ----a-w- c:\windows\system32\drivers\synasUSB.sys
2010-09-21 12:19 . 2002-11-25 06:36 45056 ----a-w- c:\windows\system32\Synsopos.exe
2010-09-21 12:19 . 2010-09-21 12:19 -------- d-----w- c:\program files\Syncrosoft
2010-09-21 12:19 . 2005-10-17 07:35 704512 ----a-w- c:\windows\system32\SYNSOACC.dll
2010-09-21 12:19 . 2004-05-10 13:58 147456 ----a-w- c:\windows\system32\SynsoLChk.dll
2010-09-20 23:27 . 2010-09-20 23:27 -------- d-----w- c:\program files\QuickTime
2010-09-18 23:16 . 2010-09-26 12:30 -------- d-----w- c:\program files\PhotoFiltre
2010-09-17 18:59 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-17 18:59 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-17 14:01 . 2010-09-17 14:01 -------- d-----w- c:\program files\Wondershare
2010-09-17 04:02 . 2010-09-17 12:03 -------- d-----w- c:\program files\Ask.com
2010-09-17 03:46 . 2010-09-17 03:46 -------- d-----w- c:\program files\iPod
2010-09-17 03:46 . 2010-09-26 16:24 -------- d-----w- c:\program files\iTunes
2010-09-17 03:46 . 2010-09-17 03:46 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-17 03:45 . 2010-09-17 03:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-09-17 03:44 . 2010-09-17 03:44 -------- d-----w- c:\program files\Apple Software Update
2010-09-17 03:44 . 2010-09-17 03:44 -------- d-----w- c:\program files\Bonjour
2010-09-17 03:44 . 2010-09-17 03:46 -------- d-----w- c:\program files\Fichiers communs\Apple
2010-09-17 03:44 . 2010-09-17 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-09-16 18:51 . 2010-09-16 18:51 -------- d-----w- c:\windows\system32\LogFiles
2010-09-16 18:09 . 2010-09-16 18:09 64274 ----a-w- c:\windows\BricoPackUninst.cmd
2010-09-16 18:06 . 2010-09-16 18:09 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-09-16 18:06 . 2010-09-16 18:06 -------- d-----w- c:\windows\BricoPacks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 16:10 . 2008-04-14 12:00 49054 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-28 16:10 . 2008-04-14 12:00 368314 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-21 12:24 . 2010-09-21 12:23 -------- d-----w- c:\program files\Steinberg
2010-09-18 16:57 . 2010-09-16 09:26 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-09-16 18:09 . 2008-04-14 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-09-16 10:11 . 2010-09-16 10:11 -------- d-----w- c:\program files\VideoLAN
2010-09-16 10:10 . 2010-09-16 10:10 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-09-16 09:27 . 2010-09-16 09:27 -------- d-----w- c:\program files\microsoft frontpage
2010-09-16 09:25 . 2010-09-16 09:25 -------- d-----w- c:\program files\Services en ligne
2010-09-16 09:23 . 2010-09-16 09:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-07-27 16:44 . 2010-07-27 16:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-22 15:48 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2010-07-22 06:19 5632 ------w- c:\windows\system32\xpsp4res.dll
.

------- Sigcheck -------

[-] 2010-06-24 . 507CF8943648F4CAA644AE92D440E138 . 3094016 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\e028f233421e1853c97e73878df2e741\SP3GDR\mshtml.dll
[-] 2010-06-24 . 33DDDDA4B3B4AED211E22B5B13A027DF . 3094528 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\e028f233421e1853c97e73878df2e741\SP3QFE\mshtml.dll
[-] 2008-04-14 . FF9357A06E893CF64FB002000235F6F6 . 3507712 . . [6.00.2900.5512] . . c:\windows\system32\mshtml.dll
[-] 2008-04-14 . FF9357A06E893CF64FB002000235F6F6 . 3507712 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2010-06-24 . 7B6E7C22C4BBAFAD3EAE918A92150EA0 . 672768 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\e028f233421e1853c97e73878df2e741\SP3QFE\wininet.dll
[-] 2010-06-24 . 7B358D35C11CE85FFCDEAA62F9B96123 . 671232 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\e028f233421e1853c97e73878df2e741\SP3GDR\wininet.dll
[-] 2008-04-14 . 3601E0109C765D5236EB42E663CF2681 . 704512 . . [6.00.2900.5512] . . c:\windows\system32\wininet.dll
[-] 2008-04-14 . 3601E0109C765D5236EB42E663CF2681 . 704512 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\wininet.dll

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{d0b1518e-3e45-4d16-a23b-4d90ef938e44}"= "c:\program files\Audacity-tools\tbAud1.dll" [2010-09-23 2735200]

[HKEY_CLASSES_ROOT\clsid\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]
2010-09-23 20:12 2735200 ----a-w- c:\program files\Audacity-tools\tbAud1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d0b1518e-3e45-4d16-a23b-4d90ef938e44}"= "c:\program files\Audacity-tools\tbAud1.dll" [2010-09-23 2735200]

[HKEY_CLASSES_ROOT\clsid\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D0B1518E-3E45-4D16-A23B-4D90EF938E44}"= "c:\program files\Audacity-tools\tbAud1.dll" [2010-09-23 2735200]

[HKEY_CLASSES_ROOT\clsid\{d0b1518e-3e45-4d16-a23b-4d90ef938e44}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-09-26 214000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-05 16861696]
"AlcWzrd"="ALCWZRD.EXE" [2010-06-05 2808832]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 503080]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 462848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Propri'taire\Menu D'marrer\Programmes\D'marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 708608]

c:\documents and settings\Propri'taire\Menu D'marrer\Programmes\D'marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 708608]

c:\documents and settings\Propri'taire\Menu D'marrer\Programmes\D'marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 708608]

c:\documents and settings\Propri'taire\Menu D'marrer\Programmes\D'marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 708608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2010-09-16 10:07 65536 ----a-w- c:\windows\system32\igdlogin.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-09-16 10:07 432664 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-09-16 10:07 211480 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PersistenceThread]
2010-09-16 10:07 166424 ----a-w- c:\windows\system32\PersistenceThread.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Documents and Settings\\Propriétaire\\Mes documents\\Downloads\\utorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\RocketDock\\RocketDock.exe"=
"c:\\Program Files\\COMODO\\COMODO Internet Security\\Quarantine\\ChromeSetup.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iPod\\bin\\iPodService.exe"=
"c:\\Program Files\\SyncroSoft\\Pos\\H2O\\cledx.exe"=
"c:\\Program Files\\iTunes\\iTunesHelper.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=

R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [21/09/2010 14:20 33792]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [16/09/2010 12:08 5097632]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - ASC3360PR
.
Contenu du dossier 'Tâches planifiées'

2010-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
HKLM-Run-SoundMan - SOUNDMAN.EXE
HKLM-Run-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
HKLM-Run-QuickTime Task - c:\program files\QuickTime\QTTask.exe
AddRemove-6194C28A8F62DD817EA1B918E6E46E806A21B452 - c:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-65B6FE5418CE28F4D72543FB2D964C3CEC83F161 - c:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-Multimedia Tools - Audacity - c:\program files\MultimediaTools\Uninstal.exe
AddRemove-WinLiveSuite_Wave3 - c:\program files\Windows Live\Installer\wlarp.exe
AddRemove-PhotoFiltre - c:\program files\PhotoFiltre\Uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-28 19:13
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3092)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\program files\iPod\bin\iPodService.exe
c:\windows\TEMP\winjasldx.exe
.
**************************************************************************
.
Heure de fin: 2010-09-28 19:18:06 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-28 17:18

Avant-CF: 188 782 690 304 octets libres
Après-CF: 188 844 191 744 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

- - End Of File - - 01E644E1998E84F02E0B4FA8FA4AAC35
A voir également:

1 réponse

Réponse 1 / 1
zigzag84 Messages postés 232 Date d'inscription dimanche 7 février 2010 Statut Membre Dernière intervention 20 novembre 2012 31
28 sept. 2010 à 20:00
Bonsoir, déjà lance un scan via un scan en ligne (par internet)
0