Gros pb sur mon ordinateur Virus? Rootkit? Fermé

Question

Bonjour, 

Depuis maintenant 2 jours j'ai de gros problèmes sur mon ordinateur... Au bout de 15 min après le démarrage, tout ce qui est écrit (nom de fichier, texte sur les barres de menu, sur les messages, etc... et même le bouton "Démarrer") disparaissent et l'ordinateur ne répond plus...

En lançant un scan avec avast (version complète) j'ai trouvé beaucoup de fichiers C:\WINDOWS\ infectés par Rootkit d'une part et deux autres fichiers vload.class et vmain.class, plus d'autres fichiers qui n'ont pas pu être scanné car "l'archive est protégée par un mot de passe (42056).

Je suis sur Windows XP. Que dois-je faire? Pouvez-vous m'aider s'il vous plait? 

Je vous remercie d'avance,

Paquino10


Configuration: Windows XP / Safari 535.2

WithoutAnyProblem · Answer

Bonjour ; il faut savoir qu'un antivirus seul est une protection bien maigre aujourd'hui.....Ds un premier temps, tu vas telecharger et installer malwarebytes :   https://www.01net.com/telecharger/windows/Securite/anti-spam/fiches/44096.html   ....ensuite lance un examen complet en mode sans echec de preference......A plus tard.......

paquino10 · Answer

Merci de m'avoir répondu. J'ai appliqué tout ce que vous m'avez dit et voici le rapport:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8239

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512

25/11/2011 20:40:41
mbam-log-2011-11-25 (20-40-34).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 254405
Temps écoulé: 27 minute(s), 8 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Affiliate.Downloader) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\documents and settings\Quentino\mes documents\downloads\Setup.exe (Affiliate.Downloader) -> No action taken.

WithoutAnyProblem · Answer

Parfait donc tu dois à présent avoir quelques indésirables ds ta quarantaine que tu laissera bien volontier........relance à présent une analyse antivirus classique.....normalement, il ne devrait plus rien détecter.....Si tu n'a pas ccleaner je te conseil de l'installer et de t'en servir quotidiennement......Petite question : y'a t il dans tes navigateurs quelques barres d'outils indésirables?......

paquino10 · Answer

- J'utilise souvent CCleaner.
- Il n'y a aucune barres d'outils indésirables dans mes navigateurs
- Et je lance le scan et je te tiens au courrant

paquino10 · Answer

Bonjour à toi et merci de prendre part à la lutte contre les virus.
- Concernant le rapport d'avant, je me suis rendu compte qu'il n'y a avait "No action taken", aussi j'ai recommencé l'opération et j'ai tout mit en quarantaine.

- j'ai télécharger comme tu as dit TDSSkiller, et voici le rapport (il y a une menace):

22:15:33.0562 5936	TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:15:33.0718 5936	============================================================
22:15:33.0718 5936	Current date / time: 2011/11/25 22:15:33.0718
22:15:33.0718 5936	SystemInfo:
22:15:33.0718 5936	
22:15:33.0718 5936	OS Version: 5.1.2600 ServicePack: 3.0
22:15:33.0718 5936	Product type: Workstation
22:15:33.0718 5936	ComputerName: QUENTO
22:15:33.0718 5936	UserName: Quentino
22:15:33.0718 5936	Windows directory: C:\WINDOWS
22:15:33.0718 5936	System windows directory: C:\WINDOWS
22:15:33.0718 5936	Processor architecture: Intel x86
22:15:33.0718 5936	Number of processors: 2
22:15:33.0718 5936	Page size: 0x1000
22:15:33.0718 5936	Boot type: Normal boot
22:15:33.0718 5936	============================================================
22:15:47.0937 5936	Initialize success
22:15:50.0093 3276	============================================================
22:15:50.0093 3276	Scan started
22:15:50.0093 3276	Mode: Manual; 
22:15:50.0093 3276	============================================================
22:15:50.0968 3276	Aavmker4        (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:15:50.0968 3276	Aavmker4 - ok
22:15:50.0968 3276	Abiosdsk - ok
22:15:50.0984 3276	abp480n5 - ok
22:15:51.0031 3276	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:15:51.0046 3276	ACPI - ok
22:15:51.0062 3276	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:15:51.0062 3276	ACPIEC - ok
22:15:51.0093 3276	adpu160m - ok
22:15:51.0125 3276	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:15:51.0140 3276	aec - ok
22:15:51.0171 3276	AegisP          (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:15:51.0171 3276	AegisP - ok
22:15:51.0218 3276	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:15:51.0234 3276	AFD - ok
22:15:51.0234 3276	Aha154x - ok
22:15:51.0250 3276	aic78u2 - ok
22:15:51.0265 3276	aic78xx - ok
22:15:51.0281 3276	AliIde - ok
22:15:51.0296 3276	amsint - ok
22:15:51.0343 3276	ApfiltrService  (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:15:51.0343 3276	ApfiltrService - ok
22:15:51.0406 3276	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:15:51.0406 3276	Arp1394 - ok
22:15:51.0484 3276	asc - ok
22:15:51.0531 3276	asc3350p - ok
22:15:51.0562 3276	asc3550 - ok
22:15:51.0625 3276	aswFsBlk        (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:15:51.0625 3276	aswFsBlk - ok
22:15:51.0687 3276	aswFW           (8c5b61dbfdaccc0a316acdea76774b32) C:\WINDOWS\system32\drivers\aswFW.sys
22:15:51.0687 3276	aswFW - ok
22:15:51.0750 3276	aswMon2         (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
22:15:51.0750 3276	aswMon2 - ok
22:15:51.0812 3276	aswNdis         (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
22:15:51.0812 3276	aswNdis - ok
22:15:51.0921 3276	aswNdis2        (37ebf6f81b4cb0aebe2345eeae85f112) C:\WINDOWS\system32\drivers\aswNdis2.sys
22:15:51.0937 3276	aswNdis2 - ok
22:15:52.0015 3276	aswRdr          (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
22:15:52.0015 3276	aswRdr - ok
22:15:52.0078 3276	aswSnx          (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
22:15:52.0078 3276	aswSnx - ok
22:15:52.0140 3276	aswSP           (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
22:15:52.0156 3276	aswSP - ok
22:15:52.0265 3276	aswTdi          (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
22:15:52.0265 3276	aswTdi - ok
22:15:52.0328 3276	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:15:52.0328 3276	AsyncMac - ok
22:15:52.0375 3276	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:15:52.0375 3276	atapi - ok
22:15:52.0406 3276	Atdisk - ok
22:15:52.0468 3276	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:15:52.0468 3276	Atmarpc - ok
22:15:52.0625 3276	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:15:52.0625 3276	audstub - ok
22:15:52.0703 3276	AVerM115S       (b504bc088771930ffcd29b601713535c) C:\WINDOWS\system32\DRIVERS\AVerM115S.sys
22:15:52.0750 3276	AVerM115S - ok
22:15:52.0828 3276	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:15:52.0828 3276	Beep - ok
22:15:52.0906 3276	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:15:52.0906 3276	cbidf2k - ok
22:15:52.0968 3276	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:15:52.0968 3276	CCDECODE - ok
22:15:53.0031 3276	cd20xrnt - ok
22:15:53.0093 3276	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:15:53.0093 3276	Cdaudio - ok
22:15:53.0125 3276	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:15:53.0125 3276	Cdfs - ok
22:15:53.0171 3276	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:15:53.0171 3276	Cdrom - ok
22:15:53.0203 3276	Changer - ok
22:15:53.0250 3276	CLEDX           (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
22:15:53.0265 3276	CLEDX - ok
22:15:53.0343 3276	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:15:53.0343 3276	CmBatt - ok
22:15:53.0390 3276	CmdIde - ok
22:15:53.0437 3276	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:15:53.0437 3276	Compbatt - ok
22:15:53.0500 3276	Cpqarray - ok
22:15:53.0546 3276	dac2w2k - ok
22:15:53.0593 3276	dac960nt - ok
22:15:53.0640 3276	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:15:53.0640 3276	Disk - ok
22:15:53.0718 3276	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
22:15:53.0750 3276	dmboot - ok
22:15:53.0843 3276	DMICall         (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
22:15:53.0859 3276	DMICall - ok
22:15:53.0890 3276	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
22:15:53.0906 3276	dmio - ok
22:15:53.0937 3276	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:15:53.0937 3276	dmload - ok
22:15:53.0968 3276	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:15:53.0984 3276	DMusic - ok
22:15:54.0015 3276	dpti2o - ok
22:15:54.0031 3276	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:15:54.0031 3276	drmkaud - ok
22:15:54.0078 3276	dtsoftbus01     (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:15:54.0078 3276	dtsoftbus01 - ok
22:15:54.0125 3276	E100B           (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:15:54.0140 3276	E100B - ok
22:15:54.0171 3276	e1express       (389cf2cded384be477c3b3f15747d495) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:15:54.0187 3276	e1express - ok
22:15:54.0265 3276	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:15:54.0265 3276	Fastfat - ok
22:15:54.0312 3276	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:15:54.0328 3276	Fdc - ok
22:15:54.0375 3276	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
22:15:54.0375 3276	Fips - ok
22:15:54.0421 3276	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:15:54.0437 3276	Flpydisk - ok
22:15:54.0468 3276	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:15:54.0468 3276	FltMgr - ok
22:15:54.0515 3276	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:15:54.0515 3276	Fs_Rec - ok
22:15:54.0609 3276	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:15:54.0609 3276	Ftdisk - ok
22:15:54.0687 3276	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:15:54.0687 3276	Gpc - ok
22:15:54.0781 3276	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:15:54.0781 3276	HDAudBus - ok
22:15:54.0828 3276	HidIr           (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
22:15:54.0828 3276	HidIr - ok
22:15:54.0875 3276	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:15:54.0890 3276	HidUsb - ok
22:15:54.0953 3276	hpn - ok
22:15:55.0031 3276	HSFHWAZL        (acc46dda7fece95a253ae88cea172e12) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:15:55.0031 3276	HSFHWAZL - ok
22:15:55.0109 3276	HSF_DPV         (c9f4e7da78a02623abf78a4a34ce79b1) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:15:55.0156 3276	HSF_DPV - ok
22:15:55.0250 3276	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:15:55.0250 3276	HTTP - ok
22:15:55.0281 3276	i2omgmt - ok
22:15:55.0312 3276	i2omp - ok
22:15:55.0390 3276	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:15:55.0390 3276	i8042prt - ok
22:15:55.0484 3276	iaStor          (88b1943ecff661f765228099138cf6ab) C:\WINDOWS\system32\drivers\iaStor.sys
22:15:55.0484 3276	iaStor - ok
22:15:55.0546 3276	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:15:55.0546 3276	Imapi - ok
22:15:55.0609 3276	ini910u - ok
22:15:55.0640 3276	IntelIde - ok
22:15:55.0718 3276	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:15:55.0718 3276	intelppm - ok
22:15:55.0781 3276	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:15:55.0781 3276	Ip6Fw - ok
22:15:55.0828 3276	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:15:55.0828 3276	IpFilterDriver - ok
22:15:55.0875 3276	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:15:55.0875 3276	IpInIp - ok
22:15:55.0968 3276	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:15:55.0968 3276	IpNat - ok
22:15:56.0031 3276	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:15:56.0031 3276	IPSec - ok
22:15:56.0062 3276	IrBus           (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
22:15:56.0078 3276	IrBus - ok
22:15:56.0093 3276	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:15:56.0093 3276	IRENUM - ok
22:15:56.0156 3276	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:15:56.0156 3276	isapnp - ok
22:15:56.0218 3276	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:15:56.0218 3276	Kbdclass - ok
22:15:56.0265 3276	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:15:56.0265 3276	kbdhid - ok
22:15:56.0343 3276	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:15:56.0343 3276	kmixer - ok
22:15:56.0421 3276	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:15:56.0421 3276	KSecDD - ok
22:15:56.0515 3276	L6UX2           (2c289a7746c29fd835f771aa835248ca) C:\WINDOWS\system32\Drivers\L6UX2.sys
22:15:56.0531 3276	L6UX2 - ok
22:15:56.0640 3276	lbrtfdc - ok
22:15:56.0687 3276	MBAMSwissArmy - ok
22:15:56.0750 3276	mdmxsdk         (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:15:56.0750 3276	mdmxsdk - ok
22:15:56.0828 3276	MHNDRV          (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
22:15:56.0828 3276	MHNDRV - ok
22:15:56.0890 3276	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:15:56.0890 3276	mnmdd - ok
22:15:56.0937 3276	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
22:15:56.0937 3276	Modem - ok
22:15:57.0000 3276	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:15:57.0000 3276	Mouclass - ok
22:15:57.0062 3276	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:15:57.0062 3276	mouhid - ok
22:15:57.0109 3276	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:15:57.0109 3276	MountMgr - ok
22:15:57.0171 3276	MPE             (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
22:15:57.0171 3276	MPE - ok
22:15:57.0203 3276	mraid35x - ok
22:15:57.0265 3276	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:15:57.0265 3276	MRxDAV - ok
22:15:57.0375 3276	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:15:57.0375 3276	MRxSmb - ok
22:15:57.0437 3276	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:15:57.0437 3276	Msfs - ok
22:15:57.0484 3276	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:15:57.0500 3276	MSKSSRV - ok
22:15:57.0546 3276	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:15:57.0546 3276	MSPCLOCK - ok
22:15:57.0593 3276	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:15:57.0593 3276	MSPQM - ok
22:15:57.0687 3276	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:15:57.0687 3276	mssmbios - ok
22:15:57.0765 3276	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:15:57.0765 3276	MSTEE - ok
22:15:57.0843 3276	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:15:57.0843 3276	Mup - ok
22:15:57.0921 3276	Mvc25U870_VID_1262&PID_25FD (c4d5bc0a947581dea2c774f9f609b527) C:\WINDOWS\system32\Drivers\Mvc25U870.sys
22:15:57.0921 3276	Mvc25U870_VID_1262&PID_25FD - ok
22:15:58.0015 3276	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:15:58.0015 3276	NABTSFEC - ok
22:15:58.0062 3276	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:15:58.0062 3276	NDIS - ok
22:15:58.0109 3276	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:15:58.0109 3276	NdisIP - ok
22:15:58.0187 3276	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
22:15:58.0187 3276	NdisTapi - ok
22:15:58.0265 3276	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
22:15:58.0265 3276	Ndisuio - ok
22:15:58.0328 3276	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
22:15:58.0328 3276	NdisWan - ok
22:15:58.0343 3276	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:15:58.0359 3276	NDProxy - ok
22:15:58.0390 3276	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
22:15:58.0390 3276	NetBIOS - ok
22:15:58.0421 3276	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
22:15:58.0437 3276	NetBT - ok
22:15:58.0468 3276	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
ic1394.sys
22:15:58.0484 3276	NIC1394 - ok
22:15:58.0531 3276	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:15:58.0531 3276	Npfs - ok
22:15:58.0609 3276	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:15:58.0625 3276	Ntfs - ok
22:15:58.0703 3276	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:15:58.0703 3276	Null - ok
22:15:58.0890 3276	nv              (fc3a514b80477f576727f94cd01a0973) C:\WINDOWS\system32\DRIVERS
v4_mini.sys
22:15:59.0015 3276	nv - ok
22:15:59.0093 3276	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
22:15:59.0093 3276	NwlnkFlt - ok
22:15:59.0140 3276	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
22:15:59.0140 3276	NwlnkFwd - ok
22:15:59.0265 3276	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:15:59.0265 3276	ohci1394 - ok
22:15:59.0375 3276	OXYGEN          (93ca67f2d985b7dd214d3044dfda5df9) C:\WINDOWS\system32\DRIVERS\MAudioOxygen.sys
22:15:59.0375 3276	OXYGEN - ok
22:15:59.0453 3276	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
22:15:59.0453 3276	Parport - ok
22:15:59.0484 3276	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:15:59.0484 3276	PartMgr - ok
22:15:59.0531 3276	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
22:15:59.0546 3276	ParVdm - ok
22:15:59.0625 3276	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
22:15:59.0625 3276	PCI - ok
22:15:59.0656 3276	PCIDump - ok
22:15:59.0750 3276	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:15:59.0750 3276	PCIIde - ok
22:15:59.0828 3276	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:15:59.0828 3276	Pcmcia - ok
22:15:59.0859 3276	PDCOMP - ok
22:15:59.0890 3276	PDFRAME - ok
22:15:59.0953 3276	PDRELI - ok
22:16:00.0015 3276	PDRFRAME - ok
22:16:00.0046 3276	perc2 - ok
22:16:00.0093 3276	perc2hib - ok
22:16:00.0171 3276	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
22:16:00.0171 3276	PptpMiniport - ok
22:16:00.0234 3276	PrivateDisk     (d4644a982b8748353ff3805591531f46) C:\WINDOWS\system32\Drivers\PrivateDiskM.sys
22:16:00.0250 3276	PrivateDisk - ok
22:16:00.0312 3276	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:00.0312 3276	PSched - ok
22:16:00.0359 3276	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:00.0359 3276	Ptilink - ok
22:16:00.0421 3276	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:16:00.0421 3276	PxHelp20 - ok
22:16:00.0500 3276	ql1080 - ok
22:16:00.0531 3276	Ql10wnt - ok
22:16:00.0578 3276	ql12160 - ok
22:16:00.0609 3276	ql1240 - ok
22:16:00.0640 3276	ql1280 - ok
22:16:00.0703 3276	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
22:16:00.0703 3276	RasAcd - ok
22:16:00.0812 3276	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
22:16:00.0812 3276	Rasl2tp - ok
22:16:00.0875 3276	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
22:16:00.0875 3276	RasPppoe - ok
22:16:00.0968 3276	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
22:16:00.0968 3276	Raspti - ok
22:16:01.0015 3276	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
22:16:01.0031 3276	Rdbss - ok
22:16:01.0093 3276	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:16:01.0093 3276	RDPCDD - ok
22:16:01.0125 3276	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERSdpdr.sys
22:16:01.0140 3276	rdpdr - ok
22:16:01.0187 3276	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:16:01.0187 3276	RDPWD - ok
22:16:01.0281 3276	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
22:16:01.0281 3276	redbook - ok
22:16:01.0390 3276	s24trans        (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:16:01.0390 3276	s24trans - ok
22:16:01.0453 3276	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:16:01.0453 3276	sdbus - ok
22:16:01.0515 3276	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:16:01.0515 3276	Secdrv - ok
22:16:01.0562 3276	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
22:16:01.0578 3276	Serial - ok
22:16:01.0640 3276	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:16:01.0640 3276	Sfloppy - ok
22:16:01.0750 3276	SI3132          (716a724a447c559f122ea140d636fa48) C:\WINDOWS\system32\DRIVERS\SI3132.sys
22:16:01.0750 3276	SI3132 - ok
22:16:01.0796 3276	SiFilter        (72cf151fb410e544904dbc7d7f29b796) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
22:16:01.0796 3276	SiFilter - ok
22:16:01.0812 3276	Simbad - ok
22:16:01.0843 3276	SiRemFil        (62fd549acf2943f89612a8777295fa57) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
22:16:01.0843 3276	SiRemFil - ok
22:16:01.0937 3276	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:16:01.0937 3276	SLIP - ok
22:16:01.0984 3276	SNC             (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
22:16:01.0984 3276	SNC - ok
22:16:02.0031 3276	SonyImgF        (fb77021110eaa16ea6e0961c844ef0d2) C:\WINDOWS\system32\DRIVERS\SonyImgF.sys
22:16:02.0031 3276	SonyImgF - ok
22:16:02.0062 3276	Sparrow - ok
22:16:02.0078 3276	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:16:02.0093 3276	splitter - ok
22:16:02.0171 3276	sptd            (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
22:16:02.0171 3276	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
22:16:02.0187 3276	sptd ( LockedFile.Multi.Generic ) - warning
22:16:02.0187 3276	sptd - detected LockedFile.Multi.Generic (1)
22:16:02.0234 3276	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
22:16:02.0250 3276	sr - ok
22:16:02.0312 3276	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:16:02.0312 3276	Srv - ok
22:16:02.0437 3276	STHDA           (6b166d929f0e2d78fea1acddc5221f4c) C:\WINDOWS\system32\drivers\sthda.sys
22:16:02.0484 3276	STHDA - ok
22:16:02.0546 3276	StillCam        (3f669c9fc6411bdbc0155544aa876e46) C:\WINDOWS\system32\DRIVERS\serscan.sys
22:16:02.0546 3276	StillCam - ok
22:16:02.0671 3276	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:16:02.0671 3276	streamip - ok
22:16:02.0718 3276	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:16:02.0718 3276	swenum - ok
22:16:02.0765 3276	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:16:02.0765 3276	swmidi - ok
22:16:02.0796 3276	symc810 - ok
22:16:02.0828 3276	symc8xx - ok
22:16:02.0875 3276	SYMIDSCO - ok
22:16:02.0906 3276	sym_hi - ok
22:16:02.0984 3276	sym_u3 - ok
22:16:03.0062 3276	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:16:03.0062 3276	sysaudio - ok
22:16:03.0156 3276	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
22:16:03.0156 3276	Tcpip - ok
22:16:03.0203 3276	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:16:03.0203 3276	TDPIPE - ok
22:16:03.0250 3276	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:16:03.0250 3276	TDTCP - ok
22:16:03.0296 3276	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
22:16:03.0296 3276	TermDD - ok
22:16:03.0375 3276	ti21sony        (909cd987b54a8179c9aee874d754721a) C:\WINDOWS\system32\drivers	i21sony.sys
22:16:03.0390 3276	ti21sony - ok
22:16:03.0484 3276	toshidpt        (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
22:16:03.0484 3276	toshidpt - ok
22:16:03.0531 3276	TosIde - ok
22:16:03.0578 3276	tosporte        (d626e0af9232d8799d3a449530f3c220) C:\WINDOWS\system32\DRIVERS	osporte.sys
22:16:03.0578 3276	tosporte - ok
22:16:03.0625 3276	Tosrfbd         (0ec5206059d97a8dc785be73fb457ec7) C:\WINDOWS\system32\Drivers	osrfbd.sys
22:16:03.0625 3276	Tosrfbd - ok
22:16:03.0687 3276	Tosrfbnp        (33498b8f0b2ca549c2b7ffc1b3c0f1bc) C:\WINDOWS\system32\Drivers	osrfbnp.sys
22:16:03.0687 3276	Tosrfbnp - ok
22:16:03.0796 3276	Tosrfcom        (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers	osrfcom.sys
22:16:03.0796 3276	Tosrfcom - ok
22:16:03.0890 3276	Tosrfhid        (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
22:16:03.0890 3276	Tosrfhid - ok
22:16:03.0953 3276	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS	osrfnds.sys
22:16:03.0953 3276	tosrfnds - ok
22:16:03.0984 3276	TosRfSnd        (0d86d15caff2b3203c785d604ec7c942) C:\WINDOWS\system32\drivers\TosRfSnd.sys
22:16:04.0000 3276	TosRfSnd - ok
22:16:04.0046 3276	Tosrfusb        (c582b7716f0be7e65505365f4f941587) C:\WINDOWS\system32\Drivers	osrfusb.sys
22:16:04.0046 3276	Tosrfusb - ok
22:16:04.0125 3276	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:16:04.0125 3276	Udfs - ok
22:16:04.0187 3276	ultra - ok
22:16:04.0265 3276	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:16:04.0265 3276	Update - ok
22:16:04.0343 3276	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:16:04.0359 3276	usbaudio - ok
22:16:04.0390 3276	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:16:04.0406 3276	usbccgp - ok
22:16:04.0453 3276	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:16:04.0453 3276	usbehci - ok
22:16:04.0531 3276	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:16:04.0531 3276	usbhub - ok
22:16:04.0671 3276	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:16:04.0671 3276	usbprint - ok
22:16:04.0859 3276	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:16:04.0875 3276	usbscan - ok
22:16:05.0046 3276	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:16:05.0046 3276	USBSTOR - ok
22:16:05.0093 3276	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:16:05.0093 3276	usbuhci - ok
22:16:05.0171 3276	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:16:05.0171 3276	VgaSave - ok
22:16:05.0203 3276	ViaIde - ok
22:16:05.0265 3276	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
22:16:05.0265 3276	VolSnap - ok
22:16:05.0406 3276	w39n51          (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
22:16:05.0468 3276	w39n51 - ok
22:16:05.0531 3276	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:16:05.0531 3276	Wanarp - ok
22:16:05.0562 3276	WDICA - ok
22:16:05.0718 3276	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:16:05.0718 3276	wdmaud - ok
22:16:05.0796 3276	winachsf        (c1d5cbd8aa0d674da1ba1bb189696396) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:16:05.0828 3276	winachsf - ok
22:16:05.0937 3276	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:16:05.0937 3276	WSTCODEC - ok
22:16:05.0984 3276	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:16:06.0156 3276	\Device\Harddisk0\DR0 - ok
22:16:06.0156 3276	Boot (0x1200)   (bc51ddb149def9fcab834e9537799b44) \Device\Harddisk0\DR0\Partition0
22:16:06.0156 3276	\Device\Harddisk0\DR0\Partition0 - ok
22:16:06.0187 3276	Boot (0x1200)   (22c64e2adbcabfbf26b49eceeea98ffb) \Device\Harddisk0\DR0\Partition1
22:16:06.0187 3276	\Device\Harddisk0\DR0\Partition1 - ok
22:16:06.0187 3276	============================================================
22:16:06.0187 3276	Scan finished
22:16:06.0187 3276	============================================================
22:16:06.0203 3316	Detected object count: 1
22:16:06.0203 3316	Actual detected object count: 1
22:17:17.0171 3316	sptd ( LockedFile.Multi.Generic ) - skipped by user
22:17:17.0171 3316	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 


Que dois-je faire? le supprimer ou le mettre en quarantaine?

Merci d'avance,

Paquino

WithoutAnyProblem · Answer

pr Jacques.gache : Pas stupide, l'idée de tdsskiller ; en revanche et c'est vrai que j'aurais peut être du le préciser le "noactiontaken" ; doit venir du fait que l'analyse malwarebytes doit être executée en tant qu'administrateur........

paquino10 · Answer

J'ai appliqué Combofix et voici le rapport:


ComboFix 11-11-25.02 - Quentino 25/11/2011  22:58:11.1.2 - x86
Microsoft Windows XP Professionnel  5.1.2600.3.1252.33.1036.18.1022.363 [GMT 1:00]
Lancé depuis: c:\documents and settings\Quentino\Bureau\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Quentino\Application Data\Local
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\.ddr
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\7yhoeq11dydpa.avi.ddr
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\jingle_france2_2s.m4v.ddr
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Swapping_Crops_French_19052010.mov.ddr
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2)
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\31845.avi(2).ddp
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\31845.avi.ddp
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\7yhoeq11dydpa.avi
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\jingle_france2_2s.m4v
c:\documents and settings\Quentino\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\Swapping_Crops_French_19052010.mov
c:\documents and settings\Quentino\Application Data\OfferBox
c:\documents and settings\Quentino\Application Data\OfferBox\config.dat
c:\documents and settings\Quentino\Application Data\OfferBox\config.xml
c:\windows\kb913800.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-10-25 au 2011-11-25  ))))))))))))))))))))))))))))))))))))
.
.
2011-11-25 21:54 . 2011-11-25 21:54	--------	d-----w-	c:\windows\system32\LogFiles
2011-11-25 21:30 . 2011-11-25 21:30	94896	----a-w-	c:\windows\system32\drivers\63137428.sys
2011-11-25 18:42 . 2011-11-25 18:42	--------	d-----w-	c:\documents and settings\Quentino\Application Data\Malwarebytes
2011-11-25 18:42 . 2011-11-25 18:42	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2011-11-25 18:42 . 2011-11-25 18:42	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-11-25 18:42 . 2011-08-31 16:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-11-24 19:11 . 2011-11-24 19:11	--------	d-----w-	c:\windows\system32\wbem\Repository
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:23 . 2006-03-28 14:31	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-03-28 15:16	606208	----a-w-	c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 18:59	614400	----a-w-	c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2006-03-28 15:17	22528	----a-w-	c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2006-03-28 15:17	220160	----a-w-	c:\windows\system32\oleacc.dll
2011-09-06 20:45 . 2011-01-21 15:24	41184	----a-w-	c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-01-21 15:24	199304	----a-w-	c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-02-21 16:55	111320	----a-w-	c:\windows\system32\drivers\aswFW.sys
2011-09-06 20:38 . 2011-02-21 16:55	442200	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-01-21 15:24	320856	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:37 . 2011-02-21 16:54	195416	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2011-09-06 20:36 . 2011-01-21 15:24	34392	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-01-21 15:24	52568	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-01-21 15:24	110552	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-01-21 15:24	104536	----a-w-	c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-01-21 15:24	20568	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-01-21 15:24	30808	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2006-03-28 15:17	1859072	----a-w-	c:\windows\system32\win32k.sys
2011-09-05 13:56 . 2006-03-28 15:17	671232	----a-w-	c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2006-03-28 15:17	61952	----a-w-	c:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2006-03-28 15:16	81920	----a-w-	c:\windows\system32\ieencode.dll
2011-09-05 13:55 . 2006-03-28 15:16	371200	----a-w-	c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files\vShare.tv plugin\BarLcher.dll" [2011-06-01 177712]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45	122512	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]
"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]
"AppMon Utility"="c:\program files\Sony\AppMonUtil\AppMonUtility.exe" [2006-03-15 40960]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-01-26 212992]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-17 7561216]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-03 483328]
"VAIO Update 5"="c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe" [2011-04-20 2848144]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-04-08 254696]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Quentino\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 12:51	73728	----a-w-	c:\windows\system32\VESWinlogon.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
"c:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"c:\Program Files\SopCast\adv\SopAdver.exe"=
"c:\Program Files\SopCast\SopCast.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hposid01.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"=
"c:\Program Files\Google\Google Earth\client\googleearth.exe"=
"c:\Program Files\Google\Google Earth\plugin\geplugin.exe"=
"c:\Program Files\Skype\Phone\Skype.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [21/02/2011 17:54 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [21/02/2011 17:54 195416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [21/02/2011 17:55 111320]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21/02/2011 17:55 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [21/01/2011 16:24 320856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [21/01/2011 19:04 218688]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [06/07/2004 13:07 45627]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21/01/2011 16:24 20568]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [21/02/2011 17:54 127192]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files\M-Audio\Oxygen\AudioDevMon.exe [04/03/2010 07:35 1632776]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [28/01/2011 19:08 33792]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [28/03/2006 16:18 29184]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [28/03/2006 16:18 812544]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31/03/2011 23:14 136176]
S3 AVerM115S;AVerM115S service;c:\windows\system32\drivers\AVerM115S.sys [28/03/2006 19:20 741376]
S3 CKPLP;CKPLP;c:\docume~1\Quentino\LOCALS~1\Temp\CKPLP.exe --> c:\docume~1\Quentino\LOCALS~1\Temp\CKPLP.exe [?]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31/03/2011 23:14 136176]
S3 L6UX2;Service - Line 6 UX2;c:\windows\system32\drivers\L6UX2.sys [05/09/2011 19:28 571008]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\drivers\MAudioOxygen.sys [21/01/2011 22:28 112136]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
S3 YDWAPTBHZ;YDWAPTBHZ;c:\docume~1\Quentino\LOCALS~1\Temp\YDWAPTBHZ.exe --> c:\docume~1\Quentino\LOCALS~1\Temp\YDWAPTBHZ.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-31 22:13]
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-31 22:13]
.
2011-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562914032-3736727014-3898365749-1006Core.job
- c:\documents and settings\Quentino\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-21 15:22]
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3562914032-3736727014-3898365749-1006UA.job
- c:\documents and settings\Quentino\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-21 15:22]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
IE: Ajouter un site de support RSS à VAIO Information FLOW - c:\program files\Sony\VAIO Information FLOW\aiesc.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: line6.net
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - (no file)
SafeBoot-77689726.sys
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-25 23:14
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
.
C:\## aswSnx private storage
.
Scan terminé avec succès
Fichiers cachés: 1
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€-€|ÿÿÿÿÀ*€|ù*9~*]
"C040211900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(1452)
c:\windows\system32\VESWinlogon.dll
.
- - - - - - - > 'explorer.exe'(3684)
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\SigmaTel\C-Major Audio\WDM\StacSV.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\ICO.EXE
c:\windows\eHome\ehmsas.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Apoint\Apntex.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Heure de fin: 2011-11-25  23:25:33 - La machine a redémarré
ComboFix-quarantined-files.txt  2011-11-25 22:25
.
Avant-CF: 16 132 960 256 octets libres
Après-CF: 16 332 849 152 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D6297ECAB4892574B39E311BC6AD973C


Qu'en pensez vous?

Autre détail, il y avais plusieurs mise-à-jours de windows qui n'arrivaient pas à s'installer. A chaque fermeture de windows, il me demandait si je voulais éteindre et télécharger les mise à jour, et lorsque je le faisait rebelote, à la fermeture suivante toujours la même mise à jour... Y-aurait-il une raison à ça?

paquino10 · Answer

https://www.cjoint.com/?AKAwLTq3EaF

Voici le lien! et merci encore pour ton aide!

paquino10 · Answer

Log ad remover:  https://www.cjoint.com/?AKAxHbLsReU

Log adw-cleaner:  https://www.cjoint.com/?AKAxIu3IYdN

Log ZHPDiag:  https://www.cjoint.com/?AKAxI6RhvLo

paquino10 · Answer

Voici le rapport:


Rapport de ZHPFix 1.12.3372 par Nicolas Coolman, Update du 22/11/2011
Fichier d'export Registre : 
Run by Quentino at 27/11/2011 20:00:17
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\StartSearch
SUPPRIME O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\77689726.sys . (...) -- C:\WINDOWS\system32\Drivers\77689726.sys (.not file.)
SUPPRIME O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\77689726.sys . (...) -- C:\WINDOWS\system32\Drivers\77689726.sys (.not file.)
ABSENT Key: Service Legacy: LEGACY_CKPLP
ABSENT Key: Service Legacy: LEGACY_YDWAPTBHZ
SUPPRIME Key: CLSID BHO: {78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
SUPPRIME Key: HKCU\Software\vShare.tv
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
SUPPRIME Key: HKLM\Software\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}
SUPPRIME Key: HKLM\Software\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vShare.tv plugin

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: Adobe Reader Speed Launcher
SUPPRIME RunValue: CTFMON.EXE
SUPPRIME Toolbar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
SUPPRIME FirewallRaz (DP) : G:\setup\hpznui01.exe
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Préférences navigateur ==========
ABSENT Folder Chrome: kpionmjnkbpcdpcflammlgllecmejgjj

========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\Fluendo
SUPPRIME Folder: C:\Documents and Settings\Quentino\Application Data\moovida-1
SUPPRIME Folder: C:\Documents and Settings\Quentino\Local Settings\Application Data\moovida Air
SUPPRIME Folder: C:\Program Files\Spybot - Search & Destroy
SUPPRIME Folder: C:\Program Files\DAEMON Tools Toolbar
SUPPRIME Folder: C:\Program Files\vShare.tv plugin
SUPPRIME Flash Cookies: 84
SUPPRIME Temporaires Windows: : 83

========== Fichier(s) ==========
SUPPRIME Reboot c:\windows\modemlog_hdaudio softv92 data fax modem with smartcp.txt
SUPPRIME File: c:\ad-report-clean[1].txt
ABSENT File: c:\windows\system32\drivers\77689726.sys
ABSENT Folder/File: c:\program files\daemon tools toolbar
SUPPRIME Flash Cookies: 43
SUPPRIME Temporaires Windows: : 44

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
12 : Clé(s) du Registre
5 : Valeur(s) du Registre
8 : Dossier(s)
6 : Fichier(s)
1 : Préférences navigateur
1 : Restauration Système


End of clean in 00mn 24s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 27/11/2011 20:00:17 [2918]


Juste pour info, le pc va déjà beaucoup mieux depuis hier.

paquino10 · Answer

Voici le rapport Delfix:


# DelFix v8.6 - Rapport créé le 28/11/2011 à 14:04:04
# Mis à jour le 13/10/11 à 18h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Quentino - QUENTO (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Quentino\Bureau\delfix.exe
# Option [Suppression]


~~~~~~ Dossiers(s) ~~~~~~

Supprimé : C:\Qoobox
Supprimé : C:\ZHP
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
Supprimé : C:\Program Files\Ad-Remover
Supprimé : C:\Program Files\ZHPDiag

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\AdwCleaner[S1].txt
Supprimé : C:\ComboFix.txt
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\Documents and Settings\Quentino\Bureau\AD-R.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\Ad-Remover.lnk
Supprimé : C:\Documents and Settings\Quentino\Bureau\adwcleaner.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\ComboFix.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\Defogger.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\defogger_disable.log
Supprimé : C:\Documents and Settings\Quentino\Bureau\Reload_Tdsskiller.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\TDSSKiller.2.6.21.0_25.11.2011_22.15.33_log.txt
Supprimé : C:\Documents and Settings\Quentino\Bureau\ZHPDiag.txt
Supprimé : C:\Documents and Settings\Quentino\Bureau\ZHPDiag2.exe
Supprimé : C:\Documents and Settings\Quentino\Bureau\ZHPFixReport.txt
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
Supprimé : C:\WINDOWS\grep.exe
Supprimé : C:\WINDOWS\PEV.exe
Supprimé : C:\WINDOWS\NIRCMD.exe
Supprimé : C:\WINDOWS\MBR.exe
Supprimé : C:\WINDOWS\SED.exe
Supprimé : C:\WINDOWS\SWREG.exe
Supprimé : C:\WINDOWS\SWSC.exe
Supprimé : C:\WINDOWS\SWXCACLS.exe
Supprimé : C:\WINDOWS\Zip.exe

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\Software\Ad-Remover
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Supprimée : HKLM\SOFTWARE\AdwCleaner
Clé Supprimée : HKLM\SOFTWARE\Swearware
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~~~~~~ Autres ~~~~~~

-> Prefetch Vidé

*************************

DelFix[S1].txt - [2454 octets] - [28/11/2011 14:04:04]

########## EOF - C:\DelFix[S1].txt - [2578 octets] ##########

paquino10 · Answer

J'ai tout fait, mais avec CCleaner, il reste 2 fichiers qu'il n'arrive pas à supprimer...
Ils sont dans le dossier:
C:\Documents and Settings\Quentino\Local Settings\Temp\boost_interprocess
- DDM0serviceCmdResponseEvent
- DDM0serviceCmdResponseMutex

paquino10 · Answer

Encore quelques questions:

- Est-ce que je peux tout supprimer dans le dossier temp? car il y a beaucoup de choses...

- Mon problème de mises à jours n'est toujours pas résolue. Il demande toujours de mettre à jour l'ordinateur lorsque je l'éteint.

- Est-ce qu'il y a encore des fichiers non souhaitables sur mon ordinateur?

- Est-ce que je peux faire une sauvegarde de mes données sur disque dure externe? ou pas encore?

- Selon toi, qu'elle était la cause de tout mes pbs? et comment se protéger à l'avenir? au niveau de l'anti-virus, est-ce que avast est performant ou y en-t-il des plus puissants et des plus appropriés?

Merci beaucoup pour ton aide!

paquino10 · Answer

"Mise à jour de sécurité pour le package redistribuable Microsoft Visual C++ 2005 Service Pack 1 (KB2538242)"

Voila

paquino10 · Answer

Et je n'arrive pas à supprimer les fichiers se trouvant dans C:\Documents and Settings\Quentino\Local Settings\Temp\boost_interprocess

DDM0serviceCmdLock
DDM0serviceCmdSerializeLock
DDM0serviceCmdShared
DDM0serviceLock

ainsi que dans Temp:

etilqs_eRzCGwEYmxzW4o2

Que sont ces fichiers?

paquino10 · Answer

J'arrive à télécharger le fichier d'installation, mais je ne peux pas l'installer car il nécessite un fichier appelé "vcredist.msi" qui devrait se trouver dans C:\WINDOWS\TEMP, mais qui est introuvable. J'ai fait une recherche sur l'ordi, et il ne le trouve pas.

Vent d'ouest · Answer

Et avec SEAF ?

Gros pb sur mon ordinateur Virus? Rootkit?

17 réponses

Discussions similaires