Forums Zebulon.fr: combo fix - Forums Zebulon.fr

Aller au contenu

A lire avant de poster !
Page 1 sur 1

combo fix analyser des rapports ComboFix Noter : -----

#1 sofiane

  • Groupe : Invités

Posté 18 mars 2011 - 08:36

ComboFix 11-03-17.02 - soso 18-Mar-11 10:41:50.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.2300 [GMT -8:00]
Running from: c:\users\soso\Downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: avast! Internet Security *Disabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}
SP: avast! Internet Security *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Dealio Toolbar
c:\program files (x86)\Dealio Toolbar\IE\4.3\config.ini
c:\program files (x86)\Dealio Toolbar\IE\4.3\deALiotoolbarie.dll
c:\program files (x86)\Dealio Toolbar\Res\amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\apple.gif
c:\program files (x86)\Dealio Toolbar\Res\barnes.gif
c:\program files (x86)\Dealio Toolbar\Res\bestbuy.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files (x86)\Dealio Toolbar\Res\ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\icon_settings.gif
c:\program files (x86)\Dealio Toolbar\Res\macys.gif
c:\program files (x86)\Dealio Toolbar\Res\newegg.gif
c:\program files (x86)\Dealio Toolbar\Res\overstock.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron.gif
c:\program files (x86)\Dealio Toolbar\Res\search_amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\search_dealio.gif
c:\program files (x86)\Dealio Toolbar\Res\search_ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\search_yahoo.gif
c:\program files (x86)\Dealio Toolbar\Res\target.gif
c:\program files (x86)\Dealio Toolbar\Res\walmart.gif
c:\program files (x86)\Dealio Toolbar\Res\widgets.xml
c:\program files (x86)\Dealio Toolbar\WidgiHelper.exe
c:\program files (x86)\ShopperReports3
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\BRNStie.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\CmNDff.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\LaunchHelp.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\link.ico
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\mozillaps.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\Pltfrm.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\ShopperReports.dll
c:\program files (x86)\ShopperReports3\bin\3.1.22.0\ShopperReportsUninstaller.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk
c:\users\soso\AppData\Roaming\ShopperReports3
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-02-18 to 2011-03-18 )))))))))))))))))))))))))))))))
.
.
2011-03-18 18:53 . 2011-03-18 18:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-18 17:43 . 2011-03-18 17:43 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-03-18 16:02 . 2011-03-18 17:43 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-03-15 18:56 . 2011-03-15 18:56 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-03-15 18:56 . 2011-03-18 11:00 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-03-15 18:56 . 2011-03-18 11:00 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-03-14 17:41 . 2011-03-14 17:41 -------- d-----w- c:\programdata\ALM
2011-03-14 15:54 . 2011-03-14 15:54 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-14 15:51 . 2011-03-14 15:51 -------- d-----w- c:\windows\SysWow64\spool
2011-03-14 15:48 . 2011-03-14 15:48 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2011-03-13 16:58 . 2011-03-13 16:58 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-03-13 16:57 . 2011-03-13 16:57 -------- d-----w- c:\windows\PCHEALTH
2011-03-13 16:57 . 2011-03-13 16:57 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-03-13 16:56 . 2011-03-13 17:01 -------- d-----w- c:\programdata\Microsoft Help
2011-03-13 16:55 . 2011-03-13 16:55 -------- d-----r- C:\MSOCache
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-03-12 11:58 . 2011-03-12 11:58 131072 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-03-12 11:51 . 2011-03-12 11:51 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-12 11:33 . 2011-03-12 11:33 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-03-12 11:33 . 2011-03-18 09:59 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-03-12 11:32 . 2011-03-18 09:59 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-03-12 11:32 . 2011-03-12 11:32 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\program files (x86)\Desktop Quran
2011-03-11 13:05 . 2011-03-11 13:15 -------- d-----w- c:\program files (x86)\AbiWord
2011-03-10 21:00 . 2004-03-30 00:23 90112 ----a-w- c:\windows\unvise32.exe
2011-03-10 15:35 . 2011-03-12 11:57 -------- d-----w- c:\program files (x86)\QuickTime
2011-03-10 15:35 . 2011-03-10 15:35 -------- d-----w- c:\programdata\Apple Computer
2011-03-09 17:05 . 2011-03-09 17:07 -------- d-----w- c:\program files (x86)\ZiggyTV
2011-03-05 16:01 . 2011-03-05 16:01 -------- d-----w- c:\program files\e-on software
2011-03-04 09:28 . 2011-03-04 09:28 -------- d-----w- c:\program files (x86)\Application Updater
2011-03-04 09:28 . 2011-03-04 09:28 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-03-02 13:10 . 2011-03-02 13:11 -------- d-----w- c:\programdata\Abvent
2011-03-01 20:16 . 2011-03-01 20:16 -------- d-----w- c:\program files (x86)\Free Video Converter
2011-03-01 20:03 . 2011-03-11 20:52 -------- d-----w- c:\program files (x86)\MazdaCall-V5.7.8
2011-02-27 15:42 . 2005-05-26 23:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-02-27 15:42 . 2005-05-26 23:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2011-02-27 15:39 . 2011-02-27 15:40 -------- d-----w- C:\3dsmax9Trial
2011-02-25 09:55 . 2008-06-26 10:00 28672 ----a-w- c:\windows\SysWow64\WkWin32.lbr
2011-02-23 17:15 . 2011-02-23 17:15 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-23 17:15 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-02-23 16:19 . 2011-02-23 16:19 -------- d-----w- c:\program files (x86)\freeTVRadio
2011-02-23 16:18 . 2011-02-23 16:18 -------- d-----w- c:\program files (x86)\VideoLAN
2011-02-21 19:18 . 2011-02-21 19:18 -------- d-----w- c:\programdata\CyberLink
2011-02-21 18:15 . 2011-02-21 18:15 -------- d-----w- c:\program files (x86)\FLVPlayer4Free
2011-02-21 17:59 . 2011-02-21 17:59 -------- d-----w- c:\program files (x86)\InstallShield Installation Information
2011-02-21 17:57 . 2011-02-21 17:57 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2011-02-21 17:54 . 2011-02-21 17:54 -------- d-----w- C:\HP
2011-02-21 15:18 . 2011-02-21 15:18 -------- d-----w- c:\program files (x86)\Multiskype
2011-02-21 15:11 . 2011-02-21 16:42 -------- d-----w- c:\programdata\e-onsoftware
2011-02-21 15:11 . 2011-02-21 15:11 72 ----a-w- c:\windows\Vue 7.5 xStream.reg
2011-02-21 15:11 . 2011-02-21 15:11 70 ----a-w- c:\windows\Vue 7 xStream.reg
2011-02-21 15:11 . 2011-02-21 15:11 70 ----a-w- c:\windows\Vue 6 xStream.reg
2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\users\AppData
2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\program files (x86)\DVDVideoSoftTB
2011-02-19 19:04 . 2011-02-19 19:04 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-02-19 17:48 . 2008-08-14 01:48 203264 ----a-w- C:\wkwin32.DLL
2011-02-19 17:48 . 2008-08-14 01:48 28392448 ----a-w- C:\ArchiCAD.exe
2011-02-19 17:39 . 2011-02-19 17:39 -------- d-----w- c:\programdata\Apple
2011-02-19 17:32 . 2007-09-25 07:31 69632 ----a-w- c:\windows\SysWow64\javacpl.cpl
2011-02-19 17:31 . 2011-02-19 17:32 -------- d-----w- c:\program files (x86)\Java
2011-02-19 17:31 . 2011-02-19 17:31 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-02-19 16:00 . 2011-03-05 16:03 276 ----a-w- c:\windows\Vue 6 xStream PLE.reg
2011-02-19 15:45 . 2011-02-19 15:45 -------- d-----w- c:\program files (x86)\Microsoft
2011-02-19 15:33 . 2011-02-19 15:33 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2011-02-19 15:32 . 2011-02-19 15:33 -------- d-----w- c:\program files (x86)\Windows Live
2011-02-19 15:13 . 2011-02-19 15:13 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-02-19 14:48 . 2011-02-19 14:49 -------- d-----w- c:\program files (x86)\AnswerWorks 4.0
2011-02-19 14:45 . 2011-02-27 15:49 -------- d-----w- c:\program files (x86)\Autodesk
2011-02-19 14:09 . 2011-03-15 18:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-19 13:23 . 2011-02-19 13:23 -------- d-----w- c:\program files (x86)\Ask.com
2011-02-19 13:23 . 2011-02-19 13:23 -------- d-----w- c:\programdata\HideIPEasy
2011-02-19 13:00 . 2008-12-05 05:42 815104 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-02-19 13:00 . 2008-12-14 04:01 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2011-02-19 13:00 . 2008-12-05 05:46 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-02-19 13:00 . 2011-02-21 18:42 652794 ----a-w- c:\temp\xvid-win32.exe
2011-02-19 13:00 . 2006-01-17 21:25 -------- d-----w- C:\Temp
2011-02-19 12:01 . 2011-03-14 15:57 -------- d-----w- c:\programdata\FLEXnet
2011-02-19 11:51 . 2011-02-19 11:51 -------- d-----w- c:\programdata\Skype
2011-02-19 11:49 . 2006-01-17 18:58 -------- d-----w- c:\windows\system32\appmgmt
2011-02-19 11:35 . 2011-02-19 11:41 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-02-19 11:13 . 2011-02-19 11:13 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-02-19 11:09 . 2009-03-09 23:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-02-19 11:09 . 2009-03-09 23:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2011-02-19 11:09 . 2009-03-09 23:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-02-19 11:09 . 2009-03-09 23:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2011-02-19 11:09 . 2009-03-09 23:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-02-19 11:09 . 2009-03-09 23:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-02-19 11:08 . 2011-02-27 15:49 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2011-02-19 11:04 . 2011-02-27 15:51 -------- d-----w- c:\programdata\Autodesk
2011-02-19 03:50 . 2011-03-11 13:09 -------- d-----w- c:\users\soso
2011-02-19 03:49 . 2011-02-19 03:49 -------- d-----w- C:\Recovery
2011-02-19 03:16 . 2011-02-19 03:16 0 ----a-w- c:\windows\ativpsrm.bin
2011-02-19 03:12 . 2011-02-19 03:50 -------- d-----w- c:\windows\Panther
2011-02-18 21:49 . 2011-02-18 21:49 -------- d-----w- c:\windows\SysWow64\Macromed
2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- c:\program files (x86)\Conduit
2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- C:\extensions
2011-02-18 19:59 . 2011-02-18 19:59 -------- d-----w- c:\program files (x86)\uTorrent
2011-02-18 19:19 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-18 19:11 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-18 19:11 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-18 19:11 . 2011-01-13 08:41 490064 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-18 19:11 . 2011-01-13 08:42 125520 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-02-18 19:11 . 2011-01-13 08:41 250448 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-02-18 19:11 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-18 19:11 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-18 19:11 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-18 19:10 . 2010-09-07 15:24 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-02-18 19:10 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-18 19:10 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-18 19:10 . 2011-02-18 19:10 -------- d-----w- c:\programdata\Alwil Software
2011-02-18 19:10 . 2011-02-18 19:10 -------- d-----w- c:\program files\Alwil Software
2011-02-18 19:05 . 2011-02-03 01:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{600ACD07-82AA-4818-AE17-5AE21A18C9EA}\mpengine.dll
2011-02-18 19:05 . 2011-02-03 01:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-18 19:03 . 2011-02-18 19:03 -------- d-----w- c:\programdata\WinZip
2011-02-18 19:02 . 2006-01-17 21:36 -------- d-sh--w- c:\windows\Installer
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-05-03 09:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 20:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{416ae1cb-7257-484a-b912-aebc7fdad4ce}]
2011-01-14 09:00 134816 ----a-w- c:\program files (x86)\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 18:08 2393184 ----a-w- c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 20:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 06:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-18 396152]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Google Update"="c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-21 136176]
"Skype"="d:\skype\Phone\Skype.exe" [2011-01-03 16943496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-29 526336]
"QuickTime Task"="d:\archicad 12\QuickTime\QTTask.exe" [2007-10-20 286720]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2006-01-17 273544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - c:\program files (x86)\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Billeo.lnk - c:\program files (x86)\Billeo\billeo.exe [2011-2-15 1448272]
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2011-2-25 3768320]
ZiggyTV (Minimized).lnk - c:\program files (x86)\ZiggyTV\ZiggyTV.exe [2010-6-28 208384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-02-19 1436424]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 WkSvw32.exe;WIBU-KEY Server;c:\program files (x86)\WIBUKEY\Server\WkSvw32.exe [2008-06-26 577536]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-29 387072]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2011-01-13 119200]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2583156382-3155780529-2842962338-1000Core.job
- c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:58]
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2583156382-3155780529-2842962338-1000UA.job
- c:\users\soso\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:58]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-13 08:47 132584 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local;*.local
IE: E&xport to Microsoft Excel - d:\applic~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
WebBrowser-{E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Free 3GP Video Converter_is1 - d:\free 3gp video converter\unins000.exe
AddRemove-Xvid_is1 - d:\ (x86)\Xvid\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-18 11:17:43
ComboFix-quarantined-files.txt 2011-03-18 19:17
.
Pre-Run: 75,719,766,016 bytes free
Post-Run: 76,359,176,192 bytes free
.
- - End Of File - - BC696FFB9DDE95C0A54C43CBAABDB1E0


reponse SVP [édité]

Ce message a été modifié par Gof - 19 mars 2011 - 10:00 .

0

PUBLICITÉ

  • Annonces Google
Inscrivez-vous au forum gratuitement et profitez de nombreux avantages !

#2 L'utilisateur est hors-ligne   Tibonhomme 

  • Full Patch Member
  • Groupe : Membres
  • Messages : 1820
  • Inscrit(e) : 15-juin 09

Posté 18 mars 2011 - 08:57

Bonjour sofiane,
Bienvenue sur le forum

ComboFix est un outil de désinfection très puissant qu'il ne convient d'utiliser que sous le contrôle d'un helper confirmé. Ceci est clairement rappelé dans les instructions d'utilisation de cet outil :
Extrait tutoriel officiel ComboFix traduit par nickW :

Citation

Vous ne devez pas utiliser ComboFix sans qu'un assistant vous demande expressément de le faire. De plus, en raison de la puissance de cet outil, il vous est fortement conseillé de ne pas essayer de traiter les informations affichées par ComboFix sans l'aide de quelqu'un qui a suivi une formation adéquate. Si vous le faites quand même, seul, sachez qu'une mauvaise utilisation du programme pourrait entraîner des problèmes dans le fonctionnement normal de votre ordinateur.


Je constate du reste que tu ne l'a pas lancé depuis le bureau comme il est indispensable de le faire :

Citation

Running from: c:\users\soso\Downloads\ComboFix.exe

Ne refais pas une nouvelle analyse, s'il te plaît.

Au vu de ce rapport, je me demande bien du reste pour quelle raison tu en es venu à utiliser d'emblée ce programme et où il t'a été conseillé!

Ton rapport ne peut être analysé que dans la section Sécurité / Analyses et éradication malwares, l'inscription en tant que membre étant requise.

D'autre part efface ton adresse email de ton message. Pour cela, clique sur "Modifier" en-dessous de ton message pour pouvoir y apporter des correction.
Inscris-toi sur le forum.
Poste dans la section du forum que je t'ai indiquée.
Je constate que tu as installé aujourd'hui ZHPDiag, si tu as utilisé cet outil d'analyse, il serait bon d'en poster le rapport également.

Bonne continuation
:)

Ce message a été modifié par Tibonhomme - 18 mars 2011 - 09:10 .

0
Page 1 sur 1

Réponse rapide

  

Similar Topics
  Sujet Commencé par Statistiques Infos sur le dernier message
Sujet ouvert (nouvelles réponses) SOS rapport Combofix please !
Sérieuse suspicion de contamination 		Ecucu 
  • 3 réponses
  • 151 vues
Sujet ouvert (nouvelles réponses) Analyse rapport ComboFix mimi6515 
  • 12 réponses
  • 419 vues
Sujet ouvert (nouvelles réponses) Problème carte graphique après analyse Combofix gagnons40 
  • 9 réponses
  • 366 vues
Sujet ouvert (nouvelles réponses) [Résolu] System 32 + problème ComboFix
Problème de virus récurrent 		hypermusics 
  • 4 réponses
  • 235 vues
Sujet ouvert (nouvelles réponses) Combofix majestic71 
  • 1 réponses
  • 165 vues
Sujet ouvert (nouvelles réponses) Analyse du rapport ComboFix fabou 
  • 0 réponses
  • 163 vues
Sujet ouvert (nouvelles réponses) Problèmes après Combofix Telchar 
  • 5 réponses
  • 345 vues
Sujet ouvert (nouvelles réponses) Analyse de rapport Combofix dans le sud 
  • 0 réponses
  • 222 vues
Sujet ouvert (nouvelles réponses) Rapport ComboFix [Bloqué] Rapport trop gros
Merci de regarder ça ! 		yvanox 
  • 0 réponses
  • 145 vues
Sujet chaud (nouvelles réponses) [Résolu] HijackThis à analyser
Problème 		surffailija1 
  • 20 réponses
  • 540 vues

1 utilisateur(s) en train de lire ce sujet
0 membre(s), 1 invité(s), 0 utilisateur(s) anonyme(s)



    Page officielle Zebulon.fr