samia

bravo pear ca ne plante plus . ok je vais tester un par un . une grand merci probleme resolu

NB Le Test antivirus n'a rien donné comme infection en effet avant d'installer kaspersy j'avais eset nod32 ( derniere version et à jour) que j'ai desinstallet et puis j'ai installer avast pro ( de meme derniere version et bases des virus à jour en suite j'ai desinstaller etr j'ai installer par la suite Kaspersky et tous n'on donné aucun signe d'infection en trotre j'ai effectué des scans on line et des scans avec des spywares ( notamment spybot , adware, et loaris trojan remover) quelques spywares etait present et et par la suite supprimé MAIS le probleme persiste toujour . peut etre je n'ai pas decris mon probleme au debut . c'est que lorsque je selectionne n'importe quel fichier avec le bouton droit de la souris ( pour copier ou renommer ou supprimer ....) le bureau disparait pour quelques seconde et puis reapparait !!!!!!! peutr etre c'est pas un virus mais un dysfonctionnement de windows!!!!! je me demande es ce que le formatage peut resoudre le probleme.

Salut voici le 2 eme rapport ComboFix 09-05-22.05 - samirk 26/05/2009 10:19.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1631 [GMT 1:00] Lancé depuis: c:\documents and settings\samirk.STIVEL\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\samirk.STIVEL\Bureau\CFScript.txt AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: c:\windows\iun6002ev.exe c:\windows\system32\perfc00C.dat c:\windows\system32\perfh00C.dat c:\windows\system32\sysprs7.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\iun6002ev.exe c:\windows\system32\perfc00C.dat c:\windows\system32\perfh00C.dat c:\windows\system32\sysprs7.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-26 au 2009-05-26 )))))))))))))))))))))))))))))))))))) . 2009-05-25 09:08 . 2009-05-25 09:08 -------- d-----w c:\program files\Windows Doctor 2009-05-23 07:29 . 2009-05-23 07:29 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-22 16:17 . 2009-05-22 16:22 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-05-22 16:17 . 2009-05-23 07:36 -------- d-----w c:\documents and settings\All Users\Application Data\Avira 2009-05-22 16:04 . 2009-05-22 16:04 -------- d-----w c:\documents and settings\samirk\Application Data\URSoft 2009-05-22 15:34 . 2009-05-22 15:42 -------- d-----w c:\program files\Loaris Trojan Remover 2009-05-22 14:24 . 2009-05-26 09:18 -------- d-s---w c:\windows\Cookies 2009-05-22 14:06 . 2009-05-22 14:06 -------- d-----w C:\Nouveau dossier 2009-05-22 14:06 . 2009-05-22 14:06 -------- d-----w C:\rr 2009-05-22 14:04 . 2009-05-22 14:04 -------- d-----w c:\program files\ExtractNow 2009-05-22 09:34 . 2009-05-22 09:34 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\GHISLER 2009-05-21 08:58 . 2009-05-21 08:58 -------- d-----w c:\documents and settings\samirk\Application Data\Malwarebytes 2009-05-21 08:53 . 2009-05-21 08:53 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Malwarebytes 2009-05-21 08:53 . 2009-04-06 14:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-21 08:53 . 2009-04-06 14:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-21 08:53 . 2009-05-21 08:53 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-21 07:10 . 2009-05-22 16:14 -------- d-----w c:\program files\Alwil Software 2009-05-20 16:39 . 2009-05-20 16:39 -------- d-----w c:\documents and settings\samirk\Application Data\TuneUp Software 2009-05-20 16:01 . 2009-05-20 16:01 -------- d-----w c:\program files\GeCAD 2009-05-20 16:00 . 2009-05-20 16:00 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-05-20 07:53 . 2009-05-20 07:53 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\ESET 2009-05-20 07:39 . 2009-05-20 07:39 -------- d-----w C:\Update 2009-05-20 07:26 . 2009-05-20 07:28 -------- d-----w C:\nod_upd 2009-05-20 07:24 . 2009-05-20 07:24 -------- d-----w c:\documents and settings\All Users\Application Data\ESET 2009-05-19 16:25 . 2009-05-19 16:25 -------- d-----w c:\windows\system32\Kaspersky Lab 2009-05-19 16:04 . 2009-05-19 16:07 -------- d---a-w C:\PayCav_apres Rappel 2009-05-19 16:02 . 2009-05-19 16:14 -------- d---a-w C:\PayCav au 14 05 2009_4mois 2009-05-18 15:23 . 2009-05-18 15:24 87715404 ----a-w C:\Backup_16-23-54_18-5-2009.reg 2009-05-18 15:23 . 2009-05-18 15:23 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\10000006800002i\regedit.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\400000c300002i\USBGuard.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\4000007c00002i\pccntmon.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\1000000b00002i\RUNDLL32.EXE 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\400000600002i\ctfmon.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\4000002a200002i\IDMan.exe 2009-05-18 15:19 . 2009-05-18 15:19 -------- d-----w c:\documents and settings\Administrateur\Application Data\Pointstone 2009-05-18 15:03 . 2009-05-18 15:03 -------- d-----w c:\documents and settings\Administrateur\Application Data\TuneUp Software 2009-05-18 14:56 . 2009-05-18 15:25 -------- d-----w c:\documents and settings\Administrateur\Application Data\Thinstall 2009-05-18 14:56 . 2009-05-18 14:56 7680 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Advanced Registry Doctor\400000f00002i\RegManServ.exe 2009-05-18 14:51 . 2009-05-18 15:11 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Adobe 2009-05-16 10:23 . 2009-05-16 11:06 -------- d-----w c:\program files\DAEMON Tools Pro 2009-05-15 09:32 . 2009-05-15 09:32 -------- d-----w c:\windows\system32\vmm32 2009-05-15 09:21 . 2009-05-22 14:31 -------- d-----w C:\coran_hafs 2009-05-15 09:20 . 2009-05-15 09:20 282624 ----a-r c:\windows\Setup1.exe 2009-05-15 09:20 . 2009-05-15 09:20 73216 ----a-w c:\windows\ST6UNST.EXE 2009-05-13 10:06 . 2009-05-13 10:06 198064 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc2\components\idmmzcc.dll 2009-05-12 13:36 . 2008-04-13 18:33 1384479 ----a-w c:\windows\system32\msvbvm60.dll 2009-05-12 13:36 . 2001-04-09 11:37 416304 ----a-w c:\windows\system32\Mpg4c32.dll 2009-05-12 13:36 . 1999-06-01 01:00 101888 ----a-w c:\windows\system32\VB6STKIT.DLL 2009-05-12 13:36 . 1998-06-18 01:00 77824 ----a-w c:\windows\system32\MSBIND.DLL 2009-05-12 13:36 . 1998-04-27 00:00 570128 ----a-w c:\windows\system32\DAO350.DLL 2009-05-12 08:35 . 2009-05-12 08:35 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\PCHealth 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\300000005700002h\WINWORD.EXE 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\30000000d900002h\DW20.EXE 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\300000002ca00002h\OffDiag.exe 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\1000000b00002h\verclsid.exe 2009-05-07 07:18 . 2009-05-07 07:18 198064 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc2\components\idmmzcc.dll 2009-05-06 09:35 . 2009-05-06 09:35 -------- d-----w c:\documents and settings\LocalService\Bureau 2009-05-06 09:16 . 2009-05-06 09:28 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-05-06 08:30 . 2009-05-23 07:30 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-06 08:30 . 2009-05-23 07:30 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-06 08:10 . 2009-05-22 16:06 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-05-06 08:10 . 2009-01-18 21:43 2892112 -c--a-w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe 2009-05-06 08:10 . 2009-05-22 16:06 -------- d-----w c:\program files\Lavasoft 2009-05-06 08:10 . 2009-05-22 16:06 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2009-05-06 08:04 . 2009-05-06 08:04 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-05-06 08:04 . 2009-05-14 10:01 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\SUPERAntiSpyware.com 2009-05-06 08:04 . 2009-05-14 10:01 -------- d-----w c:\program files\SUPERAntiSpyware 2009-05-06 07:32 . 2009-05-12 08:33 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall 2009-05-06 07:26 . 2001-08-17 21:07 30688 -c--a-w c:\windows\system32\dllcache\sym_u3.sys 2009-05-06 07:25 . 2001-08-23 16:47 121344 -c--a-w c:\windows\system32\dllcache\phvfwext.dll 2009-05-06 07:24 . 2001-08-23 16:00 16384 -c--a-w c:\windows\system32\dllcache\lit220p.sys 2009-05-06 07:23 . 2008-04-13 17:59 28544 -c--a-w c:\windows\system32\dllcache\grserial.sys 2009-05-06 07:22 . 2008-04-13 10:36 10240 -c--a-w c:\windows\system32\dllcache\compbatt.sys 2009-05-06 07:21 . 2001-08-23 16:46 98304 -c--a-w c:\windows\system32\dllcache\a3d.dll 2009-05-06 07:21 . 2001-08-23 16:46 462848 -c--a-w c:\windows\system32\dllcache\a3dapi.dll 2009-05-06 07:21 . 2001-08-23 16:46 38400 -c--a-w c:\windows\system32\dllcache\8514a.dll 2009-05-06 07:21 . 2008-04-13 10:46 48128 -c--a-w c:\windows\system32\dllcache\61883.sys 2009-05-06 07:21 . 2008-04-13 10:40 12288 -c--a-w c:\windows\system32\dllcache\4mmdat.sys 2009-05-06 07:21 . 2001-08-17 19:48 148352 -c--a-w c:\windows\system32\dllcache\3dfxvsm.sys 2009-05-06 07:21 . 2001-08-23 16:46 689216 -c--a-w c:\windows\system32\dllcache\3dfxvs.dll 2009-05-06 07:21 . 2001-08-17 21:06 11264 -c--a-w c:\windows\system32\dllcache\1394vdbg.sys 2009-05-06 07:21 . 2001-08-17 20:28 762780 -c--a-w c:\windows\system32\dllcache\3cwmcru.sys 2009-05-06 07:21 . 2008-04-13 10:46 53376 -c--a-w c:\windows\system32\dllcache\1394bus.sys 2009-05-06 07:21 . 2001-08-23 16:46 66048 -c--a-w c:\windows\system32\dllcache\s3legacy.dll 2009-05-05 14:54 . 2009-05-05 14:54 -------- d-----w C:\fsaua.data 2009-05-05 14:45 . 2009-05-05 14:49 -------- d-----w c:\windows\BDOSCAN8 2009-05-05 07:57 . 2009-05-05 07:57 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\dvdcss 2009-04-30 15:31 . 2009-04-30 15:31 -------- d-----w c:\program files\Jufsoft 2009-04-30 15:02 . 2009-04-30 15:08 -------- d-----w C:\temp_dvd 2009-04-30 15:00 . 2009-05-22 13:57 -------- d-----w c:\program files\Dvd-cloner 2009-04-30 14:20 . 2009-04-30 14:20 1025 ----a-w c:\windows\system32\clauth2.dll 2009-04-30 14:20 . 2009-04-30 14:20 1025 ----a-w c:\windows\system32\clauth1.dll 2009-04-30 14:13 . 2009-05-22 14:01 -------- d-----w c:\program files\Stellar Phoenix CDROM 2009-04-30 07:55 . 2009-04-30 07:55 -------- d-----w c:\program files\Netscape 2009-04-29 15:13 . 2009-04-29 15:13 -------- d-----w c:\program files\Team6 game studios 2009-04-27 15:41 . 2009-04-27 15:41 -------- d-----w c:\documents and settings\Administrateur\Application Data\vlc 2009-04-27 14:47 . 2009-04-27 14:47 198064 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2009-04-27 13:22 . 2009-04-27 13:22 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\K-Meleon 2009-04-27 09:38 . 2009-04-27 09:38 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Free&Easy Font Viewer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-26 09:24 . 2009-03-12 09:00 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\DMCache 2009-05-26 09:24 . 2009-05-23 07:31 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-26 09:24 . 2009-05-23 07:31 450592 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-05-26 09:23 . 2009-05-23 07:31 3668 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-05-26 09:21 . 2009-05-23 07:31 5723680 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-26 09:21 . 2009-05-23 07:31 47892 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-26 09:21 . 2009-03-12 14:59 12 ----a-w c:\windows\bthservsdp.dat 2009-05-23 09:31 . 2009-05-23 09:31 32784 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-05-23 09:31 . 2009-05-23 09:31 227344 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-05-23 09:31 . 2009-05-23 09:31 206088 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-05-23 09:31 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-05-23 09:31 . 2009-05-23 07:32 94643 ----a-w c:\windows\system32\drivers\klick.dat 2009-05-23 09:31 . 2009-05-23 07:32 105395 ----a-w c:\windows\system32\drivers\klin.dat 2009-05-23 09:31 . 2009-05-23 09:31 33808 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-05-23 09:31 . 2009-05-23 09:31 206088 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-05-23 09:31 . 2009-05-23 09:31 226832 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-05-23 07:31 . 2009-05-23 07:31 -------- d-----w c:\program files\Kaspersky Lab 2009-05-23 07:26 . 2009-03-10 07:48 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-05-22 16:08 . 2009-03-06 10:45 -------- d-----w c:\program files\Windows Live Toolbar 2009-05-22 14:01 . 2009-04-21 14:00 -------- d-----w c:\program files\AVS4YOU 2009-05-22 14:00 . 2009-04-21 14:01 -------- d-----w c:\program files\Fichiers communs\AVSMedia 2009-05-22 13:55 . 2009-03-05 16:34 -------- d-----w c:\program files\Windows Live Safety Center 2009-05-20 16:41 . 2009-03-05 14:19 294712 ----a-w c:\documents and settings\samirk\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-18 22:53 . 2009-03-06 07:13 294712 ----a-w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-18 15:19 . 2009-04-03 16:36 -------- d-----w c:\program files\Quick All Audio Converter 2009-05-18 15:19 . 2009-03-24 08:43 -------- d-----w c:\documents and settings\Administrateur\Application Data\DMCache 2009-05-16 11:08 . 2009-04-11 10:08 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\DAEMON Tools Pro 2009-05-15 09:28 . 2009-03-05 14:21 -------- d-----w c:\program files\Dell 2009-05-13 10:06 . 2009-03-24 08:43 -------- d-----w c:\documents and settings\Administrateur\Application Data\IDM 2009-05-12 10:06 . 2009-04-23 09:51 -------- d-----w c:\program files\MP3Gain 2009-05-07 07:18 . 2009-03-12 09:00 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\IDM 2009-05-07 07:17 . 2009-03-12 09:00 -------- d-----w c:\program files\Internet Download Manager 2009-04-29 08:40 . 2009-04-06 14:32 -------- d-----w c:\documents and settings\All Users\Application Data\Zoom Player 2009-04-27 15:17 . 2009-03-24 08:23 294712 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-23 10:39 . 2009-04-23 10:39 3638 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_FDE18872031EE8CFD4C89D.exe 2009-04-23 10:39 . 2009-04-23 10:39 3638 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_0DBEBCF4C2B181CB2B790E.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_6C6C936355173F1060FEC5.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_6851E577FA3CA88382D859.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_49BCC77850695432D62368.exe 2009-04-23 10:39 . 2009-04-23 10:39 -------- d-----w c:\program files\Teorex 2009-04-21 14:46 . 2009-04-04 08:55 165232 ---ha-w c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll 2009-04-21 14:03 . 2009-04-21 14:03 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\AVS4YOU 2009-04-21 14:03 . 2009-04-21 14:03 -------- d-----w c:\documents and settings\All Users\Application Data\AVS4YOU 2009-04-21 13:44 . 2009-04-21 13:44 -------- d-----w c:\program files\Allok 3GP PSP MP4 iPod Video Converter 2009-04-21 13:31 . 2009-04-21 10:03 -------- d-----w c:\program files\YASAVOB2MP4 2009-04-21 13:25 . 2009-04-21 09:59 -------- d-----w c:\program files\NCH Swift Sound 2009-04-21 13:24 . 2009-04-21 10:01 -------- d-----w c:\program files\NO1 Video Converter 2009-04-21 10:54 . 2009-04-21 10:54 -------- d-----w c:\program files\Sagasoft 2009-04-20 13:07 . 2009-04-20 07:18 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Skype 2009-04-20 07:17 . 2009-04-20 07:17 -------- d-----r c:\program files\Skype 2009-04-20 07:17 . 2009-04-20 07:17 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-04-13 16:17 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\PC Suite 2009-04-13 16:16 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Nokia 2009-04-13 16:15 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\Fichiers communs\PCSuite 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\Fichiers communs\Nokia 2009-04-13 16:12 . 2009-04-13 16:11 -------- d-----w c:\program files\Nokia 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\DIFX 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\PC Connectivity Solution 2009-04-13 16:10 . 2009-04-13 16:10 8192 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe 2009-04-13 16:10 . 2009-04-13 16:10 61440 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2009-04-13 16:10 . 2009-04-13 16:10 10240 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe 2009-04-13 16:10 . 2009-04-13 16:10 -------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-04-13 15:56 . 2009-04-13 15:56 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-04-13 15:56 . 2009-04-13 15:56 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-04-13 08:05 . 2009-03-05 14:25 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-11 10:10 . 2009-04-11 10:10 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro 2009-04-11 10:08 . 2009-04-11 09:37 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-04-10 07:24 . 2009-04-10 07:24 410984 ----a-w c:\windows\system32\deploytk.dll 2009-04-10 07:24 . 2009-04-10 07:24 -------- d-----w c:\program files\Java 2009-04-10 07:24 . 2009-04-10 07:24 152576 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-10 07:12 . 2009-04-10 07:12 198064 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2009-04-10 07:11 . 2009-04-10 07:11 2813608 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmupdt.exe 2009-04-06 14:19 . 2009-04-06 14:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\vlc 2009-04-06 14:14 . 2009-04-06 14:14 -------- d-----w c:\program files\VideoLAN 2009-04-06 09:32 . 2009-04-06 09:32 -------- d-----w c:\program files\Fichiers communs\xing shared 2009-04-06 09:32 . 2009-03-12 10:22 -------- d-----w c:\program files\Fichiers communs\Real 2009-04-06 09:31 . 2009-03-10 09:09 499712 ----a-w c:\windows\system32\msvcp71.dll 2009-04-06 09:29 . 2009-04-06 09:29 -------- d-----w c:\program files\Real 2009-04-06 09:00 . 2009-04-06 09:00 -------- d-----w c:\program files\Unlocker 2009-04-04 11:01 . 2009-04-04 10:58 -------- d-----w c:\program files\K-Lite Codec Pack 2009-04-04 08:51 . 2009-04-04 08:51 -------- d-----w c:\program files\Microsoft Virtual PC 2009-04-03 16:48 . 2009-04-03 16:48 -------- d-----w c:\program files\LitexMedia 2009-04-01 13:39 . 2009-04-01 13:37 -------- d-----w c:\program files\RM to MP3 Converter 2009-04-01 09:25 . 2009-03-31 16:11 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Nero 2009-03-31 16:10 . 2009-03-31 15:43 -------- d-----w c:\program files\Fichiers communs\Nero 2009-03-31 15:57 . 2009-03-31 15:43 -------- d-----w c:\program files\Nero 2009-03-31 15:55 . 2009-03-31 15:55 -------- d-----w c:\program files\Windows Sidebar 2009-03-31 15:50 . 2009-03-31 15:43 -------- d-----w c:\documents and settings\All Users\Application Data\Nero 2009-03-31 07:33 . 2009-03-18 10:24 -------- d-----w c:\program files\Acro Software 2009-03-31 07:32 . 2009-03-25 08:00 -------- d-----w c:\program files\Teleport Pro 2009-03-26 15:35 . 2009-01-22 14:39 210352 ----a-w c:\windows\system32\idmmbc.dll 2009-03-24 08:43 . 2009-03-24 08:43 181680 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc02\components\idmmzcc.dll 2009-03-12 10:22 . 2009-03-10 09:09 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-03-12 09:03 . 2009-03-12 09:03 181680 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc02\components\idmmzcc.dll 2009-03-10 09:21 . 2009-03-10 09:21 136 ----a-w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\fusioncache.dat 2009-03-10 08:20 . 2009-03-10 08:20 603904 ----a-w c:\windows\system32\TUProgSt.exe 2009-03-10 08:20 . 2009-03-10 08:20 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe 2009-03-07 08:46 . 2009-03-07 08:46 45056 ----a-w c:\windows\NCUNINST.EXE 2009-03-06 10:28 . 2009-03-05 14:06 86327 ----a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-01-23 2745776] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 798720] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-23 206088] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-16 7323648] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-04-06 198160] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Gestion du client de Pare-feu Microsoft.lnk - c:\windows\Installer\{199B7F78-69B7-47C5-8D4B-A3ED1391FB6B}\NewShortcut1_8C7A59A89ABE459A9A9308C281A4A264.exe [2009-3-5 53248] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R2 FwcAgent;Agent du client de pare-feu;c:\program files\Microsoft Firewall Client 2004\FwcAgent.exe [18/01/2006 00:48 124176] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [10/03/2009 09:20 603904] R3 euccicr;CryptoIdentity CCID Virtual Reader;c:\windows\system32\drivers\euccicr-x86.sys [07/06/2006 15:34 43776] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21/05/2009 09:53 15504] S2 MBAMService;MBAMService; [x] S3 euccic;CryptoIdentity CCID;c:\windows\system32\drivers\euccic-x86.sys [07/06/2006 14:20 57088] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2009-05-26 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://www.microsoft.com mWindow Title = Microsoft Internet Explorer uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = STIVEL-ISA:8080 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm LSP: c:\windows\system32\idmmbc.dll LSP: c:\program files\Microsoft Firewall Client 2004\FwcWsp.dll DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - c:\documents and settings\samirk.STIVEL\Application Data\Mozilla\Firefox\Profiles\gulor49c.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - arab stars Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.ftp - STIVEL-ISA FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - STIVEL-ISA FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - STIVEL-ISA FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - STIVEL-ISA FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - STIVEL-ISA FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 1 FF - component: c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc3\components\idmmzcc.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 FF - user.js: content.max.tokenizing.time - 1500000 FF - user.js: content.notify.interval - 750000 FF - user.js: nglayout.initialpaint.delay - 100 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-26 10:24 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):7b,51,b8,4b,79,e3,01,9e,33,e9,bb,00,c2,24,ae,ab,4a,c4,9e,c7,2a, b9,fa,cb,91,0e,cb,bd,b7,74,6d,75,3d,52,cc,84,20,e8,5c,6d,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{c9ff52d4-cf35-411d-8cf8-75ae48d54261}] @Denied: (Full) (Everyone) "Model"=dword:0000007d "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,d3,ab,20,e1,a9,85,6b,6e,8d,32,46,8f,51,12,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1304) c:\windows\system32\idmmbc.dll - - - - - - - > 'explorer.exe'(2316) c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\program files\Microsoft Virtual PC\VPCShExH.DLL c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\scardsvr.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\program files\Microsoft Firewall Client 2004\FwcMgmt.exe . ************************************************************************** . Heure de fin: 2009-05-26 10:26 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-26 09:26 ComboFix2.txt 2009-05-25 07:46 ComboFix3.txt 2009-05-23 09:45 Avant-CF: 115 130 933 248 octets libres Après-CF: 115 119 505 408 octets libres Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 364 --- E O F --- 2009-03-07 07:18

bonjour Merci de s'occuper de moi je m'excuse de ce retard ( beaucoup d'obligation qui m'empeche de se connecter) bref j'ai tester le virus et en voici le resultat Srpski | Македонски | العربية | Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... Fichier 573d4ad4104dbfedb34d0847d3909b00fe17ccc5.DLL reçu le 2009.05.10 02:12:39 (UTC) Situation actuelle: terminé Résultat: 0/38 (0.00%) Formaté Impression des résultats Antivirus Version Dernière mise à jour Résultat AhnLab-V3 5.0.0.2 2009.05.09 - AntiVir 7.9.0.166 2009.05.08 - Antiy-AVL 2.0.3.1 2009.05.08 - Authentium 5.1.2.4 2009.05.09 - Avast 4.8.1335.0 2009.05.09 - AVG 8.5.0.327 2009.05.09 - BitDefender 7.2 2009.05.10 - CAT-QuickHeal 10.00 2009.05.09 - ClamAV 0.94.1 2009.05.09 - Comodo 1156 2009.05.08 - DrWeb 5.0.0.12182 2009.05.09 - eSafe 7.0.17.0 2009.05.07 - eTrust-Vet 31.6.6497 2009.05.08 - F-Prot 4.4.4.56 2009.05.09 - F-Secure 8.0.14470.0 2009.05.09 - Fortinet 3.117.0.0 2009.05.09 - GData 19 2009.05.10 - Ikarus T3.1.1.49.0 2009.05.10 - K7AntiVirus 7.10.729 2009.05.08 - Kaspersky 7.0.0.125 2009.05.10 - McAfee 5610 2009.05.09 - McAfee+Artemis 5610 2009.05.09 - McAfee-GW-Edition 6.7.6 2009.05.09 - Microsoft 1.4602 2009.05.09 - NOD32 4063 2009.05.08 - Norman 2009.05.08 - nProtect 2009.1.8.0 2009.05.10 - Panda 10.0.0.14 2009.05.09 - PCTools 4.4.2.0 2009.05.07 - Rising 21.28.52.00 2009.05.09 - Sophos 4.41.0 2009.05.09 - Sunbelt 3.2.1858.2 2009.05.09 - Symantec 1.4.4.12 2009.05.10 - TheHacker 6.3.4.1.324 2009.05.09 - TrendMicro 8.950.0.1092 2009.05.08 - VBA32 3.12.10.4 2009.05.09 - ViRobot 2009.5.9.1727 2009.05.09 - VirusBuster 4.6.5.0 2009.05.09 - Information additionnelle File size: 570128 bytes MD5 : 8888bdbd4e118d915d40a11748282bca SHA1 : 4e8822d2242d175cc3d708843e2cd71b7ee7033d SHA256: a4b20735be317a924d2e36707baaf911fbae890ca53c5044fb506f15d33bcb6d PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x9F74 timedatestamp.....: 0x352B9ADF (Wed Apr 8 17:42:23 1998) machinetype.......: 0x14C (Intel I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x727AA 0x72800 6.29 ce8ffcf6b725759cf270466c9c0aa8c2 .data 0x74000 0x17C4 0x1200 4.98 e0b0bd60ab61d4595ea1a3ad75d78b01 .rsrc 0x76000 0x11F54 0x12000 5.08 f314ff2b6ab749e32f1b9072f2a3c924 .reloc 0x88000 0x50E8 0x5200 6.62 c1ba15e534aa07f64d73fb54f7685d57 ( 0 imports ) ( 0 exports ) TrID : File type identification DirectShow filter (55.9%) Windows OCX File (34.2%) Windows Screen Saver (3.6%) Win32 Executable Generic (2.3%) Win32 Dynamic Link Library (generic) (2.1%) ssdeep: 6144:lO4zReIcAtVXrPsS3Syvqe4v2QeD8yCaDSCwBwAlvz6Bm2hf9QdHHtMMeOh4J7Wu:lO4zRe7AvB iyvqe4pe7wHlv1tO7VYFk PEiD : - RDS : NSRL Reference Data Set ( Pyro Studios ) Praetorians: DAO350.DLL ( Softway Development Associates ) Fast Schedule D Generator: dao350.dll ( DeLorme corporation ) DeLorme Earthmate GPS BT-20: DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571Street Atlas 2007 Plus USA: DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571 ( Roxio Inc. ) Easy CD & DVD Creator: F89780_dao350.dll.8C6AE422_15AF_4367_B96F_951894DE1492Easy CD & DVD Creator: F89780_dao350.dll.8C6AE422_15AF_4367_B96F_951894DE1492 ( National Instruments ) Device Driver Reference CD: F191_dao350.dll.049922EA_37E5_11D4_89F6_0060082AF92D ( Next Step Publishing ) Desktop Security: DAO350.DLLNetwork Tools: DAO350.DLL ( Symantec ) Internet Security 2001: DAO350.DLLNorton Antivirus: DAO350.DLLNorton SystemWork 2006: Dao350.dll.02D9DBC1_9A48_4505_8F4B_5ECCEF8DABA4Norton SystemWorks 2002: DAO350.DLLNorton SystemWorks 2005: Dao350.dll.02D9DBC1_9A48_4505_8F4B_5ECCEF8DABA4Norton SystemWorks 2006 Premier: Dao350.dll.02D9DBC1_9A48_4505_8F4B_5ECCEF8DABA4Norton SystemWorks Basic Edition: Dao350.dllNorton Utilities: DAO350.DLLpcAnywhere: DAO350.DLLPersonal Firewall 2001: DAO350.DLLSystem Works: DAO350.DLL ( Rational Software Corp. ) Rational Solutions for Windows: dao350.dll ( Unknown ) Miscellaneous Software: DAO350.DLL, dao350.dll ( Sony ) Complete the Picture: DAO350.DLL ( Corel Corporation ) Corel Ventura: Dao350.dllDRAW: F5448_dao350.dllPhoto-Paint: F5448_dao350.dll ( NIST ) NIST Standard Reference Database 79 Quantitative Infrared Database: DAO350.DLLNIST Standard Reference Database 85 NIST/TRC Table Database Win Table, Version 2004: DAO350.DLL ( Bytesize CD-ROM Inc. ) PC Maintenance: dao350.dll ( Topics Entertainment ) Instant Landscaping: DAO350.DLLInstant Play Piano: DAO350.DLLPlay Guitar v2.0: DAO350.DLL, DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571Play Piano Deluxe v2.0: DAO350.DLL, DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571 ( PhotoWorks ) PhotoWorks: F9312_dao350.dll.0257F0D9_3BC0_4B4E_8ADC_A89D3015690A ( Computer Associates ) eTrust Antivirus: DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571eTrust Intrusuin Detection Workgroup Edition: DAO350.DLL.68BBD8D9_1C63_4580_B4DB_9E6927F50571eTrust Secure Content Manager: Dao350.dll ( ZG Financial Corp ) Hard Drives & Subsystems: dao350.dll ( Encore Software Inc. ) Middle School Advantage 2007: DAO350.DLL ( Shareware ) Chinese Dictionary: DAO350.DLL ( Cosmi Corporation ) Bible: dao350.dllThe Deluxe Multimedia Bible: dao350.dll ( Microsoft ) Developer Tools, Servers: DAO350.DLLDeveloper Tools, Servers: DAO350.DLLDeveloper Tools, Servers: DAO350.DLLDisc 2435.4: DAO350.DLLExchange 2000 Enterprise Server: DAO350.DLLExchange 2000 Enterprise Server: DAO350.DLLMastering Microsoft Access 2000 Programming: DAO350.DLLMastering Visual Basic 6 Fundamentals: DAO350.DLLMicrosoft Visual Basic 6.0 Learning Edition: DAO350.DLLMicrosoft Visual C++ 6.0: DAO350.DLLMSDN BizTalk Server 2004 beta, BizTalk server 2002 dev. ed., MS content mgmt server, eMbedded visual C++ 4.0 with SP2, Exchange server 2000, SMS 2003: DAO350.DLLMSDN Development Platform Disc1: dao350.dllMSDN Development Platform Disc 1: DAO350.DLLMSDN Development Platform Disc 2: dao350.dllMSDN Development Platform Disc1: dao350.dllMSDN Development Platform Disc1: DAO350.DLLMSDN Development Platform Disc1: dao350.dllMSDN Development Platform Supplemental: DAO350.DLLMSDN Disc 0003: DAO350.DLLMSDN Disc 0526: DAO350.DLLMSDN Disc 0601: DAO350.DLLMSDN Disc 0727: DAO350.DLLMSDN Disc 0727.1: DAO350.DLLMSDN Disc 0727.2: DAO350.DLLMSDN Disc 0727.3: DAO350.DLLMSDN Disc 0727.4: DAO350.DLLMSDN Disc 0727.5: DAO350.DLLMSDN Disc 2361: DAO350.DLLMSDN Disc 2426.9: dao350.dllMSDN Disc 2435: DAO350.DLLMSDN Disc 2435.1: DAO350.DLLMSDN Disc 2435.2: DAO350.DLLMSDN Disc 2435.3: DAO350.DLLMSDN Disc 2435.5: DAO350.DLLMSDN Disc 2537.2: DAO350.DLLMSDN Disc 2537.3: DAO350.DLLMSDN Disc 2537.4: DAO350.DLLMSDN Disc 2537.5: DAO350.DLLMSDN Disc MSDN Index Oct 2000 IE Versions Platform SDK July 2000 Edition: DAO350.DLLMSDN Disc0003: DAO350.DLLMSDN Disc2357: DAO350.DLLMSDN MS .NET framework 1.1 SDK, App. Center 2000 dev. ed., Commerce server 2002 dev. ed., Data Analyzer 3.5, Host Integration server 2000: DAO350.DLLMSDN MS Business Solutions Small Bus. Manager 7.5, Great Plains 7.5, Solomon 5.5, FRx Financial Reporter 6.5 for Great Plains and Forecaster 6.5: DAO350.DLLMSDN Platform Archive Disc2: DAO350.DLLPlatforms, Servers, Applications: DAO350.DLLSDKs and Tools: DAO350.DLLVisual Basic: dao350.dllVisual Basic 6.0 Prof. Edition Upgrade: dao350.dllVisual Basic Professional Edition: dao350.dllVisual J++ 6.0: DAO350.DLLVisual Studio 6.0 Enterprisr Edition: DAO350.DLLVisual Studio Enterprise Edition: DAO350.DLLVisual Studio Enterprise Edition: DAO350.DLLWindow NT Terminal Server Editon: DAO350.DLLWindows DDks: DAO350.DLL ( Autodesk ) Autodesk Land Desktop: Dao350.dll.D4C8ADA7_16CE_11D4_95D6_0010B541D591Autodesk Map: Dao350.dll.D4C8ADA7_16CE_11D4_95D6_0010B541D591, dao350.dllAutodesk Mechanical Desktop: dao350.dll ( RonsWare ) Ulitimate Golf Scorecard: DAO350.DLL ( Rational Software Corporation ) Rational Software 98i Professional Edition Service Pack 1: dao350.dll ( TradeTouch.com inc. ) Car Hacker and Care Tools 2003: dao350.dllDigital Camera Photography: DAO350.DLLHard drive Tools 2003: dao350.dllPC Diagnostics & Repair Tools 2003: DAO350.DLLWindows XP/NT Tools for Administrators: DAO350.DLL ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares. VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy

pas normal 90 vues et aucune reponse?

Bonjour a tous je suis nouveau dans votre forum qui m'a ete recomande par le site ou j'ai telecharger combofix bref mon probleme est depuis quelques jours lorsque je clique sur n'importe quel fichier avec le bouton droit ( pour copier ou deplacer , supprimer etc..) le bureau disparait pendant quelques seconde et reapparait ensuite . j'ai testé plusieurs utilitaires ( spywares, antivirus .. ) mais en vaim le dernier que j'ai test est combofix . il m'a generer un rapport que je joint avec le post. mais apparement le probleme existe encore svp aidez ec ce que c'est un virus inconnu ou ?????? rapport de combofix ComboFix 09-05-22.05 - samirk 23/05/2009 10:38.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1572 [GMT 1:00] Lancé depuis: c:\documents and settings\samirk.STIVEL\Bureau\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\IE4 Error Log.txt c:\windows\p.exe c:\windows\system32\lsprst7.dll c:\windows\system32\ssprs.dll D:\resycled J:\resycled . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-23 au 2009-05-23 )))))))))))))))))))))))))))))))))))) . 2009-05-23 07:29 . 2009-05-23 07:29 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-22 16:17 . 2009-05-22 16:22 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-05-22 16:17 . 2009-05-23 07:36 -------- d-----w c:\documents and settings\All Users\Application Data\Avira 2009-05-22 16:04 . 2009-05-22 16:04 -------- d-----w c:\documents and settings\samirk\Application Data\URSoft 2009-05-22 15:34 . 2009-05-22 15:42 -------- d-----w c:\program files\Loaris Trojan Remover 2009-05-22 14:24 . 2009-05-23 09:27 -------- d-s---w c:\windows\Cookies 2009-05-22 14:06 . 2009-05-22 14:06 -------- d-----w C:\Nouveau dossier 2009-05-22 14:06 . 2009-05-22 14:06 -------- d-----w C:\rr 2009-05-22 14:04 . 2009-05-22 14:04 -------- d-----w c:\program files\ExtractNow 2009-05-22 09:34 . 2009-05-22 09:34 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\GHISLER 2009-05-21 08:58 . 2009-05-21 08:58 -------- d-----w c:\documents and settings\samirk\Application Data\Malwarebytes 2009-05-21 08:53 . 2009-05-21 08:53 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Malwarebytes 2009-05-21 08:53 . 2009-04-06 14:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-21 08:53 . 2009-04-06 14:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-21 08:53 . 2009-05-21 08:53 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-21 07:10 . 2009-05-22 16:14 -------- d-----w c:\program files\Alwil Software 2009-05-20 16:39 . 2009-05-20 16:39 -------- d-----w c:\documents and settings\samirk\Application Data\TuneUp Software 2009-05-20 16:01 . 2009-05-20 16:01 -------- d-----w c:\program files\GeCAD 2009-05-20 16:00 . 2009-05-20 16:00 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-05-20 07:53 . 2009-05-20 07:53 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\ESET 2009-05-20 07:39 . 2009-05-20 07:39 -------- d-----w C:\Update 2009-05-20 07:26 . 2009-05-20 07:28 -------- d-----w C:\nod_upd 2009-05-20 07:24 . 2009-05-20 07:24 -------- d-----w c:\documents and settings\All Users\Application Data\ESET 2009-05-19 16:25 . 2009-05-19 16:25 -------- d-----w c:\windows\system32\Kaspersky Lab 2009-05-19 16:04 . 2009-05-19 16:07 -------- d---a-w C:\PayCav_apres Rappel 2009-05-19 16:02 . 2009-05-19 16:14 -------- d---a-w C:\PayCav au 14 05 2009_4mois 2009-05-18 15:23 . 2009-05-18 15:24 87715404 ----a-w C:\Backup_16-23-54_18-5-2009.reg 2009-05-18 15:23 . 2009-05-18 15:23 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\10000006800002i\regedit.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\400000c300002i\USBGuard.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\4000007c00002i\pccntmon.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\1000000b00002i\RUNDLL32.EXE 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\400000600002i\ctfmon.exe 2009-05-18 15:21 . 2009-05-18 15:21 7168 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Error Repair Professional 3.8.2\4000002a200002i\IDMan.exe 2009-05-18 15:19 . 2009-05-18 15:19 -------- d-----w c:\documents and settings\Administrateur\Application Data\Pointstone 2009-05-18 15:03 . 2009-05-18 15:03 -------- d-----w c:\documents and settings\Administrateur\Application Data\TuneUp Software 2009-05-18 14:56 . 2009-05-18 15:25 -------- d-----w c:\documents and settings\Administrateur\Application Data\Thinstall 2009-05-18 14:56 . 2009-05-18 14:56 7680 ----a-w c:\documents and settings\Administrateur\Application Data\Thinstall\Advanced Registry Doctor\400000f00002i\RegManServ.exe 2009-05-18 14:51 . 2009-05-18 15:11 -------- d-----w c:\documents and settings\Administrateur\Local Settings\Application Data\Adobe 2009-05-16 10:23 . 2009-05-16 11:06 -------- d-----w c:\program files\DAEMON Tools Pro 2009-05-15 09:32 . 2009-05-15 09:32 -------- d-----w c:\windows\system32\vmm32 2009-05-15 09:21 . 2009-05-22 14:31 -------- d-----w C:\coran_hafs 2009-05-15 09:20 . 2009-05-15 09:20 282624 ----a-r c:\windows\Setup1.exe 2009-05-15 09:20 . 2009-05-15 09:20 73216 ----a-w c:\windows\ST6UNST.EXE 2009-05-13 10:06 . 2009-05-13 10:06 198064 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc2\components\idmmzcc.dll 2009-05-12 13:37 . 2009-05-15 09:34 720896 ----a-w c:\windows\iun6002ev.exe 2009-05-12 13:36 . 2008-04-13 18:33 1384479 ----a-w c:\windows\system32\msvbvm60.dll 2009-05-12 13:36 . 2001-04-09 11:37 416304 ----a-w c:\windows\system32\Mpg4c32.dll 2009-05-12 13:36 . 1999-06-01 01:00 101888 ----a-w c:\windows\system32\VB6STKIT.DLL 2009-05-12 13:36 . 1998-06-18 01:00 77824 ----a-w c:\windows\system32\MSBIND.DLL 2009-05-12 13:36 . 1998-04-27 00:00 570128 ----a-w c:\windows\system32\DAO350.DLL 2009-05-12 08:35 . 2009-05-12 08:35 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\PCHealth 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\300000005700002h\WINWORD.EXE 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\30000000d900002h\DW20.EXE 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\300000002ca00002h\OffDiag.exe 2009-05-12 08:35 . 2009-05-12 08:35 53248 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall\Microsoft Office Enterprise 2007\1000000b00002h\verclsid.exe 2009-05-07 07:18 . 2009-05-07 07:18 198064 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc2\components\idmmzcc.dll 2009-05-06 09:35 . 2009-05-06 09:35 -------- d-----w c:\documents and settings\LocalService\Bureau 2009-05-06 09:16 . 2009-05-06 09:28 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-05-06 08:30 . 2009-05-23 07:30 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-06 08:30 . 2009-05-23 07:30 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-06 08:10 . 2009-05-22 16:06 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-05-06 08:10 . 2009-01-18 21:43 2892112 -c--a-w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe 2009-05-06 08:10 . 2009-05-22 16:06 -------- d-----w c:\program files\Lavasoft 2009-05-06 08:10 . 2009-05-22 16:06 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2009-05-06 08:04 . 2009-05-06 08:04 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-05-06 08:04 . 2009-05-14 10:01 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\SUPERAntiSpyware.com 2009-05-06 08:04 . 2009-05-14 10:01 -------- d-----w c:\program files\SUPERAntiSpyware 2009-05-06 07:32 . 2009-05-12 08:33 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Thinstall 2009-05-06 07:26 . 2001-08-17 21:07 30688 -c--a-w c:\windows\system32\dllcache\sym_u3.sys 2009-05-06 07:25 . 2001-08-23 16:47 121344 -c--a-w c:\windows\system32\dllcache\phvfwext.dll 2009-05-06 07:24 . 2001-08-23 16:00 16384 -c--a-w c:\windows\system32\dllcache\lit220p.sys 2009-05-06 07:23 . 2008-04-13 17:59 28544 -c--a-w c:\windows\system32\dllcache\grserial.sys 2009-05-06 07:22 . 2008-04-13 10:36 10240 -c--a-w c:\windows\system32\dllcache\compbatt.sys 2009-05-06 07:21 . 2001-08-23 16:46 98304 -c--a-w c:\windows\system32\dllcache\a3d.dll 2009-05-06 07:21 . 2001-08-23 16:46 462848 -c--a-w c:\windows\system32\dllcache\a3dapi.dll 2009-05-06 07:21 . 2001-08-23 16:46 38400 -c--a-w c:\windows\system32\dllcache\8514a.dll 2009-05-06 07:21 . 2008-04-13 10:46 48128 -c--a-w c:\windows\system32\dllcache\61883.sys 2009-05-06 07:21 . 2008-04-13 10:40 12288 -c--a-w c:\windows\system32\dllcache\4mmdat.sys 2009-05-06 07:21 . 2001-08-17 19:48 148352 -c--a-w c:\windows\system32\dllcache\3dfxvsm.sys 2009-05-06 07:21 . 2001-08-23 16:46 689216 -c--a-w c:\windows\system32\dllcache\3dfxvs.dll 2009-05-06 07:21 . 2001-08-17 21:06 11264 -c--a-w c:\windows\system32\dllcache\1394vdbg.sys 2009-05-06 07:21 . 2001-08-17 20:28 762780 -c--a-w c:\windows\system32\dllcache\3cwmcru.sys 2009-05-06 07:21 . 2008-04-13 10:46 53376 -c--a-w c:\windows\system32\dllcache\1394bus.sys 2009-05-06 07:21 . 2001-08-23 16:46 66048 -c--a-w c:\windows\system32\dllcache\s3legacy.dll 2009-05-05 14:54 . 2009-05-05 14:54 -------- d-----w C:\fsaua.data 2009-05-05 14:45 . 2009-05-05 14:49 -------- d-----w c:\windows\BDOSCAN8 2009-05-05 07:57 . 2009-05-05 07:57 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\dvdcss 2009-04-30 15:31 . 2009-04-30 15:31 -------- d-----w c:\program files\Jufsoft 2009-04-30 15:02 . 2009-04-30 15:08 -------- d-----w C:\temp_dvd 2009-04-30 15:00 . 2009-05-22 13:57 -------- d-----w c:\program files\Dvd-cloner 2009-04-30 14:20 . 2009-04-30 14:20 1025 ----a-w c:\windows\system32\sysprs7.dll 2009-04-30 14:20 . 2009-04-30 14:20 1025 ----a-w c:\windows\system32\clauth2.dll 2009-04-30 14:20 . 2009-04-30 14:20 1025 ----a-w c:\windows\system32\clauth1.dll 2009-04-30 14:13 . 2009-05-22 14:01 -------- d-----w c:\program files\Stellar Phoenix CDROM 2009-04-30 07:55 . 2009-04-30 07:55 -------- d-----w c:\program files\Netscape 2009-04-29 15:13 . 2009-04-29 15:13 -------- d-----w c:\program files\Team6 game studios 2009-04-27 15:41 . 2009-04-27 15:41 -------- d-----w c:\documents and settings\Administrateur\Application Data\vlc 2009-04-27 14:47 . 2009-04-27 14:47 198064 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2009-04-27 13:22 . 2009-04-27 13:22 -------- d-----w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\K-Meleon 2009-04-27 09:38 . 2009-04-27 09:38 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Free&Easy Font Viewer 2009-04-23 10:39 . 2009-04-23 10:39 3638 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_FDE18872031EE8CFD4C89D.exe 2009-04-23 10:39 . 2009-04-23 10:39 3638 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_0DBEBCF4C2B181CB2B790E.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_6C6C936355173F1060FEC5.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_6851E577FA3CA88382D859.exe 2009-04-23 10:39 . 2009-04-23 10:39 10134 ----a-r c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_49BCC77850695432D62368.exe 2009-04-23 10:39 . 2009-04-23 10:39 -------- d-----w c:\program files\Teorex 2009-04-23 09:51 . 2009-05-12 10:06 -------- d-----w c:\program files\MP3Gain . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-23 09:43 . 2009-03-12 09:00 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\DMCache 2009-05-23 09:43 . 2009-05-23 07:31 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-23 09:40 . 2009-05-23 07:31 352288 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-05-23 09:40 . 2009-05-23 07:31 2304544 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-23 09:40 . 2009-05-23 07:31 2284 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-05-23 09:40 . 2009-05-23 07:31 21180 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-23 09:40 . 2009-03-12 14:59 12 ----a-w c:\windows\bthservsdp.dat 2009-05-23 09:31 . 2009-05-23 09:31 32784 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-05-23 09:31 . 2009-05-23 09:31 227344 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-05-23 09:31 . 2009-05-23 09:31 206088 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-05-23 09:31 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-05-23 09:31 . 2009-05-23 07:32 94643 ----a-w c:\windows\system32\drivers\klick.dat 2009-05-23 09:31 . 2009-05-23 07:32 105395 ----a-w c:\windows\system32\drivers\klin.dat 2009-05-23 09:31 . 2009-05-23 09:31 33808 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-05-23 09:31 . 2009-05-23 09:31 206088 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-05-23 09:31 . 2009-05-23 09:31 226832 ----a-w c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-05-23 07:31 . 2009-05-23 07:31 -------- d-----w c:\program files\Kaspersky Lab 2009-05-23 07:26 . 2009-03-10 07:48 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-05-22 16:16 . 2001-08-28 10:00 86550 ----a-w c:\windows\system32\perfc00C.dat 2009-05-22 16:16 . 2001-08-28 10:00 514304 ----a-w c:\windows\system32\perfh00C.dat 2009-05-22 16:08 . 2009-03-06 10:45 -------- d-----w c:\program files\Windows Live Toolbar 2009-05-22 14:01 . 2009-04-21 14:00 -------- d-----w c:\program files\AVS4YOU 2009-05-22 14:00 . 2009-04-21 14:01 -------- d-----w c:\program files\Fichiers communs\AVSMedia 2009-05-22 13:55 . 2009-03-05 16:34 -------- d-----w c:\program files\Windows Live Safety Center 2009-05-20 16:41 . 2009-03-05 14:19 294712 ----a-w c:\documents and settings\samirk\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-18 22:53 . 2009-03-06 07:13 294712 ----a-w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-18 15:19 . 2009-04-03 16:36 -------- d-----w c:\program files\Quick All Audio Converter 2009-05-18 15:19 . 2009-03-24 08:43 -------- d-----w c:\documents and settings\Administrateur\Application Data\DMCache 2009-05-16 11:08 . 2009-04-11 10:08 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\DAEMON Tools Pro 2009-05-15 09:28 . 2009-03-05 14:21 -------- d-----w c:\program files\Dell 2009-05-13 10:06 . 2009-03-24 08:43 -------- d-----w c:\documents and settings\Administrateur\Application Data\IDM 2009-05-07 07:18 . 2009-03-12 09:00 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\IDM 2009-05-07 07:17 . 2009-03-12 09:00 -------- d-----w c:\program files\Internet Download Manager 2009-04-29 08:40 . 2009-04-06 14:32 -------- d-----w c:\documents and settings\All Users\Application Data\Zoom Player 2009-04-27 15:17 . 2009-03-24 08:23 294712 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-21 14:46 . 2009-04-04 08:55 165232 ---ha-w c:\documents and settings\samirk.STIVEL\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll 2009-04-21 14:03 . 2009-04-21 14:03 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\AVS4YOU 2009-04-21 14:03 . 2009-04-21 14:03 -------- d-----w c:\documents and settings\All Users\Application Data\AVS4YOU 2009-04-21 13:44 . 2009-04-21 13:44 -------- d-----w c:\program files\Allok 3GP PSP MP4 iPod Video Converter 2009-04-21 13:31 . 2009-04-21 10:03 -------- d-----w c:\program files\YASAVOB2MP4 2009-04-21 13:25 . 2009-04-21 09:59 -------- d-----w c:\program files\NCH Swift Sound 2009-04-21 13:24 . 2009-04-21 10:01 -------- d-----w c:\program files\NO1 Video Converter 2009-04-21 10:54 . 2009-04-21 10:54 -------- d-----w c:\program files\Sagasoft 2009-04-20 13:07 . 2009-04-20 07:18 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Skype 2009-04-20 07:17 . 2009-04-20 07:17 -------- d-----r c:\program files\Skype 2009-04-20 07:17 . 2009-04-20 07:17 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-04-13 16:17 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\PC Suite 2009-04-13 16:16 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Nokia 2009-04-13 16:15 . 2009-04-13 16:15 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\Fichiers communs\PCSuite 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\Fichiers communs\Nokia 2009-04-13 16:12 . 2009-04-13 16:11 -------- d-----w c:\program files\Nokia 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\DIFX 2009-04-13 16:12 . 2009-04-13 16:12 -------- d-----w c:\program files\PC Connectivity Solution 2009-04-13 16:10 . 2009-04-13 16:10 8192 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe 2009-04-13 16:10 . 2009-04-13 16:10 61440 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2009-04-13 16:10 . 2009-04-13 16:10 10240 ----a-w c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe 2009-04-13 16:10 . 2009-04-13 16:10 -------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-04-13 15:56 . 2009-04-13 15:56 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-04-13 15:56 . 2009-04-13 15:56 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-04-13 08:05 . 2009-03-05 14:25 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-11 10:10 . 2009-04-11 10:10 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro 2009-04-11 10:08 . 2009-04-11 09:37 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-04-10 07:24 . 2009-04-10 07:24 410984 ----a-w c:\windows\system32\deploytk.dll 2009-04-10 07:24 . 2009-04-10 07:24 -------- d-----w c:\program files\Java 2009-04-10 07:24 . 2009-04-10 07:24 152576 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-10 07:12 . 2009-04-10 07:12 198064 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2009-04-10 07:11 . 2009-04-10 07:11 2813608 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmupdt.exe 2009-04-06 14:19 . 2009-04-06 14:15 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\vlc 2009-04-06 14:14 . 2009-04-06 14:14 -------- d-----w c:\program files\VideoLAN 2009-04-06 09:32 . 2009-04-06 09:32 -------- d-----w c:\program files\Fichiers communs\xing shared 2009-04-06 09:32 . 2009-03-12 10:22 -------- d-----w c:\program files\Fichiers communs\Real 2009-04-06 09:31 . 2009-03-10 09:09 499712 ----a-w c:\windows\system32\msvcp71.dll 2009-04-06 09:29 . 2009-04-06 09:29 -------- d-----w c:\program files\Real 2009-04-06 09:00 . 2009-04-06 09:00 -------- d-----w c:\program files\Unlocker 2009-04-04 11:01 . 2009-04-04 10:58 -------- d-----w c:\program files\K-Lite Codec Pack 2009-04-04 08:51 . 2009-04-04 08:51 -------- d-----w c:\program files\Microsoft Virtual PC 2009-04-03 16:48 . 2009-04-03 16:48 -------- d-----w c:\program files\LitexMedia 2009-04-01 13:39 . 2009-04-01 13:37 -------- d-----w c:\program files\RM to MP3 Converter 2009-04-01 09:25 . 2009-03-31 16:11 -------- d-----w c:\documents and settings\samirk.STIVEL\Application Data\Nero 2009-03-31 16:10 . 2009-03-31 15:43 -------- d-----w c:\program files\Fichiers communs\Nero 2009-03-31 15:57 . 2009-03-31 15:43 -------- d-----w c:\program files\Nero 2009-03-31 15:55 . 2009-03-31 15:55 -------- d-----w c:\program files\Windows Sidebar 2009-03-31 15:50 . 2009-03-31 15:43 -------- d-----w c:\documents and settings\All Users\Application Data\Nero 2009-03-31 07:33 . 2009-03-18 10:24 -------- d-----w c:\program files\Acro Software 2009-03-31 07:32 . 2009-03-25 08:00 -------- d-----w c:\program files\Teleport Pro 2009-03-26 15:35 . 2009-01-22 14:39 210352 ----a-w c:\windows\system32\idmmbc.dll 2009-03-24 08:43 . 2009-03-24 08:43 181680 ----a-w c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc02\components\idmmzcc.dll 2009-03-12 10:22 . 2009-03-10 09:09 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-03-12 09:03 . 2009-03-12 09:03 181680 ----a-w c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc02\components\idmmzcc.dll 2009-03-10 09:21 . 2009-03-10 09:21 136 ----a-w c:\documents and settings\samirk.STIVEL\Local Settings\Application Data\fusioncache.dat 2009-03-10 08:20 . 2009-03-10 08:20 603904 ----a-w c:\windows\system32\TUProgSt.exe 2009-03-10 08:20 . 2009-03-10 08:20 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe 2009-03-07 08:46 . 2009-03-07 08:46 45056 ----a-w c:\windows\NCUNINST.EXE 2009-03-06 10:28 . 2009-03-05 14:06 86327 ----a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat 2009-03-06 07:33 . 2009-03-06 07:33 0 ----a-w c:\windows\nsreg.dat 2009-03-06 07:23 . 2009-03-06 07:23 2678 ----a-w c:\windows\java\Packages\Data\MAC80NFT.DAT 2009-03-06 07:23 . 2009-03-06 07:23 2678 ----a-w c:\windows\java\Packages\Data\G8AJ9N7T.DAT 2009-03-06 07:23 . 2009-03-06 07:23 2678 ----a-w c:\windows\java\Packages\Data\YHJ3TJPF.DAT 2009-03-06 07:23 . 2009-03-06 07:23 2678 ----a-w c:\windows\java\Packages\Data\OQYXVJD3.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-01-23 2745776] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 798720] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-16 7323648] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-04-06 198160] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-23 206088] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Gestion du client de Pare-feu Microsoft.lnk - c:\windows\Installer\{199B7F78-69B7-47C5-8D4B-A3ED1391FB6B}\NewShortcut1_8C7A59A89ABE459A9A9308C281A4A264.exe [2009-3-5 53248] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R2 FwcAgent;Agent du client de pare-feu;c:\program files\Microsoft Firewall Client 2004\FwcAgent.exe [18/01/2006 00:48 124176] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [10/03/2009 09:20 603904] R3 euccicr;CryptoIdentity CCID Virtual Reader;c:\windows\system32\drivers\euccicr-x86.sys [07/06/2006 15:34 43776] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21/05/2009 09:53 15504] S2 MBAMService;MBAMService;"c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe" --> c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [?] S3 euccic;CryptoIdentity CCID;c:\windows\system32\drivers\euccic-x86.sys [07/06/2006 14:20 57088] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2009-05-23 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04] . - - - - ORPHELINS SUPPRIMES - - - - SafeBoot-procexp90.Sys . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://www.microsoft.com mWindow Title = Microsoft Internet Explorer uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = STIVEL-ISA:8080 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm LSP: c:\windows\system32\idmmbc.dll LSP: c:\program files\Microsoft Firewall Client 2004\FwcWsp.dll DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - c:\documents and settings\samirk.STIVEL\Application Data\Mozilla\Firefox\Profiles\gulor49c.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - arab stars Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.ftp - STIVEL-ISA FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - STIVEL-ISA FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - STIVEL-ISA FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - STIVEL-ISA FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - STIVEL-ISA FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 1 FF - component: c:\documents and settings\samirk.STIVEL\Application Data\IDM\idmmzcc3\components\idmmzcc.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 FF - user.js: content.max.tokenizing.time - 1500000 FF - user.js: content.notify.interval - 750000 FF - user.js: nglayout.initialpaint.delay - 100 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-23 10:43 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):7b,51,b8,4b,79,e3,01,9e,33,e9,bb,00,c2,24,ae,ab,4a,c4,9e,c7,2a, b9,fa,cb,91,0e,cb,bd,b7,74,6d,75,3d,52,cc,84,20,e8,5c,6d,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{c9ff52d4-cf35-411d-8cf8-75ae48d54261}] @Denied: (Full) (Everyone) "Model"=dword:0000007d "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,d3,ab,20,e1,a9,85,6b,6e,8d,32,46,8f,51,12,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1276) c:\windows\system32\idmmbc.dll - - - - - - - > 'lsass.exe'(1332) c:\windows\system32\idmmbc.dll - - - - - - - > 'explorer.exe'(2260) c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\program files\Microsoft Virtual PC\VPCShExH.DLL c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\scardsvr.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Microsoft Firewall Client 2004\FwcMgmt.exe . ************************************************************************** . Heure de fin: 2009-05-23 10:45 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-23 09:45 Avant-CF: 114 339 139 584 octets libres Après-CF: 115 357 806 592 octets libres Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 372 --- E O F --- 2009-03-07 07:18 ----------------------------- Merci d'avance pour votre aide