Aller au contenu

yago

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par yago

  1. yago
    hello, est ce qu'une âme charitable pourrait vérifier le rapport de combofix pour moi... rapport: ComboFix 09-10-22.01 - manu 23/10/2009 13:39.1.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.32.1036.18.1976.1036 [GMT 2:00] Lancé depuis: c:\users\manu\Desktop\ComboFix.exe FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-4215396406-1814333473-3288522267-500 c:\users\manu\Documents\bat.england.bat c:\users\manu\Documents\sos1.bat c:\users\manu\Documents\ssmgr.exe c:\windows\010112010146116101.xxe c:\windows\0101120101464855.xxe c:\windows\0101120101465649.xxe c:\windows\rdr_1255700484.exe c:\windows\rdr_1255700485.exe c:\windows\rdr_1255795927.exe c:\windows\rdr_1255798337.exe c:\windows\rdr_1255872560.exe c:\windows\rdr_1255877525.exe c:\windows\rdr_1255879479.exe c:\windows\rdr_1255881503.exe c:\windows\rdr_1255884484.exe c:\windows\system32\drivers\fio32.sys c:\windows\system32\fio32.dll c:\windows\system32\oem11.inf . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_fioo32 -------\Service_SfX -------\Legacy_fio32 -------\Service_fio32 ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-23 au 2009-10-23 )))))))))))))))))))))))))))))))))))) . 2009-10-23 11:45 . 2009-10-23 11:45 -------- d-----w- c:\users\ma douce\AppData\Local\temp 2009-10-23 11:45 . 2009-10-23 11:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-18 16:53 . 2008-03-03 13:06 279440 ------w- c:\windows\system32\drivers\vsdatant.sys 2009-10-18 16:52 . 2009-10-23 11:48 -------- d-----w- c:\windows\Internet Logs 2009-10-18 15:12 . 2009-10-18 15:13 -------- d-----w- c:\windows\system32\ca-ES 2009-10-18 15:12 . 2009-10-18 15:13 -------- d-----w- c:\windows\system32\eu-ES 2009-10-18 15:12 . 2009-10-18 15:13 -------- d-----w- c:\windows\system32\vi-VN 2009-10-18 14:56 . 2009-10-18 14:56 -------- d-----w- c:\windows\system32\EventProviders 2009-10-18 13:35 . 2009-10-20 09:55 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-10-18 13:35 . 2009-10-18 13:35 -------- d-----w- c:\programdata\Avira 2009-10-18 13:35 . 2009-10-18 13:35 -------- d-----w- c:\program files\Avira 2009-10-18 13:35 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-10-17 16:15 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll 2009-10-17 16:14 . 2009-03-08 11:32 169472 ----a-w- c:\windows\system32\iexpress.exe 2009-10-17 16:14 . 2009-03-08 11:31 45568 ----a-w- c:\windows\system32\mshta.exe 2009-10-17 16:14 . 2009-03-08 11:33 109568 ----a-w- c:\windows\system32\PDMSetup.exe 2009-10-17 16:14 . 2009-03-08 11:33 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2009-10-17 16:14 . 2009-03-08 11:33 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2009-10-17 16:14 . 2009-03-08 11:33 103936 ----a-w- c:\windows\system32\SetDepNx.exe 2009-10-17 15:53 . 2009-10-17 15:53 2198 ----a-w- C:\zTdnV57S.bat 2009-10-17 15:52 . 2009-10-17 15:52 -------- d-----w- c:\program files\Common Files\CSUninstall 2009-10-15 13:37 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-10-15 13:36 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-10-15 13:36 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-10-15 13:36 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll 2009-10-15 13:36 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-10-15 13:36 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL 2009-10-04 14:50 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-03 06:55 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-03 06:55 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-03 06:55 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-03 06:55 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-03 06:55 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-03 06:55 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-03 06:55 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-03 06:55 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-03 06:55 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-09-28 19:51 . 2009-09-28 19:51 -------- d-----w- c:\program files\Xvid 2009-09-28 19:51 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2009-09-28 19:51 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll 2009-09-28 09:36 . 2009-09-28 09:40 -------- d-----w- c:\users\manu\AppData\Local\Corel 2009-09-28 09:35 . 2009-09-28 09:35 88 --sh--r- c:\windows\system32\BA940FEA20.sys 2009-09-28 09:35 . 2009-09-28 09:35 -------- d-----w- c:\users\manu\AppData\Roaming\Corel 2009-09-28 09:34 . 2009-09-28 09:34 -------- d-----w- c:\programdata\Corel 2009-09-28 09:31 . 2009-09-28 09:32 -------- d-----w- c:\program files\Common Files\Corel 2009-09-28 09:27 . 2009-09-28 10:01 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-09-28 09:25 . 2009-09-28 09:31 -------- d-----w- c:\program files\Corel 2009-09-28 09:24 . 2009-09-28 09:24 -------- d-----w- c:\users\manu\AppData\Roaming\InstallShield . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-23 11:47 . 2009-10-18 16:53 352615 ---ha-w- c:\windows\system32\drivers\vsconfig.xml 2009-10-23 11:40 . 2008-01-21 08:40 669566 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-23 11:40 . 2008-01-21 08:40 123556 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-20 12:31 . 2009-03-27 20:23 72184 ----a-w- c:\users\manu\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-20 10:05 . 2008-05-29 00:49 -------- d-----w- c:\programdata\Microsoft Help 2009-10-18 16:54 . 2009-10-18 16:54 -------- d-----w- c:\programdata\CheckPoint 2009-10-18 16:54 . 2009-10-18 16:54 -------- d-----w- c:\program files\Zone Labs 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-10-18 15:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-10-18 15:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-10-18 13:27 . 2008-05-29 00:25 -------- d-----w- c:\programdata\Symantec 2009-10-18 13:27 . 2008-05-29 00:25 -------- d-----w- c:\program files\Common Files\Symantec Shared 2009-10-17 16:47 . 2009-09-04 08:28 -------- d-----w- c:\program files\PokerStars 2009-10-17 16:47 . 2008-05-29 00:31 -------- d-----w- c:\program files\eMachines GameZone 2009-10-16 11:50 . 2009-03-27 20:42 1106 ----a-w- c:\users\manu\AppData\Roaming\wklnhst.dat 2009-08-29 00:27 . 2009-09-02 19:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 . 2009-09-02 19:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-27 05:22 . 2009-10-17 16:16 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-27 05:17 . 2009-10-17 16:16 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-08-27 05:17 . 2009-10-17 16:16 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-08-27 03:42 . 2009-10-17 16:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-14 16:27 . 2009-09-09 06:31 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 15:53 . 2009-09-09 06:31 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 13:49 . 2009-09-09 06:31 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 13:49 . 2009-09-09 06:31 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 13:49 . 2009-09-09 06:31 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 13:49 . 2009-09-09 06:31 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 13:49 . 2009-09-09 06:31 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 13:49 . 2009-09-09 06:31 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 13:49 . 2009-09-09 06:31 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-14 13:48 . 2009-09-09 06:31 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-08-14 13:48 . 2009-09-09 06:31 105984 ----a-w- c:\windows\system32\netiohlp.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-27 68856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-11 1033512] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-21 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-21 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-21 145944] "WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152] "LManager"="c:\progra~1\LAUNCH~1\QtZyEmachine.EXE" [2008-06-24 817672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-27 24064] "CZFMDKsk"="c:\progra~1\FDD_FM~1\CZFMDKsk.exe" [2004-01-02 323584] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-08-06 6265376] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"="" "FirewallOverride"="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):5a,c2,78,9f,06,50,ca,01 R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/10/2009 15:35 108289] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/03/2008 13:11 16384] R2 ETService;Empowering Technology Service;c:\program files\eMachines\eMachines Recovery Management\Service\ETService.exe [27/03/2009 22:26 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [6/04/2008 22:42 50424] R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 21:09 11032] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [25/06/2008 16:39 212992] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4/04/2008 3:03 131072] S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/03/2009 22:28 24064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] fioo32 REG_MULTI_SZ fioo32 . Contenu du dossier 'Tâches planifiées' 2009-10-23 c:\windows\Tasks\User_Feed_Synchronization-{657F9529-A1F3-49E8-9894-C7024FDA4708}.job - c:\windows\system32\msfeedssync.exe [2009-10-17 03:41] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=080c&s=2&o=vp32&d=0309&m=emg720 mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=080c&s=2&o=vp32&d=0309&m=emg720 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-eRecoveryService - (no file) ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{4f218a2f-5124-474c-a005-9e5a7b14df78}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0d001fe2 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:07001422 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9f8903f4-0f00-4ca1-b5ae-4c1695e6f604}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:17020054 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b125b991-f81c-407f-86b6-ec4464043e2d}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:11001e68 "Dhcpv6State"=dword:00000001 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ba32a50a-3d27-4fae-8591-5916311409be}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0c001422 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{cd23335f-f9ed-4cf1-9aa4-ef0206fc7013}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:10000000 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f08699c0-58e4-4863-9e91-8652e9703f2d}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1200234e "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:06001422 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f70a361f-6437-4fcc-91a4-cd88d468d91b}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0e001422 "Dhcpv6State"=dword:00000000 . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\ZoneLabs\vsmon.exe c:\windows\system32\WLANExt.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\PSIService.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\combofix\CF28720.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE c:\combofix\PEV.cfxxe . ************************************************************************** . Heure de fin: 2009-10-23 13:51 - La machine a redémarré ComboFix-quarantined-files.txt 2009-10-23 11:51 Avant-CF: 39.122.710.528 octets libres Après-CF: 38.935.867.392 octets libres - - End Of File - - 6E1DBB57DE7D1D7FFC6D0A552DB80650 un grand merci d'avance...
×
×
  • Créer...