spoke09

Merci et joyeuses fêtes également

Bonjour, Depuis 3 heures, aucune page intempestive ne s'est ouverte. Merci beaucoup. Le lien demandé: © CJoint.com, 2010

Bonjour, La page ne s'est pas ouverte à "l'heure habituelle". J'attends la prochaine pour confirmer la guérison. Merci beaucoup de votre aide. Voici le fichier demandé : ComboFix 10-12-20.03 - nom 21/12/2010 15:34:59.2.2 - x86 Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.3072.2316 [GMT 1:00] Lancé depuis: c:\users\nom\Desktop\Désinfection\ComboFix.exe Commutateurs utilisés :: c:\users\nom\Desktop\CFScript.txt AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "c:\windows\system32\Ionic.Zip.Reduced.dll" "c:\windows\system32\Utils.dll" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Navilog1 c:\navilog1\Contents\Filess.bat c:\navilog1\Contents\Folders.bat c:\navilog1\Contents\Folderss.bat c:\navilog1\Contents\Fss86.bat c:\navilog1\Contents\Gnc2.bat c:\navilog1\Contents\Gnc2su.bat c:\navilog1\Contents\Gncs.bat c:\navilog1\Contents\Gncssfil.bat c:\navilog1\Contents\Heurs.bat c:\navilog1\Contents\Heurss.bat c:\navilog1\Contents\Orphus.bat c:\navilog1\Contents\Setlang.bat c:\navilog1\Contents\Wlist.bat c:\navilog1\Fav.exe c:\navilog1\GetPaths.exe c:\navilog1\mvfile.bat c:\navilog1\navilog1.bat c:\navilog1\Navreb.bat c:\navilog1\oem2ansi.exe c:\navilog1\OsV.exe c:\navilog1\reg.exe c:\navilog1\regnavi.reg c:\navilog1\Report\debug.txt c:\navilog1\traite.bat c:\navilog1\traite2.bat c:\navilog1\traite3.bat c:\navilog1\Uninstal.bat c:\program files\Installer c:\program files\Installer\lnetworker.exe c:\program files\Navilog1 c:\users\nom\AppData\Local\assembly c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\00cfeba2_c58ccb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\00cfeba2_c58ccb01\networker.EXE c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\35efee2d_ce9dcb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\35efee2d_ce9dcb01\networker.EXE c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\d65db20a_d1a0cb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\56262073\d65db20a_d1a0cb01\networker.EXE c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\00a2baa1_c58ccb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\00a2baa1_c58ccb01\Utils.DLL c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\9faf502e_ce9dcb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\9faf502e_ce9dcb01\Utils.DLL c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\e0433a0b_d1a0cb01\__AssemblyInfo__.ini c:\users\nom\AppData\Local\assembly\dl3\L4ENMB99.3RV\B900QYHA.PA0\980c2108\e0433a0b_d1a0cb01\Utils.DLL c:\users\nom\AppData\Local\networker c:\users\nom\AppData\Local\networker\Domain_2_Url_eyyeqgjj1gta0iw00blq4wjj2xfalg1x\1.0.0.0\user.config c:\windows\BackupIP c:\windows\BackupIP\Ionic.Zip.Reduced.dll c:\windows\BackupIP\pref_updater.exe c:\windows\BackupIP\service.exe c:\windows\BackupIP\Utils.dll c:\windows\system32\Ionic.Zip.Reduced.dll c:\windows\system32\Utils.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_sdmBackupIP ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-21 au 2010-12-21 )))))))))))))))))))))))))))))))))))) . 2010-12-21 14:43 . 2010-12-21 14:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\users\nom\AppData\Roaming\Malwarebytes 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\programdata\Malwarebytes 2010-12-17 08:23 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-17 08:23 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-16 09:19 . 2010-12-16 09:19 -------- d-----w- c:\users\nom\AppData\Roaming\Avira 2010-12-16 09:08 . 2010-12-06 07:48 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-12-16 09:08 . 2010-12-06 07:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-12-16 09:08 . 2010-12-16 09:08 -------- d-----w- c:\programdata\Avira 2010-12-16 09:08 . 2010-12-16 09:08 -------- d-----w- c:\program files\Avira 2010-12-16 07:58 . 2010-12-16 07:58 -------- d-----w- c:\program files\Trend Micro 2010-12-14 05:41 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E2B113C-FC34-4A18-ADAB-C54CF746A618}\mpengine.dll 2010-12-07 05:52 . 2010-12-07 05:52 -------- d-----w- c:\programdata\Codemasters 2010-12-07 05:49 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-12-07 05:48 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-12-07 05:48 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-12-07 05:48 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2010-12-07 05:47 . 2010-12-08 07:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-12-07 05:47 . 2010-12-07 05:47 -------- d-----w- c:\windows\system32\xlive 2010-12-07 05:37 . 2010-12-07 05:37 -------- d-----w- c:\program files\Codemasters 2010-11-29 09:50 . 2010-11-29 09:52 -------- d-----w- c:\program files\Google 2010-11-29 09:50 . 2010-11-29 09:52 -------- d-----w- c:\users\nom\AppData\Local\Google 2010-11-24 05:35 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-07 07:45 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2010-12-07 07:45 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-11-12 17:53 . 2010-07-28 07:49 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-03 14:53 . 2010-11-03 14:53 98304 ----a-w- c:\windows\system32CmdLineExt.dll 2010-10-22 06:23 . 2010-11-04 09:04 888424 ----a-w- c:\windows\system32\nvdispco322050.dll 2010-10-22 06:23 . 2010-11-04 09:04 813672 ----a-w- c:\windows\system32\nvgenco322030.dll 2010-10-22 06:23 . 2010-11-04 09:04 57960 ----a-w- c:\windows\system32\OpenCL.dll 2010-10-22 06:23 . 2010-11-04 09:04 319080 ----a-w- c:\windows\system32\nvdecodemft.dll 2010-10-22 06:23 . 2010-11-04 09:04 14899816 ----a-w- c:\windows\system32\nvoglv32.dll 2010-10-22 06:23 . 2010-11-04 09:04 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2010-10-22 06:23 . 2009-07-13 22:09 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll 2010-10-22 06:23 . 2009-06-10 21:19 10023528 ----a-w- c:\windows\system32\nvd3dum.dll 2010-10-22 06:23 . 2010-11-04 09:04 4837480 ----a-w- c:\windows\system32\nvcuda.dll 2010-10-22 06:23 . 2010-11-04 09:04 2912360 ----a-w- c:\windows\system32\nvcuvid.dll 2010-10-22 06:23 . 2010-11-04 09:04 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-10-22 06:23 . 2010-11-04 09:04 13019752 ----a-w- c:\windows\system32\nvcompiler.dll 2010-10-22 06:23 . 2010-11-04 09:04 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2010-10-22 06:23 . 2010-04-13 06:34 1719912 ----a-w- c:\windows\system32\nvapi.dll 2010-10-19 09:41 . 2010-04-12 13:32 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe 2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll 2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll 2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176] "Steam"="c:\program files\steam\steam.exe" [2010-11-17 1242448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "WorkFlowTray"="c:\program files\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe" [2003-11-12 139363] "Opware14"="c:\program files\ScanSoft\OmniPagePro14.0\Opware14.exe" [2003-11-12 57344] "OpScheduler"="c:\program files\ScanSoft\OmniPagePro14.0\OpScheduler.exe" [2003-11-12 114688] "PDF Converter Registry Controller"="c:\program files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe" [2003-09-30 102400] "SSPrnAgent"="c:\program files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe" [2003-11-11 20480] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-06 281768] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe [2010-6-4 7667970] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328] R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208] R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024] R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744] R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864] R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2010-03-30 12288] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-06 135336] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] S3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contenu du dossier 'Tâches planifiées' 2010-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 09:50] 2010-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 09:50] . . ------- Examen supplémentaire ------- . uStart Page = www.easysear.ch/ IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Ouvrir le fichier PDF dans Word - c:\program files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300 FF - ProfilePath - c:\users\nom\AppData\Roaming\Mozilla\Firefox\Profiles\pxbjry10.default\ FF - prefs.js: browser.startup.homepage - www.easysear.ch/ FF - prefs.js: browser.startup.homepage - www.easysear.ch/ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-installer - c:\program files\Installer\lnetworker.exe . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3144507135-2322074883-2235444442-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:9d,0a,ff,48,dc,a5,f9,b6,99,73,db,10,bb,94,44,94,92,6a,a9,45,9e,7e,b0, 3a,36,71,ef,de,3f,76,05,14,14,b6,aa,c6,db,27,25,86,f7,ca,bb,80,ea,3d,13,16,\ "??"=hex:de,02,3b,94,ab,72,aa,47,d4,75,67,01,11,b5,00,69 [HKEY_USERS\S-1-5-21-3144507135-2322074883-2235444442-1000\Software\SecuROM\License information*] "datasecu"=hex:75,1a,7e,24,d3,ba,51,1b,75,43,c8,e2,f4,f3,f9,6a,e9,64,74,77,bf, 40,a1,b4,28,2c,0a,7d,87,39,28,39,e5,58,74,b6,00,de,ff,06,90,55,d7,4c,11,b4,\ "rkeysecu"=hex:02,42,e4,08,f0,eb,d4,bb,92,1d,39,db,83,95,2c,2e [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'Explorer.exe'(4216) c:\program files\ScanSoft\OmniPagePro14.0\OpHook14.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll c:\program files\7-Zip\7-zip.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\NvXDSync.exe c:\windows\system32\nvvsvc.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\DllHost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Heure de fin: 2010-12-21 15:50:30 - La machine a redémarré ComboFix-quarantined-files.txt 2010-12-21 14:50 Avant-CF: 48 400 211 968 octets libres Après-CF: 48 064 741 376 octets libres - - End Of File - - 490E6784441254F82C59A0C54764EC6C

Bonjour, J'ai toujours les pub ! Mozilla Firefox est installé (je ne l'utilise pas), mais seul IExplorer s'ouvre. Je ne connais pas "backupIP" et il ne figure pas dans Ajout/suppression. Merci

Ci-après le rapport de COMBOFIX Merci ComboFix 10-12-16.02 - nom 17/12/2010 10:28:38.1.2 - x86 Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.3072.2132 [GMT 1:00] Lancé depuis: c:\users\nom\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\hpe38E7.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-17 au 2010-12-17 )))))))))))))))))))))))))))))))))))) . 2010-12-17 09:36 . 2010-12-17 09:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\users\nom\AppData\Roaming\Malwarebytes 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\programdata\Malwarebytes 2010-12-17 08:23 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-12-17 08:23 . 2010-12-17 08:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-12-17 08:23 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-16 09:19 . 2010-12-16 09:19 -------- d-----w- c:\users\nom\AppData\Roaming\Avira 2010-12-16 09:08 . 2010-12-06 07:48 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-12-16 09:08 . 2010-12-06 07:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-12-16 09:08 . 2010-12-16 09:08 -------- d-----w- c:\programdata\Avira 2010-12-16 09:08 . 2010-12-16 09:08 -------- d-----w- c:\program files\Avira 2010-12-16 07:58 . 2010-12-16 07:58 -------- d-----w- c:\program files\Trend Micro 2010-12-15 10:44 . 2010-12-15 11:00 -------- d---a-w- C:\Navilog1 2010-12-15 10:44 . 2010-12-15 10:59 -------- d-----w- c:\program files\Navilog1 2010-12-14 05:41 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E2B113C-FC34-4A18-ADAB-C54CF746A618}\mpengine.dll 2010-12-07 05:52 . 2010-12-07 05:52 -------- d-----w- c:\programdata\Codemasters 2010-12-07 05:49 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-12-07 05:48 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-12-07 05:48 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-12-07 05:48 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2010-12-07 05:47 . 2010-12-08 07:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-12-07 05:47 . 2010-12-07 05:47 -------- d-----w- c:\windows\system32\xlive 2010-12-07 05:37 . 2010-12-07 05:37 -------- d-----w- c:\program files\Codemasters 2010-11-30 09:55 . 2010-11-30 09:55 -------- d-----w- c:\users\nom\AppData\Local\networker 2010-11-30 09:55 . 2010-11-30 09:55 -------- d-----w- c:\users\nom\AppData\Local\assembly 2010-11-29 11:07 . 2010-11-29 11:07 -------- d-----w- c:\windows\BackupIP 2010-11-29 11:07 . 2010-11-29 11:07 -------- d-----w- c:\program files\Installer 2010-11-29 11:07 . 2010-11-25 17:24 11264 ------w- c:\windows\system32\Utils.dll 2010-11-29 11:07 . 2010-01-20 23:58 197632 ------w- c:\windows\system32\Ionic.Zip.Reduced.dll 2010-11-29 09:50 . 2010-11-29 09:52 -------- d-----w- c:\program files\Google 2010-11-29 09:50 . 2010-11-29 09:52 -------- d-----w- c:\users\nom\AppData\Local\Google 2010-11-24 05:35 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2010-11-19 05:30 . 2009-08-19 21:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-07 07:45 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2010-12-07 07:45 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2010-11-03 14:53 . 2010-11-03 14:53 98304 ----a-w- c:\windows\system32CmdLineExt.dll 2010-10-22 06:23 . 2010-11-04 09:04 888424 ----a-w- c:\windows\system32\nvdispco322050.dll 2010-10-22 06:23 . 2010-11-04 09:04 813672 ----a-w- c:\windows\system32\nvgenco322030.dll 2010-10-22 06:23 . 2010-11-04 09:04 57960 ----a-w- c:\windows\system32\OpenCL.dll 2010-10-22 06:23 . 2010-11-04 09:04 319080 ----a-w- c:\windows\system32\nvdecodemft.dll 2010-10-22 06:23 . 2010-11-04 09:04 14899816 ----a-w- c:\windows\system32\nvoglv32.dll 2010-10-22 06:23 . 2010-11-04 09:04 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2010-10-22 06:23 . 2009-07-13 22:09 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll 2010-10-22 06:23 . 2009-06-10 21:19 10023528 ----a-w- c:\windows\system32\nvd3dum.dll 2010-10-22 06:23 . 2010-11-04 09:04 4837480 ----a-w- c:\windows\system32\nvcuda.dll 2010-10-22 06:23 . 2010-11-04 09:04 2912360 ----a-w- c:\windows\system32\nvcuvid.dll 2010-10-22 06:23 . 2010-11-04 09:04 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-10-22 06:23 . 2010-11-04 09:04 13019752 ----a-w- c:\windows\system32\nvcompiler.dll 2010-10-22 06:23 . 2010-11-04 09:04 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2010-10-22 06:23 . 2010-04-13 06:34 1719912 ----a-w- c:\windows\system32\nvapi.dll 2010-10-19 09:41 . 2010-04-12 13:32 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe 2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll 2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll 2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll 2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll 2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176] "Steam"="c:\program files\steam\steam.exe" [2010-11-17 1242448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "WorkFlowTray"="c:\program files\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe" [2003-11-12 139363] "Opware14"="c:\program files\ScanSoft\OmniPagePro14.0\Opware14.exe" [2003-11-12 57344] "OpScheduler"="c:\program files\ScanSoft\OmniPagePro14.0\OpScheduler.exe" [2003-11-12 114688] "PDF Converter Registry Controller"="c:\program files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe" [2003-09-30 102400] "SSPrnAgent"="c:\program files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe" [2003-11-11 20480] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "installer"="c:\program files\Installer\lnetworker.exe" [2010-12-16 7168] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-06 281768] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe [2010-6-4 7667970] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 136176] R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328] R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208] R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024] R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744] R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864] R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2010-03-30 12288] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400] R3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] R3 WSDScan;Prise en charge de la numérisation WSD via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-06 135336] S2 sdmBackupIP;Backup IP Network;c:\windows\BackupIP\service.exe [2010-11-25 8192] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contenu du dossier 'Tâches planifiées' 2010-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 09:50] 2010-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-29 09:50] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.yahoo.com/ IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Ouvrir le fichier PDF dans Word - c:\program files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300 FF - ProfilePath - c:\users\nom\AppData\Roaming\Mozilla\Firefox\Profiles\pxbjry10.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-AdobeBridge - (no file) . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3144507135-2322074883-2235444442-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:9d,0a,ff,48,dc,a5,f9,b6,99,73,db,10,bb,94,44,94,92,6a,a9,45,9e,7e,b0, 3a,36,71,ef,de,3f,76,05,14,14,b6,aa,c6,db,27,25,86,f7,ca,bb,80,ea,3d,13,16,\ "??"=hex:de,02,3b,94,ab,72,aa,47,d4,75,67,01,11,b5,00,69 [HKEY_USERS\S-1-5-21-3144507135-2322074883-2235444442-1000\Software\SecuROM\License information*] "datasecu"=hex:75,1a,7e,24,d3,ba,51,1b,75,43,c8,e2,f4,f3,f9,6a,e9,64,74,77,bf, 40,a1,b4,28,2c,0a,7d,87,39,28,39,e5,58,74,b6,00,de,ff,06,90,55,d7,4c,11,b4,\ "rkeysecu"=hex:02,42,e4,08,f0,eb,d4,bb,92,1d,39,db,83,95,2c,2e [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(564) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Heure de fin: 2010-12-17 10:39:18 ComboFix-quarantined-files.txt 2010-12-17 09:39 Avant-CF: 46 614 675 456 octets libres Après-CF: 47 656 255 488 octets libres - - End Of File - - B2167577CD39AA696636D2814A4F9F63

Voilà les rapports demandés : (Merci d'avance de votre réponse) Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5342 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 17/12/2010 09:28:23 mbam-log-2010-12-17 (09-28-23).txt Type d'examen: Examen rapide Elément(s) analysé(s): 149416 Temps écoulé: 3 minute(s), 35 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) --------------------------------- Results of screen317's Security Check version 0.99.7 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 22 Java 2 Runtime Environment, SE v1.4.2_04 Adobe Flash Player 10.1.53.64 Adobe Reader 9.4.1 - Français Out of date Adobe Reader installed! Mozilla Firefox (3.6. ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log````````````

Bonjour, Depuis environ une semaine explorer s'ouvre tout seul à la 36ème minute de chaque heure et affiche une page de pub. Ce sont des sites connus : La Redoute ... Après recherche, j'ai fait une analyse avec HijackThis dont voici le fichier resultat (que je suis bien incapable d'interpréter). Merci de votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:02:18, on 16/12/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SOUNDMAN.EXE C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\ScanSoft\OmniPagePro14.0\opware14.exe C:\Program Files\ScanSoft\OmniPagePro14.0\OpScheduler.exe C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Installer\lnetworker.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskhost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [WorkFlowTray] "C:\Program Files\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe" O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe" O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPagePro14.0\OpScheduler.exe" O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe" O4 - HKLM\..\Run: [sSPrnAgent] C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300 O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O15 - ESC Trusted Zone: http://*.update.microsoft.com O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\Windows\BackupIP\service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 9744 bytes