Icaryon

Ok, je vais faire ça. Merci de votre aide

Sur la commande sfc, j'option le message : La protection des ressources Windows n'a pas réussi à démarrer le service de réparartion.

Non, pareil.

Rescan suite à la mise à jour. Les plantages d'explorer ne font aucun message. Juste une suppression et réapparition des icônes. ComboFix 12-03-22.01 - Icaryon_2 23/03/2012 21:09:05.6.4 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3313.2245 [GMT 1:00] Lancé depuis: h:\utilisateurs\Icaryon_2\Downloads\ComboFix.exe Commutateurs utilisés :: h:\utilisateurs\Icaryon_2\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll --> c:\windows\System32\user32.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-23 au 2012-03-23 )))))))))))))))))))))))))))))))))))) . . 2012-03-23 20:12 . 2012-03-23 20:12 -------- d-----w- h:\utilisateurs\Default\AppData\Local\temp 2012-03-20 21:03 . 2012-03-23 20:13 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\temp 2012-03-15 19:00 . 2012-03-15 22:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-03-14 22:12 . 2012-03-14 22:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google 2012-03-14 21:11 . 2012-03-07 00:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-03-14 21:11 . 2012-03-07 00:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-03-14 21:11 . 2012-03-07 00:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-03-14 21:11 . 2012-03-06 23:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Google 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- c:\program files\Google 2012-03-14 21:07 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-14 21:07 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-14 21:07 . 2012-03-07 00:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-14 21:07 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-14 21:07 . 2012-03-07 00:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-14 21:07 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-14 21:07 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-14 20:27 . 2012-03-14 20:29 -------- d-----w- c:\programdata\SecTaskMan 2012-03-13 21:31 . 2012-03-13 21:31 53248 ----a-r- h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Leadertech 2012-03-13 21:31 . 2012-03-13 21:31 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\programdata\Logishrd 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\program files\Common Files\Logishrd 2012-03-13 21:29 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logitech 2012-03-13 21:29 . 2012-03-13 21:29 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logishrd 2012-02-26 20:15 . 1996-02-08 01:54 284160 ----a-w- c:\windows\unin040c.exe . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2011-08-20 14:52 41184 ----a-w- c:\windows\avastSS.scr 2012-02-20 23:30 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-02-20 23:30 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll 2012-02-18 12:51 . 2011-08-26 21:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-15 03:47 . 2012-02-15 03:47 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-02-15 03:18 . 2011-07-28 21:40 791040 ----a-w- c:\windows\system32\aticfx32.dll 2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-02-15 03:13 . 2012-02-15 03:13 405504 ----a-w- c:\windows\system32\atieclxx.exe 2012-02-15 03:12 . 2012-02-15 03:12 163328 ----a-w- c:\windows\system32\atiesrxx.exe 2012-02-15 03:11 . 2012-02-15 03:11 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-02-15 03:10 . 2012-02-15 03:10 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-02-15 03:07 . 2011-07-28 21:30 6200320 ----a-w- c:\windows\system32\atidxx32.dll 2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\system32\atioglxx.dll 2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\system32\atiumdag.dll 2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\system32\atiumdva.dll 2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\system32\aticaldd.dll 2012-02-15 02:16 . 2011-07-28 21:01 51200 ----a-w- c:\windows\system32\coinst.dll 2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-02-15 02:12 . 2012-02-15 02:12 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-02-15 02:12 . 2011-07-28 20:53 33280 ----a-w- c:\windows\system32\atiuxpag.dll 2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\system32\atiu9pag.dll 2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-02-14 21:05 . 2012-02-14 21:05 59904 ----a-w- c:\windows\system32\OpenVideo.dll 2012-02-14 21:05 . 2012-02-14 21:05 54784 ----a-w- c:\windows\system32\OVDecode.dll 2012-02-14 21:04 . 2012-02-14 21:04 13238272 ----a-w- c:\windows\system32\amdocl.dll 2012-02-14 21:03 . 2012-02-14 21:03 48128 ----a-w- c:\windows\system32\OpenCL.dll 2012-01-31 05:00 . 2012-01-31 05:00 16896 ----a-w- c:\windows\system32\kdbsdk32.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- f:\avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2010-10-27 486560] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "StartCCC"="c:\program files\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032] "EvtMgr6"="h:\setpointp\SetPoint.exe" [2011-10-07 1387288] "avast"="f:\avast\avastUI.exe" [2012-03-07 4241512] . h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Enregistrement du produit.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384] OpenOffice.org 3.3.lnk - f:\openoffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752] Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe [2011-8-28 512000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray] 2010-10-27 14:17 302240 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcactive] 2011-11-17 11:07 4768848 ----a-w- f:\the cleaner\tcap.exe . R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 47144] R3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\everest ultimate edition\kerneld.wnt [2010-03-30 27760] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-22 1343400] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-03-06 12112] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2010-10-27 56480] S2 avast! Firewall;avast! Firewall;f:\avast\afwServ.exe [2012-03-07 134920] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 87712] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2010-09-21 238248] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-09-02 42648] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-09-02 12184] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 62336] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 141440] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2010-07-02 1812584] S3 USBMULCD;Muse Pocket LT3 Interface;c:\windows\system32\drivers\CM106.sys [2009-10-01 1515520] . . Contenu du dossier 'Tâches planifiées' . 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . . ------- Examen supplémentaire ------- . TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - h:\utilisateurs\Icaryon_2\AppData\Roaming\Mozilla\Firefox\Profiles\tq7bsybf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition\kerneld.wnt" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-3817990430-1199872837-2085633412-1003\Software\SecuROM\License information*] "datasecu"=hex:d5,be,7a,e9,2f,a9,be,67,19,67,46,f5,dc,15,8e,4e,ac,0e,db,4e,70, 20,4c,a6,80,d8,0e,38,0c,c7,38,39,35,f7,bb,50,87,97,0d,e0,a1,47,68,ee,49,b2,\ "rkeysecu"=hex:22,db,f1,1c,c8,eb,fd,80,41,d7,7a,91,ba,a4,9f,b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(1176) c:\program files\Bluetooth Suite\AthCopyHook.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\atieclxx.exe f:\avast\AvastSvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe f:\openoffice.org 3\program\soffice.exe f:\openoffice.org 3\program\soffice.bin c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2012-03-23 21:14:44 - La machine a redémarré ComboFix-quarantined-files.txt 2012-03-23 20:14 ComboFix2.txt 2012-03-21 19:43 ComboFix3.txt 2012-03-20 21:05 ComboFix4.txt 2012-03-20 20:59 ComboFix5.txt 2012-03-23 20:07 . Avant-CF: 25 556 021 248 octets libres Après-CF: 25 408 520 192 octets libres . - - End Of File - - 55D526B64D9BCB4E4D53396B7F5B0623

A dire, vrai, pas mieux... Toujours plantage d'explorer lorsque je fais un clic droit sur un raccourcis d'executable... à noter que pour ça : "Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider." J'ai un message "d'erreur" qui me dit que ComboFix est périmé et qu'il ne peux marcher qu'en mode restreint.

Voilà, je viens de le faire : ComboFix 12-03-15.03 - Icaryon_2 21/03/2012 20:41:06.5.4 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3313.2366 [GMT 1:00] Lancé depuis: h:\utilisateurs\Icaryon_2\Downloads\ComboFix.exe Commutateurs utilisés :: h:\utilisateurs\Icaryon_2\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . - Mode FONCTIONNALITES REDUITES - . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll --> c:\windows\System32\user32.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-21 au 2012-03-21 )))))))))))))))))))))))))))))))))))) . . 2012-03-21 19:41 . 2012-03-21 19:41 -------- d-----w- h:\utilisateurs\Default\AppData\Local\temp 2012-03-21 19:41 . 2012-03-21 19:41 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-03-20 21:03 . 2012-03-21 19:42 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\temp 2012-03-15 19:00 . 2012-03-15 22:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-03-14 22:12 . 2012-03-14 22:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google 2012-03-14 21:11 . 2012-03-07 00:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-03-14 21:11 . 2012-03-07 00:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-03-14 21:11 . 2012-03-07 00:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-03-14 21:11 . 2012-03-06 23:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Google 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- c:\program files\Google 2012-03-14 21:07 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-14 21:07 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-14 21:07 . 2012-03-07 00:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-14 21:07 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-14 21:07 . 2012-03-07 00:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-14 21:07 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-14 21:07 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-14 20:27 . 2012-03-14 20:29 -------- d-----w- c:\programdata\SecTaskMan 2012-03-13 21:31 . 2012-03-13 21:31 53248 ----a-r- h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Leadertech 2012-03-13 21:31 . 2012-03-13 21:31 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\programdata\Logishrd 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\program files\Common Files\Logishrd 2012-03-13 21:29 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logitech 2012-03-13 21:29 . 2012-03-13 21:29 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logishrd 2012-02-26 20:15 . 1996-02-08 01:54 284160 ----a-w- c:\windows\unin040c.exe 2012-02-20 23:21 . 2012-02-20 23:21 -------- d-----w- c:\programdata\moosoft 2012-02-20 23:17 . 2012-02-20 23:17 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\thecleaner 2012-02-20 19:56 . 2012-02-20 19:58 -------- d-----w- c:\program files\3DO 2012-02-20 19:49 . 2012-02-22 21:07 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Conduit 2012-02-20 19:49 . 2012-02-20 19:49 -------- d-----w- c:\program files\Conduit . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2011-08-20 14:52 41184 ----a-w- c:\windows\avastSS.scr 2012-02-20 23:30 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-02-20 23:30 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll 2012-02-18 12:51 . 2011-08-26 21:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-15 03:47 . 2012-02-15 03:47 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-02-15 03:18 . 2011-07-28 21:40 791040 ----a-w- c:\windows\system32\aticfx32.dll 2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-02-15 03:13 . 2012-02-15 03:13 405504 ----a-w- c:\windows\system32\atieclxx.exe 2012-02-15 03:12 . 2012-02-15 03:12 163328 ----a-w- c:\windows\system32\atiesrxx.exe 2012-02-15 03:11 . 2012-02-15 03:11 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-02-15 03:10 . 2012-02-15 03:10 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-02-15 03:07 . 2011-07-28 21:30 6200320 ----a-w- c:\windows\system32\atidxx32.dll 2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\system32\atioglxx.dll 2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\system32\atiumdag.dll 2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\system32\atiumdva.dll 2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\system32\aticaldd.dll 2012-02-15 02:16 . 2011-07-28 21:01 51200 ----a-w- c:\windows\system32\coinst.dll 2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-02-15 02:12 . 2012-02-15 02:12 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-02-15 02:12 . 2011-07-28 20:53 33280 ----a-w- c:\windows\system32\atiuxpag.dll 2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\system32\atiu9pag.dll 2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-02-14 21:05 . 2012-02-14 21:05 59904 ----a-w- c:\windows\system32\OpenVideo.dll 2012-02-14 21:05 . 2012-02-14 21:05 54784 ----a-w- c:\windows\system32\OVDecode.dll 2012-02-14 21:04 . 2012-02-14 21:04 13238272 ----a-w- c:\windows\system32\amdocl.dll 2012-02-14 21:03 . 2012-02-14 21:03 48128 ----a-w- c:\windows\system32\OpenCL.dll 2012-01-31 05:00 . 2012-01-31 05:00 16896 ----a-w- c:\windows\system32\kdbsdk32.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- f:\avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2010-10-27 486560] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "StartCCC"="c:\program files\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032] "EvtMgr6"="h:\setpointp\SetPoint.exe" [2011-10-07 1387288] "avast"="f:\avast\avastUI.exe" [2012-03-07 4241512] . h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Enregistrement du produit.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384] OpenOffice.org 3.3.lnk - f:\openoffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752] Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe [2011-8-28 512000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray] 2010-10-27 14:17 302240 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcactive] 2011-11-17 11:07 4768848 ----a-w- f:\the cleaner\tcap.exe . R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 47144] R3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\everest ultimate edition\kerneld.wnt [2010-03-30 27760] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-22 1343400] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-03-06 12112] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2010-10-27 56480] S2 avast! Firewall;avast! Firewall;f:\avast\afwServ.exe [2012-03-07 134920] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 87712] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2010-09-21 238248] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-09-02 42648] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-09-02 12184] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 62336] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 141440] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2010-07-02 1812584] S3 USBMULCD;Muse Pocket LT3 Interface;c:\windows\system32\drivers\CM106.sys [2009-10-01 1515520] . . Contenu du dossier 'Tâches planifiées' . 2012-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . 2012-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . . ------- Examen supplémentaire ------- . TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - h:\utilisateurs\Icaryon_2\AppData\Roaming\Mozilla\Firefox\Profiles\tq7bsybf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition\kerneld.wnt" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-3817990430-1199872837-2085633412-1003\Software\SecuROM\License information*] "datasecu"=hex:d5,be,7a,e9,2f,a9,be,67,19,67,46,f5,dc,15,8e,4e,ac,0e,db,4e,70, 20,4c,a6,80,d8,0e,38,0c,c7,38,39,35,f7,bb,50,87,97,0d,e0,a1,47,68,ee,49,b2,\ "rkeysecu"=hex:22,db,f1,1c,c8,eb,fd,80,41,d7,7a,91,ba,a4,9f,b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(2300) c:\program files\Bluetooth Suite\AthCopyHook.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\atieclxx.exe f:\avast\AvastSvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe f:\adobe\Acrobat Reader\Reader\Reader_sl.exe f:\openoffice.org 3\program\soffice.exe c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE f:\openoffice.org 3\program\soffice.bin c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2012-03-21 20:43:45 - La machine a redémarré ComboFix-quarantined-files.txt 2012-03-21 19:43 ComboFix2.txt 2012-03-20 21:05 ComboFix3.txt 2012-03-20 20:59 ComboFix4.txt 2012-03-15 19:41 ComboFix5.txt 2012-03-21 19:40 . Avant-CF: 25 649 963 008 octets libres Après-CF: 25 515 528 192 octets libres . - - End Of File - - F0F361AD09EDD26A0ADBB2467328ED8C

ComboFix 12-03-15.03 - Icaryon_2 20/03/2012 22:03:05.4.4 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3313.2178 [GMT 1:00] Lancé depuis: h:\utilisateurs\Icaryon_2\Downloads\ComboFix.exe Commutateurs utilisés :: h:\utilisateurs\Icaryon_2\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . - Mode FONCTIONNALITES REDUITES - . FILE :: "c:\program files\Conduit" "h:\utilisateurs\Icaryon_2\AppData\Local\Conduit" . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\user32.dll . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll --> c:\windows\user32.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-20 au 2012-03-20 )))))))))))))))))))))))))))))))))))) . . 2012-03-20 21:03 . 2012-03-20 21:03 -------- d-----w- h:\utilisateurs\Default\AppData\Local\temp 2012-03-15 19:00 . 2012-03-15 22:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-03-14 22:12 . 2012-03-14 22:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google 2012-03-14 21:11 . 2012-03-07 00:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-03-14 21:11 . 2012-03-07 00:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-03-14 21:11 . 2012-03-07 00:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-03-14 21:11 . 2012-03-06 23:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Google 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- c:\program files\Google 2012-03-14 21:07 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-14 21:07 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-14 21:07 . 2012-03-07 00:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-14 21:07 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-14 21:07 . 2012-03-07 00:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-14 21:07 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-14 21:07 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-14 20:27 . 2012-03-14 20:29 -------- d-----w- c:\programdata\SecTaskMan 2012-03-13 21:31 . 2012-03-13 21:31 53248 ----a-r- h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Leadertech 2012-03-13 21:31 . 2012-03-13 21:31 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\programdata\Logishrd 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\program files\Common Files\Logishrd 2012-03-13 21:29 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logitech 2012-03-13 21:29 . 2012-03-13 21:29 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logishrd 2012-02-26 20:15 . 1996-02-08 01:54 284160 ----a-w- c:\windows\unin040c.exe 2012-02-20 23:21 . 2012-02-20 23:21 -------- d-----w- c:\programdata\moosoft 2012-02-20 23:17 . 2012-02-20 23:17 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\thecleaner 2012-02-20 19:56 . 2012-02-20 19:58 -------- d-----w- c:\program files\3DO 2012-02-20 19:49 . 2012-02-22 21:07 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Conduit 2012-02-20 19:49 . 2012-02-20 19:49 -------- d-----w- c:\program files\Conduit . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2011-08-20 14:52 41184 ----a-w- c:\windows\avastSS.scr 2012-02-20 23:30 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-02-20 23:30 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll 2012-02-20 23:30 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll 2012-02-18 12:51 . 2011-08-26 21:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-15 03:47 . 2012-02-15 03:47 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-02-15 03:18 . 2011-07-28 21:40 791040 ----a-w- c:\windows\system32\aticfx32.dll 2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-02-15 03:13 . 2012-02-15 03:13 405504 ----a-w- c:\windows\system32\atieclxx.exe 2012-02-15 03:12 . 2012-02-15 03:12 163328 ----a-w- c:\windows\system32\atiesrxx.exe 2012-02-15 03:11 . 2012-02-15 03:11 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-02-15 03:10 . 2012-02-15 03:10 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-02-15 03:07 . 2011-07-28 21:30 6200320 ----a-w- c:\windows\system32\atidxx32.dll 2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\system32\atioglxx.dll 2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\system32\atiumdag.dll 2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\system32\atiumdva.dll 2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\system32\aticaldd.dll 2012-02-15 02:16 . 2011-07-28 21:01 51200 ----a-w- c:\windows\system32\coinst.dll 2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-02-15 02:12 . 2012-02-15 02:12 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-02-15 02:12 . 2011-07-28 20:53 33280 ----a-w- c:\windows\system32\atiuxpag.dll 2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\system32\atiu9pag.dll 2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-02-14 21:05 . 2012-02-14 21:05 59904 ----a-w- c:\windows\system32\OpenVideo.dll 2012-02-14 21:05 . 2012-02-14 21:05 54784 ----a-w- c:\windows\system32\OVDecode.dll 2012-02-14 21:04 . 2012-02-14 21:04 13238272 ----a-w- c:\windows\system32\amdocl.dll 2012-02-14 21:03 . 2012-02-14 21:03 48128 ----a-w- c:\windows\system32\OpenCL.dll 2012-01-31 05:00 . 2012-01-31 05:00 16896 ----a-w- c:\windows\system32\kdbsdk32.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-02-20 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll [7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- f:\avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2010-10-27 486560] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "StartCCC"="c:\program files\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032] "EvtMgr6"="h:\setpointp\SetPoint.exe" [2011-10-07 1387288] "avast"="f:\avast\avastUI.exe" [2012-03-07 4241512] . h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Enregistrement du produit.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384] OpenOffice.org 3.3.lnk - f:\openoffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752] Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe [2011-8-28 512000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray] 2010-10-27 14:17 302240 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcactive] 2011-11-17 11:07 4768848 ----a-w- f:\the cleaner\tcap.exe . R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 47144] R3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\everest ultimate edition\kerneld.wnt [2010-03-30 27760] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-22 1343400] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-03-06 12112] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2010-10-27 56480] S2 avast! Firewall;avast! Firewall;f:\avast\afwServ.exe [2012-03-07 134920] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 87712] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2010-09-21 238248] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-09-02 42648] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-09-02 12184] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 62336] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 141440] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2010-07-02 1812584] S3 USBMULCD;Muse Pocket LT3 Interface;c:\windows\system32\drivers\CM106.sys [2009-10-01 1515520] . . Contenu du dossier 'Tâches planifiées' . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . . ------- Examen supplémentaire ------- . TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - h:\utilisateurs\Icaryon_2\AppData\Roaming\Mozilla\Firefox\Profiles\tq7bsybf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition\kerneld.wnt" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-3817990430-1199872837-2085633412-1003\Software\SecuROM\License information*] "datasecu"=hex:d5,be,7a,e9,2f,a9,be,67,19,67,46,f5,dc,15,8e,4e,ac,0e,db,4e,70, 20,4c,a6,80,d8,0e,38,0c,c7,38,39,35,f7,bb,50,87,97,0d,e0,a1,47,68,ee,49,b2,\ "rkeysecu"=hex:22,db,f1,1c,c8,eb,fd,80,41,d7,7a,91,ba,a4,9f,b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(5064) c:\program files\Bluetooth Suite\AthCopyHook.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\AUDIODG.EXE c:\windows\system32\atieclxx.exe f:\avast\AvastSvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe f:\adobe\Acrobat Reader\Reader\Reader_sl.exe f:\openoffice.org 3\program\soffice.exe f:\openoffice.org 3\program\soffice.bin c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE . ************************************************************************** . Heure de fin: 2012-03-20 22:05:38 - La machine a redémarré ComboFix-quarantined-files.txt 2012-03-20 21:05 ComboFix2.txt 2012-03-20 20:59 ComboFix3.txt 2012-03-15 19:41 ComboFix4.txt 2012-03-15 19:33 . Avant-CF: 25 544 142 848 octets libres Après-CF: 25 504 698 368 octets libres . - - End Of File - - C2626AB7EF24ADBFB6360CEFF77009DD Merci du coup de main

Bonjour à tous ! Je me permet de soliciter votre suite au sujet suivant Un guide et un tutoriel sur l'utilisation de ComboFix et parce que j'ai un truc bizarre... A chaque fois que je fais un clic droit sur un raccourcis, explorer plante et redémarre... De plus, mon antivirus était inopérant... Pour ce point, une réinstall à corriger le problème. Après certaines tribulations et n'ayant pas trouvé de réponse satisfaisante, j'ai décidé de lancer tout un tas de scan, sans résultats ... J'ai fait un scan avec Avast, des trojans ont été trouvés. Un coup de Malewarebyte, idem mais supprimé. Spybot search and destroy, rien. Je viens de passer un coup de ComboFix et j'obtient ça : ComboFix 12-03-15.03 - Icaryon_2 15/03/2012 20:38:00.2.4 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3313.2350 [GMT 1:00] Lancé depuis: h:\utilisateurs\Icaryon_2\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-15 au 2012-03-15 )))))))))))))))))))))))))))))))))))) . . 2012-03-15 19:40 . 2012-03-15 19:40 -------- d-----w- h:\utilisateurs\Default\AppData\Local\temp 2012-03-15 19:40 . 2012-03-15 19:40 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2012-03-15 19:00 . 2012-03-15 19:27 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-03-14 22:12 . 2012-03-14 22:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google 2012-03-14 21:11 . 2012-03-07 00:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-03-14 21:11 . 2012-03-07 00:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-03-14 21:11 . 2012-03-07 00:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-03-14 21:11 . 2012-03-06 23:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Google 2012-03-14 21:07 . 2012-03-14 21:09 -------- d-----w- c:\program files\Google 2012-03-14 21:07 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-14 21:07 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-14 21:07 . 2012-03-07 00:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-14 21:07 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-14 21:07 . 2012-03-07 00:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-14 21:07 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-14 21:07 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-14 20:27 . 2012-03-14 20:29 -------- d-----w- c:\programdata\SecTaskMan 2012-03-13 21:31 . 2012-03-13 21:31 53248 ----a-r- h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Leadertech 2012-03-13 21:31 . 2012-03-13 21:31 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\programdata\Logishrd 2012-03-13 21:31 . 2012-03-13 21:31 -------- d-----w- c:\program files\Common Files\Logishrd 2012-03-13 21:29 . 2012-03-13 21:31 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logitech 2012-03-13 21:29 . 2012-03-13 21:29 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Logishrd 2012-02-26 20:15 . 1996-02-08 01:54 284160 ----a-w- c:\windows\unin040c.exe 2012-02-20 23:21 . 2012-02-20 23:21 -------- d-----w- c:\programdata\moosoft 2012-02-20 23:17 . 2012-02-20 23:17 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\thecleaner 2012-02-20 19:56 . 2012-02-20 19:58 -------- d-----w- c:\program files\3DO 2012-02-20 19:49 . 2012-02-22 21:07 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Local\Conduit 2012-02-20 19:49 . 2012-02-20 19:49 -------- d-----w- c:\program files\Conduit 2012-02-18 19:36 . 2012-02-18 19:36 -------- d-----w- c:\program files\Windows XP Mode 2012-02-18 12:54 . 2010-10-28 09:46 1251944 ----a-w- c:\windows\RtlExUpd.dll 2012-02-18 12:54 . 2005-11-13 22:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2012-02-18 12:49 . 2010-08-25 06:31 11456 ----a-w- c:\windows\system32\drivers\AsIO.sys 2012-02-18 12:49 . 2010-06-30 06:41 28672 ----a-w- c:\windows\system32\AsIO.dll 2012-02-18 12:28 . 2012-02-18 12:41 -------- d-----w- h:\utilisateurs\Icaryon_2\AppData\Roaming\Download Manager 2012-02-15 03:47 . 2012-02-15 03:47 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-02-15 03:13 . 2012-02-15 03:13 405504 ----a-w- c:\windows\system32\atieclxx.exe 2012-02-15 03:12 . 2012-02-15 03:12 163328 ----a-w- c:\windows\system32\atiesrxx.exe 2012-02-15 03:11 . 2012-02-15 03:11 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-02-15 03:10 . 2012-02-15 03:10 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\system32\atioglxx.dll 2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\system32\atiumdag.dll 2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\system32\atiumdva.dll 2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\system32\aticaldd.dll 2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-02-15 02:12 . 2012-02-15 02:12 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\system32\atiu9pag.dll 2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-02-14 21:05 . 2012-02-14 21:05 59904 ----a-w- c:\windows\system32\OpenVideo.dll 2012-02-14 21:05 . 2012-02-14 21:05 54784 ----a-w- c:\windows\system32\OVDecode.dll 2012-02-14 21:04 . 2012-02-14 21:04 13238272 ----a-w- c:\windows\system32\amdocl.dll 2012-02-14 21:03 . 2012-02-14 21:03 48128 ----a-w- c:\windows\system32\OpenCL.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-07 00:15 . 2011-08-20 14:52 41184 ----a-w- c:\windows\avastSS.scr 2012-02-20 23:30 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-02-20 23:30 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll 2012-02-20 23:30 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll 2012-02-18 12:51 . 2011-08-26 21:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-15 03:18 . 2011-07-28 21:40 791040 ----a-w- c:\windows\system32\aticfx32.dll 2012-02-15 03:07 . 2011-07-28 21:30 6200320 ----a-w- c:\windows\system32\atidxx32.dll 2012-02-15 02:16 . 2011-07-28 21:01 51200 ----a-w- c:\windows\system32\coinst.dll 2012-02-15 02:12 . 2011-07-28 20:53 33280 ----a-w- c:\windows\system32\atiuxpag.dll 2012-01-31 05:00 . 2012-01-31 05:00 16896 ----a-w- c:\windows\system32\kdbsdk32.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-02-20 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll [7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- f:\avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="h:\spybot - search & destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2010-10-27 486560] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "StartCCC"="c:\program files\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032] "EvtMgr6"="h:\setpointp\SetPoint.exe" [2011-10-07 1387288] "avast"="f:\avast\avastUI.exe" [2012-03-07 4241512] . h:\utilisateurs\Icaryon_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech . Enregistrement du produit.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384] OpenOffice.org 3.3.lnk - f:\openoffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752] Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe [2011-8-28 512000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray] 2010-10-27 14:17 302240 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcactive] 2011-11-17 11:07 4768848 ----a-w- f:\the cleaner\tcap.exe . R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 47144] R3 EverestDriver;Lavalys EVEREST Kernel Driver;h:\everest ultimate edition\kerneld.wnt [2010-03-30 27760] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 136176] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-22 1343400] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-03-06 12112] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2010-10-27 56480] S2 avast! Firewall;avast! Firewall;f:\avast\afwServ.exe [2012-03-07 134920] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-08-12 87712] S2 SBSDWSCService;SBSD Security Center Service;h:\spybot - search & destroy\SDWinSec.exe [2009-01-26 1153368] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 37224] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 260968] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 26984] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 178024] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 51560] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 143336] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 242024] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2010-09-21 238248] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-09-02 42648] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-09-02 12184] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 62336] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 141440] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2010-07-02 1812584] S3 USBMULCD;Muse Pocket LT3 Interface;c:\windows\system32\drivers\CM106.sys [2009-10-01 1515520] . . Contenu du dossier 'Tâches planifiées' . 2012-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . 2012-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-14 21:07] . . ------- Examen supplémentaire ------- . TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - h:\utilisateurs\Icaryon_2\AppData\Roaming\Mozilla\Firefox\Profiles\tq7bsybf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition\kerneld.wnt" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-3817990430-1199872837-2085633412-1003\Software\SecuROM\License information*] "datasecu"=hex:d5,be,7a,e9,2f,a9,be,67,19,67,46,f5,dc,15,8e,4e,ac,0e,db,4e,70, 20,4c,a6,80,d8,0e,38,0c,c7,38,39,35,f7,bb,50,87,97,0d,e0,a1,47,68,ee,49,b2,\ "rkeysecu"=hex:22,db,f1,1c,c8,eb,fd,80,41,d7,7a,91,ba,a4,9f,b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2012-03-15 20:41:34 ComboFix-quarantined-files.txt 2012-03-15 19:41 ComboFix2.txt 2012-03-15 19:33 . Avant-CF: 25 598 078 976 octets libres Après-CF: 25 523 666 944 octets libres . - - End Of File - - 51BAB1FC80FFBA664B64AB44BB4416A8 Ne sachant pas vraiment traduire, je viens ici demander une analyse. Merci d'avance pour votre aide !!!