erik775

ok je vais faire du vide . MERCI

bonjour jai essayé en suivant tes instructions ( je l'avais deja fait avant ) jai chercher sur microsfot mais rien meme mon disque dur externe a l'acces refusé le mieux je croit vue qu'il a fait son temps et que j'en achete un autre non??? l'erreur apparait sur pas mal de forum mais pas la solution

bonjour voici le rapport Log Opened: 2013-10-06 @ 14:31:51 14:31:51 - ----------------- 14:31:51 - | Begin Logging | 14:31:51 - ----------------- 14:31:51 - Fix started on a WIN_VISTA X86 computer 14:31:51 - Prep in progress. Please Wait. 14:32:04 - Prep complete 14:32:04 - Repairing Services Now. Please wait... INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\BFE.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\BITS.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\iphlpsvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\MpsSvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\SharedAccess.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\WinDefend.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\wscsvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Vista\wuauserv.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv> SetACL finished successfully. 14:32:22 - Services Repair Complete. 14:32:37 - Reboot Initiated j'ai retenté mais les mises a jours me marque toujours code erreur 80096001

bonjour question virus je pense que oui plus rien n'est detecté,le seul probleme c'est que maintenant il met impossible de faire les mmises a jour avec update et mon anti virus code erreur80096001 jai regarder et essayé tout ce que jai trouvé sur les forums mais rien ne marche

merci bernard 53

bonjour et merci pour l'aide ,voici les liens http://cjoint.com/?CICvGOlB6XL http://cjoint.com/?CICvP0jLlT

bonjour, mon anti virus avg me trouve un rookit , sans qu'il puisse sans debarassé .bref voici le rapport de combo fixe si quelqu'un peut m'aider merci beaucoup ComboFix 13-09-22.01 - eric 23/09/2013 14:12:43.5.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1022.392 [GMT 2:00] Lancé depuis: c:\users\eric\Downloads\ComboFix.exe AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . . ((((((((((((((((((((((((((((( Fichiers créés du 2013-08-23 au 2013-09-23 )))))))))))))))))))))))))))))))))))) . . 2013-09-23 12:37 . 2013-09-23 12:37 -------- d-----w- c:\users\tetard02\AppData\Local\temp 2013-09-23 12:37 . 2013-09-23 12:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-21 03:11 . 2013-09-23 12:37 -------- d-----w- c:\users\eric\AppData\Local\temp 2013-09-20 13:13 . 2013-09-20 13:13 -------- d-----w- c:\users\eric\AppData\Roaming\CompuClever 2013-09-20 13:13 . 2013-09-20 14:23 -------- d-----w- c:\program files\CompuClever 2013-09-20 12:42 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys 2013-09-19 13:46 . 2013-09-19 13:46 77528 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-09-19 13:05 . 2013-09-19 13:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-09-19 13:05 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-19 12:12 . 2013-09-19 12:12 -------- d-----w- C:\TDSSKiller_Quarantine 2013-09-19 05:26 . 2013-09-19 05:26 -------- d-----w- c:\users\eric\AppData\Roaming\FixZeroAccess 2013-09-11 16:11 . 2013-09-11 16:11 -------- d-----w- c:\users\tetard02\AppData\Local\Avg2014 2013-09-10 19:46 . 2013-09-10 19:46 -------- d-----w- c:\users\eric\AppData\Roaming\AVG2014 2013-09-10 19:31 . 2013-09-10 19:41 -------- d-----w- c:\programdata\AVG2014 2013-09-10 19:24 . 2013-09-15 13:05 -------- d-----w- c:\users\eric\AppData\Local\Avg2014 2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2013-09-01 17:16 . 2013-09-08 06:43 -------- d-----w- c:\users\eric\AppData\Roaming\Garmin 2013-09-01 17:02 . 2013-09-08 06:43 -------- d-----w- c:\users\eric\AppData\Local\Garmin 2013-08-28 20:14 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-24 15:24 . 2013-08-24 15:24 -------- d-----w- c:\users\eric\AppData\Roaming\FreeCDRipper . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-10 16:34 . 2012-09-14 21:56 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-09-10 16:34 . 2012-09-11 15:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-22 21:37 . 2013-08-22 21:37 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-08-22 20:56 . 2013-08-22 20:56 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-08-22 20:56 . 2013-08-22 20:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-08-22 20:56 . 2013-08-22 20:56 146232 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-08-20 20:54 . 2013-08-20 20:54 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2013-08-15 06:22 . 2012-12-07 06:57 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-08-01 14:08 . 2013-08-01 14:08 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2013-08-01 14:06 . 2013-08-01 14:06 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys 2013-08-01 14:06 . 2013-08-01 14:06 120120 ----a-w- c:\windows\system32\drivers\avgdiskx.sys 2013-08-01 14:05 . 2013-08-01 14:05 26936 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2013-07-25 02:32 . 2013-08-14 15:51 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-07-25 02:26 . 2013-08-14 15:52 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-07-25 02:25 . 2013-08-14 15:51 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-25 02:23 . 2013-08-14 15:52 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-25 02:23 . 2013-08-14 15:52 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-07-25 02:22 . 2013-08-14 15:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-17 19:41 . 2013-08-14 15:44 2048 ----a-w- c:\windows\system32\tzres.dll 2013-07-10 09:47 . 2013-08-14 15:44 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-07-09 12:10 . 2013-08-14 15:44 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-07-08 04:55 . 2013-08-14 15:44 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-07-08 04:55 . 2013-08-14 15:44 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-07-08 04:20 . 2013-08-14 15:45 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-07-08 04:16 . 2013-08-14 15:45 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-07-08 04:16 . 2013-08-14 15:45 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-07-08 04:16 . 2013-08-14 15:45 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-07-05 04:53 . 2013-08-14 15:44 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2007-08-01 09:34 . 2013-08-17 11:09 157184 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2013-08-15 06:22 3122864 ----a-w- c:\program files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll" [2013-08-15 3122864] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-28 4472832] "Skytel"="Skytel.exe" [2007-05-25 1826816] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-01 243200] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-08-26 4851248] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-08-15 2314416] "WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] 2006-10-24 21:08 107112 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] 2006-10-24 07:19 46728 ----a-w- c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck] 2006-10-26 23:18 22696 ----a-w- c:\program files\Norton Internet Security\osCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-02-21 01:18 366400 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray] 2007-01-11 09:40 232184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - COMHOST . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' . 2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 16:34] . 2013-06-20 c:\windows\Tasks\Extension de garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-08-01 16:38] . 2013-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 05:11] . 2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 05:11] . 2013-09-23 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-08-01 16:34] . 2013-09-22 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job - c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-15 18:23] . . ------- Examen supplémentaire ------- . uStart Page = uInternet Settings,ProxyOverride = <local> LSP: c:\windows\system32\wpclsp.dll TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll FF - ProfilePath - c:\users\eric\AppData\Roaming\Mozilla\Firefox\Profiles\ozz3fcyr.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google FF - user.js: extentions.y2layers.installId - fa1346ef-822a-47fc-b21f-061666a8c7bb FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=17425&tt=030912_5ftt_3712_8 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - def FF - user.js: extensions.BabylonToolbar.id - 6cba5aa00000000000000015af2e85a1 FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15595 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.129:22 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babclient FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - std FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.claro.autoRvrt - false FF - user.js: extensions.claro_i.newTab - false FF - user.js: extensions.claro.id - 6cba5aa00000000000000015af2e85a1 FF - user.js: extensions.claro.instlDay - 15595 FF - user.js: extensions.claro.vrsn - 1.6.4.1 FF - user.js: extensions.claro.vrsni - 1.6.4.1 FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.19:35 FF - user.js: extensions.claro.prtnrId - claro FF - user.js: extensions.claro.prdct - claro FF - user.js: extensions.claro.aflt - babsst FF - user.js: extensions.claro_i.smplGrp - none FF - user.js: extensions.claro.tlbrId - iclaro FF - user.js: extensions.claro.instlRef - sst FF - user.js: extensions.claro.dfltLng - en FF - user.js: extensions.claro.excTlbr - false FF - user.js: extensions.claro.admin - false FF - user.js: extensions.funmoods.hmpg - false FF - user.js: extensions.funmoods.dfltSrch - false FF - user.js: extensions.funmoods.srchPrvdr - Funmoods FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - false FF - user.js: extensions.funmoods.id - 001D600012D55AA0 FF - user.js: extensions.funmoods.instlDay - 15695 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2220:26 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - ironpub12 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - ironpub12 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - true FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 user_pref('extensions.dealply.partner', 'vita'); user_pref('extensions.dealply.channel', 'vitatelechargers'); user_pref('extensions.dealply.installId', 'v24300291729850268536482012091308134723'); user_pref('extensions.dealply.installIdSource', 'inst'); user_pref('extensions.dealply.sampleGroup', '3'); . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-09-23 14:37 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . Heure de fin: 2013-09-23 14:42:16 ComboFix-quarantined-files.txt 2013-09-23 12:42 ComboFix2.txt 2013-09-22 06:51 ComboFix3.txt 2013-09-22 05:32 ComboFix4.txt 2013-09-22 04:57 . Avant-CF: 3 027 759 104 octets libres Après-CF: 2 997 452 800 octets libres . - - End Of File - - 524E174BD3CFE1B0419BAE9002F9C616 5C616939100B85E558DA92B899A0FC36