Bonjour , désolé pour le retard
voici le rapport de combofix que tu m'avais demandé!
ComboFix 09-11-07.02 - Propriétaire 2009-11-08 9:56.7.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.767.452 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Propri‚taire\Mes documents\ZbThumbnail.info
c:\windows\system32\5FBvTP940hUKv.vbs
c:\windows\system32\DSSENH32.DLL
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\kmd.exe
c:\windows\system32\LocalService\329.crack.zip
c:\windows\system32\LocalService\329.crack.zip.kwd
c:\windows\system32\LocalService\330.keygen.zip
c:\windows\system32\LocalService\330.keygen.zip.kwd
c:\windows\system32\LocalService\331.serial.zip
c:\windows\system32\LocalService\331.serial.zip.kwd
c:\windows\system32\LocalService\332.setup.zip
c:\windows\system32\LocalService\332.setup.zip.kwd
c:\windows\system32\LocalService\333.music.au.kwd
c:\windows\system32\LocalService\334.music2.au.kwd
c:\windows\system32\LocalService\335.music3.au.kwd
c:\windows\system32\LocalService\336.music4.au.kwd
c:\windows\system32\ps2.bat
c:\windows\system32\tmp.reg
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\poof
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-08 au 2009-11-08 ))))))))))))))))))))))))))))))))))))
.
2009-11-06 11:49 . 2009-11-06 11:49 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-11-05 12:15 . 2009-11-05 12:16 -------- d-----w- C:\GenProc
2009-11-05 07:31 . 2009-11-05 07:31 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-11-05 07:23 . 2009-11-05 07:23 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-05 07:23 . 2009-11-05 07:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-05 07:22 . 2009-11-05 07:22 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-11-05 07:18 . 2009-11-08 09:06 -------- d-sh--w- c:\windows\system32\LocalService
2009-11-04 09:56 . 2009-11-04 09:56 268288 ----a-w- c:\windows\system32\dtu10032.dll
2009-11-01 14:58 . 2009-11-05 07:21 -------- d-----w- c:\program files\Freeplayer
2009-10-30 10:19 . 2009-10-30 10:19 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-10-30 10:19 . 2009-10-30 10:19 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-10-30 07:49 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-30 07:49 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-30 07:49 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-06 13:30 . 2008-01-23 12:08 -------- d-----w- c:\program files\Windows Live
2009-10-31 08:34 . 2009-08-18 16:48 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-30 07:37 . 2009-08-18 16:48 -------- d-----w- c:\program files\Avira
2009-10-25 09:29 . 2002-01-02 02:30 49486 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-25 09:29 . 2002-01-02 02:30 369208 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-23 07:32 . 2009-08-18 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-10-18 17:12 . 2005-12-06 13:14 -------- d-----w- c:\program files\eMule
2009-10-13 19:39 . 2008-04-27 16:24 -------- d-----w- c:\program files\DMV
2009-09-11 14:18 . 2002-10-02 03:03 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2002-10-02 03:02 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2004-08-23 17:16 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:01 . 2002-10-02 03:03 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2008-04-14 02:33 . 2002-10-02 03:01 65024 --sha-w- c:\windows\system32\asycfilt.dll
2008-04-14 02:33 . 2002-10-02 03:01 617472 --sha-w- c:\windows\system32\comctl32.dll
2006-12-23 20:03 . 2005-12-04 13:54 11166 -csha-w- c:\windows\system32\KGyGaAvL.sys
2008-04-14 02:33 . 2002-10-02 03:02 1028096 --sha-w- c:\windows\system32\mfc42.dll
2001-08-28 19:00 . 2002-01-02 02:30 57344 --sha-w- c:\windows\system32\mfc42loc.dll
1995-09-20 15:16 . 2006-12-01 11:58 35088 -csha-w- c:\windows\system32\msjint32.dll
1995-09-20 15:13 . 2006-12-01 11:58 977680 -csha-w- c:\windows\system32\msjt3032.dll
1995-09-20 15:16 . 2006-12-01 11:58 23824 -csha-w- c:\windows\system32\msjter32.dll
2008-04-14 02:33 . 2002-10-02 03:03 413696 --sha-w- c:\windows\system32\msvcp60.dll
2008-04-14 02:33 . 2002-10-02 03:03 343040 --sha-w- c:\windows\system32\msvcrt.dll
2001-08-28 12:00 . 2002-10-02 03:03 253952 --sha-w- c:\windows\system32\msvcrt20.dll
2008-04-14 02:33 . 2002-10-02 03:03 551936 --sha-w- c:\windows\system32\oleaut32.dll
2008-04-14 02:33 . 2002-10-02 03:03 84992 --sha-w- c:\windows\system32\olepro32.dll
2008-04-14 02:33 . 2002-10-02 03:04 30749 --sha-w- c:\windows\system32\vbajet32.dll
1995-09-24 10:02 . 2006-12-01 11:58 243472 -csha-w- c:\windows\system32\vbar2232.dll
1998-05-18 02:06 . 2006-12-01 11:58 368912 -csha-w- c:\windows\system32\vbar332.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EF31453-29B0-4160-BBD8-F077E3FA078b}]
2009-11-04 09:56 268288 ----a-w- c:\windows\system32\dtu10032.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 68856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-08-05 1830128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2002-05-15 114688]
"KBD"="c:\hp\KBD\KBD.EXE" [2001-07-06 61440]
"StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-05-09 155648]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2001-12-18 212992]
"PS2"="c:\windows\system32\ps2.exe" [2002-06-14 81920]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-12-04 176128]
"HPHUPD05"="c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe" [2003-11-12 49152]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2004-02-02 495616]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
"LaunchList"="c:\program files\Pinnacle\Studio 9\LaunchList.exe" [2003-03-31 49152]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-12-31 20480]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-05-03 364544]
"Tweak UI"="TWEAKUI.CPL" - c:\windows\system32\tweakui.cpl [2003-03-25 106544]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Temp\\7zSB.tmp\\SymNRT.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Temp\\7zSD.tmp\\SymNRT.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Temp\\7zSE.tmp\\SymNRT.exe"=
"c:\\Documents and Settings\\Propriétaire\\Local Settings\\Temp\\7zSF.tmp\\SymNRT.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54624:TCP"= 54624:TCP:emule
"26474:UDP"= 26474:UDP:emule
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-08-05 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-08-05 74480]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-10-30 108289]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-08-05 7408]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2006-02-23 21344]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-08-20 38160]
S3 QCEmerald;QuickCam Web Logitech;c:\windows\system32\drivers\OVCE.sys [2005-12-31 31872]
S3 SIWIO;SIWIO;\??\c:\windows\TEMP\SiwIo.sys --> c:\windows\TEMP\SiwIo.sys [?]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [2006-05-17 379456]
--- Autres Services/Pilotes en mémoire ---
*Deregistered* - mbr
.
Contenu du dossier 'Tâches planifiées'
2009-11-08 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\pexpress\hphped05.exe [2004-01-07 05:05]
2009-11-08 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.msn.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.troner.net/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
TCP: {4C417972-71BD-4219-99E2-50F7DBE8D732} = 212.27.40.241,212.27.40.240
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\1czlwrko.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://fr.ask.com?o=15161&l=dis
FF - prefs.js: keyword.URL -
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe
Notify-4189adc691 - c:\windows\System32\dssenh32.dll
SafeBoot-AVG Anti-Spyware Driver
AddRemove-Démo Les Tibidous - Eveil 2-4 ans - c:\demo_tibidous\Uninstal.exe
AddRemove-LiveUpdate1.7 - c:\program files\Symantec\LiveUpdate\LSETUP.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-08 10:14
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(736)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
- - - - - - - > 'explorer.exe'(1500)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-11-08 10:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-08 09:32
ComboFix2.txt 2008-02-11 07:46
Avant-CF: 1,021,845,504 octets libres
Après-CF: 2,088,566,784 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 1F9CDC795B63EBB24B5EC51CFAC72395
merci de m'aider
Anti virus gratuit
