Sujet Précédent Sujet Suivant

Mon rapport combofix

Fermé
holylife Messages postés 33 Date d'inscription lundi 24 août 2009 Statut Membre Dernière intervention 14 août 2018 - 1 mai 2010 à 23:21
roro04 Messages postés 1132 Date d'inscription mercredi 11 novembre 2009 Statut Contributeur Dernière intervention 24 novembre 2013 - 6 mai 2010 à 18:06
bsr, voici mon rapport combofix ; svp qlq'1 peut-il l'examiner. P.b avec des virus : ordi lent , plantage ...
merci

ComboFix 10-04-30.01 - 01/05/2010 21:09:09.6.1 - x86
Microsoft® Windows Vista(TM) Édition Intégrale 6.0.6000.0.1252.33.1036.18.1014.512 [GMT 1:00]
Lancé depuis: c:\users\ \Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 4.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1390067357-1177238915-839522115-1003
c:\recycler\S-1-5-21-1390067357-1177238915-839522115-1004

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-04-01 au 2010-05-01 ))))))))))))))))))))))))))))))))))))
.

2010-05-01 19:28 . 2010-05-01 19:30 -------- d-----w- C:\FyK
2010-04-29 17:47 . 2010-04-29 20:07 -------- d-----w- C:\Ad-Remover
2010-04-28 02:32 . 2010-04-28 02:32 -------- d-----w- c:\program files\FreeGamePick.com
2010-04-28 00:19 . 2010-04-28 00:19 -------- d-----w- c:\program files\ESET
2010-04-28 00:05 . 2010-04-28 00:05 -------- d-----w- c:\program files\Ares
2010-04-28 00:04 . 2010-04-28 00:04 -------- d-----w- c:\program files\VS Revo Group
2010-04-27 22:19 . 2010-04-27 22:19 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-26 00:21 . 2010-04-26 00:21 -------- d-----w- c:\program files\uTorrent
2010-04-12 00:13 . 2010-04-12 00:14 -------- d-----w- c:\programdata\Yahoo! Companion
2010-04-12 00:12 . 2010-04-12 00:14 -------- d-----w- c:\programdata\Yahoo!
2010-04-12 00:12 . 2010-03-19 16:35 607544 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2010-04-11 23:56 . 2010-04-12 02:29 -------- d-----w- c:\program files\MSECache
2010-04-11 23:44 . 2010-04-11 23:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-06 22:44 . 2010-04-06 22:45 -------- d-----w- c:\program files\QuickTime
2010-04-06 22:44 . 2010-04-06 22:44 -------- d-----w- c:\programdata\Apple Computer
2010-04-06 22:42 . 2010-04-06 22:42 -------- d-----w- c:\program files\Common Files\Apple
2010-04-06 22:40 . 2010-04-06 22:41 -------- d-----w- c:\program files\Apple Software Update
2010-04-06 22:40 . 2010-04-06 22:40 -------- d-----w- c:\programdata\Apple
2010-04-06 16:06 . 2010-04-06 16:06 -------- d-----w- c:\program files\Beijing xinwei

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-01 20:11 . 2006-11-02 16:03 689846 -c--a-w- c:\windows\system32\perfh00C.dat
2010-05-01 20:11 . 2006-11-02 16:03 116988 -c--a-w- c:\windows\system32\perfc00C.dat
2010-05-01 02:56 . 2010-03-01 21:23 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-26 00:41 . 2010-03-09 23:13 -------- d-----w- c:\programdata\avg8
2010-04-12 00:14 . 2010-03-08 20:43 -------- d-----w- c:\program files\Yahoo!
2010-04-11 21:46 . 2010-02-15 03:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-07 13:46 . 2010-02-15 03:33 -------- d-----w- c:\programdata\PC Suite
2010-04-06 17:48 . 2010-03-05 23:28 -------- d-----w- c:\programdata\MumboJumbo
2010-04-06 16:06 . 2010-02-14 12:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-27 19:28 . 2010-03-27 19:28 -------- d-----w- c:\programdata\Zylom
2010-03-27 19:27 . 2010-03-27 19:26 -------- d-----w- c:\program files\Luxor 3
2010-03-22 02:37 . 2010-03-22 02:37 -------- d-----w- c:\program files\Alwil Software
2010-03-18 02:31 . 2010-02-15 03:48 -------- d-----w- c:\program files\Bible
2010-03-09 23:13 . 2010-03-09 23:13 -------- d-----w- c:\program files\AVG
2010-03-09 22:52 . 2010-03-07 03:49 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-09 22:45 . 2010-03-09 22:45 217272 ----a-w- c:\windows\system32\drivers\netio.sys
2010-03-09 22:45 . 2010-03-09 22:45 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2010-03-09 22:45 . 2010-03-09 22:45 803840 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-03-09 22:45 . 2010-03-09 22:45 22016 ----a-w- c:\windows\system32\netiougc.exe
2010-03-09 22:14 . 2010-02-28 00:26 -------- d-----w- c:\programdata\Kaspersky Lab
2010-03-09 22:04 . 2010-03-09 22:04 -------- d-----w- c:\program files\Jargon Informatique
2010-03-09 22:03 . 2010-02-20 11:35 -------- d-----w- c:\program files\Total Video Converter
2010-03-08 21:15 . 2010-03-08 21:15 -------- d-----w- c:\program files\Microsoft
2010-03-08 21:15 . 2010-03-08 21:13 -------- d-----w- c:\program files\Windows Live
2010-03-08 21:14 . 2010-03-08 21:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-03-08 20:43 . 2010-03-08 20:43 -------- d-----w- c:\program files\Common Files\Windows Live
2010-03-07 07:53 . 2010-02-28 00:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-03-07 03:22 . 2010-03-07 03:22 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-03-07 03:22 . 2010-03-07 03:22 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-03-07 03:22 . 2010-03-07 03:22 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-03-07 03:21 . 2010-03-07 03:21 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-03-05 23:19 . 2010-03-05 23:19 -------- d-----w- c:\program files\Oberon Media
2010-03-05 23:19 . 2010-03-05 23:19 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-03-05 23:19 . 2010-03-05 23:19 -------- d-----w- c:\program files\orange
2010-02-22 00:21 . 2010-02-22 00:21 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-22 00:14 . 2010-02-22 00:14 95744 ----a-w- c:\programdata\SpeedBit\DAP\SDCondition.dll
2010-02-22 00:11 . 2010-02-22 00:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-22 00:10 . 2010-02-20 11:51 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-02-20 11:41 . 2010-02-20 11:35 105804 ----a-w- c:\windows\hpqins11.dat
2010-02-20 11:20 . 2010-02-20 11:04 177856 ----a-w- c:\windows\hpoins27.dat
2010-02-17 00:52 . 2010-02-17 00:52 240128 ----a-w- c:\windows\system32\drivers\royal.sys
2010-02-15 03:27 . 2010-02-15 03:27 8192 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
2010-02-15 03:27 . 2010-02-15 03:27 61440 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2010-02-15 03:27 . 2010-02-15 03:27 10240 ----a-w- c:\programdata\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
2000-12-31 23:04 . 2010-05-01 08:22 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2000-12-31 23:04 . 2010-05-01 08:22 2048 --sha-w- c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-04-26_22.56.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-14 14:14 . 2010-05-01 08:26 41094 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:03 . 2010-05-01 19:31 49870 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2010-04-26 00:50 . 2010-04-26 00:50 10134 c:\windows\Installer\{24521592-0201-4A42-B09B-89930B083EFA}\callmsi.exe
+ 2010-04-28 00:20 . 2010-04-28 00:20 10134 c:\windows\Installer\{24521592-0201-4A42-B09B-89930B083EFA}\callmsi.exe
+ 2010-02-14 11:55 . 2010-05-01 19:31 9798 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2820013107-407952763-2634400246-1000_UserData.bin
+ 2010-03-01 20:09 . 2010-05-01 08:41 189258 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-02-15 10:36 . 2010-04-30 11:33 101106 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2006-11-02 10:33 . 2010-04-26 09:28 609532 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-05-01 20:11 609532 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-04-26 09:28 103314 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-05-01 20:11 103314 c:\windows\System32\perfc009.dat
- 2006-11-02 12:46 . 2010-03-05 17:28 641128 c:\windows\System32\FNTCACHE.DAT
+ 2006-11-02 12:46 . 2010-04-28 21:43 641128 c:\windows\System32\FNTCACHE.DAT
+ 2010-02-17 00:50 . 2010-05-01 01:12 262144 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\usrclass.dat
- 2010-02-17 00:50 . 2010-04-26 21:59 262144 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2010-02-22 00:58 . 2010-04-30 09:17 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2010-02-22 00:58 . 2010-04-26 21:59 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2010-02-17 00:50 . 2010-05-01 01:12 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2010-02-17 00:50 . 2010-04-26 21:59 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2010-04-26 00:50 . 2010-04-26 00:50 101480 c:\windows\Installer\{24521592-0201-4A42-B09B-89930B083EFA}\egui.exe
+ 2010-04-28 00:20 . 2010-04-28 00:20 101480 c:\windows\Installer\{24521592-0201-4A42-B09B-89930B083EFA}\egui.exe
+ 2010-04-28 00:20 . 2010-04-28 00:20 1141760 c:\windows\Installer\6574d.msi
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B}]
2010-02-21 22:28 2655736 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Wallpaper"="c:\program files\Wallpaper\Wallpaper.exe" [2007-08-20 233472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"E09FXLRD_757718"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" [2008-05-28 351000]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-02-21 2803200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-02 1004136]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMT.exe" [2007-06-11 466944]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TV Expert Schedule Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TV Expert Schedule Agent.lnk
backup=c:\windows\pss\TV Expert Schedule Agent.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 ----a-w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-02-08 14:51 1015808 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-02-21 22:28 2803200 ----a-w- c:\program files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_11666062]
2008-05-28 11:34 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_15250500]
2008-05-28 11:34 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_3262734]
2008-05-28 11:34 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_3493546]
2008-05-28 11:34 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 20:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 15:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-03-19 16:27 5248312 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-02-18 15:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-06-18 14:10 271360 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-15 17:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-02-04 11:27 23975720 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2004-09-23 12:41 860160 ------w- c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-14 09:11 1388544 ------w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

R0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2010-02-17 240128]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 XinweiIad;Xinwei Networks Modem;c:\windows\system32\DRIVERS\netnnusb.sys [2008-09-01 12416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 3xHybrid;SAA7130 TV Card Service;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-23 716160]
S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
.
Contenu du dossier 'Tâches planifiées'

2010-04-28 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2010-03-07 14:31]
.
.
------- Examen supplémentaire -------
.
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download ALL with IDA
IE: Download with IDA
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\ \AppData\Roaming\Mozilla\Firefox\Profiles\yxbtpvmb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542127&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.mozilla.org/en-US/firefox/new/?redirect_source=firefox-com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-01 21:19
Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2820013107-407952763-2634400246-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):d1,7d,83,4b,fa,0d,c3,bb,36,ae,33,71,f3,2d,b5,8e,9b,97,1f,bd,30,
58,b8,a9,a2,25,92,20,27,b7,84,24,b6,71,86,e4,2c,5f,2a,8a,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-2820013107-407952763-2634400246-1000_Classes\CLSID\{68e337b3-dda3-4913-84a6-79e5cfb12edd}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000036
"Therad"=dword:0000002d
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,6b,89,e9,09,6f,ad,8c,9d,e4,c7,1c,e0,6c,34,b0,c7,36,66,44,d2,f2,ec,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(3608)
c:\program files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
c:\program files\Common Files\Microsoft Shared\Encarta Search Bar\F\ESBRes.DLL
.
Heure de fin: 2010-05-01 21:22:52
ComboFix-quarantined-files.txt 2010-05-01 20:22
ComboFix2.txt 2010-04-26 22:59
ComboFix3.txt 2010-04-18 17:48

Avant-CF: 6 828 179 456 octets libres
Après-CF: 7 130 271 744 octets libres

- - End Of File - - 2A7B9D7CADAC6559B495072B65AD53C2

1 réponse

Réponse 1 / 1
roro04 Messages postés 1132 Date d'inscription mercredi 11 novembre 2009 Statut Contributeur Dernière intervention 24 novembre 2013 179
6 mai 2010 à 18:06
Bonjour.
Alors d'abord, combofix n'est pas un jouet. Pour qu'un sa s'il y a infection ou non, il faut poster un ZHPDiag. Fait ceci et je pourrai examiner le rapport.


* Télécharge ZHPDiag (de Nicolas Coolman) à l'adresse
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur http://www.cijoint.fr/ puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
3

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse