Réinstallation Windows Vista impossible [resolu]

leurasien · Message par **leurasien** » 26 avr. 2009, 21:39

ComboFix 09-04-25.A3 - Leurasien 26/04/2009 21:29.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3326.2540 [GMT 2:00]
Lancé depuis: c:\users\Leurasien\Downloads\scan.com
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: Pare-feu personnel d'ESET *enabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\drivers\gxvxctergcbwsvcytbclwtprnwkqdugcjevmd.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxcpvxxppfjodjwfihdkcbrmbeasjcbuilc.dll
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_GXVXCSERV.SYS
-------\Service_GXVXCSERV.SYS

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-26 au 2009-4-26 ))))))))))))))))))))))))))))))))))))
.

2009-04-26 19:17 . 2009-04-26 19:17 -------- d-----w c:\windows\BDOSCAN8
2009-04-26 19:13 . 2009-04-26 19:20 -------- d-----w c:\users\Leurasien\.housecall6.6
2009-04-26 10:45 . 2009-04-26 11:03 -------- d-----w C:\fixwareout
2009-04-26 10:40 . 2009-04-26 11:00 691 ----a-w c:\users\Leurasien\AppData\Roaming\GetValue.vbs
2009-04-26 10:40 . 2009-04-26 11:00 35 ----a-w c:\users\Leurasien\AppData\Roaming\SetValue.bat
2009-04-26 01:09 . 2009-04-26 01:09 -------- d-----w c:\program files\Trend Micro
2009-04-26 00:33 . 2009-04-26 01:05 -------- d-----w C:\FindyKill
2009-04-25 12:18 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-25 12:18 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\users\All Users\Malwarebytes
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\programdata\Malwarebytes
2009-04-25 09:59 . 2009-04-25 09:59 603904 ----a-w c:\windows\system32\TUProgSt.exe
2009-04-25 09:59 . 2008-12-11 12:31 17152 ----a-w c:\windows\system32\authuitu.dll
2009-04-25 09:59 . 2008-12-11 12:31 27904 ----a-w c:\windows\system32\uxtuneup.dll
2009-04-25 09:59 . 2009-04-25 09:59 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\users\Leurasien\AppData\Roaming\TuneUp Software
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\program files\TuneUp Utilities 2009
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\users\All Users\TuneUp Software
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\programdata\TuneUp Software
2009-04-25 09:58 . 2009-04-25 09:58 -------- d-sh--w c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-25 09:58 . 2009-04-25 09:58 -------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-24 12:58 . 2009-04-24 12:58 -------- d-----w c:\program files\VS Revo Group
2009-04-24 11:30 . 2009-04-24 11:30 280 ----a-w c:\windows\system32\PDBootState
2009-04-24 09:06 . 2009-04-26 19:16 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-24 01:32 . 2009-04-26 15:50 1905 ----a-w c:\windows\diagwrn.xml
2009-04-24 01:32 . 2009-04-26 15:50 1905 ----a-w c:\windows\diagerr.xml
2009-04-23 21:11 . 2009-04-23 21:11 -------- d-----w c:\users\All Users\SUPERAntiSpyware.com
2009-04-23 21:11 . 2009-04-23 21:11 -------- d-----w c:\programdata\SUPERAntiSpyware.com
2009-04-23 21:07 . 2009-04-23 21:07 -------- d-----w c:\users\Leurasien\AppData\Roaming\SUPERAntiSpyware.com
2009-04-23 18:41 . 2009-04-23 18:41 172 ----a-w C:\curr_ver.tmp
2009-04-23 09:10 . 2009-04-23 20:55 -------- d-----w c:\program files\Wakfu
2009-04-22 14:59 . 2009-04-22 14:59 -------- d-----w c:\users\All Users\Raxco
2009-04-22 14:59 . 2009-04-22 14:59 -------- d-----w c:\programdata\Raxco
2009-04-22 13:00 . 2009-04-22 14:59 -------- d-----w c:\program files\Raxco
2009-04-22 00:43 . 2009-04-22 00:43 -------- d-----w c:\users\Leurasien\AppData\Local\Trolltech
2009-04-21 11:49 . 2009-04-21 11:49 -------- d-----w c:\users\Leurasien\AppData\Local\NVIDIA Corporation
2009-04-21 11:10 . 2009-04-21 11:10 -------- d-----w c:\users\All Users\NVIDIA Corporation
2009-04-21 11:10 . 2009-04-21 11:10 -------- d-----w c:\programdata\NVIDIA Corporation
2009-04-20 20:39 . 2009-04-20 20:39 -------- d-----w c:\users\All Users\Blizzard
2009-04-20 20:39 . 2009-04-20 20:39 -------- d-----w c:\programdata\Blizzard
2009-04-20 20:38 . 2009-04-20 20:38 -------- d-----w c:\program files\Common Files\Blizzard Entertainment
2009-04-15 11:48 . 2009-04-15 11:48 -------- d-sh--w c:\windows\system32\%APPDATA%
2009-04-14 20:27 . 2009-04-14 20:27 -------- d-----w C:\AdobeTemp
2009-04-14 19:12 . 2009-04-14 19:46 -------- d-----w c:\users\Leurasien\AppData\Roaming\Download Manager
2009-04-03 22:03 . 2009-04-03 22:03 -------- dc-h--w c:\users\All Users\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-04-03 22:03 . 2009-04-03 22:03 -------- dc-h--w c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-04-03 14:12 . 2009-04-03 14:12 -------- d-----w c:\users\All Users\Adobe Systems
2009-04-03 14:12 . 2009-04-03 14:12 -------- d-----w c:\programdata\Adobe Systems
2009-04-03 14:03 . 2009-04-03 14:03 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-04-01 12:34 . 2009-04-01 12:34 231176 ----a-w c:\windows\system32\PDBoot.exe
2009-03-29 21:10 . 2009-03-30 10:46 -------- d-----w c:\program files\UltraVnc
2009-03-27 20:01 . 2009-03-27 20:01 -------- d-----w c:\program files\WinSCP

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-26 19:16 . 2008-09-14 13:04 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-26 19:13 . 2008-12-01 18:38 410984 ----a-w c:\windows\System32\deploytk.dll
2009-04-26 18:49 . 2006-11-02 15:48 672084 ----a-w c:\windows\System32\perfh00C.dat
2009-04-26 18:49 . 2006-11-02 15:48 124228 ----a-w c:\windows\System32\perfc00C.dat
2009-04-26 18:43 . 2008-09-15 07:55 -------- d-----w c:\program files\Steam
2009-04-26 15:57 . 2009-04-26 10:36 686 ----a-w C:\rapport.txt
2009-04-26 14:04 . 2009-02-10 16:07 -------- d-----w c:\programdata\Google Updater
2009-04-25 14:26 . 2008-09-16 12:46 -------- d-----w c:\users\Leurasien\AppData\Roaming\mIRC
2009-04-25 10:05 . 2008-09-14 12:49 2032 ----a-w c:\users\Leurasien\AppData\Local\d3d9caps.dat
2009-04-24 01:08 . 2009-01-26 19:55 -------- d-----w c:\program files\Lavasoft
2009-04-24 01:08 . 2008-09-14 13:05 -------- d-----w c:\programdata\Lavasoft
2009-04-24 01:05 . 2008-09-14 13:05 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-24 01:03 . 2009-01-27 22:18 43438 ----a-w C:\aaw7boot.log
2009-04-23 20:52 . 2008-12-27 12:37 -------- d-----w c:\program files\SFR
2009-04-23 20:51 . 2009-03-27 17:38 -------- d-----w c:\program files\QuickFreedom
2009-04-23 20:49 . 2008-12-05 08:02 -------- d-----w c:\program files\Duo
2009-04-23 20:49 . 2009-01-07 13:39 -------- d-----w c:\program files\CeRegEditor
2009-04-23 11:58 . 2008-09-16 12:46 -------- d-----w c:\program files\mIRC
2009-04-22 21:17 . 2008-09-29 20:52 14849 ----a-w C:\MP4debug.log
2009-04-22 15:03 . 2008-09-15 16:11 -------- d-----w c:\users\Leurasien\AppData\Roaming\teamspeak2
2009-04-22 15:01 . 2008-09-23 18:59 -------- d-----w c:\program files\Java
2009-04-21 11:10 . 2008-09-14 13:05 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-20 20:22 . 2008-10-02 06:18 -------- d-----w c:\program files\Dofus
2009-04-19 08:18 . 2008-09-15 07:55 -------- d-----w c:\program files\Common Files\Steam
2009-04-15 15:06 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-15 11:50 . 2008-09-19 16:25 -------- d-----w c:\programdata\Microsoft Help
2009-04-14 20:29 . 2008-09-18 20:28 -------- d-----w c:\program files\Common Files\Adobe
2009-04-06 20:36 . 2009-03-18 16:21 -------- d-----w c:\program files\Bonjour
2009-04-05 00:11 . 2008-09-14 13:07 -------- d---a-w c:\programdata\TEMP
2009-04-03 16:01 . 2008-11-27 07:40 -------- d-----w c:\users\Leurasien\AppData\Roaming\Mumble
2009-04-03 14:26 . 2008-11-10 17:03 138184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-03 14:25 . 2008-11-10 17:03 183112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-24 12:34 . 2008-09-14 17:01 -------- d-----w c:\programdata\NVIDIA
2009-03-24 11:15 . 2008-09-27 15:52 -------- d-----w c:\program files\AGEIA Technologies
2009-03-24 11:13 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat
2009-03-24 11:13 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat
2009-03-24 11:13 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat
2009-03-24 08:59 . 2009-03-24 08:58 -------- d-----w c:\users\Leurasien\AppData\Roaming\Ventrilo
2009-03-24 08:58 . 2009-03-24 08:58 -------- d-----w c:\program files\Ventrilo
2009-03-23 12:33 . 2008-09-15 11:18 -------- d-----w c:\program files\Messenger Plus! Live
2009-03-22 17:23 . 2008-09-15 20:18 -------- d-----w c:\users\Leurasien\AppData\Roaming\Apple Computer
2009-03-21 18:06 . 2009-03-21 18:06 -------- d-----w c:\users\Invité\AppData\Roaming\ESET
2009-03-21 10:03 . 2008-09-15 19:00 -------- d-----w c:\programdata\Nero
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\program files\iTunes
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\program files\iPod
2009-03-18 16:27 . 2008-09-15 20:16 -------- d-----w c:\program files\Common Files\Apple
2009-03-18 16:26 . 2009-03-18 16:26 -------- d-----w c:\program files\QuickTime
2009-03-18 16:22 . 2008-12-07 10:01 -------- d-----w c:\program files\Safari
2009-03-17 15:56 . 2009-03-17 15:55 -------- d-----w c:\program files\vmntoolbar
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\users\Leurasien\AppData\Roaming\Dynamique
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\users\Leurasien\AppData\Roaming\Sites prédéfinis
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\program files\Visicom Media
2009-03-17 03:38 . 2009-04-15 10:03 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-15 10:03 13824 ----a-w c:\windows\System32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 10:03 24064 ----a-w c:\windows\System32\amxread.dll
2009-03-16 21:34 . 2008-10-21 19:47 -------- d-----w c:\program files\Windows Live Safety Center
2009-03-08 11:34 . 2009-03-25 18:38 914944 ----a-w c:\windows\System32\wininet.dll
2009-03-08 11:34 . 2009-03-25 18:38 43008 ----a-w c:\windows\System32\licmgr10.dll
2009-03-08 11:33 . 2009-03-25 18:38 18944 ----a-w c:\windows\System32\corpol.dll
2009-03-08 11:33 . 2009-03-25 18:38 109056 ----a-w c:\windows\System32\iesysprep.dll
2009-03-08 11:33 . 2009-03-25 18:38 109568 ----a-w c:\windows\System32\PDMSetup.exe
2009-03-08 11:33 . 2009-03-25 18:38 132608 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-08 11:33 . 2009-03-25 18:38 107520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-03-25 18:38 107008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-03-25 18:38 103936 ----a-w c:\windows\System32\SetDepNx.exe
2009-03-08 11:33 . 2009-03-25 18:38 420352 ----a-w c:\windows\System32\vbscript.dll
2009-03-08 11:32 . 2009-03-25 18:38 72704 ----a-w c:\windows\System32\admparse.dll
2009-03-08 11:32 . 2009-03-25 18:38 71680 ----a-w c:\windows\System32\iesetup.dll
2009-03-08 11:32 . 2009-03-25 18:38 66560 ----a-w c:\windows\System32\wextract.exe
2009-03-08 11:32 . 2009-03-25 18:38 169472 ----a-w c:\windows\System32\iexpress.exe
2009-03-08 11:31 . 2009-03-25 18:38 34816 ----a-w c:\windows\System32\imgutil.dll
2009-03-08 11:31 . 2009-03-25 18:38 48128 ----a-w c:\windows\System32\mshtmler.dll
2009-03-08 11:31 . 2009-03-25 18:38 45568 ----a-w c:\windows\System32\mshta.exe
2009-03-08 11:22 . 2009-03-25 18:38 156160 ----a-w c:\windows\System32\msls31.dll
2009-03-07 23:53 . 2009-03-07 23:53 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-06 16:27 . 2008-12-17 19:21 -------- d-----w c:\program files\Microsoft
2009-03-06 10:35 . 2009-03-06 10:35 159610 ----a-w c:\windows\Marsu-Fix 2.5 Uninstaller.exe
2009-03-06 10:34 . 2009-03-06 10:34 -------- d-----w c:\users\Leurasien\AppData\Roaming\ESET
2009-03-06 10:33 . 2008-11-16 09:58 -------- d-----w c:\program files\ESET
2009-03-06 10:33 . 2008-09-14 13:08 -------- d-----w c:\programdata\ESET
2009-03-05 22:59 . 2009-03-05 22:59 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-05 22:59 . 2009-03-05 22:59 1900544 ----a-w c:\windows\System32\usbaaplrc.dll
2009-03-04 19:12 . 2009-03-04 19:11 -------- d-s---w c:\users\Invité\AppData\Roaming\Microsoft
2009-03-04 19:12 . 2009-03-04 19:11 -------- d-----w c:\users\Invité\AppData\Roaming\Adobe
2009-03-04 19:11 . 2009-03-04 19:11 99864 ----a-w c:\users\Invité\AppData\Local\GDIPFONTCACHEV1.DAT
2009-03-04 19:11 . 2009-03-04 19:11 -------- d-----w c:\users\Invité\AppData\Roaming\Identities
2009-03-03 04:46 . 2009-04-15 10:03 3599328 ----a-w c:\windows\System32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 10:03 3547632 ----a-w c:\windows\System32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 10:03 183296 ----a-w c:\windows\System32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 10:03 551424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 10:03 26112 ----a-w c:\windows\System32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 10:03 98304 ----a-w c:\windows\System32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 10:03 54784 ----a-w c:\windows\System32\iasads.dll
2009-03-03 04:37 . 2009-04-15 10:03 44032 ----a-w c:\windows\System32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 10:03 666624 ----a-w c:\windows\System32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 10:03 17408 ----a-w c:\windows\System32\iashost.exe
2009-03-02 15:49 . 2008-10-03 10:24 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-18 18:06 . 2009-02-18 18:06 99864 ----a-w c:\windows\System32\GDIPFONTCACHEV1.DAT
2009-02-16 22:17 . 2008-09-14 12:57 453152 ----a-w c:\windows\System32\NVUNINST.EXE
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 92704]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-26 148888]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

c:\users\Leurasien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-469840267-1448148161-2384477585-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{D284E8D2-27D0-430C-9A96-2D0B888C0451}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{6B6A3DEF-D8A0-4551-9351-2584AE566737}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{D5AEE499-69BD-48E3-A9C4-F05510144BCF}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\sabrinaof13\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{AB0E53FA-3AC7-4E1C-AF9C-7A859387A323}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\sabrinaof13\counter-strike\hl.exe:Half-Life Launcher
"{99824E46-5653-4B1A-9248-90A319EEC03A}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{6781185B-4F05-4D7B-AD34-BFE5548C124B}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{BD873FC8-40DE-41F9-898C-F0C55DBC6D53}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{234DC69D-BCC8-4898-A213-23DC2E3F0A36}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{B220C85B-3966-4961-810E-64D303B3436F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{18A48B20-7E8B-42FD-B189-75EAFA751E6F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{DE3F940B-0290-4C45-B23C-D23EB699E3F1}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sabrinaof13\counter-strike source\hl2.exe:hl2
"UDP Query User{FE11FF79-5FF7-4AF2-B32E-38F4DAF6E207}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sabrinaof13\counter-strike source\hl2.exe:hl2
"{D3D98D74-2D48-4F0A-AF26-11CDFE77BD50}"= UDP:5353:Adobe CSI CS4
"{EBD3B2D9-7F9C-4E03-B45C-E0EDCC04CF3A}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{985D9F04-50A0-4DC7-81E2-9352B246EF4B}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"TCP Query User{25BE57BC-FD91-4E14-B75A-BAE0F87FA07F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{19A9581B-6BB2-4347-BCB6-7820484E6E1E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{68C89A23-2448-46E0-9F06-12C0D10718A3}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{61A67F11-2C7E-41C8-83BA-4031CD851FF4}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{ED4373E3-5F8E-4084-B55A-65E3A0637F55}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{8EC48AFB-AF67-48E6-8AF2-6C3B492C843D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{A4369E4C-B6B1-49D4-89C1-9E483568B39B}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{3CDD8A1D-AEC0-4788-8C0D-8689FDEFFEEB}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{791E9628-EB8F-4FEC-936A-0EFA2CAA6015}"= UDP:c:\program files\UltraVnc\vncviewer.exe:vncviewer.exe
"{4C87636F-B092-47D0-8ED0-D87D85CF790B}"= TCP:c:\program files\UltraVnc\vncviewer.exe:vncviewer.exe
"TCP Query User{D4515B95-3FF7-405C-85FF-8F4D7FD50590}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32
"UDP Query User{A4ADB5D9-B33D-4506-A993-F89223AB53B8}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32
"TCP Query User{9F957B8F-296F-4183-B6E9-4DCEE250BE5D}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"UDP Query User{70072D07-A88F-4D13-8253-EDB97CC1B670}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary

R0 Lbd;Lbd; [x]
R1 SASKUTIL;SASKUTIL; [x]
R2 AODService;AODService; [x]
R2 gupdate1c98b99aa9d73ee;Google Update Service (gupdate1c98b99aa9d73ee);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
R3 cpuz130;cpuz130; [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-07-01 468224]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-04-25 603904]
S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-02 11596]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b939b9c-9e97-11dd-9a13-001a4d5d7aec}]
\shell\AutoRun\command - E:\Autorun.exe
.
Contenu du dossier 'Tâches planifiées'

2009-04-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-10 12:40]

2009-04-26 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 16:07]

2009-04-26 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]

2009-04-26 c:\windows\Tasks\User_Feed_Synchronization-{6766E469-52BF-46B0-BF0E-7E1CABA71B2E}.job
- c:\windows\system32\msfeedssync.exe [2009-03-25 11:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)

.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab
FF - ProfilePath - c:\users\Leurasien\AppData\Roaming\Mozilla\Firefox\Profiles\6p43blec.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Leurasien\AppData\Roaming\Mozilla\Firefox\Profiles\6p43blec.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 21:32
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\users\LEURAS~1\AppData\Local\Temp\gxvxc000 0 bytes

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gxvxcserv.sys]
"imagepath"="\systemroot\system32\drivers\gxvxcndsokwihvlsmmqivbhxdxwcvuffdglfs.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\AODService]
"ImagePath"="c:\program files\AMD\OverDrive\AODAssist"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxcndsokwihvlsmmqivbhxdxwcvuffdglfs.sys"
.
Heure de fin: 2009-04-26 21:34
ComboFix-quarantined-files.txt 2009-04-26 19:34

Avant-CF: 9 660 698 624 octets libres
Après-CF: 9 531 322 368 octets libres

342 --- E O F --- 2009-04-23 21:36

leurasien · Message par **leurasien** » 26 avr. 2009, 21:41

Waou! Puissant ce logiciel! Tout remarche !

Je te remercie de ta patience et de tes réponses pertinentes.

Bonne soirée à tous et à toutes

Message par **nardino** » 26 avr. 2009, 22:08

Bonsoir .
Les choses ne sont pas terminées.
ATTENTION : Cette procédure a été rédigée pour le cas présent, toute copie sur sur un autre système peut entrainer des dysfonctionnements graves.

Ouvre le bloc-notes : Tous les programmes-Accessoire-Bloc-notes
Colles-y les lignes écrites ci-dessous.
Veille à ce que Retour à la ligne ne soit pas coché dans Format.

Driver::
gxvxcndsokwihvlsmmqivbhxdxwcvuffdglfs

File::
C:\Windows\system32\drivers\gxvxcndsokwihvlsmmqivbhxdxwcvuffdglfs.sys
c:\users\LEURASIEN\AppData\Local\Temp\gxvxc000 0 bytes

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gxvxcserv.sys]

Enregistre-le sous CFScript.txt, sur le bureau
Comme sur l'image présentée ici, fais glisser CFScript.txt dans Combofix.exe

Combofix va se lancer et faire redémarrer l'ordinateur.
Poste le rapport C:\Combofix.
Mets à jour Malwarebytes'Antimùalware et fais un scan complet.
Poste le rapport MBAM aussi.

@+

leurasien · Message par **leurasien** » 26 avr. 2009, 22:18

ah ok jle fait now xD

leurasien · Message par **leurasien** » 26 avr. 2009, 22:30

ComboFix 09-04-25.A3 - Leurasien 26/04/2009 22:23.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3326.1746 [GMT 2:00]
Lancé depuis: c:\users\Leurasien\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Leurasien\Desktop\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: Pare-feu personnel d'ESET *enabled*
* Un nouveau point de restauration a été créé

FILE ::
c:\users\LEURASIEN\AppData\Local\Temp\gxvxc000 0 bytes
c:\windows\system32\drivers\gxvxcndsokwihvlsmmqivbhxdxwcvuffdglfs.sys
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-26 au 2009-4-26 ))))))))))))))))))))))))))))))))))))
.

2009-04-26 19:40 . 2009-04-26 19:40 -------- d-----w c:\users\Leurasien\AppData\Roaming\Malwarebytes
2009-04-26 19:17 . 2009-04-26 19:17 -------- d-----w c:\windows\BDOSCAN8
2009-04-26 19:13 . 2009-04-26 19:20 -------- d-----w c:\users\Leurasien\.housecall6.6
2009-04-26 10:45 . 2009-04-26 11:03 -------- d-----w C:\fixwareout
2009-04-26 10:40 . 2009-04-26 11:00 691 ----a-w c:\users\Leurasien\AppData\Roaming\GetValue.vbs
2009-04-26 10:40 . 2009-04-26 11:00 35 ----a-w c:\users\Leurasien\AppData\Roaming\SetValue.bat
2009-04-26 01:09 . 2009-04-26 01:09 -------- d-----w c:\program files\Trend Micro
2009-04-26 00:33 . 2009-04-26 01:05 -------- d-----w C:\FindyKill
2009-04-25 12:18 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-25 12:18 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\users\All Users\Malwarebytes
2009-04-25 12:18 . 2009-04-25 12:18 -------- d-----w c:\programdata\Malwarebytes
2009-04-25 09:59 . 2009-04-25 09:59 603904 ----a-w c:\windows\system32\TUProgSt.exe
2009-04-25 09:59 . 2008-12-11 12:31 17152 ----a-w c:\windows\system32\authuitu.dll
2009-04-25 09:59 . 2008-12-11 12:31 27904 ----a-w c:\windows\system32\uxtuneup.dll
2009-04-25 09:59 . 2009-04-25 09:59 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\users\Leurasien\AppData\Roaming\TuneUp Software
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\program files\TuneUp Utilities 2009
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\users\All Users\TuneUp Software
2009-04-25 09:59 . 2009-04-25 09:59 -------- d-----w c:\programdata\TuneUp Software
2009-04-25 09:58 . 2009-04-25 09:58 -------- d-sh--w c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-25 09:58 . 2009-04-25 09:58 -------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-24 12:58 . 2009-04-24 12:58 -------- d-----w c:\program files\VS Revo Group
2009-04-24 11:30 . 2009-04-24 11:30 280 ----a-w c:\windows\system32\PDBootState
2009-04-24 09:06 . 2009-04-26 19:40 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-24 01:32 . 2009-04-26 19:39 1905 ----a-w c:\windows\diagwrn.xml
2009-04-24 01:32 . 2009-04-26 19:39 1905 ----a-w c:\windows\diagerr.xml
2009-04-23 21:11 . 2009-04-23 21:11 -------- d-----w c:\users\All Users\SUPERAntiSpyware.com
2009-04-23 21:11 . 2009-04-23 21:11 -------- d-----w c:\programdata\SUPERAntiSpyware.com
2009-04-23 21:07 . 2009-04-23 21:07 -------- d-----w c:\users\Leurasien\AppData\Roaming\SUPERAntiSpyware.com
2009-04-23 18:41 . 2009-04-23 18:41 172 ----a-w C:\curr_ver.tmp
2009-04-23 09:10 . 2009-04-23 20:55 -------- d-----w c:\program files\Wakfu
2009-04-22 14:59 . 2009-04-22 14:59 -------- d-----w c:\users\All Users\Raxco
2009-04-22 14:59 . 2009-04-22 14:59 -------- d-----w c:\programdata\Raxco
2009-04-22 13:00 . 2009-04-22 14:59 -------- d-----w c:\program files\Raxco
2009-04-22 00:43 . 2009-04-22 00:43 -------- d-----w c:\users\Leurasien\AppData\Local\Trolltech
2009-04-21 11:49 . 2009-04-21 11:49 -------- d-----w c:\users\Leurasien\AppData\Local\NVIDIA Corporation
2009-04-21 11:10 . 2009-04-21 11:10 -------- d-----w c:\users\All Users\NVIDIA Corporation
2009-04-21 11:10 . 2009-04-21 11:10 -------- d-----w c:\programdata\NVIDIA Corporation
2009-04-20 20:39 . 2009-04-20 20:39 -------- d-----w c:\users\All Users\Blizzard
2009-04-20 20:39 . 2009-04-20 20:39 -------- d-----w c:\programdata\Blizzard
2009-04-20 20:38 . 2009-04-20 20:38 -------- d-----w c:\program files\Common Files\Blizzard Entertainment
2009-04-15 11:48 . 2009-04-15 11:48 -------- d-sh--w c:\windows\system32\%APPDATA%
2009-04-14 20:27 . 2009-04-14 20:27 -------- d-----w C:\AdobeTemp
2009-04-14 19:12 . 2009-04-14 19:46 -------- d-----w c:\users\Leurasien\AppData\Roaming\Download Manager
2009-04-03 22:03 . 2009-04-03 22:03 -------- dc-h--w c:\users\All Users\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-04-03 22:03 . 2009-04-03 22:03 -------- dc-h--w c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-04-03 14:12 . 2009-04-03 14:12 -------- d-----w c:\users\All Users\Adobe Systems
2009-04-03 14:12 . 2009-04-03 14:12 -------- d-----w c:\programdata\Adobe Systems
2009-04-03 14:03 . 2009-04-03 14:03 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-04-01 12:34 . 2009-04-01 12:34 231176 ----a-w c:\windows\system32\PDBoot.exe
2009-03-29 21:10 . 2009-03-30 10:46 -------- d-----w c:\program files\UltraVnc

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-26 19:48 . 2006-11-02 15:48 672084 ----a-w c:\windows\System32\perfh00C.dat
2009-04-26 19:48 . 2006-11-02 15:48 124228 ----a-w c:\windows\System32\perfc00C.dat
2009-04-26 19:44 . 2008-09-15 07:55 -------- d-----w c:\program files\Steam
2009-04-26 19:40 . 2008-09-14 13:04 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-26 19:13 . 2008-12-01 18:38 410984 ----a-w c:\windows\System32\deploytk.dll
2009-04-26 15:57 . 2009-04-26 10:36 686 ----a-w C:\rapport.txt
2009-04-26 14:04 . 2009-02-10 16:07 -------- d-----w c:\programdata\Google Updater
2009-04-25 14:26 . 2008-09-16 12:46 -------- d-----w c:\users\Leurasien\AppData\Roaming\mIRC
2009-04-25 10:05 . 2008-09-14 12:49 2032 ----a-w c:\users\Leurasien\AppData\Local\d3d9caps.dat
2009-04-24 01:08 . 2009-01-26 19:55 -------- d-----w c:\program files\Lavasoft
2009-04-24 01:08 . 2008-09-14 13:05 -------- d-----w c:\programdata\Lavasoft
2009-04-24 01:05 . 2008-09-14 13:05 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-24 01:03 . 2009-01-27 22:18 43438 ----a-w C:\aaw7boot.log
2009-04-23 20:52 . 2008-12-27 12:37 -------- d-----w c:\program files\SFR
2009-04-23 20:51 . 2009-03-27 17:38 -------- d-----w c:\program files\QuickFreedom
2009-04-23 20:49 . 2008-12-05 08:02 -------- d-----w c:\program files\Duo
2009-04-23 20:49 . 2009-01-07 13:39 -------- d-----w c:\program files\CeRegEditor
2009-04-23 11:58 . 2008-09-16 12:46 -------- d-----w c:\program files\mIRC
2009-04-22 21:17 . 2008-09-29 20:52 14849 ----a-w C:\MP4debug.log
2009-04-22 15:03 . 2008-09-15 16:11 -------- d-----w c:\users\Leurasien\AppData\Roaming\teamspeak2
2009-04-22 15:01 . 2008-09-23 18:59 -------- d-----w c:\program files\Java
2009-04-21 11:10 . 2008-09-14 13:05 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-20 20:22 . 2008-10-02 06:18 -------- d-----w c:\program files\Dofus
2009-04-19 08:18 . 2008-09-15 07:55 -------- d-----w c:\program files\Common Files\Steam
2009-04-15 15:06 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-15 11:50 . 2008-09-19 16:25 -------- d-----w c:\programdata\Microsoft Help
2009-04-14 20:29 . 2008-09-18 20:28 -------- d-----w c:\program files\Common Files\Adobe
2009-04-06 20:36 . 2009-03-18 16:21 -------- d-----w c:\program files\Bonjour
2009-04-05 00:11 . 2008-09-14 13:07 -------- d---a-w c:\programdata\TEMP
2009-04-03 16:01 . 2008-11-27 07:40 -------- d-----w c:\users\Leurasien\AppData\Roaming\Mumble
2009-04-03 14:26 . 2008-11-10 17:03 138184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-03 14:25 . 2008-11-10 17:03 183112 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-27 20:01 . 2009-03-27 20:01 -------- d-----w c:\program files\WinSCP
2009-03-24 12:34 . 2008-09-14 17:01 -------- d-----w c:\programdata\NVIDIA
2009-03-24 11:15 . 2008-09-27 15:52 -------- d-----w c:\program files\AGEIA Technologies
2009-03-24 11:13 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat
2009-03-24 11:13 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat
2009-03-24 11:13 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat
2009-03-24 08:59 . 2009-03-24 08:58 -------- d-----w c:\users\Leurasien\AppData\Roaming\Ventrilo
2009-03-24 08:58 . 2009-03-24 08:58 -------- d-----w c:\program files\Ventrilo
2009-03-23 12:33 . 2008-09-15 11:18 -------- d-----w c:\program files\Messenger Plus! Live
2009-03-22 17:23 . 2008-09-15 20:18 -------- d-----w c:\users\Leurasien\AppData\Roaming\Apple Computer
2009-03-21 18:06 . 2009-03-21 18:06 -------- d-----w c:\users\Invité\AppData\Roaming\ESET
2009-03-21 10:03 . 2008-09-15 19:00 -------- d-----w c:\programdata\Nero
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\program files\iTunes
2009-03-18 16:27 . 2009-03-18 16:27 -------- d-----w c:\program files\iPod
2009-03-18 16:27 . 2008-09-15 20:16 -------- d-----w c:\program files\Common Files\Apple
2009-03-18 16:26 . 2009-03-18 16:26 -------- d-----w c:\program files\QuickTime
2009-03-18 16:22 . 2008-12-07 10:01 -------- d-----w c:\program files\Safari
2009-03-17 15:56 . 2009-03-17 15:55 -------- d-----w c:\program files\vmntoolbar
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\users\Leurasien\AppData\Roaming\Dynamique
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\users\Leurasien\AppData\Roaming\Sites prédéfinis
2009-03-17 15:55 . 2009-03-17 15:55 -------- d-----w c:\program files\Visicom Media
2009-03-17 03:38 . 2009-04-15 10:03 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-15 10:03 13824 ----a-w c:\windows\System32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 10:03 24064 ----a-w c:\windows\System32\amxread.dll
2009-03-16 21:34 . 2008-10-21 19:47 -------- d-----w c:\program files\Windows Live Safety Center
2009-03-08 11:34 . 2009-03-25 18:38 914944 ----a-w c:\windows\System32\wininet.dll
2009-03-08 11:34 . 2009-03-25 18:38 43008 ----a-w c:\windows\System32\licmgr10.dll
2009-03-08 11:33 . 2009-03-25 18:38 18944 ----a-w c:\windows\System32\corpol.dll
2009-03-08 11:33 . 2009-03-25 18:38 109056 ----a-w c:\windows\System32\iesysprep.dll
2009-03-08 11:33 . 2009-03-25 18:38 109568 ----a-w c:\windows\System32\PDMSetup.exe
2009-03-08 11:33 . 2009-03-25 18:38 132608 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-08 11:33 . 2009-03-25 18:38 107520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-03-25 18:38 107008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-03-25 18:38 103936 ----a-w c:\windows\System32\SetDepNx.exe
2009-03-08 11:33 . 2009-03-25 18:38 420352 ----a-w c:\windows\System32\vbscript.dll
2009-03-08 11:32 . 2009-03-25 18:38 72704 ----a-w c:\windows\System32\admparse.dll
2009-03-08 11:32 . 2009-03-25 18:38 71680 ----a-w c:\windows\System32\iesetup.dll
2009-03-08 11:32 . 2009-03-25 18:38 66560 ----a-w c:\windows\System32\wextract.exe
2009-03-08 11:32 . 2009-03-25 18:38 169472 ----a-w c:\windows\System32\iexpress.exe
2009-03-08 11:31 . 2009-03-25 18:38 34816 ----a-w c:\windows\System32\imgutil.dll
2009-03-08 11:31 . 2009-03-25 18:38 48128 ----a-w c:\windows\System32\mshtmler.dll
2009-03-08 11:31 . 2009-03-25 18:38 45568 ----a-w c:\windows\System32\mshta.exe
2009-03-08 11:22 . 2009-03-25 18:38 156160 ----a-w c:\windows\System32\msls31.dll
2009-03-07 23:53 . 2009-03-07 23:53 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-06 16:27 . 2008-12-17 19:21 -------- d-----w c:\program files\Microsoft
2009-03-06 10:35 . 2009-03-06 10:35 159610 ----a-w c:\windows\Marsu-Fix 2.5 Uninstaller.exe
2009-03-06 10:34 . 2009-03-06 10:34 -------- d-----w c:\users\Leurasien\AppData\Roaming\ESET
2009-03-06 10:33 . 2008-11-16 09:58 -------- d-----w c:\program files\ESET
2009-03-06 10:33 . 2008-09-14 13:08 -------- d-----w c:\programdata\ESET
2009-03-05 22:59 . 2009-03-05 22:59 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-05 22:59 . 2009-03-05 22:59 1900544 ----a-w c:\windows\System32\usbaaplrc.dll
2009-03-04 19:12 . 2009-03-04 19:11 -------- d-s---w c:\users\Invité\AppData\Roaming\Microsoft
2009-03-04 19:12 . 2009-03-04 19:11 -------- d-----w c:\users\Invité\AppData\Roaming\Adobe
2009-03-04 19:11 . 2009-03-04 19:11 99864 ----a-w c:\users\Invité\AppData\Local\GDIPFONTCACHEV1.DAT
2009-03-04 19:11 . 2009-03-04 19:11 -------- d-----w c:\users\Invité\AppData\Roaming\Identities
2009-03-03 04:46 . 2009-04-15 10:03 3599328 ----a-w c:\windows\System32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 10:03 3547632 ----a-w c:\windows\System32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 10:03 183296 ----a-w c:\windows\System32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 10:03 551424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 10:03 26112 ----a-w c:\windows\System32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 10:03 98304 ----a-w c:\windows\System32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 10:03 54784 ----a-w c:\windows\System32\iasads.dll
2009-03-03 04:37 . 2009-04-15 10:03 44032 ----a-w c:\windows\System32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 10:03 666624 ----a-w c:\windows\System32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 10:03 17408 ----a-w c:\windows\System32\iashost.exe
2009-03-02 15:49 . 2008-10-03 10:24 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-18 18:06 . 2009-02-18 18:06 99864 ----a-w c:\windows\System32\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-04-26_19.32.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-14 20:34 . 2009-04-26 19:45 52980 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-04-26 19:45 98218 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-14 12:50 . 2009-04-26 19:45 11700 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-469840267-1448148161-2384477585-1000_UserData.bin
- 2006-11-02 13:02 . 2009-04-26 19:28 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-04-26 19:42 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-04-26 19:28 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-04-26 19:42 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-04-26 19:42 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-04-26 19:28 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-04-26 19:42 . 2009-04-26 19:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-04-26 19:27 . 2009-04-26 19:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-04-26 19:42 . 2009-04-26 19:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-04-26 19:27 . 2009-04-26 19:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2009-04-26 18:49 589884 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-04-26 19:48 589884 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-04-26 18:49 101896 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-04-26 19:48 101896 c:\windows\System32\perfc009.dat
- 2009-03-25 18:47 . 2009-04-26 19:28 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-03-25 18:47 . 2009-04-26 19:42 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2006-11-02 12:47 . 2009-04-26 19:32 159744 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2006-11-02 12:47 . 2009-04-26 20:25 159744 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2006-11-02 12:47 . 2009-04-26 19:28 155648 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2006-11-02 12:47 . 2009-04-26 19:44 155648 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 92704]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

c:\users\Leurasien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-469840267-1448148161-2384477585-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{D284E8D2-27D0-430C-9A96-2D0B888C0451}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{6B6A3DEF-D8A0-4551-9351-2584AE566737}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{D5AEE499-69BD-48E3-A9C4-F05510144BCF}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\sabrinaof13\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{AB0E53FA-3AC7-4E1C-AF9C-7A859387A323}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\sabrinaof13\counter-strike\hl.exe:Half-Life Launcher
"{99824E46-5653-4B1A-9248-90A319EEC03A}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{6781185B-4F05-4D7B-AD34-BFE5548C124B}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{BD873FC8-40DE-41F9-898C-F0C55DBC6D53}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{234DC69D-BCC8-4898-A213-23DC2E3F0A36}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{B220C85B-3966-4961-810E-64D303B3436F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{18A48B20-7E8B-42FD-B189-75EAFA751E6F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{DE3F940B-0290-4C45-B23C-D23EB699E3F1}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sabrinaof13\counter-strike source\hl2.exe:hl2
"UDP Query User{FE11FF79-5FF7-4AF2-B32E-38F4DAF6E207}c:\\program files\\steam\\steamapps\\sabrinaof13\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sabrinaof13\counter-strike source\hl2.exe:hl2
"{D3D98D74-2D48-4F0A-AF26-11CDFE77BD50}"= UDP:5353:Adobe CSI CS4
"{EBD3B2D9-7F9C-4E03-B45C-E0EDCC04CF3A}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{985D9F04-50A0-4DC7-81E2-9352B246EF4B}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"TCP Query User{25BE57BC-FD91-4E14-B75A-BAE0F87FA07F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{19A9581B-6BB2-4347-BCB6-7820484E6E1E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{68C89A23-2448-46E0-9F06-12C0D10718A3}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{61A67F11-2C7E-41C8-83BA-4031CD851FF4}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{ED4373E3-5F8E-4084-B55A-65E3A0637F55}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{8EC48AFB-AF67-48E6-8AF2-6C3B492C843D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{A4369E4C-B6B1-49D4-89C1-9E483568B39B}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{3CDD8A1D-AEC0-4788-8C0D-8689FDEFFEEB}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{791E9628-EB8F-4FEC-936A-0EFA2CAA6015}"= UDP:c:\program files\UltraVnc\vncviewer.exe:vncviewer.exe
"{4C87636F-B092-47D0-8ED0-D87D85CF790B}"= TCP:c:\program files\UltraVnc\vncviewer.exe:vncviewer.exe
"TCP Query User{D4515B95-3FF7-405C-85FF-8F4D7FD50590}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32
"UDP Query User{A4ADB5D9-B33D-4506-A993-F89223AB53B8}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32
"TCP Query User{9F957B8F-296F-4183-B6E9-4DCEE250BE5D}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= UDP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary
"UDP Query User{70072D07-A88F-4D13-8253-EDB97CC1B670}c:\\program files\\java\\jre6\\launch4j-tmp\\jdownloader.exe"= TCP:c:\program files\java\jre6\launch4j-tmp\jdownloader.exe:Java(TM) Platform SE binary

R0 Lbd;Lbd; [x]
R1 SASKUTIL;SASKUTIL; [x]
R2 AODService;AODService; [x]
R2 gupdate1c98b99aa9d73ee;Google Update Service (gupdate1c98b99aa9d73ee);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 133104]
R3 cpuz130;cpuz130; [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 28672]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-07-01 468224]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-04-25 603904]
S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-02 11596]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b939b9c-9e97-11dd-9a13-001a4d5d7aec}]
\shell\AutoRun\command - E:\Autorun.exe
.
Contenu du dossier 'Tâches planifiées'

2009-04-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-10 12:40]

2009-04-26 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 16:07]

2009-04-26 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]

2009-04-26 c:\windows\Tasks\User_Feed_Synchronization-{6766E469-52BF-46B0-BF0E-7E1CABA71B2E}.job
- c:\windows\system32\msfeedssync.exe [2009-03-25 11:31]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab
FF - ProfilePath - c:\users\Leurasien\AppData\Roaming\Mozilla\Firefox\Profiles\6p43blec.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Leurasien\AppData\Roaming\Mozilla\Firefox\Profiles\6p43blec.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 22:25
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\users\LEURAS~1\AppData\Local\Temp\~DF71C4.tmp 16384 bytes
c:\users\LEURAS~1\AppData\Local\Temp\~DF734C.tmp 16384 bytes
c:\users\LEURAS~1\AppData\Local\Temp\~DF7368.tmp 16384 bytes
c:\users\LEURAS~1\AppData\Local\Temp\~DF737F.tmp 512 bytes

Scan terminé avec succès
Fichiers cachés: 4

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\AODService]
"ImagePath"="c:\program files\AMD\OverDrive\AODAssist"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(4772)
c:\program files\WinSCP\DragExt.dll
.
Heure de fin: 2009-04-26 22:26
ComboFix-quarantined-files.txt 2009-04-26 20:26
ComboFix2.txt 2009-04-26 20:19
ComboFix3.txt 2009-04-26 19:34

Avant-CF: 9 608 892 416 octets libres
Après-CF: 9 353 920 512 octets libres

344 --- E O F --- 2009-04-23 21:36

leurasien · Message par **leurasien** » 26 avr. 2009, 22:31

je suis en train de faire une analyse avec Malwarebytes, je posterai le rapport sous peu

leurasien · Message par **leurasien** » 26 avr. 2009, 22:36

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2046
Windows 6.0.6001 Service Pack 1

26/04/2009 22:32:57
mbam-log-2009-04-26 (22-32-57).txt

Type de recherche: Examen rapide
Eléments examinés: 78781
Temps écoulé: 1 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

leurasien · Message par **leurasien** » 26 avr. 2009, 22:36

Je pense que désormais tout est ok, Merci encore !

Message par **nardino** » 26 avr. 2009, 23:48

Bonsoir.
Reste les fichiers temporaires à vider avec CCleaner par exemple.
Tu supprimes Combofix.exe, C:\Combofix et C:\Qoobox
@+

leurasien · Message par **leurasien** » 27 avr. 2009, 10:31

C'est bon impeccable, merci encore de votre aide

Bonne journée

Forum-vista : Entraide et dépannage Windows Vista et Windows Seven

Réinstallation Windows Vista impossible [resolu]

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible

Re: Réinstallation(Mise à niveau) Windows Vista impossible