Message d'erreur windows explorer et autre

cricri58 · Mai 24, 2009, 4:44

http://i39.tinypic.com/2upz7ds.jpgune petite erreur dans le sript 'excuse

==>crée un nouveau document texte sur ton bureau
==>Fais un clic droit sur le bureau ==> Nouveau ==> document texte ==> copie /colle le contenu de la citation ci-dessous dans le cadre

==> cliques sur fichier ==> enregistrer sous…
==> dans la fenêtre d’enregistrement choisi==>destination=> le bureau > dans type choisi==> tous les fichiers ==> et dans nom du fichier tape CFScript.txt
==> ensuite cliques==> sur enregistrer et fermes le document texte.

==> fait un glisser/déposer(clic-gauche enfoncer sur CFScrit.txt et tu fait glisser) de ce fichier CFScript.txt sur le fichier ComboFix.exe ==> qui est est Moog8.exe e fais comme sur cette Image çiDessous

==>http://i40.tinypic.com/2u4klyw.jpg

une fenêtre va apparaître ==> quand ce message message apparaît =>( Type 1 to continue, or 2 to abort) , tapes 1 puis valides.
==>patiente le temps du scan. Le bureau va disparaître à plusieurs reprises,c’est normal!
==> touche à rien tant que le scan n’est pas terminé [2]
==> quand le scan est achevé, un rapport va être généré==>,poste son contenu aprés ici
=> si le rapport ne s’ouvre pas, tu le trouveras à cet emplacement C:\ComboFix.txt

Moog8 · Mai 24, 2009, 11:44

Voila le nouveau rapport:

ComboFix 09-05-24.03 - MATEOS 24/05/2009 23:24.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.3070.2241 [GMT 2:00]
Lancé depuis: c:\documents and settings\MATEOS\Bureau\Goom877.exe
Commutateurs utilisés :: c:\documents and settings\MATEOS\Bureau\CFScript.txt.rtf
AV: AVG Anti-Virus Free On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: BitDefender Antivirus On-access scanning disabled (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: ActiveArmor Firewall enabled {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Sunbelt Personal Firewall enabled {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-24 au 2009-05-24 ))))))))))))))))))))))))))))))))))))
.

2009-05-24 13:15 . 2009-05-24 13:36 -------- d-s—w C:\Moog
2009-05-23 21:04 . 2009-05-23 21:04 -------- d-----w C:\Moog8
2009-05-23 20:00 . 2009-05-23 20:00 -------- d-----w c:\documents and settings\MATEOS\Application Data\Leadertech
2009-05-23 19:53 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 19:53 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 19:53 . 2009-05-23 19:53 -------- d-----w c:\program files\Malwarebytes’ Anti-Malware
2009-05-23 19:48 . 2009-05-23 19:48 57344 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-5004417d-n\Decora-SSE.dll
2009-05-23 19:48 . 2009-05-23 19:48 24064 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-2acf8b1f-n\Decora-D3D.dll
2009-05-23 19:48 . 2009-05-23 19:48 315392 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-22e8635e-n\jogl.dll
2009-05-23 19:48 . 2009-05-23 19:48 20480 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-22e8635e-n\jogl_awt.dll
2009-05-23 19:48 . 2009-05-23 19:48 114688 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-22e8635e-n\jogl_cg.dll
2009-05-23 19:48 . 2009-05-23 19:48 20480 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-4d0c07c5-n\gluegen-rt.dll
2009-05-23 19:48 . 2009-05-23 19:48 499712 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-39404f5f-n\msvcp71.dll
2009-05-23 19:48 . 2009-05-23 19:48 499712 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-39404f5f-n\jmc.dll
2009-05-23 19:48 . 2009-05-23 19:48 348160 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-39404f5f-n\msvcr71.dll
2009-05-23 13:29 . 2009-05-23 13:29 579584 -c–a-w c:\windows\system32\dllcache\user32.dll
2009-05-23 13:26 . 2009-05-23 13:26 -------- d-----w c:\windows\ERUNT
2009-05-21 12:06 . 2009-05-21 12:08 -------- d-----w c:\documents and settings\MATEOS\SmitfraudFix
2009-05-21 12:05 . 2009-05-23 13:43 -------- d-----w C:\SDFix
2009-05-19 06:48 . 2009-05-08 10:05 2051864 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-05-19 06:48 . 2009-05-08 10:05 3288344 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-05-19 06:48 . 2009-05-08 10:05 424472 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgwdwsc.dll
2009-05-19 06:48 . 2009-05-08 10:05 354584 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgxch32.dll
2009-05-19 06:48 . 2009-05-08 10:05 312088 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avglngx.dll
2009-05-19 06:48 . 2009-05-08 10:05 177432 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgmail.dll
2009-05-19 06:48 . 2009-05-08 10:05 486168 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgrsx.exe
2009-05-19 06:47 . 2009-05-08 10:02 755992 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-05-19 06:47 . 2009-05-08 10:02 1437464 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-05-19 06:13 . 2009-05-19 06:13 -------- d-sh–w C:\found.000
2009-05-19 06:06 . 2009-05-19 06:06 -------- d-----w C:\3762e60d8257adf688cf19ba21e69aea
2009-05-18 18:09 . 2009-05-18 18:09 -------- d-sh–w c:\documents and settings\NetworkService\IETldCache
2009-05-18 17:19 . 2009-05-18 17:32 -------- d-----w C:\Lop SD
2009-05-17 21:49 . 2009-05-17 21:49 -------- d-sh–w c:\documents and settings\LocalService\IETldCache
2009-05-17 19:30 . 2009-05-17 19:30 -------- d-sh–w c:\documents and settings\MATEOS\IETldCache
2009-05-17 18:18 . 2009-05-17 18:18 -------- d-----w c:\program files\Fichiers communs\Skype
2009-05-17 18:14 . 2009-05-17 18:14 -------- d-----w c:\windows\ie8updates
2009-05-17 18:13 . 2009-05-17 18:14 -------- dc-h–w c:\windows\ie8
2009-05-17 18:12 . 2009-04-25 05:30 102400 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-05-17 18:09 . 2009-05-17 18:09 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-17 18:09 . 2009-05-17 18:09 299352 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-05-17 18:09 . 2009-05-17 18:09 25440 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-05-17 18:09 . 2009-05-17 18:09 165728 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-05-17 18:09 . 2009-05-17 18:09 15688 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-05-17 18:09 . 2009-05-17 18:09 343888 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-05-17 18:09 . 2009-05-17 18:09 289632 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-05-17 18:09 . 2009-05-17 18:09 82784 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-05-17 18:09 . 2009-05-17 18:09 1629024 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-05-17 18:09 . 2009-05-17 18:09 212848 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-05-17 18:09 . 2009-05-17 18:09 64160 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-05-17 18:09 . 2009-05-17 18:09 40288 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-05-17 18:08 . 2009-05-17 18:08 73064 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe
2009-05-17 18:08 . 2009-05-17 18:08 632680 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-05-17 18:08 . 2009-05-17 18:08 539512 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-05-17 18:08 . 2009-05-17 18:08 552808 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-05-17 18:08 . 2009-05-17 18:08 2324808 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-05-17 18:08 . 2009-05-17 18:08 626000 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-05-17 18:08 . 2009-05-17 18:08 516440 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-05-17 18:08 . 2009-05-17 18:08 953168 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-05-17 18:06 . 2009-05-17 18:06 -------- dc-h–w c:\documents and settings\All Users\Application Data{83C91755-2546-441D-AC40-9A6B4B860800}
2009-05-17 18:06 . 2009-01-18 21:43 2892112 -c–a-w c:\documents and settings\All Users\Application Data{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
2009-05-17 17:57 . 2009-05-17 17:57 -------- d-----w c:\program files\filehippo.com
2009-05-17 17:48 . 2009-05-17 20:03 -------- d-----w C:\ToolBar SD
2009-05-17 13:32 . 2009-05-17 13:32 -------- d-----w c:\documents and settings\MATEOS\Application Data\Malwarebytes
2009-05-17 13:32 . 2009-05-17 13:32 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-17 00:24 . 2009-05-17 00:24 -------- dc----w c:\documents and settings\All Users\Application Data{60DED1EF-2333-48C7-82AD-E871A69B9418}
2009-05-17 00:13 . 2009-04-13 13:32 2844187 -c–a-w c:\documents and settings\All Users\Application Data{A1022C86-A878-4802-B35D-19E4228E3991}\RegistryBooster2009.exe
2009-05-17 00:13 . 2009-04-03 14:48 51733352 -c–a-w c:\documents and settings\All Users\Application Data{A1022C86-A878-4802-B35D-19E4228E3991}\XenoCodeRB\855E5375\37C5529D\RegistryBooster.exe
2009-05-17 00:13 . 2009-05-17 00:13 -------- dc-h–w c:\documents and settings\All Users\Application Data{A1022C86-A878-4802-B35D-19E4228E3991}
2009-05-16 23:14 . 2009-05-16 23:14 -------- d-----w c:\documents and settings\MATEOS\Local Settings\Application Data\Xenocode
2009-05-16 22:57 . 2009-05-17 00:12 -------- d-----w c:\program files\Uniblue
2009-05-14 17:29 . 2009-05-08 10:05 2302232 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avguiadv.dll
2009-05-14 17:29 . 2009-05-08 10:05 3399960 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-05-12 21:33 . 2006-10-06 06:17 53248 ------w c:\windows\Ctregrun.exe
2009-05-12 21:30 . 1999-12-12 17:01 44032 ------w c:\windows\system32\CTSVCCDA.EXE
2009-05-12 21:30 . 1999-11-17 17:00 25088 ------w c:\windows\system32\CTSVCCTL.EXE
2009-05-12 21:30 . 2009-05-12 21:30 -------- d-----w c:\program files\Fichiers communs\Creative
2009-05-12 21:30 . 2009-05-12 21:30 -------- d–h--w c:\program files\Creative Installation Information
2009-05-12 21:29 . 2009-05-12 21:42 -------- d-----w c:\documents and settings\All Users\Application Data\Creative
2009-05-12 21:29 . 2009-05-12 21:29 413696 ----a-w c:\windows\system32\wrap_oal.dll
2009-05-12 21:29 . 2009-05-12 21:29 110592 ----a-w c:\windows\system32\OpenAL32.dll
2009-05-12 21:29 . 2008-04-25 02:23 181248 ----a-r c:\windows\system32\skInst.dll
2009-05-12 21:29 . 2007-10-12 08:19 53248 ----a-r c:\windows\ksdef.exe
2009-05-12 21:29 . 2007-07-16 07:50 782336 ----a-r c:\windows\OALInst.exe
2009-05-12 21:29 . 2008-04-07 09:20 1462 ----a-r c:\windows\skdef.reg
2009-05-12 21:29 . 2008-02-12 02:50 1670016 ----a-r c:\windows\system32\drivers\skfilt.sys
2009-05-12 21:29 . 2007-10-29 03:16 151040 ----a-r c:\windows\system32\KSXPPI32.dll
2009-05-12 21:28 . 2009-05-12 21:28 -------- d-----w c:\documents and settings\All Users\Application Data\Creative Labs
2009-05-12 21:27 . 2009-05-12 21:27 -------- d-----w c:\program files\Fichiers communs\Creative Labs Shared
2009-05-12 21:27 . 2009-05-12 21:33 -------- d-----w c:\program files\Creative
2009-04-30 22:31 . 2009-04-30 22:31 1657376 ----a-w c:\windows\system32\nwiz.exe
2009-04-30 22:31 . 2009-04-30 22:31 449056 ----a-w c:\windows\system32\nvappbar.exe
2009-04-30 22:31 . 2009-04-30 22:31 436768 ----a-w c:\windows\system32\keystone.exe
2009-04-30 22:31 . 2009-04-30 22:31 466944 ----a-w c:\windows\system32\nvshell.dll
2009-04-30 22:31 . 2009-04-30 22:31 1724416 ----a-w c:\windows\system32\nvwdmcpl.dll
2009-04-30 22:31 . 2009-04-30 22:31 1507328 ----a-w c:\windows\system32\nview.dll
2009-04-30 22:31 . 2009-04-30 22:31 1101824 ----a-w c:\windows\system32\nvwimg.dll
2009-04-30 20:02 . 2009-04-30 20:02 663552 ----a-w c:\windows\system32\nvcuvid.dll
2009-04-30 20:02 . 2009-04-30 20:02 1579630 ----a-w c:\windows\system32\nvdata.bin
2009-04-30 20:02 . 2009-04-30 20:02 1314816 ----a-w c:\windows\system32\nvcuvenc.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-23 13:36 . 2004-08-05 12:00 78088 ----a-w c:\windows\system32\perfc00C.dat
2009-05-23 13:36 . 2004-08-05 12:00 477424 ----a-w c:\windows\system32\perfh00C.dat
2009-05-19 10:53 . 2007-11-02 16:26 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-19 06:21 . 2009-05-19 06:21 664 ----a-w c:\windows\system32\d3d9caps.tmp
2009-05-17 21:06 . 2007-12-10 17:59 -------- d-----w c:\program files\Dofus
2009-05-17 20:32 . 2007-09-18 15:50 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-05-17 20:26 . 2009-03-24 12:09 -------- d-----w c:\program files\DofusBeta
2009-05-17 18:39 . 2009-03-11 23:45 -------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-05-17 18:37 . 2008-02-27 13:33 -------- d-----w c:\program files\Windows Live
2009-05-17 18:26 . 2008-05-13 15:38 -------- d-----w c:\documents and settings\MATEOS\Application Data\Spyware Terminator
2009-05-17 18:26 . 2008-05-13 15:38 -------- d-----w c:\program files\Spyware Terminator
2009-05-17 18:25 . 2008-05-13 15:38 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-05-17 18:25 . 2008-05-13 15:38 -------- d-----w c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-05-17 18:20 . 2008-09-24 21:41 -------- d-----w c:\documents and settings\MATEOS\Application Data\Skype
2009-05-17 18:19 . 2008-02-17 19:19 -------- d-----w c:\documents and settings\MATEOS\Application Data\skypePM
2009-05-17 18:18 . 2008-02-17 19:16 -------- d-----r c:\program files\Skype
2009-05-17 18:18 . 2008-02-17 19:16 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-05-17 18:11 . 2008-05-13 19:00 -------- d-----w c:\program files\CCleaner
2009-05-17 17:52 . 2009-02-14 17:04 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-05-16 23:14 . 2007-07-11 17:49 -------- d-----w c:\documents and settings\MATEOS\Application Data\Uniblue
2009-05-16 22:54 . 2007-07-05 18:07 -------- d-----w c:\program files\LimeWire
2009-05-16 13:08 . 2007-11-02 16:26 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-12 21:33 . 2007-06-18 09:25 -------- d–h--w c:\program files\InstallShield Installation Information
2009-05-12 21:24 . 2009-02-14 17:04 -------- d-----w c:\documents and settings\MATEOS\Application Data\AVGTOOLBAR
2009-05-08 10:05 . 2009-02-14 17:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-08 10:05 . 2009-02-14 17:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-08 10:05 . 2009-02-14 17:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-08 10:05 . 2009-02-14 17:04 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-04 17:20 . 2007-07-05 18:09 -------- d-----w c:\documents and settings\MATEOS\Application Data\LimeWire
2009-04-30 20:02 . 2007-12-25 20:06 457248 ----a-w c:\windows\system32\nvudisp.exe
2009-04-30 20:02 . 2007-12-05 00:41 9994240 ----a-w c:\windows\system32\nvoglnt.dll
2009-04-30 20:02 . 2007-12-05 00:41 806912 ----a-w c:\windows\system32\nvapi.dll
2009-04-30 20:02 . 2007-12-05 00:41 8055584 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2009-04-30 20:02 . 2007-12-05 00:41 5896320 ----a-w c:\windows\system32\nv4_disp.dll
2009-04-30 20:02 . 2007-12-05 00:41 1720320 ----a-w c:\windows\system32\nvcuda.dll
2009-04-30 20:02 . 2007-12-05 00:41 143360 ----a-w c:\windows\system32\nvcodins.dll
2009-04-30 20:02 . 2007-12-05 00:41 143360 ----a-w c:\windows\system32\nvcod.dll
2009-04-26 22:42 . 2007-07-05 17:46 457248 ----a-w c:\windows\system32\NVUNINST.EXE
2009-04-08 00:24 . 2009-04-08 00:24 -------- d-----w c:\program files\iTunes
2009-04-08 00:24 . 2009-04-08 00:24 -------- d-----w c:\documents and settings\All Users\Application Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-08 00:24 . 2007-06-26 19:24 -------- d-----w c:\program files\iPod
2009-04-08 00:24 . 2007-12-01 11:27 -------- d-----w c:\program files\Fichiers communs\Apple
2009-04-08 00:19 . 2009-04-08 00:19 75048 ----a-w c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-31 17:14 . 2007-07-05 18:08 -------- d-----w c:\program files\Java
2009-03-31 17:13 . 2009-03-31 17:13 152576 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\documents and settings\All Users\Application Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 14:32 . 2008-01-29 10:01 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 05:51 . 2009-03-19 05:51 152576 ----a-w c:\documents and settings\MATEOS\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2009-03-14 17:23 . 2009-03-14 17:10 5325 -c–a-w c:\windows\BricoPackFoldersDelete.cmd
2009-03-14 17:23 . 2007-06-18 10:41 72382 -c–a-w c:\windows\BricoPackUninst.cmd
2009-03-11 23:34 . 2009-03-11 23:34 86576 ----a-w c:\documents and settings\MATEOS\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2009-03-11 23:34 . 2009-03-11 23:34 392728 ----a-w c:\documents and settings\MATEOS\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2009-03-11 23:34 . 2009-03-11 23:34 132672 ----a-w c:\documents and settings\MATEOS\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2009-03-09 03:19 . 2008-11-23 12:59 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 02:34 . 2004-08-05 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2004-08-05 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2004-08-05 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2004-08-05 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2004-08-05 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2004-08-05 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2004-08-05 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2004-08-05 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2004-08-05 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2004-08-05 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2004-08-05 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-05 22:59 . 2009-03-17 23:15 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-05 22:59 . 2008-10-16 23:01 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-05-23_21.17.31 )))))))))))))))))))))))))))))))))))))))))
.

2009-05-24 21:30 . 2009-05-24 21:30 16384 c:\windows\temp\Perflib_Perfdata_388.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\ctfmon.exe” [2008-04-14 15360]
“TVAgent WiFi”=“c:\program files\Tiscali_Triway_WiFi\Wizard\Agent_WiFi.exe” [2004-12-15 834560]
“LDM”=“c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe” [2007-10-26 67128]
“LogitechSoftwareUpdate”=“c:\program files\Logitech\Video\ManifestEngine.exe” [2004-10-08 196608]
“SpybotSD TeaTimer”=“c:\program files\Spybot - Search & Destroy\TeaTimer.exe” [2009-03-05 2260480]
“IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe” [2007-12-13 1688872]
“MsnMsgr”=“c:\program files\Windows Live\Messenger\MsnMsgr.Exe” [2009-02-06 3885408]
“filehippo.com”=“c:\program files\filehippo.com\UpdateChecker.exe” [2009-04-06 146944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Easy Synchronization”=“c:\program files\Logitech\Easy Synchronization\LogitechEasySync.exe” [2005-10-05 53248]
“LogitechVideoRepair”=“c:\program files\Logitech\Video\ISStart.exe” [2004-10-08 458752]
“LogitechVideoTray”=“c:\program files\Logitech\Video\LogiTray.exe” [2004-10-08 217088]
“JMB36X Configure”=“c:\windows\system32\JMRaidTool.exe” [2006-04-20 385024]
“SoundMAXPnP”=“c:\program files\Analog Devices\Core\smax4pnp.exe” [2006-05-01 843776]
“MediaLifeService”=“c:\program files\Logitech\MediaLife\MediaLifeService.exe” [2005-06-03 110739]
“Adobe Photo Downloader”=“c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe” [2007-03-16 63712]
“NeroFilterCheck”=“c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe” [2007-03-01 153136]
“NBKeyScan”=“c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe” [2007-12-03 2213160]
“AVG8_TRAY”=“c:\progra~1\AVG\AVG8\avgtray.exe” [2009-05-08 1947928]
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2009-01-05 413696]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-03-09 148888]
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe” [2009-04-02 342312]
“VolPanel”=“c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe” [2008-05-05 221300]
“Ad-Watch”=“c:\program files\Lavasoft\Ad-Aware\AAWTray.exe” [2009-05-17 516440]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 35696]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-04-30 13750272]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-04-30 86016]
“Logitech Hardware Abstraction Layer”=“KHALMNPR.EXE” - c:\windows\KHALMNPR.Exe [2008-10-10 69632]
“Kernel and Hardware Abstraction Layer”=“KHALMNPR.EXE” - c:\windows\KHALMNPR.Exe [2008-10-10 69632]
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe [2009-04-30 1657376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
“Easy Synchronization”=“c:\program files\Logitech\Easy Synchronization\LogitechEasySync.exe” [2005-10-05 53248]

c:\documents and settings\All Users\Menu D?marrer\Programmes\D?marrage
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-10-26 67128]
Moniteur r?seau 802.11g OLITEC.lnk - c:\program files\OLITEC\Common\RaUI.exe [2007-6-18 643072]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
“{FE24CD78-7C63-465D-8787-4EDF7FC79895}”= “c:\program files\Logitech\Easy Synchronization\shellexecutehook.dll” [2005-10-05 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-08 10:05 11952 ----a-w c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=“Service”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=""

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Messenger\msmsgs.exe”=
“c:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe”=
“c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe”=
“c:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat”=
“c:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\AVG\AVG8\avgupd.exe”=
“c:\Program Files\AVG\AVG8\avgnsx.exe”=
“c:\Program Files\Bonjour\mDNSResponder.exe”=
“c:\Program Files\iTunes\iTunes.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=
“c:\Program Files\Windows Live\Messenger\wlcsdk.exe”=
“c:\Program Files\Windows Live\Messenger\msnmsgr.exe”=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [17/05/2009 20:09 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [14/02/2009 19:04 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [14/02/2009 19:04 108552]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [24/01/2009 20:31 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21/06/2008 05:54 66600]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [14/02/2009 19:04 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 953168]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31/10/2008 08:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31/10/2008 08:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [24/01/2009 20:31 65576]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Fichiers communs\Creative Labs Shared\Service\CTAELicensing.exe [12/05/2009 23:27 79360]
S3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.sys [12/05/2009 23:29 1670016]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
“c:\windows\system32\rundll32.exe” “c:\windows\system32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{98ZVD5C0-4FCB-11CF-AAX5-81CX1C635612}]
c:\recycler\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
.
Contenu du dossier ‘Tâches planifiées’

2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job

c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 18:08]

2009-04-28 c:\windows\Tasks\AppleSoftwareUpdate.job

c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: Ajouter au fichier PDF existant
IE: AMV convert tool grab multimedia file - c:\program files\MP3??? 4.13\AMVConverter\grab.html
IE: Convertir en Adobe PDF
IE: Convertir la cible du lien en Adobe PDF
IE: Convertir la cible du lien en un fichier PDF existant
IE: Convertir la sélection en Adobe PDF
IE: Convertir la sélection en un fichier PDF existant
IE: Convertir les liens sélectionnés en Adobe PDF
IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant
IE: Crawler Search
IE: Envoyer au périphérique &Bluetooth… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: MediaManager tool grab multimedia file - c:\program files\MP3??? 4.13\MediaManager\grab.html
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\MATEOS\Application Data\Mozilla\Firefox\Profiles\yiz6qare.default
FF - prefs.js: browser.startup.homepage - www.jeuxvideo.com…
FF - prefs.js: keyword.URL - www.ffsearch.net…
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

---- PARAMETRES FIREFOX ----
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-05-24 23:31
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID{A6FBC675-7227-01D4-455F-35444F452C52}\InProcServer32*]
“oaaccogoomogbaifaoadgioejlkhoc”=hex:6a,61,62,6c,67,64,69,62,66,70,66,70,68,64,
69,61,6f,70,6f,6e,00,a8
“naacaoibffajbbnllipfohagogmp”=hex:6a,61,63,6c,6f,70,6b,61,69,6e,69,63,66,65,
6b,6c,65,6a,62,67,00,a8

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø|ÿÿÿÿ|ù9~*]
“C040311900063D11C8EF10054038389C”=“C?\WINDOWS\system32\FM20ENU.DLL”
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - ‘lsass.exe’(1660)
        c:\windows\system32\nvappfilter.dll
- - - - ‘explorer.exe’(2732)
        c:\windows\system32\ieframe.dll
        c:\windows\system32\eappprxy.dll
        c:\windows\system32\WPDShServiceObj.dll
        c:\windows\system32\btncopy.dll
        c:\windows\system32\PortableDeviceTypes.dll
        c:\windows\system32\PortableDeviceApi.dll
        .
        ------------------------ Autres processus actifs ------------------------
        .
        c:\windows\system32\nvsvc32.exe
        c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
        c:\program files\Creative\Shared Files\CTAudSvc.exe
        c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        c:\program files\Bonjour\mDNSResponder.exe
        c:\windows\system32\CTSVCCDA.EXE
        c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
        c:\program files\Java\jre6\bin\jqs.exe
        c:\program files\Logitech\Easy Synchronization\servicestub.exe
        c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
        c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
        c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
        c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
        c:\program files\AVG\AVG8\avgrsx.exe
        c:\progra~1\AVG\AVG8\avgnsx.exe
        c:\program files\Spyware Terminator\sp_rsser.exe
        c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
        c:\windows\system32\wbem\unsecapp.exe
        c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
        c:\windows\system32\wbem\wmiapsrv.exe
        c:\windows\system32\rundll32.exe
        c:\windows\system32\rundll32.exe
        c:\program files\Logitech\Video\FxSvr2.exe
        c:\program files\iPod\bin\iPodService.exe
        c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe
        .

.
Heure de fin: 2009-05-24 23:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-24 21:42
ComboFix2.txt 2009-05-24 13:36
ComboFix3.txt 2009-05-23 21:21

Avant-CF: 189 513 826 304 octets libres
Après-CF: 189 492 695 040 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
380 — E O F — 2009-05-18 23:09