[XP] ma barre des taches et mes icone clignote (RESOLU)

[lutti522]

Télécharge ComboFix sur TON BUREAU .

voila j'ai réussi voici le rapport

ComboFix 08-10-31.02 - Paul 2008-11-01 12:08:54.1 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1475 [GMT 1:00]

Lancé depuis: C:\Program Files\ComboFix.exe

* Un nouveau point de restauration a été créé

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\system32\MSINET.oca

.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-01 au 2008-11-01 ))))))))))))))))))))))))))))))))))))

.

2008-11-01 12:02 . 2008-11-01 12:02 3,029,974 -ra------ C:\Program Files\ComboFix.exe

2008-10-31 23:34 . 2008-10-31 23:34 <REP> d-------- C:\VundoFix Backups

2008-10-31 20:11 . 2008-10-31 20:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-10-31 20:11 . 2008-10-31 20:11 <REP> d-------- C:\Documents and Settings\Paul\Application Data\Malwarebytes

2008-10-31 20:11 . 2008-10-31 20:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-10-31 20:11 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2008-10-31 20:11 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-10-30 22:53 . 2008-10-30 22:53 <REP> d-------- C:\Program Files\CCleaner

2008-10-30 17:22 . 2002-12-12 00:14 1,294,336 --a--c--- C:\WINDOWS\system32\dllcache\dsound3d.dll

2008-10-30 13:04 . 2008-10-30 13:04 <REP> dr-h----- C:\Documents and Settings\Paul\Application Data\SecuROM

2008-10-30 13:03 . 2008-05-30 14:11 3,850,760 --a------ C:\WINDOWS\system32\D3DX9_38.dll

2008-10-30 13:03 . 2008-05-30 14:11 1,491,992 --a------ C:\WINDOWS\system32\D3DCompiler_38.dll

2008-10-30 13:03 . 2008-05-30 14:19 507,400 --a------ C:\WINDOWS\system32\XAudio2_1.dll

2008-10-30 13:03 . 2008-05-30 14:11 467,984 --a------ C:\WINDOWS\system32\d3dx10_38.dll

2008-10-30 13:03 . 2008-05-30 14:18 238,088 --a------ C:\WINDOWS\system32\xactengine3_1.dll

2008-10-30 13:03 . 2008-05-30 14:17 65,032 --a------ C:\WINDOWS\system32\XAPOFX1_0.dll

2008-10-30 13:03 . 2008-05-30 14:17 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_4.dll

2008-10-30 13:02 . 2008-10-30 13:02 <REP> d-------- C:\WINDOWS\Logs

2008-10-28 23:09 . 2008-10-28 23:09 <REP> d-------- C:\Program Files\Fraps

2008-10-27 10:36 . 2008-11-01 11:18 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-10-27 10:36 . 2008-10-27 10:36 1,409 --a------ C:\WINDOWS\QTFont.for

2008-10-24 18:18 . 2008-10-15 17:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll

2008-10-23 20:02 . 2008-10-24 21:46 <REP> d-------- C:\Program Files\Team JPN

2008-10-21 17:42 . 2008-10-31 12:26 <REP> d-------- C:\Program Files\Far Cry 2

2008-10-19 20:01 . 2008-10-19 20:01 <REP> d-------- C:\Program Files\Worms 4 Mayhem

2008-10-18 11:16 . 2008-10-30 17:30 <REP> d-------- C:\Fraps

2008-10-18 09:30 . 2008-10-18 09:30 316 --a------ C:\WINDOWS\game.ini

2008-10-18 09:17 . 2008-10-30 17:13 <REP> d-------- C:\Program Files\id Software

2008-10-16 17:31 . 2008-09-15 16:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys

2008-10-16 17:31 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys

2008-10-16 17:30 . 2008-08-14 14:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2008-10-16 17:30 . 2008-08-14 14:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe

2008-10-16 17:30 . 2008-08-14 14:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2008-10-16 17:30 . 2008-08-14 14:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe

2008-10-14 21:19 . 2008-10-15 10:53 <REP> d-------- C:\Documents and Settings\Paul\Application Data\PCAnonyme4

2008-10-14 21:17 . 2008-10-15 18:11 <REP> d-------- C:\Program Files\Micro Application

2008-10-14 21:14 . 2008-10-15 18:11 <REP> d-------- C:\Program Files\pca

2008-10-14 18:59 . 2008-10-30 14:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2008-10-06 18:10 . 2008-10-31 12:25 <REP> d-------- C:\Program Files\Crysis warhead

2008-10-04 10:06 . 2008-10-04 10:06 <REP> d-------- C:\Program Files\TryMedia

2008-10-03 00:46 . 2008-10-03 00:46 81,920 --a------ C:\WINDOWS\system32\frapsvid.dll

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-01 11:05 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-10-31 11:30 --------- d-----w C:\Program Files\Age of Empires III

2008-10-30 16:29 --------- d-----w C:\Documents and Settings\Paul\Application Data\LimeWire

2008-10-30 15:44 --------- d-----w C:\Program Files\TmNationsForever

2008-10-30 12:01 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe

2008-10-30 12:01 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-10-30 12:01 22,328 ----a-w C:\Documents and Settings\Paul\Application Data\PnkBstrK.sys

2008-10-30 12:01 2,250,024 ----a-w C:\WINDOWS\system32\pbsvc.exe

2008-10-30 12:01 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe

2008-10-30 11:57 --------- d-----w C:\Program Files\UBISOFT

2008-10-28 22:07 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2008-10-27 22:05 --------- d-----w C:\Program Files\Sierra

2008-10-27 21:04 --------- d-----w C:\Program Files\THQ

2008-10-27 18:22 --------- d-----w C:\Documents and Settings\Paul\Application Data\Skype

2008-10-27 18:20 --------- d-----w C:\Documents and Settings\Paul\Application Data\skypePM

2008-10-23 19:16 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll

2008-10-18 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania

2008-10-18 14:12 --------- d-----w C:\Program Files\TrackMania Nations ESWC

2008-09-28 19:01 --------- d-----w C:\Program Files\Fichiers communs\Logitech

2008-09-28 19:01 --------- d-----w C:\Program Files\Fichiers communs\Logishrd

2008-09-27 09:34 --------- d-----w C:\Program Files\Electronic Arts

2008-09-25 20:03 --------- d-----w C:\Program Files\PC Wizard 2008

2008-09-24 10:40 --------- d-----w C:\Documents and Settings\Paul\Application Data\MozillaControl

2008-09-22 18:19 --------- d-----w C:\Documents and Settings\Paul\Application Data\CyberLink

2008-09-22 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink

2008-09-17 19:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles

2008-09-17 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA

2008-09-17 19:29 --------- d-----w C:\Program Files\Techland

2008-09-17 19:26 --------- d-----w C:\Program Files\CyberLink

2008-09-17 17:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies

2008-09-16 16:53 --------- d-----w C:\Program Files\Alcohol Soft

2008-09-16 16:48 36,734 ----a-w C:\WINDOWS\system32\OggDSuninst.exe

2008-09-15 19:50 --------- d-----w C:\Documents and Settings\Paul\Application Data\DAEMON Tools Pro

2008-09-15 19:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys

2008-09-13 14:42 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll

2008-09-13 14:42 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll

2008-09-13 07:15 --------- d-----w C:\Program Files\MSXML 4.0

2008-09-10 13:41 564,736 ----a-w C:\WINDOWS\system32\ah.scr

2008-09-10 13:41 45,056 ----a-w C:\WINDOWS\system32\sstunst3.exe

2008-09-09 18:09 --------- d-----w C:\Program Files\Fichiers communs\Stardock

2008-09-09 17:34 --------- d-----w C:\Program Files\AlienGUIse

2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-09-01 16:15 --------- d-----w C:\Program Files\Logitech

2008-08-31 10:45 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll

2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-08-14 13:23 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-08-14 13:23 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-06-21 17:43 305,664 ----a-w C:\Program Files\Xtremsplit.exe

2008-06-16 15:29 920,955,719 ----a-w C:\Program Files\TrackManiaUnited.rar

2008-06-01 18:58 34,504 ----a-w C:\Documents and Settings\Paul\Application Data\GDIPFONTCACHEV1.DAT

2008-01-17 20:36 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat

2007-11-12 19:11 20,256,064 ----a-w C:\Program Files\QuickTimeInstaller.exe

2007-10-14 10:17 1,815,408 ----a-w C:\Program Files\WLinstaller.exe

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 222592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WireLessKeyboard"="C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 94208]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]

"\\ALAIN\EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE" [2005-03-07 98304]

"TrayServer"="C:\PROGRA~1\MAGIX\VIDEO_~1\TrayServer.exe" [2007-07-17 90112]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]

"Gainward"="C:\WINDOWS\TBPanel.exe" [2007-04-23 2173744]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 385024]

"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 C:\WINDOWS\RTHDCPL.exe]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\WINDOWS\KHALMNPR.Exe]

"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"LogiSPSetupNeedReboot"="rundll32.exe" [2008-04-14 C:\WINDOWS\system32\rundll32.exe]

C:\Documents and Settings\Paul\Menu D‚marrer\Programmes\D‚marrage\

Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [2008-09-09 2074360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-07 113664]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]

2001-12-20 22:34 24576 C:\Program Files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-01-31 22:13 385024 C:\Program Files\QuickTime\QTTask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=

"C:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"=

"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2VoipServer.exe"=

"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=

"C:\\Program Files\\AGEIA Technologies\\Freak Out - Extreme Freeride\\FreakOut.exe"=

"C:\\Program Files\\TmNationsForever\\TmForever.exe"=

"C:\\Program Files\\UBISOFT\\Far Cry\\Bin32\\FarCry.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\WINDOWS\\system32\\PnkBstrA.exe"=

"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"C:\\Program Files\\Sierra\\SWAT 4\\Content\\System\\Swat4.exe"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\Age of Empires III\\Age of Empires III\\Age of Empires III Jeu\\age3.exe"=

"C:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=

"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=

"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=

"C:\\WINDOWS\\system32\\dplaysvr.exe"=

"C:\\Program Files\\Micro Application\\PC Anonyme\\PCAnonyme.exe"=

"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=

"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=

"C:\\Program Files\\Worms 4 Mayhem\\Worms.4.Mayhem.Multi\\WORMS 4 MAYHEM.EXE"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=

"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=

"C:\\Program Files\\UBISOFT\\Far Cry 2\\bin\\FarCry2.exe"=

"C:\\Program Files\\UBISOFT\\Far Cry 2\\bin\\FC2Launcher.exe"=

"C:\\Program Files\\UBISOFT\\Far Cry 2\\bin\\FC2Editor.exe"=

"C:\\Program Files\\UBISOFT\\Far Cry 2\\bin\\FC2ServerLauncher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 63352]

R2 acedrv09;acedrv09;C:\WINDOWS\system32\drivers\acedrv09.sys [2007-06-18 373568]

R2 acehlp09;acehlp09;C:\WINDOWS\system32\drivers\acehlp09.sys [2007-05-30 201696]

R2 StealthInjectorService;Stealth Service Helper;C:\Program Files\Micro Application\PC Anonyme\IJStealth4Svc.exe [2007-04-30 148992]

R3 cpuz129;cpuz129;C:\Program Files\PC Wizard 2008\pcwiz32.sys [2008-01-25 9600]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]

S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]

S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]

S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50f2c226-3641-11dd-a088-0019dbb47087}]

\Shell\AutoRun\command - setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9829dcd1-7393-11dd-a0c3-0019dbb47087}]

\Shell\AutoRun\command - J:\InstallTomTomHOME.exe

*Newly Created Service* - CPUZ129

*Newly Created Service* - PROCEXP90

.

Contenu du dossier 'Tâches planifiées'

2008-11-01 C:\WINDOWS\Tasks\SpeedOptimizer Startup.job

- c:\progra~1\speedo~1\SPO.exe []

.

.

------- Examen supplémentaire -------

.

R0 -: HKCU-Main,Start Page = hxxp://funnylogo.info/engines/Google/Red/!SAF!%20%20airechaos.aspx

R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore

O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O17 -: HKLM\CCS\Interface\{22A57DBD-9D6E-4D61-A3BC-2C17983CCD87}: NameServer = 192.168.1.1

O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab3.cab

C:\WINDOWS\Downloaded Program Files\SysReqLab3.osd

C:\WINDOWS\Downloaded Program Files\sysreqlab3.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-11-01 12:10:02

Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès

Fichiers cachés: 0

**************************************************************************

.

Heure de fin: 2008-11-01 12:10:32

ComboFix-quarantined-files.txt 2008-11-01 11:10:30

Avant-CF: 69 537 267 712 octets libres

Après-CF: 69,574,782,976 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

235 --- E O F --- 2008-10-31 19:01:02

[snooky]

RAS

Lance Tools Cleaner , puis Recherche et supprime ce qu'il trouve.

+ Corbeille et TEMP .

http://www.pcinpact.com/forum/index.php?sh...l=tools+cleaner

Installe Antivir

Installe Hosts.

Garde MBAM .

[lutti522]

RAS

Lance Tools Cleaner , puis Recherche et supprime ce qu'il trouve.

+ Corbeille et TEMP .

http://www.pcinpact.com/forum/index.php?sh...l=tools+cleaner

Installe Antivir

Installe Hosts.

Garde MBAM .

encore merci bcp t'es mon sauveur sinon je réinstalle McAfee ou pas?

[snooky]

Installe Antivir

Installe Hosts.

Garde MBAM .

McAfee = poubelle .

[lutti522]

Installe Antivir

Installe Hosts.

Garde MBAM .

ok comment faire pour mêttre le topic en résolu?

[snooky]

Editer , dans ton 1er post ...