Probleme mise a jour antivir et vista premium

V

valou440

Habitué
Bonjour,

j'ai un gros souci de mise a jour avec mon anti virus antivir 8.2 et meme avec vista premium en effet de puis plusieur s semaine les mise a jour ne veulent pas se faire.

pour antivir : connection internet failed

pour vista : code 80244019 windows update a rencontré une erreur

la mise a jour du logiciel windows contre les espion et autre progammes malveillant ne se fait plus non plus


scan spybot effectué et corrections apportées
scan antivir effectué : RAS

de plus j'ai des fenetres firefox intempestives lorsque je lance internet

j'ai changé de freebox mais le probleme existait avant.

je met en post les rapport hojackis et combofix.

merci de votre aide
 
V

valou440

Habitué
rapport hijackis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:01:39, on 05/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\valou440\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.m6replay.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone:
Vous devez être connecté pour voir les liens.

O16 - DPF: {45FE4418-F85F-45F0-BCAA-68C334FA6E08} (Sipd Control) - file:///C:/Users/valou440/AppData/Local/Microsoft/Windows%20Sidebar/Gadgets/(EPIDEM.RU)%20AGEphoneGadget.gadget/sipd.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB939052-F813-4A63-8E60-A2F6524A648B}: NameServer = 85.255.112.61;85.255.112.99
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdphg.exe (file missing)

--
End of file - 9801 bytes
 
V

valou440

Habitué
rapport combofix :

ComboFix 09-01-04.01 - valou440 2009-01-05 10:03:43.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1791.1090 [GMT 1:00]
Lancé depuis: c:\users\valou440\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\components\iamfamous.dll
c:\windows\system32\tmp.reg
D:\Autorun.inf
D:\resycled
d:\resycled\boot.com
K:\resycled
k:\resycled\boot.com

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Windows Tribute Service


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-05 au 2009-01-05 ))))))))))))))))))))))))))))))))))))
.

2009-01-03 14:40 . 2009-01-03 14:41 <REP> d-------- C:\CPM
2008-12-22 17:16 . 2008-12-22 17:16 <REP> d-------- c:\program files\10TACLE STUDIOS
2008-12-22 17:15 . 2008-12-22 17:15 <REP> d-------- c:\windows\systinfo
2008-12-20 11:04 . 2008-12-20 11:04 <REP> d-------- c:\program files\imgburn
2008-12-20 10:55 . 2008-12-20 10:55 <REP> d-------- c:\users\valou440\AppData\Roaming\ImgBurn
2008-12-18 17:08 . 2008-12-18 17:08 <REP> d-------- c:\users\valou440\AppData\Roaming\GameHouse
2008-12-14 13:23 . 2008-12-14 13:23 <REP> d-------- c:\users\valou440\TheWineCellarBook
2008-12-14 13:10 . 2008-12-14 13:10 <REP> d-------- c:\program files\Matthieu DUCROCQ
2008-12-14 13:08 . 2008-12-14 13:08 <REP> d-------- c:\windows\System32\URTTEMP
2008-12-14 13:06 . 2008-12-14 13:25 <REP> d-------- C:\TheWineCellarBook
2008-12-14 13:05 . 2008-12-14 13:05 <REP> d-------- c:\program files\EuroThink
2008-12-14 12:58 . 2008-12-14 12:58 <REP> d-------- c:\users\All Users\4D
2008-12-14 12:58 . 2008-12-14 12:58 <REP> d-------- c:\programdata\4D
2008-12-14 12:56 . 2008-12-15 14:26 <REP> d-------- c:\windows\Downloaded Installations
2008-12-14 11:52 . 2008-12-14 11:52 <REP> d-------- c:\program files\La cave du sommelier 2
2008-12-14 11:52 . 2008-12-15 14:49 <REP> d-------- C:\CaveSommelier
2008-12-14 11:52 . 2008-01-19 08:33 12 --a------ c:\windows\System32\dsdm32.dll
2008-12-12 12:17 . 2008-12-12 12:39 139 --a------ c:\windows\wininit.ini
2008-12-12 11:08 . 2008-12-20 09:49 <REP> d-------- c:\users\All Users\Spybot - Search & Destroy
2008-12-12 11:08 . 2008-12-20 09:49 <REP> d-------- c:\programdata\Spybot - Search & Destroy
2008-12-12 11:08 . 2008-12-20 08:47 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-12-12 09:43 . 2008-12-12 09:43 <REP> d-------- c:\users\All Users\Avira
2008-12-12 09:43 . 2008-12-12 09:43 <REP> d-------- c:\programdata\Avira
2008-12-12 09:43 . 2008-12-12 09:43 <REP> d-------- c:\program files\Avira
2008-12-06 16:48 . 2008-12-06 16:48 <REP> d-------- c:\users\valou440\AppData\Roaming\vlc
2008-12-05 16:47 . 2008-12-05 16:46 410,984 --a------ c:\windows\System32\deploytk.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-05 09:02 --------- d-----w c:\users\valou440\AppData\Roaming\Azureus
2009-01-03 16:38 --------- d-----w c:\users\valou440\AppData\Roaming\dvdcss
2008-12-26 20:37 --------- d-----w c:\users\valou440\AppData\Roaming\XnView
2008-12-21 19:25 --------- d-----w c:\users\valou440\AppData\Roaming\OpenOffice.org2
2008-12-15 17:24 --------- d-----w c:\program files\Zylom Games
2008-12-15 17:18 --------- d-----w c:\users\valou440\AppData\Roaming\Zylom
2008-12-15 17:16 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-15 17:16 --------- d-----w c:\program files\Micro Application
2008-12-15 17:15 --------- d-----w c:\programdata\Activision
2008-12-05 15:46 --------- d-----w c:\program files\Java
2008-11-28 07:50 --------- d-----w c:\program files\Common Files\SWF Studio
2008-11-28 07:37 --------- d-----w c:\users\valou440\AppData\Roaming\cerasus.media
2008-11-28 07:35 --------- d-----w c:\users\valou440\AppData\Roaming\SprillBermudeEng
2008-11-27 11:22 --------- d-----w c:\programdata\Zylom
2008-11-25 21:11 --------- d-----w c:\programdata\PopCap
2008-11-24 20:03 29,184 ----a-w c:\windows\system32\drivers\ndisprot.sys
2008-11-24 13:25 --------- d-----w c:\program files\DAEMON Tools Lite
2008-11-24 13:23 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-11-24 13:18 --------- d-----w c:\users\valou440\AppData\Roaming\DAEMON Tools
2008-11-22 15:40 --------- d-----w c:\users\valou440\AppData\Roaming\Mysteryville2
2008-11-22 15:37 --------- d-----w c:\program files\GameHouse
2008-11-22 15:18 --------- d-----w c:\users\valou440\AppData\Roaming\Eyeblaster
2008-11-22 15:18 --------- d-----w c:\programdata\JollyBear
2008-11-22 08:36 --------- d-----w c:\program files\DAEMON Tools Toolbar
2008-11-22 08:20 --------- d-----w c:\program files\DAEMON Tools
2008-11-22 07:54 --------- d-----w c:\programdata\Media Center Programs
2008-11-21 22:35 --------- d-----w c:\program files\Azureus
2008-11-21 18:33 --------- d-----w c:\users\valou440\AppData\Roaming\InstallShield
2008-11-21 18:33 --------- d-----w c:\program files\Vimicro
2008-11-21 11:27 --------- d-----w c:\program files\Ubisoft
2008-11-20 12:45 --------- d-----w c:\users\valou440\AppData\Roaming\FileZilla
2008-11-20 11:38 --------- d-----w c:\users\valou440\AppData\Roaming\Nvu
2008-11-20 11:38 --------- d-----w c:\programdata\Microsoft Help
2008-11-20 11:38 --------- d-----w c:\program files\Nvu
2008-11-20 10:04 --------- d-----w c:\program files\JalbumWin
2008-11-20 08:43 --------- d-----w c:\program files\FileZilla FTP Client
2008-11-19 14:41 --------- d---a-w c:\programdata\TEMP
2008-11-17 06:57 --------- d-----w c:\program files\Common Files\Adobe
2008-11-16 10:37 --------- d-----w c:\users\valou440\AppData\Roaming\Dragon Altar Games
2008-11-11 19:35 --------- d-----w c:\program files\AKVIS
2008-11-11 16:24 43,520 ----a-w c:\windows\System32\CmdLineExt03.dll
2008-11-05 17:32 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2008-10-27 09:33 107,888 ----a-w c:\windows\System32\CmdLineExt.dll
2008-10-27 09:03 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-10-27 09:03 22,328 ----a-w c:\users\valou440\AppData\Roaming\PnkBstrK.sys
2008-10-27 09:03 2,250,024 ----a-w c:\windows\System32\pbsvc.exe
2008-10-27 09:03 107,832 ----a-w c:\windows\System32\PnkBstrB.exe
2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll
2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll
2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-07-19 10:57 174 --sha-w c:\program files\desktop.ini
2006-05-29 14:40 7,296,000 ----a-w c:\program files\mozilla firefox\plugins\libvlc.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-05 136600]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 c:\windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-05-06 528384]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 28672]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-05-06 200812]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WarReg_PopUp"=c:\acer\WR_PopUp\WarReg_PopUp.exe
"eDataSecurity Loader"=c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{3949DEB9-8DD8-42E4-A506-7B9F4A231291}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A033DC2D-F311-40C6-91FC-22337523B865}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F726BF72-BF4E-4B4F-B9FE-4CDF4E903131}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{51674872-C1F2-4F6E-9B9C-A757F38BE2C6}"= c:\program files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess
"{00717E99-5B5E-4D82-B899-5B920CE145A9}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe:DV Magician ARA workprocess
"{F90A806B-AED4-4244-AC78-EA10F3E4F0E6}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe:DV Magician AVAX workprocess
"{2EACCE03-44AD-4451-AFA5-833B35CC35B9}"= c:\program files\Acer Arcade Live\Acer DVDivine\DVDivine.exe:DVDivine
"{39E7738E-3D11-43B9-835D-D16D2F3B2B0D}"= c:\program files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia
"{59B339AA-E6E9-43D5-A0ED-DAC81D658E12}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect
"{B70C9DFF-8065-445C-8092-F386899335A3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service
"{9F52794C-B028-4208-88E2-1D78370B9A3B}"= c:\program files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician
"{6378767C-F9FD-48F8-ADD5-5C2949D9364F}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PlayMovie.exe:Acer PlayMovie
"{1CD6F136-B1B0-4B1E-ABA7-61FA8E4BF341}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe:Acer PlayMovie Resident Program
"{765C673E-BF4C-42D2-B5D7-8271C811646D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{43084305-B09F-4027-851C-53B4AF3E5548}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus
"UDP Query User{B4F7E0B5-1806-4801-8431-903306BC3CD7}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus
"TCP Query User{290990E2-FBD2-4C92-AA05-F956A0DDA671}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{D5DE5287-4D34-4806-8360-A6AF795612AA}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{7161CBB1-C222-4C6C-BB17-609C739EDD2C}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus
"UDP Query User{3B690A47-1114-4219-9F4C-07697531D891}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus
"TCP Query User{732CCCC0-F750-4075-A184-90EA1BF7DFFE}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{EF7E5F02-734B-4EED-9B88-EFDF727C559D}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{85C3B3D2-0B12-4989-82F8-56267C662A27}j:\\yann\\sauvegarde vieux ordi\\emule\\emule.exe"= UDP:j:\yann\sauvegarde vieux ordi\emule\emule.exe:eMule
"UDP Query User{2E71D2C0-9779-46CA-BAB1-A7BA0131925E}j:\\yann\\sauvegarde vieux ordi\\emule\\emule.exe"= TCP:j:\yann\sauvegarde vieux ordi\emule\emule.exe:eMule
"TCP Query User{37FE8DAD-3C63-411F-90B6-FE0555838778}j:\\yann\\emule\\emule.exe"= UDP:j:\yann\emule\emule.exe:eMule
"UDP Query User{2266EDED-3AC9-415B-BF86-58FCD98EC214}j:\\yann\\emule\\emule.exe"= TCP:j:\yann\emule\emule.exe:eMule
"TCP Query User{5DF2B109-70B0-4EA4-BCB2-1D13BDB9CF83}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{A2AF2C62-0B87-4B23-8F64-7C22EDB8F8EC}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{ECCE65DD-C2CF-4DA8-9D8F-48CC3E3B66E6}k:\\yann\\emule\\emule.exe"= UDP:k:\yann\emule\emule.exe:eMule
"UDP Query User{F1380BD1-D14C-49DC-8C2E-A3677BED1233}k:\\yann\\emule\\emule.exe"= TCP:k:\yann\emule\emule.exe:eMule
"{D654A8C1-FEA0-47D3-8063-66267AFE0C02}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{C4072C9F-0D04-47E3-9E9B-3BDD6B018A6D}c:\\program files\\homeplayer\\homeplayer.exe"= UDP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"UDP Query User{1EE933D4-66A9-4E7E-BF6B-593C4EC0A9AB}c:\\program files\\homeplayer\\homeplayer.exe"= TCP:c:\program files\homeplayer\homeplayer.exe:HomePlayer
"TCP Query User{A386DE59-A276-42D3-9FF8-9B7C42699863}c:\\program files\\adsltv\\adsltv.exe"= UDP:c:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{EAE5B42A-ACDD-4571-93B3-EF6E99C206CE}c:\\program files\\adsltv\\adsltv.exe"= TCP:c:\program files\adsltv\adsltv.exe:adsltv
"TCP Query User{4F1CCBF0-99E3-44AB-8D42-372B87B9328C}k:\\yann\\sauvegarde vieux ordi\\emule\\emule.exe"= UDP:k:\yann\sauvegarde vieux ordi\emule\emule.exe:eMule
"UDP Query User{BAA73606-F660-4E4F-87E7-66171E558FE6}k:\\yann\\sauvegarde vieux ordi\\emule\\emule.exe"= TCP:k:\yann\sauvegarde vieux ordi\emule\emule.exe:eMule
"{72D5E1C7-3BBE-454F-8776-705F7B564FFD}"= UDP:4662:emule
"{810E90E6-AA08-4A9C-AACA-2D3A994A39F9}"= TCP:4672:emule
"{197E88A6-ADC8-40E0-A60F-A8FCB88F86A1}"= UDP:c:\windows\System32\muzapp.exe:MUZ AOD APP player
"{6007C0BF-9896-46DB-BC21-AEE4148C954A}"= TCP:c:\windows\System32\muzapp.exe:MUZ AOD APP player
"{48900CA0-8D1F-466A-9D51-9C87E9CE1774}"= UDP:c:\windows\System32\PnkBstrA.exe:pnkBstrA
"{F5CC701F-F6F0-491E-B2F5-49E1301826A7}"= TCP:c:\windows\System32\PnkBstrA.exe:pnkBstrA
"{108F83A8-7A85-4C2C-A4F8-0F08834928BF}"= UDP:c:\windows\System32\PnkBstrB.exe:pnkBstrB
"{DD7BC5AD-988E-4025-BD28-BFD576ECF8C6}"= TCP:c:\windows\System32\PnkBstrB.exe:pnkBstrB
"{A4325CED-ABE2-49FB-8E49-1B344BE10BA3}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B1127B71-42AD-4FA3-ACF4-AE18562BA5A7}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{3046CF35-FE57-4726-8817-D959EFDC0E0F}"= UDP:c:\program files\Avira\AntiVir PersonalEdition Classic\update.exe:update.exe
"{A0972622-570F-451F-AB1F-6287019BA906}"= TCP:c:\program files\Avira\AntiVir PersonalEdition Classic\update.exe:update.exe
"TCP Query User{9628F640-31DF-4C6C-B2AE-39D217D4269D}c:\\program files\\ea games\\mohda\\mohaa.exe"= Disabled:UDP:c:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)
"UDP Query User{A2371B61-EC36-454B-9842-AB0819BDEF13}c:\\program files\\ea games\\mohda\\mohaa.exe"= Disabled:TCP:c:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)
"TCP Query User{EC4D23FD-1524-407F-B2E4-3E20648696C3}c:\\program files\\ubisoft\\xiii\\system\\xiii.exe"= Disabled:UDP:c:\program files\ubisoft\xiii\system\xiii.exe:XIII
"UDP Query User{52888425-2FE1-4E88-BA09-B9582E9BD7B9}c:\\program files\\ubisoft\\xiii\\system\\xiii.exe"= Disabled:TCP:c:\program files\ubisoft\xiii\system\xiii.exe:XIII

R0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\System32\drivers\oodisr.sys [2008-08-27 95752]
R0 oodisrh;oodisrh;c:\windows\System32\drivers\oodisrh.sys [2008-08-27 28680]
R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2008-04-26 13:58:55 39408]
R4 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-05-06 266343]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-12-12 809296]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\System32\drivers\ndisprot.sys [2008-11-24 29184]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [2008-04-26 80744]

---- Other Services/Drivers In Memory ----

sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62445330-19ad-11dd-9f3c-001c25873064}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL n:\resycled\boot.com n:
\shell\Open\command - n:\resycled\boot.com n:
.
Contenu du dossier 'Tâches planifiées'

2008-12-26 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-04-22 13:17]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.m6replay.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: www.secuser.com

c:\windows\Downloaded Program Files\sipd.ocx - O16 -: {45FE4418-F85F-45F0-BCAA-68C334FA6E08}
file:///C:/Users/valou440/AppData/Local/Microsoft/Windows%20Sidebar/Gadgets/(EPIDEM.RU)%20AGEphoneGadget.gadget/sipd.ocx
FF - ProfilePath - c:\users\valou440\AppData\Roaming\Mozilla\Firefox\Profiles\kb6qicjn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
FF - component: c:\program files\Mozilla Firefox\components\iamfamous.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Vous devez être connecté pour voir les liens.

Rootkit scan 2009-01-05 10:10:08
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\PnkBstrA.exe
c:\windows\System32\PnkBstrB.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\conime.exe
c:\program files\Brother\ControlCenter3\BrccMCtl.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
c:\program files\Brother\Brmfcmon\BrMfcMon.exe
c:\acer\Empowering Technology\eRecovery\eRAgent.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avwsc.exe
.
**************************************************************************
.
Heure de fin: 2009-01-05 10:15:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-05 09:15:08

Avant-CF: 17 593 323 520 octets libres
Après-CF: 17,319,342,080 octets libres

304 --- E O F --- 2008-11-20 11:38:45
 
V

valou440

Habitué
on vient de me poster ceci sur un autre forum et ca marche pour l'ensemble de mon probleme

Fais ce qu'indique ce lien pour mettre Antivir à jour,j'ai appliqué cette manip sur un pc avec vista sur lequel Antivir ne voulais plus se mettre à jour.

Vous devez être connecté pour voir les liens.
 
Vous devez vous inscrire ou vous connecter pour répondre ici.
Dernières actus
Derniers messages publiés
Statistiques globales
Discussions
730 136
Messages
6 718 121
Membres
1 586 398
Dernier membre
mookie767
Partager cette page
Haut