Sujet Précédent Sujet Suivant

Un peu de lag ?

Navid_92 Messages postés 778 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

Voici un rapport, pouvez vous me l'analyser svp !
Une question je suis en cours de sacn en ligne bit defender , est ce que c'est bien ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:51:38, on 19/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Adobe Media Player\Adobe Media Player.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe splash
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
A voir également:

29 réponses

  • 1
  • 2
Réponse 1 / 29
Navid_92
 
Des sites m'ont donné des lignes à fixer : Dois -je les fixer ? Dangereux ?

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

Merci d'avance
Cordialement
0
Réponse 2 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt rien d'infectieux

vire ad aware qui est dépassé et mets spybot a la place sans activer le tea timer:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html
______________

bitdefender en ligne a trouvé des infections? avg 8?

__________

pour nettoyer ton ordi lance ccleaner regulierèmement

https://www.malekal.com/tutoriel-ccleaner/
0
Réponse 3 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Bit defender en ligne a trouvé un mini.trojan et un worm mais rien de spécial.
Je fais régulièrement des nettoyage CCleaner et jvé enlever Ad-aware est intallé Spybot
Avg n'a rien détecter.

Mais une question dois je fixer les lignes ?

Je vais faire une analyse Spybot par la suite ce week end.
A toute.
Navid
0
Réponse 4 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
fais le ménage dans tes toolbar pas besoin d'en avoir trop :

eSnips
IsoBuster Toolbar
AVG Security Toolbar
Megaupload Toolbar
Free Download Manager...

__________________

tu peux fixer ces lignes si tu veux

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

___________________

tu peu mettre a jour internet explorer avec la version 8

et java avec javara: https://javara.fr.malavida.com/
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Les lignes c bon, mais comment supprimer les toolbar ?
0
Réponse 6 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu vire les toolbar via ton panneau de configuration puis AJOUT/SUPPRESSION DE PROGRAMME
0
Réponse 7 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Jai fait mais j'ai pas trouver AVG Toolbar !
D'autre astuce à proposer ^^ ?
0
Réponse 8 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:25:23, on 22/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Navid/Bureau/De_train/Streamy/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
Réponse 9 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 10 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
ComboFix 09-03-19.02 - Navid 2009-03-22 19:38:16.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3070.2418 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navid\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-22 au 2009-03-22 ))))))))))))))))))))))))))))))))))))
.

2009-03-20 16:48 . 2009-03-20 16:48 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-03-19 21:19 . 2009-03-19 21:27 <REP> d-------- c:\windows\BDOSCAN8
2009-03-19 20:37 . 2009-03-20 16:47 <REP> d-------- c:\program files\Navilog1
2009-03-18 20:20 . 2009-03-18 20:20 <REP> d-------- c:\program files\AutoIt3
2009-03-18 18:49 . 2009-03-18 18:49 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR
2009-03-18 18:49 . 2009-03-18 18:49 <REP> d-------- c:\program files\Adobe Media Player
2009-03-18 15:05 . 2009-03-18 15:06 <REP> d-------- c:\program files\Gauntler1
2009-03-18 13:19 . 2009-03-18 13:50 <REP> d-------- c:\program files\DofusBeta
2009-03-14 22:45 . 2009-03-14 22:47 <REP> d-------- c:\program files\GCFScape
2009-03-14 21:52 . 2009-03-14 22:08 <REP> d-------- c:\program files\S2SaTstrat
2009-03-13 12:28 . 2009-03-20 00:10 <REP> d-------- c:\program files\TweakDUN
2009-03-13 00:08 . 2009-03-13 00:08 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-12 21:58 . 2009-03-12 22:25 <REP> d-------- c:\program files\Tweak-XP Pro 4
2009-03-12 21:58 . 2009-03-12 21:58 737,280 --a------ c:\windows\iun6002.exe
2009-03-09 23:54 . 2009-03-11 14:23 50 --a------ c:\windows\MegaManager.INI
2009-03-09 23:40 . 2009-03-09 23:40 <REP> d-------- c:\documents and settings\Navid\Application Data\Megaupload
2009-03-09 21:16 . 2009-03-09 21:16 415 --a------ c:\windows\XMailer.INI
2009-03-09 20:48 . 2009-03-09 20:48 <REP> d-------- c:\program files\fec
2009-03-09 20:22 . 2009-03-12 18:03 <REP> d-------- c:\program files\Opera
2009-03-07 12:56 . 2009-03-07 12:56 <REP> d-------- c:\windows\Logs
2009-03-07 12:56 . 2009-03-07 12:56 <REP> d-------- c:\program files\SiSoftware
2009-03-06 21:58 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\system32\d3dx9_36.dll
2009-03-06 21:58 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\system32\D3DCompiler_36.dll
2009-03-06 21:58 . 2007-10-02 09:56 444,776 --a------ c:\windows\system32\d3dx10_36.dll
2009-03-06 21:49 . 2009-03-06 21:49 <REP> d-------- c:\documents and settings\Navid\Application Data\InstallShield Installation Information
2009-03-06 21:38 . 2009-03-06 21:38 <REP> d-------- c:\program files\KOEI
2009-03-04 18:20 . 2009-03-04 18:20 <REP> d-------- c:\program files\Realtek
2009-03-04 18:20 . 2008-08-25 16:17 528,384 --a------ c:\windows\RtlExUpd.dll
2009-03-03 20:30 . 2009-03-03 20:30 <REP> d-------- c:\documents and settings\Navid\Application Data\GlarySoft
2009-03-03 20:21 . 2009-03-03 20:21 <REP> d-------- c:\program files\Glary Utilities
2009-03-03 20:08 . 2009-03-03 20:16 <REP> d-------- c:\program files\FCleaner
2009-03-03 20:08 . 2009-03-03 20:08 <REP> d-------- c:\documents and settings\Navid\Application Data\FTWeak
2009-03-03 20:08 . 2009-03-03 20:08 <REP> d-------- c:\documents and settings\All Users\Application Data\FTWeak
2009-03-03 20:06 . 2009-03-03 20:06 <REP> d-------- c:\program files\Windows Sidebar
2009-03-03 19:51 . 2009-03-03 20:08 <REP> d-------- c:\program files\Nero
2009-03-02 21:07 . 2009-03-02 21:07 <REP> d-------- c:\program files\K!TV
2009-03-02 20:41 . 2009-03-03 20:44 <REP> d-------- c:\program files\X-Setup Pro
2009-03-02 20:41 . 2009-03-02 20:41 <REP> d-------- c:\documents and settings\Navid\Application Data\X-Setup Pro
2009-03-02 20:41 . 2009-03-02 20:41 <REP> d-------- c:\documents and settings\All Users\Application Data\X-Setup Pro
2009-02-28 13:41 . 2009-02-28 13:41 <REP> d-------- c:\program files\ConvertHelper
2009-02-25 12:25 . 2009-01-09 20:19 1,089,883 --------- c:\windows\system32\dllcache\ntprint.cat
2009-02-24 21:44 . 2009-02-24 21:44 <REP> d-------- c:\documents and settings\Navid\Application Data\KompoZer
2009-02-22 12:18 . 2009-02-22 12:18 <REP> d-------- c:\program files\uTorrent
2009-02-22 12:18 . 2009-03-14 18:02 <REP> d-------- c:\documents and settings\Navid\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-22 02:16 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-22 02:14 --------- d-----w c:\program files\IsoBuster
2009-03-22 02:14 --------- d-----w c:\documents and settings\Navid\Application Data\HPAppData
2009-03-21 16:47 --------- d-----w c:\documents and settings\Navid\Application Data\teamspeak2
2009-03-21 16:33 --------- d-----w c:\program files\Steam
2009-03-21 16:32 --------- d-----w c:\documents and settings\Navid\Application Data\mIRC
2009-03-21 16:29 --------- d-----w c:\program files\mIRC
2009-03-21 12:54 --------- d-----w c:\documents and settings\Navid\Application Data\Skype
2009-03-21 11:06 --------- d-----w c:\documents and settings\Navid\Application Data\skypePM
2009-03-20 18:04 --------- d-----w c:\documents and settings\Navid\Application Data\HLSW
2009-03-20 16:17 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-20 15:49 --------- d-----w c:\program files\Lavasoft
2009-03-20 15:49 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-18 19:50 --------- d-----w c:\program files\Freeplayer
2009-03-18 19:50 --------- d-----w c:\program files\FlashGet
2009-03-18 19:50 --------- d-----w c:\program files\DivX
2009-03-18 19:50 --------- d-----w c:\program files\AyudaCoachingTool4CounterStrike
2009-03-18 19:50 --------- d-----w c:\program files\AoA Audio Extractor
2009-03-18 13:34 --------- d-----w c:\program files\Gauntler
2009-03-14 18:08 --------- d-----w c:\documents and settings\Navid\Application Data\FileZilla
2009-03-13 09:09 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-12 22:54 --------- d-----w c:\program files\eChanblard
2009-03-12 18:42 --------- d-----w c:\program files\THQ
2009-03-12 18:42 --------- d-----w c:\program files\Temp
2009-03-12 18:42 --------- d-----w c:\program files\OFFICE11
2009-03-12 18:42 --------- d-----w c:\program files\Microsoft FrontPage Express
2009-03-12 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2009-03-12 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-03-12 12:46 --------- d-----w c:\documents and settings\Navid\Application Data\dvdcss
2009-03-11 18:12 --------- d-----w c:\program files\Teamspeak2_RC2
2009-03-11 13:40 --------- d-----w c:\program files\No-IP
2009-03-11 13:23 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-04 17:30 --------- d-----w c:\program files\World of Warcraft
2009-03-04 17:30 --------- d-----w c:\program files\MSN Messenger
2009-03-03 19:18 --------- d-----w c:\program files\CursorXP
2009-03-03 19:18 --------- d-----w c:\program files\BitComet
2009-03-03 19:09 --------- d-----w c:\program files\Fichiers communs\Nero
2009-03-03 19:01 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-02-28 15:38 --------- d-----w c:\documents and settings\Navid\Application Data\Mumble
2009-02-28 12:37 --------- d-----w c:\program files\Fichiers communs\Apple
2009-02-27 13:24 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-20 00:12 --------- d-----w c:\program files\Xara
2009-02-19 23:42 --------- d-----w c:\program files\Common Files
2009-02-18 23:41 --------- d-----w c:\program files\Vstplugins
2009-02-18 23:41 --------- d-----w c:\documents and settings\All Users\Application Data\Sony
2009-02-17 21:53 --------- d-----w c:\documents and settings\Navid\Application Data\Nvu
2009-02-17 20:30 --------- d-----w c:\program files\Virtual Audio Cable
2009-02-17 15:14 --------- d-----w c:\documents and settings\Navid\Application Data\VoipBuster
2009-02-17 15:06 --------- d-----w c:\program files\VoipBuster.com
2009-02-16 11:26 --------- d-----w c:\program files\Lavalys
2009-02-16 00:43 --------- d-----w c:\program files\TeamViewer
2009-02-16 00:43 --------- d-----w c:\documents and settings\Navid\Application Data\TeamViewer
2009-02-15 11:31 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-02-14 23:13 --------- d-----w c:\program files\Bonjour
2009-02-14 23:07 --------- d-----w c:\program files\Fichiers communs\Macrovision Shared
2009-02-14 23:07 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-02-14 15:00 --------- d-----w c:\documents and settings\All Users\Application Data\Blizzard
2009-02-14 14:57 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
2009-02-13 22:56 --------- d-----w c:\program files\Trend Micro
2009-02-13 22:28 --------- d-----w c:\program files\FindyKill
2009-02-13 21:00 --------- d-----w c:\program files\WinAVI Video Converter
2009-02-13 17:37 --------- d-----w c:\program files\Mumble
2009-02-12 11:59 --------- d-----w c:\program files\MovieMaking by LANguille
2009-02-12 11:56 --------- d-----w c:\program files\Notepad++
2009-02-12 11:56 --------- d-----w c:\documents and settings\Navid\Application Data\Notepad++
2009-02-12 06:53 --------- d-----w c:\program files\CCleaner
2009-02-11 22:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-11 18:15 --------- d-----w c:\program files\Visio11
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 20:32 --------- d-----w c:\program files\adslTV
2009-02-10 20:06 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2009-02-10 20:06 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-10 20:06 103,736 ----a-w c:\windows\system32\PnkBstrB.exe
2009-02-10 20:01 22,328 ----a-w c:\documents and settings\Navid\Application Data\PnkBstrK.sys
2009-02-10 19:33 --------- d-----w c:\program files\Activision
2009-02-10 12:16 --------- d-----w c:\program files\Nvu
2009-02-09 21:32 --------- d-----w c:\program files\Microsoft Works
2009-02-09 20:23 --------- d-----w c:\program files\WinHTTrack
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:05 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 07:15 --------- d-----w c:\program files\VirginMega
2009-02-09 07:14 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-09 07:11 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-06 22:43 --------- d-----w c:\documents and settings\Navid\Application Data\Media Player Classic
2009-02-06 22:29 --------- d-----w c:\program files\AviSynth 2.5
2009-02-06 22:28 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-06 22:25 --------- d-----w c:\program files\MediaCoder
2009-02-06 22:25 --------- d-----w c:\program files\eRightSoft
2009-02-05 19:25 --------- d-----w c:\program files\Dofus
2009-02-03 22:41 --------- d-----w c:\program files\MSECache
2009-02-03 18:43 --------- d-----w c:\program files\mp3DirectCut
2009-02-03 17:28 --------- d-----w c:\program files\Fichiers communs\Windows Live
2009-02-03 12:43 --------- d-----w c:\program files\compLexity Demo Player
2009-02-03 12:03 --------- d-----w c:\program files\PowerStrip
2009-02-03 12:02 --------- d-----w c:\program files\QuickMediaConverter
2009-02-03 11:59 --------- d-----w c:\program files\ma-config.com
2009-02-03 11:58 --------- d-----w c:\program files\ATITool
2009-02-03 08:21 --------- d-----w c:\program files\Pvm
2009-02-03 08:20 --------- d-----w c:\program files\WinHex
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-02 16:08 1,132,843 --sh--w c:\windows\Config\gimcac.bak1
2007-02-02 11:11 447,240 --sh--w c:\windows\Config\gimcac.bak2
2007-02-02 22:39 469,564 --sh--w c:\windows\Config\gimcac.ini2
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
2008-09-03 14:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]

c:\documents and settings\Navid\Menu D‚marrer\Programmes\D‚marrage\
Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2009-03-18 261632]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-11-17 385024]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-18 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-23 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-28 00:48 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]
backup=c:\windows\pss\InstantTimeZone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalStart.lnk]
backup=c:\windows\pss\PalStart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 10:45 63712 c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-12-01 16:33 1406192 c:\program files\CCleaner\CCleaner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps]
--a------ 2008-10-02 23:51 3309224 c:\fraps\fraps.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-25 12:56 133104 c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 18:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-03-13 20:33 1410296 c:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-27 13:12 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
--a------ 2007-03-23 16:13 1006080 c:\program files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 21:49 4662776 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Apple Mobile Device"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"FTweakFCleaner"=c:\program files\FCleaner\FCleaner.exe
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Steam\\SteamApps\\erfan_91\\counter-strike\\hl.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Gimp-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\counter-strike\\cstrike_french\\hltv.exe"=
"c:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11875:TCP"= 11875:TCP:BitComet 11875 TCP
"11875:UDP"= 11875:UDP:BitComet 11875 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freebox
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Blizzard Downloader
"6999:TCP"= 6999:TCP:Blizzard Downloader
"1234:UDP"= 1234:UDP:freeplayer1
"8080:UDP"= 8080:UDP:freeplayer2

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 298264]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-23 10384]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2009-01-15 31744]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2009-02-17 29184]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2006-06-28 892032]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-31 38496]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-17 27904]
S3 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-10 14336]
S3 PortlUSB;PortlUSB;c:\windows\system32\drivers\YH-925.sys [2007-03-22 7552]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-01-13 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-01-13 37440]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe [2009-03-07 98488]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [2006-10-07 408064]
S3 ZDBRGSYS;ZDBRGSYS NDIS Protocol Driver;c:\windows\system32\ZDBRGSYS.sys [2004-06-30 19200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c68c10-7ef6-11db-9653-00155839c65c}]
\Shell\AutoRun\command - xfoolavp.com
\Shell\explore\Command - xfoolavp.com
\Shell\open\Command - xfoolavp.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63ccfb54-b640-11dc-98ed-00155839c65c}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7256fa15-d3da-11dc-9920-00155839c65c}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Contenu du dossier 'Tâches planifiées'

2009-03-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-03-22 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-02-12 17:10]

2009-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1798726482-2359549395-1807667182-1005.job
- c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-25 12:56]

2009-03-06 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []

2009-03-22 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-03-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.ustart.org
mStart Page = hxxp://www.ustart.org
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local;*.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\OFFICE11\EXCEL.EXE/3000
IE: Liens de téléchargement avec Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: localhost
TCP: {326DCACC-44CD-4EC8-B37C-9E1690ED69BB} = 212.27.40.240,212.27.40.241
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmaud.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmprog.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmvid.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmzip.dll

---- PARAMETRES FIREFOX ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.cache.disk_cache_ssl - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: signed.applets.codebase_principal_support - true .

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-22 19:41:56
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0BA4FA4-ECE9-C0BB-C143-8F093903C067}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nahmacmfpjjdnkofbpbejigleccp"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,
61,61,64,69,6f,68,00,00
"mafmnkhfhhkbpnepjhdkcpgopj"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,61,
61,64,69,6f,68,00,f9

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-03-22 19:43:58
ComboFix-quarantined-files.txt 2009-03-22 18:43:56
ComboFix2.txt 2009-02-12 22:06:55

Avant-CF: 8 308 752 384 octets libres
Après-CF: 8,300,449,792 octets libres

Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
472 --- E O F --- 2009-03-14 18:03:36
0
Réponse 11 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
utilise pour supprimer tes traces

CCLEANER

_______________

Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

_______________

telecharge combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

_________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c68c10-7ef6-11db-9653-00155839c65c}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63ccfb54-b640-11dc-98ed-00155839c65c}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7256fa15-d3da-11dc-9920-00155839c65c}]

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

_____________________

mets a jour internet explorer avec la version 8

pour XP
http://download.microsoft.com/...
pour VISTA:
http://download.microsoft.com/download/5/9/8/598CDBFA-4C11-45BA-8283-91439C7B8E5B/IE8-WindowsVista-x86-FRA.exe
0
Réponse 12 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Voila j'ai fait ton truc avec le fichier texte (fusion),
le seul problème est que je n'arrive pas à désactiver AVG Anti-Virus Free.
A un moment il peut dise qu'il y a un problème avec un dll.
Je fais ok après sa recontinu à partir de l'Etape 2 ou 3.

Voici le rapport :

ComboFix 09-03-19.02 - Navid 2009-03-22 20:53:33.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3070.2307 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navid\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Navid\Bureau\CFscript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-02-22 au 2009-03-22 ))))))))))))))))))))))))))))))))))))
.

2009-03-22 20:46 . 2009-03-22 20:46 <REP> d-------- c:\windows\ie8updates
2009-03-22 20:45 . 2009-03-22 20:45 1,374 --a------ c:\windows\imsins.BAK
2009-03-22 20:45 . 2009-03-22 20:45 873 --a------ c:\windows\system32\spupdsvc.inf
2009-03-22 20:44 . 2009-03-22 20:44 <REP> d-------- c:\windows\LastGood
2009-03-22 20:44 . 2009-03-22 20:45 <REP> d--h-c--- c:\windows\ie8
2009-03-22 20:41 . 2009-02-28 05:55 105,984 --------- c:\windows\system32\dllcache\iecompat.dll
2009-03-20 16:48 . 2009-03-20 16:48 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-03-19 21:19 . 2009-03-19 21:27 <REP> d-------- c:\windows\BDOSCAN8
2009-03-19 20:37 . 2009-03-20 16:47 <REP> d-------- c:\program files\Navilog1
2009-03-18 20:20 . 2009-03-18 20:20 <REP> d-------- c:\program files\AutoIt3
2009-03-18 18:49 . 2009-03-18 18:49 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR
2009-03-18 18:49 . 2009-03-18 18:49 <REP> d-------- c:\program files\Adobe Media Player
2009-03-18 15:05 . 2009-03-18 15:06 <REP> d-------- c:\program files\Gauntler1
2009-03-18 13:19 . 2009-03-18 13:50 <REP> d-------- c:\program files\DofusBeta
2009-03-14 22:45 . 2009-03-14 22:47 <REP> d-------- c:\program files\GCFScape
2009-03-14 21:52 . 2009-03-14 22:08 <REP> d-------- c:\program files\S2SaTstrat
2009-03-13 12:28 . 2009-03-20 00:10 <REP> d-------- c:\program files\TweakDUN
2009-03-13 00:08 . 2009-03-13 00:08 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-12 21:58 . 2009-03-12 22:25 <REP> d-------- c:\program files\Tweak-XP Pro 4
2009-03-12 21:58 . 2009-03-12 21:58 737,280 --a------ c:\windows\iun6002.exe
2009-03-09 23:54 . 2009-03-11 14:23 50 --a------ c:\windows\MegaManager.INI
2009-03-09 23:40 . 2009-03-09 23:40 <REP> d-------- c:\documents and settings\Navid\Application Data\Megaupload
2009-03-09 21:16 . 2009-03-09 21:16 415 --a------ c:\windows\XMailer.INI
2009-03-09 20:48 . 2009-03-09 20:48 <REP> d-------- c:\program files\fec
2009-03-09 20:22 . 2009-03-12 18:03 <REP> d-------- c:\program files\Opera
2009-03-08 14:18 . 2009-03-08 14:18 1,310,720 --------- c:\windows\system32\SETBA.tmp
2009-03-08 14:18 . 2009-03-08 14:18 1,310,720 --------- c:\windows\system32\dllcache\SET56.tmp
2009-03-08 14:17 . 2009-03-08 14:17 57,344 --------- c:\windows\system32\msrating.dll.mui
2009-03-08 14:17 . 2009-03-08 14:17 2,560 --------- c:\windows\system32\mshta.exe.mui
2009-03-08 14:16 . 2009-03-08 14:16 12,288 --------- c:\windows\system32\SETA9.tmp
2009-03-08 14:16 . 2009-03-08 14:16 4,096 --------- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 14:15 . 2009-03-08 14:15 81,920 --------- c:\windows\system32\iedkcs32.dll.mui
2009-03-08 14:09 . 2009-03-08 14:09 638,816 --a------ c:\windows\system32\dllcache\SET69.tmp
2009-03-08 14:09 . 2009-03-08 14:09 391,536 --a------ c:\windows\system32\SETB7.tmp
2009-03-08 14:09 . 2009-03-08 14:09 391,536 --a------ c:\windows\system32\dllcache\SET65.tmp
2009-03-08 04:41 . 2009-03-08 04:41 5,937,152 --a------ c:\windows\system32\SETCC.tmp
2009-03-08 04:41 . 2009-03-08 04:41 5,937,152 --a------ c:\windows\system32\dllcache\SET71.tmp
2009-03-08 04:39 . 2009-03-08 04:39 11,063,808 --a------ c:\windows\system32\SETB9.tmp
2009-03-08 04:39 . 2009-03-08 04:39 11,063,808 --------- c:\windows\system32\dllcache\SET55.tmp
2009-03-08 04:35 . 2009-03-08 04:35 385,024 --a------ c:\windows\system32\SETAD.tmp
2009-03-08 04:33 . 2009-03-08 04:33 759,296 --a------ c:\windows\system32\dllcache\SET81.tmp
2009-03-08 04:33 . 2009-03-08 04:33 726,528 --a------ c:\windows\system32\SETC4.tmp
2009-03-08 04:33 . 2009-03-08 04:33 726,528 --------- c:\windows\system32\dllcache\SET6D.tmp
2009-03-08 04:33 . 2009-03-08 04:33 420,352 --a------ c:\windows\system32\SETD9.tmp
2009-03-08 04:33 . 2009-03-08 04:33 420,352 --------- c:\windows\system32\dllcache\SET80.tmp
2009-03-08 04:33 . 2009-03-08 04:33 229,376 --a------ c:\windows\system32\SETB3.tmp
2009-03-08 04:33 . 2009-03-08 04:33 229,376 --a------ c:\windows\system32\dllcache\SET63.tmp
2009-03-08 04:33 . 2009-03-08 04:33 125,952 --a------ c:\windows\system32\SETB2.tmp
2009-03-08 04:33 . 2009-03-08 04:33 125,952 --a------ c:\windows\system32\dllcache\SET62.tmp
2009-03-08 04:33 . 2009-03-08 04:33 25,600 --a------ c:\windows\system32\SETC5.tmp
2009-03-08 04:33 . 2009-03-08 04:33 25,600 --a------ c:\windows\system32\dllcache\SET6E.tmp
2009-03-08 04:33 . 2009-03-08 04:33 18,944 --a------ c:\windows\system32\SETAA.tmp
2009-03-08 04:33 . 2009-03-08 04:33 18,944 --------- c:\windows\system32\dllcache\corpol.dll
2009-03-08 04:31 . 2009-03-08 04:31 1,638,912 --a------ c:\windows\system32\SETCD.tmp
2009-03-08 04:30 . 2009-03-08 04:30 66,560 --a------ c:\windows\system32\SETD6.tmp
2009-03-08 04:30 . 2009-03-08 04:30 66,560 --a------ c:\windows\system32\dllcache\SET7D.tmp
2009-03-08 04:24 . 2009-03-08 04:24 68,608 --a------ c:\windows\system32\dllcache\SET60.tmp
2009-03-08 04:22 . 2009-03-08 04:22 164,352 --------- c:\windows\system32\SETBF.tmp
2009-03-08 04:22 . 2009-03-08 04:22 156,160 --a------ c:\windows\system32\SETD0.tmp
2009-03-08 04:22 . 2009-03-08 04:22 156,160 --a------ c:\windows\system32\dllcache\SET75.tmp
2009-03-08 04:15 . 2009-03-08 04:15 57,667 --a------ c:\windows\system32\SETC0.tmp
2009-03-08 04:11 . 2009-03-08 04:11 445,952 --a------ c:\windows\system32\SETB6.tmp
2009-03-08 04:11 . 2009-03-08 04:11 445,952 --------- c:\windows\system32\dllcache\SET54.tmp
2009-03-07 12:56 . 2009-03-07 12:56 <REP> d-------- c:\windows\Logs
2009-03-07 12:56 . 2009-03-07 12:56 <REP> d-------- c:\program files\SiSoftware
2009-03-06 21:58 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\system32\d3dx9_36.dll
2009-03-06 21:58 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\system32\D3DCompiler_36.dll
2009-03-06 21:58 . 2007-10-02 09:56 444,776 --a------ c:\windows\system32\d3dx10_36.dll
2009-03-06 21:49 . 2009-03-06 21:49 <REP> d-------- c:\documents and settings\Navid\Application Data\InstallShield Installation Information
2009-03-06 21:38 . 2009-03-06 21:38 <REP> d-------- c:\program files\KOEI
2009-03-04 18:20 . 2009-03-04 18:20 <REP> d-------- c:\program files\Realtek
2009-03-04 18:20 . 2008-08-25 16:17 528,384 --a------ c:\windows\RtlExUpd.dll
2009-03-03 20:30 . 2009-03-03 20:30 <REP> d-------- c:\documents and settings\Navid\Application Data\GlarySoft
2009-03-03 20:21 . 2009-03-03 20:21 <REP> d-------- c:\program files\Glary Utilities
2009-03-03 20:08 . 2009-03-03 20:16 <REP> d-------- c:\program files\FCleaner
2009-03-03 20:08 . 2009-03-03 20:08 <REP> d-------- c:\documents and settings\Navid\Application Data\FTWeak
2009-03-03 20:08 . 2009-03-03 20:08 <REP> d-------- c:\documents and settings\All Users\Application Data\FTWeak
2009-03-03 20:06 . 2009-03-03 20:06 <REP> d-------- c:\program files\Windows Sidebar
2009-03-03 19:51 . 2009-03-03 20:08 <REP> d-------- c:\program files\Nero
2009-03-02 21:07 . 2009-03-02 21:07 <REP> d-------- c:\program files\K!TV
2009-03-02 20:41 . 2009-03-03 20:44 <REP> d-------- c:\program files\X-Setup Pro
2009-03-02 20:41 . 2009-03-02 20:41 <REP> d-------- c:\documents and settings\Navid\Application Data\X-Setup Pro
2009-03-02 20:41 . 2009-03-02 20:41 <REP> d-------- c:\documents and settings\All Users\Application Data\X-Setup Pro
2009-02-28 13:41 . 2009-02-28 13:41 <REP> d-------- c:\program files\ConvertHelper
2009-02-25 12:25 . 2009-01-09 20:19 1,089,883 --------- c:\windows\system32\dllcache\ntprint.cat
2009-02-24 21:44 . 2009-02-24 21:44 <REP> d-------- c:\documents and settings\Navid\Application Data\KompoZer
2009-02-22 12:18 . 2009-02-22 12:18 <REP> d-------- c:\program files\uTorrent
2009-02-22 12:18 . 2009-03-14 18:02 <REP> d-------- c:\documents and settings\Navid\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-22 19:37 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-22 02:16 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-22 02:14 --------- d-----w c:\program files\IsoBuster
2009-03-22 02:14 --------- d-----w c:\documents and settings\Navid\Application Data\HPAppData
2009-03-21 16:47 --------- d-----w c:\documents and settings\Navid\Application Data\teamspeak2
2009-03-21 16:33 --------- d-----w c:\program files\Steam
2009-03-21 16:32 --------- d-----w c:\documents and settings\Navid\Application Data\mIRC
2009-03-21 16:29 --------- d-----w c:\program files\mIRC
2009-03-21 12:54 --------- d-----w c:\documents and settings\Navid\Application Data\Skype
2009-03-21 11:06 --------- d-----w c:\documents and settings\Navid\Application Data\skypePM
2009-03-20 18:04 --------- d-----w c:\documents and settings\Navid\Application Data\HLSW
2009-03-20 15:49 --------- d-----w c:\program files\Lavasoft
2009-03-20 15:49 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-18 19:50 --------- d-----w c:\program files\Freeplayer
2009-03-18 19:50 --------- d-----w c:\program files\FlashGet
2009-03-18 19:50 --------- d-----w c:\program files\DivX
2009-03-18 19:50 --------- d-----w c:\program files\AyudaCoachingTool4CounterStrike
2009-03-18 19:50 --------- d-----w c:\program files\AoA Audio Extractor
2009-03-18 13:34 --------- d-----w c:\program files\Gauntler
2009-03-14 18:08 --------- d-----w c:\documents and settings\Navid\Application Data\FileZilla
2009-03-13 09:09 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-12 22:54 --------- d-----w c:\program files\eChanblard
2009-03-12 18:42 --------- d-----w c:\program files\THQ
2009-03-12 18:42 --------- d-----w c:\program files\Temp
2009-03-12 18:42 --------- d-----w c:\program files\OFFICE11
2009-03-12 18:42 --------- d-----w c:\program files\Microsoft FrontPage Express
2009-03-12 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2009-03-12 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-03-12 12:46 --------- d-----w c:\documents and settings\Navid\Application Data\dvdcss
2009-03-11 18:12 --------- d-----w c:\program files\Teamspeak2_RC2
2009-03-11 13:40 --------- d-----w c:\program files\No-IP
2009-03-11 13:23 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-08 13:16 40,488 ------w c:\windows\inf\IEM\[u]0/u40c\SET8A.tmp
2009-03-08 13:16 2,921,638 ----a-w c:\windows\inf\SET88.tmp
2009-03-08 13:16 14,158 ------w c:\windows\inf\IEM\[u]0/u40c\SET89.tmp
2009-03-08 03:32 94,720 ----a-w c:\windows\system32\SETC3.tmp
2009-03-08 03:31 66,560 ----a-w c:\windows\system32\SETCE.tmp
2009-03-04 17:30 --------- d-----w c:\program files\World of Warcraft
2009-03-04 17:30 --------- d-----w c:\program files\MSN Messenger
2009-03-03 19:18 --------- d-----w c:\program files\CursorXP
2009-03-03 19:18 --------- d-----w c:\program files\BitComet
2009-03-03 19:09 --------- d-----w c:\program files\Fichiers communs\Nero
2009-03-03 19:01 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-02-28 15:38 --------- d-----w c:\documents and settings\Navid\Application Data\Mumble
2009-02-28 12:37 --------- d-----w c:\program files\Fichiers communs\Apple
2009-02-27 17:12 61,145 ----a-w c:\windows\Help\SET84.tmp
2009-02-27 13:24 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-25 01:48 593,564 ----a-w c:\windows\Help\SET87.tmp
2009-02-20 00:12 --------- d-----w c:\program files\Xara
2009-02-19 23:42 --------- d-----w c:\program files\Common Files
2009-02-18 23:46 14,304 ----a-w c:\windows\Help\SET86.tmp
2009-02-18 23:46 12,882 ----a-w c:\windows\Help\SET85.tmp
2009-02-18 23:41 --------- d-----w c:\program files\Vstplugins
2009-02-18 23:41 --------- d-----w c:\documents and settings\All Users\Application Data\Sony
2009-02-17 21:53 --------- d-----w c:\documents and settings\Navid\Application Data\Nvu
2009-02-17 20:30 --------- d-----w c:\program files\Virtual Audio Cable
2009-02-17 15:14 --------- d-----w c:\documents and settings\Navid\Application Data\VoipBuster
2009-02-17 15:06 --------- d-----w c:\program files\VoipBuster.com
2009-02-16 11:26 --------- d-----w c:\program files\Lavalys
2009-02-16 00:43 --------- d-----w c:\program files\TeamViewer
2009-02-16 00:43 --------- d-----w c:\documents and settings\Navid\Application Data\TeamViewer
2009-02-15 11:31 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-02-14 23:13 --------- d-----w c:\program files\Bonjour
2009-02-14 23:07 --------- d-----w c:\program files\Fichiers communs\Macrovision Shared
2009-02-14 23:07 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-02-14 15:00 --------- d-----w c:\documents and settings\All Users\Application Data\Blizzard
2009-02-14 14:57 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
2009-02-13 22:56 --------- d-----w c:\program files\Trend Micro
2009-02-13 22:28 --------- d-----w c:\program files\FindyKill
2009-02-13 21:00 --------- d-----w c:\program files\WinAVI Video Converter
2009-02-13 17:37 --------- d-----w c:\program files\Mumble
2009-02-12 11:59 --------- d-----w c:\program files\MovieMaking by LANguille
2009-02-12 11:56 --------- d-----w c:\program files\Notepad++
2009-02-12 11:56 --------- d-----w c:\documents and settings\Navid\Application Data\Notepad++
2009-02-12 06:53 --------- d-----w c:\program files\CCleaner
2009-02-11 22:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-11 18:15 --------- d-----w c:\program files\Visio11
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 20:32 --------- d-----w c:\program files\adslTV
2009-02-10 20:06 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2009-02-10 20:06 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-10 20:06 103,736 ----a-w c:\windows\system32\PnkBstrB.exe
2009-02-10 20:01 22,328 ----a-w c:\documents and settings\Navid\Application Data\PnkBstrK.sys
2009-02-10 19:33 --------- d-----w c:\program files\Activision
2009-02-10 12:16 --------- d-----w c:\program files\Nvu
2009-02-09 21:32 --------- d-----w c:\program files\Microsoft Works
2009-02-09 20:23 --------- d-----w c:\program files\WinHTTrack
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:05 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 07:15 --------- d-----w c:\program files\VirginMega
2009-02-09 07:14 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-09 07:11 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-06 22:43 --------- d-----w c:\documents and settings\Navid\Application Data\Media Player Classic
2009-02-06 22:29 --------- d-----w c:\program files\AviSynth 2.5
2009-02-06 22:28 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-06 22:25 --------- d-----w c:\program files\MediaCoder
2009-02-06 22:25 --------- d-----w c:\program files\eRightSoft
2009-02-06 20:07 3,698,584 ----a-w c:\windows\system32\SETB5.tmp
2009-02-06 20:07 3,698,584 ------w c:\windows\system32\dllcache\SET53.tmp
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-02 16:08 1,132,843 --sh--w c:\windows\Config\gimcac.bak1
2007-02-02 11:11 447,240 --sh--w c:\windows\Config\gimcac.bak2
2007-02-02 22:39 469,564 --sh--w c:\windows\Config\gimcac.ini2
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
2008-09-03 14:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-03-22_19.42.25,14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-27 01:44:26 71,680 -c----w c:\windows\ie8\admparse.dll
+ 2008-12-20 22:46:48 124,928 -c----w c:\windows\ie8\advpack.dll
+ 2008-04-14 02:33:21 35,328 -c----w c:\windows\ie8\corpol.dll
+ 2008-12-20 22:46:48 347,136 -c----w c:\windows\ie8\dxtmsft.dll
+ 2008-12-20 22:46:48 214,528 -c----w c:\windows\ie8\dxtrans.dll
+ 2006-10-17 11:44:36 60,416 -c----w c:\windows\ie8\hmmapi.dll
+ 2008-12-20 22:46:49 63,488 -c----w c:\windows\ie8\icardie.dll
+ 2008-12-19 09:11:12 70,656 -c----w c:\windows\ie8\ie4uinit.exe
+ 2008-12-20 22:46:49 153,088 -c----w c:\windows\ie8\ieakeng.dll
+ 2008-12-20 22:46:49 230,400 -c----w c:\windows\ie8\ieaksie.dll
+ 2008-12-19 05:23:56 161,792 -c----w c:\windows\ie8\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\ie8\ieapfltr.dat
+ 2008-12-20 22:46:50 383,488 -c----w c:\windows\ie8\ieapfltr.dll
+ 2008-12-20 22:46:50 384,512 -c----w c:\windows\ie8\iedkcs32.dll
+ 2008-04-14 02:33:26 81,920 -c----w c:\windows\ie8\ieencode.dll
+ 2008-12-20 22:46:54 6,066,688 -c----w c:\windows\ie8\ieframe.dll
+ 2006-10-27 14:09:58 191,488 -c----w c:\windows\ie8\iepeers.dll
+ 2006-10-27 14:09:58 287,744 -c----w c:\windows\ie8\ieproxy.dll
+ 2008-12-20 22:46:54 44,544 -c----w c:\windows\ie8\iernonce.dll
+ 2008-12-20 22:46:54 267,776 -c----w c:\windows\ie8\iertutil.dll
+ 2006-10-27 01:44:26 55,296 -c----w c:\windows\ie8\iesetup.dll
+ 2006-10-27 14:09:58 180,736 -c----w c:\windows\ie8\ieui.dll
+ 2008-12-19 05:25:25 634,024 -c----w c:\windows\ie8\iexplore.exe
+ 2006-10-17 11:57:58 36,352 -c----w c:\windows\ie8\imgutil.dll
+ 2006-10-27 01:44:08 92,672 -c----w c:\windows\ie8\inseng.dll
+ 2008-05-09 10:55:00 512,000 -c----w c:\windows\ie8\jscript.dll
+ 2008-12-20 22:46:56 27,648 -c----w c:\windows\ie8\jsproxy.dll
+ 2006-10-17 12:05:10 40,960 -c----w c:\windows\ie8\licmgr10.dll
+ 2008-12-20 22:46:56 459,264 -c----w c:\windows\ie8\msfeeds.dll
+ 2008-12-20 22:46:57 52,224 -c----w c:\windows\ie8\msfeedsbs.dll
+ 2006-10-17 11:58:32 12,288 -c----w c:\windows\ie8\msfeedssync.exe
+ 2006-10-17 11:56:10 45,568 -c----w c:\windows\ie8\mshta.exe
+ 2009-01-16 20:15:42 3,594,752 -c----w c:\windows\ie8\mshtml.dll
+ 2008-12-20 22:47:01 477,696 -c----w c:\windows\ie8\mshtmled.dll
+ 2006-10-17 11:28:56 48,128 -c----w c:\windows\ie8\mshtmler.dll
+ 2006-10-27 14:09:58 156,160 -c----w c:\windows\ie8\msls31.dll
+ 2008-12-20 22:47:01 193,024 -c----w c:\windows\ie8\msrating.dll
+ 2008-12-20 22:47:02 671,232 -c----w c:\windows\ie8\mstime.dll
+ 2008-12-20 22:47:02 102,912 -c----w c:\windows\ie8\occache.dll
+ 2008-12-20 22:47:02 44,544 -c----w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 16:43:28 216,800 -c----w c:\windows\ie8\spuninst.exe
+ 2009-03-08 15:14:22 58,448 -c----w c:\windows\ie8\spuninst\iecustom.dll
+ 2009-01-07 17:21:08 235,040 -c----w c:\windows\ie8\spuninst\spuninst.exe
+ 2009-01-07 17:21:08 406,048 -c----w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-12-20 22:47:02 105,984 -c----w c:\windows\ie8\url.dll
+ 2008-12-20 22:47:03 1,160,192 -c----w c:\windows\ie8\urlmon.dll
+ 2008-05-09 10:55:00 430,080 -c----w c:\windows\ie8\vbscript.dll
+ 2007-07-12 23:30:52 765,952 -c----w c:\windows\ie8\vgx.dll
+ 2008-12-20 22:47:03 233,472 -c----w c:\windows\ie8\webcheck.dll
+ 2006-10-17 12:05:58 206,336 -c----w c:\windows\ie8\winfxdocobj.exe
+ 2008-12-20 22:47:04 826,368 -c----w c:\windows\ie8\wininet.dll
+ 2009-03-08 03:35:04 2,048 -c----w c:\windows\ie8updates\KB968220-IE8\iecompat.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\ie8updates\KB968220-IE8\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\ie8updates\KB968220-IE8\spuninst\updspapi.dll
+ 2009-01-07 17:21:08 1,022,976 ------w c:\windows\system32\dllcache\browseui.dll
+ 2009-01-07 17:21:08 1,497,088 ------w c:\windows\system32\dllcache\shdocvw.dll
+ 2009-01-07 17:21:08 474,624 ------w c:\windows\system32\dllcache\shlwapi.dll
+ 2009-01-07 17:20:54 134,144 ------w c:\windows\system32\dllcache\sqmapi.dll
- 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
+ 2009-01-07 17:20:36 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2009-03-08 03:32:52 36,864 ----a-w c:\windows\system32\ieudinit.exe
+ 2009-01-07 17:20:18 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2009-01-07 17:20:38 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll
+ 2009-01-07 17:21:08 17,952 ------w c:\windows\system32\spmsg.dll
- 2007-07-27 08:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2009-01-07 17:21:08 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-04-14 02:33:52 121,856 ------w c:\windows\system32\xmllite.dll
+ 2009-01-07 17:21:04 121,856 ----a-w c:\windows\system32\xmllite.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]

c:\documents and settings\Navid\Menu D‚marrer\Programmes\D‚marrage\
Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2009-03-18 261632]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-11-17 385024]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-18 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-23 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-28 00:48 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]
backup=c:\windows\pss\InstantTimeZone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalStart.lnk]
backup=c:\windows\pss\PalStart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 10:45 63712 c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-12-01 16:33 1406192 c:\program files\CCleaner\CCleaner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps]
--a------ 2008-10-02 23:51 3309224 c:\fraps\fraps.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-25 12:56 133104 c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 18:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-03-13 20:33 1410296 c:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-27 13:12 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
--a------ 2007-03-23 16:13 1006080 c:\program files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 21:49 4662776 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Apple Mobile Device"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"FTweakFCleaner"=c:\program files\FCleaner\FCleaner.exe
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Steam\\SteamApps\\erfan_91\\counter-strike\\hl.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Gimp-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\counter-strike\\cstrike_french\\hltv.exe"=
"c:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11875:TCP"= 11875:TCP:BitComet 11875 TCP
"11875:UDP"= 11875:UDP:BitComet 11875 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freebox
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Blizzard Downloader
"6999:TCP"= 6999:TCP:Blizzard Downloader
"1234:UDP"= 1234:UDP:freeplayer1
"8080:UDP"= 8080:UDP:freeplayer2

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 298264]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-23 10384]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2009-01-15 31744]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2009-02-17 29184]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2006-06-28 892032]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2005-02-24 26144]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-31 38496]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-17 27904]
S3 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-10 14336]
S3 PortlUSB;PortlUSB;c:\windows\system32\drivers\YH-925.sys [2007-03-22 7552]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-01-13 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-01-13 37440]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe [2009-03-07 98488]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [2006-10-07 408064]
S3 ZDBRGSYS;ZDBRGSYS NDIS Protocol Driver;c:\windows\system32\ZDBRGSYS.sys [2004-06-30 19200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Contenu du dossier 'Tâches planifiées'

2009-03-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-03-22 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-02-12 17:10]

2009-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1798726482-2359549395-1807667182-1005.job
- c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-25 12:56]

2009-03-06 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []

2009-03-22 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-03-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.ustart.org
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local;*.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\OFFICE11\EXCEL.EXE/3000
IE: Liens de téléchargement avec Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: localhost
TCP: {326DCACC-44CD-4EC8-B37C-9E1690ED69BB} = 212.27.40.240,212.27.40.241
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmaud.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmprog.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmvid.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmzip.dll

---- PARAMETRES FIREFOX ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.cache.disk_cache_ssl - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: signed.applets.codebase_principal_support - true .

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-22 20:54:40
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"

[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0BA4FA4-ECE9-C0BB-C143-8F093903C067}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nahmacmfpjjdnkofbpbejigleccp"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,
61,61,64,69,6f,68,00,00
"mafmnkhfhhkbpnepjhdkcpgopj"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,61,
61,64,69,6f,68,00,f9

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-03-22 20:56:43
ComboFix-quarantined-files.txt 2009-03-22 19:56:41
ComboFix2.txt 2009-03-22 18:43:59
ComboFix3.txt 2009-02-12 22:06:55

Avant-CF: 9 552 605 184 octets libres
Après-CF: 9,526,312,960 octets libres

Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
569 --- E O F --- 2009-03-14 18:03:36
0
Réponse 13 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire ces taches plannifiées en allant dans psote de travail puis c puis tasks

2009-03-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-03-06 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []

2009-03-22 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-03-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []

___________________

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

___________________

comment va ton pc?
0
Réponse 14 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Je n'arrive pas la première étape Poste travail puis (task ?)
0
Réponse 15 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
pardon poste de travail puis c:\windows\Tasks
0
Réponse 16 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Navid\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Navid\Bureau\De_train\Navilog1.exe: trouvé !
C:\Documents and Settings\Navid\Bureau\De_train\HijackThis.exe: trouvé !
C:\Documents and Settings\Navid\Bureau\De_train\hijackthis.log: trouvé !
C:\Documents and Settings\Navid\Bureau\fichier txt\hijackthis.log: trouvé !
C:\Documents and Settings\Navid\Bureau\Rapport\Combofix.txt: trouvé !
C:\Documents and Settings\Navid\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Downloads\Software\HJTInstall.exe: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Navid\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Navid\Bureau\De_train\Navilog1.exe: supprimé !
C:\Documents and Settings\Navid\Bureau\De_train\HijackThis.exe: supprimé !
C:\Downloads\Software\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\TB.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Navid\Bureau\De_train\hijackthis.log: supprimé !
C:\Documents and Settings\Navid\Bureau\fichier txt\hijackthis.log: supprimé !
C:\Documents and Settings\Navid\Bureau\Rapport\Combofix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Navid\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Fichiers temporaires nettoyés !

Les trucs task je les fait.
0
Réponse 17 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
comment va ton pc?
0
Réponse 18 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
Moins de lag et aussi j'ai une question, quand j'éteint mon PC sa bloque à Enregistrement de vos paamètres
(écran bleu de Windows XP).
Ainsi qu'au démarrage un message s'affiche Disk boot failure - Insert system disk and press Enter, j'appuie ssur ENTER mais sa marche pas, pour que WIndows fonctionne il faut que je redémarrez manuellement par le bouton de l'unité central.
Cordialement
Navid
0
Réponse 19 / 29
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Ainsi qu'au démarrage un message s'affiche Disk boot failure - Insert system disk and press Enter, j'appuie ssur ENTER mais sa marche pas, pour que WIndows fonctionne il faut que je redémarrez manuellement par le bouton de l'unité central.
Cordialement

cela peut dire que ton disque dur est a bout et va lacher:

teste ton disque avec crystal disk info et dis si ok

https://crystalmark.info/en/software/crystaldiskinfo/
0
Réponse 20 / 29
Navid_92 Messages postés 778 Statut Membre 87
 
----------------------------------------------------------------------------
CrystalDiskInfo 2.5.0 (C) 2008-2009 hiyohiyo
Crystal Dew World : https://crystalmark.info/en/
----------------------------------------------------------------------------

OS : Windows XP Media Center 2005 SP3 [5.1 Build 2600] (x86)
Date : 2009/03/23 21:50:51

-- Controller Map ----------------------------------------------------------
+ Contrôleur IDE standard double canal PCI [ATA]
- Canal IDE principal (0)
+ Canal IDE secondaire (1)
- HL-DT-ST DVD-RW_GSA-H11N
+ Contrôleur IDE standard double canal PCI [ATA]
- Canal IDE principal (0)
- Canal IDE secondaire (1)
+ Contrôleur IDE standard double canal PCI [ATA]
- Canal IDE principal (0)
+ Canal IDE secondaire (1)
- ST3250824AS

-- Disk List ---------------------------------------------------------------
(1) ST3250824AS : 250.0 GB [0-4-0, pd1]

----------------------------------------------------------------------------
(1) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AAE
Serial Number : 4ND44DT9
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Rotation Rate : Inconnu
Interface : Serial ATA
Version : ATA/ATAPI-7
Transfer Mode : SATA/300
Power On Hours : 9414 heures
Power On Count : 1726 x
Temparature : 51 C (123 F)
Health Status : Correct
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 119 _97 __6 00000CF68077 Taux Erreur en Lecture
03 _98 _98 __0 000000000000 Temps moyen mise en rotation
04 _99 _99 _20 000000000680 Décompte des cycles de mise en rotation
05 100 100 _36 000000000000 Nombre de secteurs réalloués
07 _85 _60 _30 0000147EA685 Taux d'erreurs d'accès des têtes
09 _90 _90 __0 0000000024C6 Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000006BE Nombre total de cycles marche/arrêt du disque dur
BB 100 100 __0 000000000000 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _49 _44 _45 000033200033 Température de l'air sur les disques Western Digital
C2 _51 _56 __0 001100000033 Température
C3 _63 _50 __0 000002760C91 Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 100 100 __0 000000000000 Nombre de secteurs "instables"
C6 100 100 __0 000000000000 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000000 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA 100 253 __0 000000000000 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 34 34 44 44 34 39 54 00 00 00 40 04 00 2E 33
030: 41 41 20 45 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 F0 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 40 00 40 00
0A0: FE 00 00 00 6B 34 01 7D 23 40 69 34 01 3C 23 40
0B0: 7F 40 00 00 00 00 FE FE FE FF 00 00 00 FE 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 09 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 02
110: 02 80 8A 00 06 3C 0A 3C 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 75

0

Discussions similaires

Discord fait lag mon pc
SKeeRaL -
Ecam39 -

1 réponse
Souris qui lag , saccade
Naafuunaa -
Ojey -

32 réponses
Pc très lent du jour au lendemain
Zelaz93330 -
Malekal_morte- -

33 réponses
Perte de FPS quand je joue avec mon discord d'ouvert
Valouzzz -
Adjana -

7 réponses
Iptv beug
leogauthier15 -
bazfile -

1 réponse