PC qui bug et ralentit
thaounet
Messages postés
92
Statut
Membre
-
thaounet Messages postés 92 Statut Membre -
thaounet Messages postés 92 Statut Membre -
Bonjour,
Quelquefois mon pc bug quand je vais sur le net et rame et je suspecte quelques virus d'en être à l'origine.
En fait, ça bug, les programmes ne se ferment plus, ni les pages internet, tout est bloqué et puis par ex quand je veux écrire un mail dans incredit mail, je tape mon texte et il mets 2 h pour apparaître.
Ca ne le fait pas tout le temps mais je pense ça n'est pas normal. Il n'indique aussi des erreurs de script.
Quelqu'un pourrait-il m'aider à vérifier que je n'ai pas de virus ?
J'ai Online Armor 3.5 comme pare-feu et antivir comme anitvirus.
Merci d'avance pour votre aide!
(Je dois copier des vidéos et photos sur mon disque externe mais j'hésite à le faire du coup!)
Quelquefois mon pc bug quand je vais sur le net et rame et je suspecte quelques virus d'en être à l'origine.
En fait, ça bug, les programmes ne se ferment plus, ni les pages internet, tout est bloqué et puis par ex quand je veux écrire un mail dans incredit mail, je tape mon texte et il mets 2 h pour apparaître.
Ca ne le fait pas tout le temps mais je pense ça n'est pas normal. Il n'indique aussi des erreurs de script.
Quelqu'un pourrait-il m'aider à vérifier que je n'ai pas de virus ?
J'ai Online Armor 3.5 comme pare-feu et antivir comme anitvirus.
Merci d'avance pour votre aide!
(Je dois copier des vidéos et photos sur mon disque externe mais j'hésite à le faire du coup!)
A voir également:
- PC qui bug et ralentit
- Pc qui rame - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
7 réponses
telecharger combofix, et voit ce que ça donne
https://www.wikikou.fr/
https://www.wikikou.fr/
thaounet
Messages postés
92
Statut
Membre
2
Je peux te mettre le rapport stp? car je ne sais pas le lire...
Merci, Voici le rapport :
ComboFix 09-08-09.04 - Magali 10/08/2009 11:05.9.1 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.314 [GMT 2:00]
Running from: c:\documents and settings\Magali\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Pare-feu Online Armor *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\10a4538.msp
c:\windows\Installer\12ea1.msi
c:\windows\Installer\130bb3b.msp
c:\windows\Installer\1604fb.msi
c:\windows\Installer\182c344.msi
c:\windows\Installer\1931e7c.msp
c:\windows\Installer\1cbd587.msp
c:\windows\Installer\1cbd5c5.msp
c:\windows\Installer\1f6177b.msi
c:\windows\Installer\2a3584e.msp
c:\windows\Installer\2a3588c.msp
c:\windows\Installer\2a358ca.msp
c:\windows\Installer\2ac905.msi
c:\windows\Installer\2b6ef13.msp
c:\windows\Installer\2c54a.msp
c:\windows\Installer\348a3.msp
c:\windows\Installer\4a91d.msp
c:\windows\Installer\5683e00.msi
c:\windows\Installer\5d4d6f.msp
c:\windows\Installer\69a4fb.msp
c:\windows\Installer\72a3a.msp
c:\windows\Installer\77359.msp
c:\windows\Installer\791f2.msi
c:\windows\Installer\7a602.msp
c:\windows\Installer\7ba3.msi
c:\windows\Installer\80a98.msp
c:\windows\Installer\80a9b.msp
c:\windows\Installer\80ad9.msp
c:\windows\Installer\80b17.msp
c:\windows\Installer\89bf2f.msp
c:\windows\Installer\959575.msp
c:\windows\Installer\9595b3.msp
c:\windows\Installer\9595b6.msp
c:\windows\Installer\9b0a6.msp
c:\windows\Installer\b9b1a.msi
.
((((((((((((((((((((((((( Files Created from 2009-07-10 to 2009-08-10 )))))))))))))))))))))))))))))))
.
2009-07-19 18:23 . 2009-07-19 18:23 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-07-19 18:22 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-19 18:22 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-19 18:22 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-07-19 18:22 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-07-19 18:22 . 2009-07-19 18:22 -------- d-----w- c:\program files\Avira
2009-07-19 18:22 . 2009-07-19 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-07-19 18:15 . 2009-07-19 18:17 30143928 ----a-w- c:\program files\avira_antivir_personal_free.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 16:57 . 2005-10-17 17:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-01 15:35 . 2009-07-01 15:35 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 4.30.17.0\SetupAdmin.exe
2009-06-16 14:40 . 2005-10-17 17:13 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2005-10-17 17:13 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-11 19:49 . 2009-05-09 08:32 7626192 ----a-w- c:\program files\Firefox Setup 3.0.10.exe
2009-06-03 19:10 . 2005-10-17 17:13 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-25 17:41 . 2005-09-11 14:47 95960 ----a-w- c:\documents and settings\Magali\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 18:49 . 2009-05-21 18:49 69561 ----a-w- c:\program files\JavaRa.zip
2009-05-15 06:02 . 2005-10-17 17:13 82226 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-15 06:02 . 2005-10-17 17:13 504604 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-15 06:00 . 2009-05-15 06:00 12575152 ----a-w- c:\program files\OnlineArmor_Setup_Free_FRA.exe
2009-04-17 09:27 . 2009-04-17 09:23 47465736 ----a-w- c:\program files\CIS_Setup_3.8.65951.477_XP_Vista_x32.exe
2009-03-16 17:45 . 2009-03-16 17:42 28610824 ----a-w- c:\program files\CIS_Setup_3.5.57173.439_XP_Vista_x32.exe
2009-03-05 09:23 . 2009-03-05 09:23 1637 ----a-w- c:\program files\Adobe Reader 9.lnk
2009-03-05 08:54 . 2009-03-05 08:54 2876720 ----a-w- c:\program files\mbam-setup.exe
2009-03-05 00:40 . 2009-03-05 00:39 1878888 ----a-w- c:\program files\install_flash_player.exe
2008-06-17 10:43 . 2008-06-17 10:42 1271557 ----a-w- c:\program files\wrar371fr.exe
2008-05-15 19:58 . 2008-05-15 19:58 2048604 ----a-w- c:\program files\PhotoWays.exe
2008-05-01 12:20 . 2008-05-01 12:20 2402832 ----a-w- c:\program files\WLinstaller.exe
2007-11-21 23:35 . 2007-11-21 23:35 10549568 ----a-w- c:\program files\copytodvd4_setup_403acheté.exe
2007-11-19 18:48 . 2005-09-11 15:15 3919 ----a-w- c:\program files\Nero_Burning_ROM_Ultra_Edition_v6[1].6.0.1.zip
2007-09-08 07:25 . 2005-11-23 17:50 51418424 ----a-w- c:\program files\iTunesSetup.exe
2007-07-30 19:50 . 2007-07-30 19:50 4212 ----a-w- c:\program files\ReadMe.txt
2007-03-04 15:02 . 2007-03-04 15:02 877976 ----a-w- c:\program files\7zip.exe
2007-02-01 20:31 . 2007-02-01 20:31 14994392 ----a-w- c:\program files\GoogleEarthWin.exe
2007-01-13 12:20 . 2007-01-13 12:20 1104734 ----a-w- c:\program files\dvdshrink_3.2.0.16_fr.zip
2007-01-11 08:51 . 2007-01-11 08:51 2916417 ----a-w- c:\program files\Setup_EComo_v1.00j.exe
2006-12-21 21:00 . 2006-12-21 21:00 19666504 ----a-w- c:\program files\QuickTimeInstaller.exe
2006-12-07 06:37 . 2006-12-07 06:37 23375521 ----a-w- c:\program files\fotofacil2.exe
2006-09-07 12:47 . 2006-09-07 12:47 15921323 ----a-w- c:\program files\ps701up-f.exe
2006-07-11 17:12 . 2006-07-11 17:12 11981422 ----a-w- c:\program files\Gordian.Knot.Codec.Pack.1.9.Setup.exe
2006-02-12 14:57 . 2006-02-12 14:57 774144 ----a-w- c:\program files\RngInterstitial.dll
2005-09-11 16:30 . 2005-09-11 16:30 3835424 ----a-w- c:\program files\mxblst4win.EXE
2005-09-11 15:48 . 2005-09-11 15:41 526 ----a-w- c:\program files\ACERBACKUPCDLog.TXT
2005-09-11 15:19 . 2005-09-11 15:19 9964393 ----a-w- c:\program files\nero_nero_6.6.0.16_language_pack_francais_francais_10297.exe
2005-09-11 15:13 . 2005-09-11 15:13 34235626 ----a-w- c:\program files\Nero-6.6.0.16.exe
2005-05-24 07:11 . 2005-09-11 16:25 756167 ----a-w- c:\program files\lunbio15.exe
2005-05-06 19:14 . 2005-09-11 16:25 885 ----a-w- c:\program files\eula.txt
2005-02-19 10:40 . 2005-09-11 16:25 1661 ----a-w- c:\program files\000851DB.key
2005-02-18 10:55 . 2005-09-11 16:25 458 ----a-w- c:\program files\file_id.diz
2005-02-18 10:48 . 2005-09-11 16:25 2322 ----a-w- c:\program files\black.nfo
2006-07-11 17:13 . 2006-07-11 17:13 56 --sh--r- c:\windows\system32\A3B59919B6.sys
2008-04-14 02:34 . 2005-10-17 17:13 12288 --sh--w- c:\windows\system32\regsvr32.exe
2008-04-14 02:33 . 2005-10-17 17:13 413696 --sha-w- c:\windows\system32\msvcp60.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"eRecoveryService"="c:\program files\Acer\eRecovery\Monitor.exe" [2005-06-20 352256]
"AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-06-04 110592]
"MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-06-01 421888]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-02-24 86016]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-15 196608]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-04-28 2045128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-21 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-05-13 143360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
NkvMon.exe.lnk - c:\program files\Nikon\NkView5\NkvMon.exe [2005-12-21 233472]
FotoStation Easy AutoLaunch.lnk - c:\program files\FotoStation Easy\FotoStation Easy AutoLaunch.exe [2005-12-21 49152]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-04-28 335048]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [15/05/2009 08:02 198224]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [15/05/2009 08:02 31824]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [15/05/2009 08:02 29776]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [19/07/2009 20:22 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/03/2009 09:42 55152]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [15/05/2009 08:02 361672]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [15/05/2009 08:02 3052744]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [11/09/2005 17:28 6400]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-04 09:39]
2009-08-10 c:\windows\Tasks\User_Feed_Synchronization-{D64446F1-7DF7-438E-BB64-29F22770CA4F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
2009-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Ouvrir l'image dans &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1036\phdintl.dll/phdContext.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Magali\Application Data\Mozilla\Firefox\Profiles\tfixdzmy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://portail.club-internet.fr/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10587&gct=&gc=1&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-10 11:10
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-08-10 11:11
ComboFix-quarantined-files.txt 2009-08-10 09:11
Pre-Run: 55 605 886 976 octets libres
Post-Run: 55 739 711 488 octets libres
208 --- E O F --- 2009-07-31 21:12
ComboFix 09-08-09.04 - Magali 10/08/2009 11:05.9.1 - FAT32x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.511.314 [GMT 2:00]
Running from: c:\documents and settings\Magali\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Pare-feu Online Armor *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\10a4538.msp
c:\windows\Installer\12ea1.msi
c:\windows\Installer\130bb3b.msp
c:\windows\Installer\1604fb.msi
c:\windows\Installer\182c344.msi
c:\windows\Installer\1931e7c.msp
c:\windows\Installer\1cbd587.msp
c:\windows\Installer\1cbd5c5.msp
c:\windows\Installer\1f6177b.msi
c:\windows\Installer\2a3584e.msp
c:\windows\Installer\2a3588c.msp
c:\windows\Installer\2a358ca.msp
c:\windows\Installer\2ac905.msi
c:\windows\Installer\2b6ef13.msp
c:\windows\Installer\2c54a.msp
c:\windows\Installer\348a3.msp
c:\windows\Installer\4a91d.msp
c:\windows\Installer\5683e00.msi
c:\windows\Installer\5d4d6f.msp
c:\windows\Installer\69a4fb.msp
c:\windows\Installer\72a3a.msp
c:\windows\Installer\77359.msp
c:\windows\Installer\791f2.msi
c:\windows\Installer\7a602.msp
c:\windows\Installer\7ba3.msi
c:\windows\Installer\80a98.msp
c:\windows\Installer\80a9b.msp
c:\windows\Installer\80ad9.msp
c:\windows\Installer\80b17.msp
c:\windows\Installer\89bf2f.msp
c:\windows\Installer\959575.msp
c:\windows\Installer\9595b3.msp
c:\windows\Installer\9595b6.msp
c:\windows\Installer\9b0a6.msp
c:\windows\Installer\b9b1a.msi
.
((((((((((((((((((((((((( Files Created from 2009-07-10 to 2009-08-10 )))))))))))))))))))))))))))))))
.
2009-07-19 18:23 . 2009-07-19 18:23 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-07-19 18:22 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-19 18:22 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-19 18:22 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-07-19 18:22 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-07-19 18:22 . 2009-07-19 18:22 -------- d-----w- c:\program files\Avira
2009-07-19 18:22 . 2009-07-19 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-07-19 18:15 . 2009-07-19 18:17 30143928 ----a-w- c:\program files\avira_antivir_personal_free.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 16:57 . 2005-10-17 17:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-01 15:35 . 2009-07-01 15:35 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 4.30.17.0\SetupAdmin.exe
2009-06-16 14:40 . 2005-10-17 17:13 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2005-10-17 17:13 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-11 19:49 . 2009-05-09 08:32 7626192 ----a-w- c:\program files\Firefox Setup 3.0.10.exe
2009-06-03 19:10 . 2005-10-17 17:13 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-25 17:41 . 2005-09-11 14:47 95960 ----a-w- c:\documents and settings\Magali\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 18:49 . 2009-05-21 18:49 69561 ----a-w- c:\program files\JavaRa.zip
2009-05-15 06:02 . 2005-10-17 17:13 82226 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-15 06:02 . 2005-10-17 17:13 504604 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-15 06:00 . 2009-05-15 06:00 12575152 ----a-w- c:\program files\OnlineArmor_Setup_Free_FRA.exe
2009-04-17 09:27 . 2009-04-17 09:23 47465736 ----a-w- c:\program files\CIS_Setup_3.8.65951.477_XP_Vista_x32.exe
2009-03-16 17:45 . 2009-03-16 17:42 28610824 ----a-w- c:\program files\CIS_Setup_3.5.57173.439_XP_Vista_x32.exe
2009-03-05 09:23 . 2009-03-05 09:23 1637 ----a-w- c:\program files\Adobe Reader 9.lnk
2009-03-05 08:54 . 2009-03-05 08:54 2876720 ----a-w- c:\program files\mbam-setup.exe
2009-03-05 00:40 . 2009-03-05 00:39 1878888 ----a-w- c:\program files\install_flash_player.exe
2008-06-17 10:43 . 2008-06-17 10:42 1271557 ----a-w- c:\program files\wrar371fr.exe
2008-05-15 19:58 . 2008-05-15 19:58 2048604 ----a-w- c:\program files\PhotoWays.exe
2008-05-01 12:20 . 2008-05-01 12:20 2402832 ----a-w- c:\program files\WLinstaller.exe
2007-11-21 23:35 . 2007-11-21 23:35 10549568 ----a-w- c:\program files\copytodvd4_setup_403acheté.exe
2007-11-19 18:48 . 2005-09-11 15:15 3919 ----a-w- c:\program files\Nero_Burning_ROM_Ultra_Edition_v6[1].6.0.1.zip
2007-09-08 07:25 . 2005-11-23 17:50 51418424 ----a-w- c:\program files\iTunesSetup.exe
2007-07-30 19:50 . 2007-07-30 19:50 4212 ----a-w- c:\program files\ReadMe.txt
2007-03-04 15:02 . 2007-03-04 15:02 877976 ----a-w- c:\program files\7zip.exe
2007-02-01 20:31 . 2007-02-01 20:31 14994392 ----a-w- c:\program files\GoogleEarthWin.exe
2007-01-13 12:20 . 2007-01-13 12:20 1104734 ----a-w- c:\program files\dvdshrink_3.2.0.16_fr.zip
2007-01-11 08:51 . 2007-01-11 08:51 2916417 ----a-w- c:\program files\Setup_EComo_v1.00j.exe
2006-12-21 21:00 . 2006-12-21 21:00 19666504 ----a-w- c:\program files\QuickTimeInstaller.exe
2006-12-07 06:37 . 2006-12-07 06:37 23375521 ----a-w- c:\program files\fotofacil2.exe
2006-09-07 12:47 . 2006-09-07 12:47 15921323 ----a-w- c:\program files\ps701up-f.exe
2006-07-11 17:12 . 2006-07-11 17:12 11981422 ----a-w- c:\program files\Gordian.Knot.Codec.Pack.1.9.Setup.exe
2006-02-12 14:57 . 2006-02-12 14:57 774144 ----a-w- c:\program files\RngInterstitial.dll
2005-09-11 16:30 . 2005-09-11 16:30 3835424 ----a-w- c:\program files\mxblst4win.EXE
2005-09-11 15:48 . 2005-09-11 15:41 526 ----a-w- c:\program files\ACERBACKUPCDLog.TXT
2005-09-11 15:19 . 2005-09-11 15:19 9964393 ----a-w- c:\program files\nero_nero_6.6.0.16_language_pack_francais_francais_10297.exe
2005-09-11 15:13 . 2005-09-11 15:13 34235626 ----a-w- c:\program files\Nero-6.6.0.16.exe
2005-05-24 07:11 . 2005-09-11 16:25 756167 ----a-w- c:\program files\lunbio15.exe
2005-05-06 19:14 . 2005-09-11 16:25 885 ----a-w- c:\program files\eula.txt
2005-02-19 10:40 . 2005-09-11 16:25 1661 ----a-w- c:\program files\000851DB.key
2005-02-18 10:55 . 2005-09-11 16:25 458 ----a-w- c:\program files\file_id.diz
2005-02-18 10:48 . 2005-09-11 16:25 2322 ----a-w- c:\program files\black.nfo
2006-07-11 17:13 . 2006-07-11 17:13 56 --sh--r- c:\windows\system32\A3B59919B6.sys
2008-04-14 02:34 . 2005-10-17 17:13 12288 --sh--w- c:\windows\system32\regsvr32.exe
2008-04-14 02:33 . 2005-10-17 17:13 413696 --sha-w- c:\windows\system32\msvcp60.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"eRecoveryService"="c:\program files\Acer\eRecovery\Monitor.exe" [2005-06-20 352256]
"AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-06-04 110592]
"MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-06-01 421888]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-02-24 86016]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-15 196608]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-04-28 2045128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-21 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-05-13 143360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
NkvMon.exe.lnk - c:\program files\Nikon\NkView5\NkvMon.exe [2005-12-21 233472]
FotoStation Easy AutoLaunch.lnk - c:\program files\FotoStation Easy\FotoStation Easy AutoLaunch.exe [2005-12-21 49152]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-04-28 335048]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [15/05/2009 08:02 198224]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [15/05/2009 08:02 31824]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [15/05/2009 08:02 29776]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [19/07/2009 20:22 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/03/2009 09:42 55152]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [15/05/2009 08:02 361672]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [15/05/2009 08:02 3052744]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [11/09/2005 17:28 6400]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-04 09:39]
2009-08-10 c:\windows\Tasks\User_Feed_Synchronization-{D64446F1-7DF7-438E-BB64-29F22770CA4F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
2009-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Ouvrir l'image dans &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1036\phdintl.dll/phdContext.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Magali\Application Data\Mozilla\Firefox\Profiles\tfixdzmy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://portail.club-internet.fr/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10587&gct=&gc=1&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-10 11:10
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-08-10 11:11
ComboFix-quarantined-files.txt 2009-08-10 09:11
Pre-Run: 55 605 886 976 octets libres
Post-Run: 55 739 711 488 octets libres
208 --- E O F --- 2009-07-31 21:12
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
