Problème de lenteure internet - Page 2

Précédent
  • 1
  • 2
  1. Escander2 Messages postés 28 Statut Membre
     
    Voilà :D

    List'em by g3n-h@ckm@n 1.1.7.0

    Thx to Chiquitine29.....& CCM team

    User : Escander (Administrateurs) # DALUXE
    Update on 30/12/2009 by g3n-h@ckm@n ::::: 23:45
    Start at: 18:13:17 | 31/12/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Pentium(R) 4 CPU 1.60GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 7.0.5730.13
    Windows Firewall Status : Disabled
    AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
    AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]
    FW : Bitdefender Firewall[ (!) Disabled ]8.0

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local | 74,55 Go (58,07 Go free) | NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM | 681 Mo (0 Mo free) [NEW_COMPILATION] | CDFS

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\InstallHardware.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\List_Kill'em\List_Kill'em.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Documents and Settings\Escander\Local Settings\Temp\16.tmp\pv.exe

    ======================
    Keys "Run"
    ======================
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
    SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    SoundMan REG_SZ SOUNDMAN.EXE
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
    NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
    InstallHardware REG_SZ C:\WINDOWS\system32\InstallHardware.exe
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    =====================
    Other Keys
    =====================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    dontdisplaylastusername REG_DWORD 0 (0x0)
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    shutdownwithoutlogon REG_DWORD 1 (0x1)
    undockwithoutlogon REG_DWORD 1 (0x1)

    ===============
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoDriveTypeAutoRun REG_DWORD 145 (0x91)

    ===============
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    HonorAutoRunSetting REG_DWORD 1 (0x1)

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS REG_SZ C:\WINDOWS\System32\

    ===============
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

    ===============
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

    ===============
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
    C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
    C:\Program Files\ooVoo\ooVoo.exe REG_SZ C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo
    %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\WINDOWS\system32\lxcgcoms.exe REG_SZ C:\WINDOWS\system32\lxcgcoms.exe:*:Enabled:2300 Series
    C:\Program Files\LimeWire\LimeWire.exe REG_SZ C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
    C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
    C:\Program Files\aMSN\bin\wish.exe REG_SZ C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application
    C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
    C:\Program Files\Skype\Plugin Manager\skypePM.exe REG_SZ C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
    C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
    C:\WINDOWS\system32\java.exe REG_SZ C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    %windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

    ===============
    ActivX controls
    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6414512B-B978-451D-A0D8-FCFDF33E833C}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}

    ===============
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}
    HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}

    ==============
    BHO :
    ======
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

    ================
    Internet Explorer :
    ================
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    SharedAccess : 0x2
    wuauserv : 0x2

    =========

    =======
    Drive :
    =======

    D‚fragmenteur de disque Windows
    Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

    Rapport d'analyse
    74,55 Go total, 58,07 Go libre (77%), 1% fragment‚ (fragmentation du fichier 3%)

    Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    C:\WINDOWS\System32\404Fix.exe
    C:\WINDOWS\System32\drivers\etc\hosts.msn
    C:\WINDOWS\System32\dumphive.exe
    C:\WINDOWS\System32\IEDFix.exe
    C:\WINDOWS\System32\Process.exe
    C:\WINDOWS\System32\SrchSTS.exe
    C:\WINDOWS\System32\tmp.reg
    C:\WINDOWS\System32\VACFix.exe
    C:\WINDOWS\System32\VCCLSID.exe
    C:\WINDOWS\System32\WS2Fix.exe

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"

    ================
    Other infections
    ================

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 18:17:11
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    ==========
    Programs
    ==========

    Adobe
    Alwil Software
    Avira
    CCleaner
    Common Files
    ComPlus Applications
    DAEMON Tools Lite
    Enlight
    Fichiers communs
    Google
    inKline Global
    InstallShield Installation Information
    Internet Explorer
    iPod
    iTunes
    Java
    Java(2)
    Lexmark 2300 Series
    LimeWire
    List_Kill'em
    Malwarebytes' Anti-Malware
    Messenger
    Messenger Plus! Live
    Microsoft
    microsoft frontpage
    Microsoft Games
    Microsoft Office
    Microsoft Office Outlook Connector
    Microsoft Silverlight
    Microsoft SQL Server Compact Edition
    Microsoft Sync Framework
    Microsoft Visual Studio
    Microsoft Works
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSN
    MSN Gaming Zone
    MSXML 4.0
    MSXML 6.0
    Mumble
    NetMeeting
    oovooToolbar
    Outlook Express
    QuickTime
    Real
    Realtek AC97
    Reference Assemblies
    Services en ligne
    Sony
    Sony Setup
    Spybot - Search & Destroy
    Sun
    support.com
    Trend Micro
    Uninstall Information
    VideoLAN
    Windows Live
    Windows Live Safety Center
    Windows Live SkyDrive
    Windows Media Components
    Windows Media Connect 2
    Windows Media Player
    Windows NT
    WindowsUpdate
    xerox

    ============
    Lecteur C:
    ============

    .jagex_cache_32
    2d970bdf52621b4f616d4105ecf7
    64e44f8677ca118aec90e9d67e
    9f4235ae674290bf66d0dc2a00cbe4fb
    aaw7boot.log
    AILog.txt
    aoedoppl.txt
    aoeWVlog.txt
    AUTOEXEC.BAT
    boot.ini
    Bootfont.bin
    CDFE.log
    Config.Msi
    CONFIG.SYS
    ConvertTemp
    Documents and Settings
    hiberfil.sys
    Intel
    IO.SYS
    Kill'em
    List'em.txt
    Lop SD
    lopR.txt
    lxcg.log
    lxcgfire.csv
    LXCGINST.csv
    lxcgUNST.000
    lxcgUNST.csv
    MSDOS.SYS
    MSOCache
    NTDETECT.COM
    ntldr
    NVIDIA
    pass adsl.txt
    Program Files
    rapport.txt
    RecorderSDKLog.txt
    RECYCLER
    rscache
    rsit
    sqmdata00.sqm
    sqmdata01.sqm
    sqmdata02.sqm
    sqmdata03.sqm
    sqmdata04.sqm
    sqmdata05.sqm
    sqmdata06.sqm
    sqmdata07.sqm
    sqmdata08.sqm
    sqmdata09.sqm
    sqmdata10.sqm
    sqmdata11.sqm
    sqmdata12.sqm
    sqmnoopt00.sqm
    sqmnoopt01.sqm
    sqmnoopt02.sqm
    sqmnoopt03.sqm
    sqmnoopt04.sqm
    sqmnoopt05.sqm
    sqmnoopt06.sqm
    sqmnoopt07.sqm
    sqmnoopt08.sqm
    sqmnoopt09.sqm
    sqmnoopt10.sqm
    sqmnoopt11.sqm
    sqmnoopt12.sqm
    System Volume Information
    Temp
    VTPFiles
    WINDOWS
    zee_store
    _OTM

    ¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

    C:\Documents and Settings\All Users\Application Data\Age of Empires 3 XPack Trial\Patches
    C:\Documents and Settings\Escander\Bureau\SmitfraudFix\o4Patch.exe
    C:\Program Files\Mozilla Firefox\SmitfraudFix\o4Patch.exe
    C:\WINDOWS\system32\o4Patch.exe

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  2. archet9
     
    Vu.......

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    0
  3. Escander2 Messages postés 28 Statut Membre
     
    Voilà désolé du temps que j'ai mis, merci encore et toujours :P :

    ComboFix 09-12-31.02 - Escander 31/12/2009 21:29:59.1.1 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1154 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Escander\Mes documents\Téléchargements\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: Bitdefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    FW: Bitdefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Escander\Application Data\02000000610c4185C.manifest
    c:\documents and settings\Escander\Application Data\02000000610c4185O.manifest
    c:\documents and settings\Escander\Application Data\02000000610c4185P.manifest
    c:\documents and settings\Escander\Application Data\02000000610c4185S.manifest
    c:\windows\system32\404Fix.exe
    c:\windows\system32\Agent.OMZ.Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\Process.exe
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\WS2Fix.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-28 au 2009-12-31 ))))))))))))))))))))))))))))))))))))
    .

    2009-12-31 17:12 . 2009-12-31 17:12 -------- d-----w- C:\Kill'em
    2009-12-31 17:12 . 2009-12-31 17:12 -------- d-----w- c:\program files\List_Kill'em
    2009-12-31 15:37 . 2009-12-31 15:37 -------- d-----w- C:\_OTM
    2009-12-31 15:00 . 2009-12-31 15:07 -------- d-----w- C:\Lop SD
    2009-12-29 21:34 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-12-29 21:34 . 2009-12-29 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-12-29 21:34 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-12-29 17:32 . 2009-12-29 17:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-12-29 16:02 . 2009-12-29 16:02 -------- d--h--w- c:\windows\system32\GroupPolicy
    2009-12-29 02:02 . 2009-12-29 02:02 -------- d-----w- c:\program files\inKline Global
    2009-12-28 22:28 . 2009-12-28 22:28 -------- d-----w- c:\documents and settings\Escander\Application Data\Malwarebytes
    2009-12-28 22:27 . 2009-12-28 22:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-12-28 20:01 . 2009-12-28 20:02 -------- d-----w- C:\rsit
    2009-12-28 13:32 . 2009-12-28 13:32 -------- d-----w- c:\windows\system32\wbem\Repository
    2009-12-11 13:29 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2009-12-11 13:29 . 2009-12-12 13:31 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2009-12-11 13:29 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
    2009-12-11 13:29 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
    2009-12-11 13:29 . 2009-12-11 13:29 -------- d-----w- c:\program files\Avira
    2009-12-11 13:29 . 2009-12-11 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2009-12-02 06:11 . 2009-12-02 06:11 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2009-12-01 21:09 . 2009-12-30 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-31 16:13 . 2008-04-23 05:43 1324 ----a-w- c:\windows\system32\d3d9caps.dat
    2009-12-29 16:36 . 2001-08-28 10:00 551610 ----a-w- c:\windows\system32\perfh00C.dat
    2009-12-29 16:36 . 2001-08-28 10:00 103012 ----a-w- c:\windows\system32\perfc00C.dat
    2009-12-29 15:48 . 2009-11-21 22:53 -------- d-----w- c:\program files\Mumble
    2009-12-29 02:02 . 2008-04-17 15:52 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-28 20:05 . 2009-02-24 01:52 -------- d-----w- c:\program files\Trend Micro
    2009-12-28 13:37 . 2008-09-26 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2009-12-28 13:30 . 2009-11-21 22:53 -------- d-----w- c:\documents and settings\Escander\Application Data\Mumble
    2009-12-27 21:27 . 2009-05-15 03:34 72712 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2009-12-27 20:51 . 2008-04-16 15:18 72712 ----a-w- c:\documents and settings\Escander\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-12-25 15:21 . 2008-10-25 11:53 -------- d-----w- c:\documents and settings\Escander\Application Data\LimeWire
    2009-12-24 10:02 . 2009-12-24 10:01 223 ----a-w- c:\documents and settings\Escander\Local Settings\Application Data\GLF33.tmp
    2009-12-22 23:03 . 2008-12-12 14:21 -------- d-----w- c:\program files\Windows Live Safety Center
    2009-12-15 14:40 . 2008-09-26 20:04 -------- d-----w- c:\documents and settings\Escander\Application Data\skypePM
    2009-12-09 10:38 . 2008-04-16 15:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
    2009-12-06 09:00 . 2009-11-29 23:35 -------- d-----w- c:\documents and settings\Escander\Application Data\vlc
    2009-12-04 09:13 . 2009-05-09 04:04 -------- d-----w- c:\program files\LimeWire
    2009-12-03 06:01 . 2009-02-23 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
    2009-11-29 22:36 . 2009-11-29 22:36 -------- d-----w- c:\program files\VideoLAN
    2009-11-26 21:49 . 2009-11-09 06:03 -------- d-----w- c:\documents and settings\Escander\Application Data\AVS4YOU
    2009-11-24 16:46 . 2009-11-24 16:30 79488 ----a-w- c:\documents and settings\Escander\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
    2009-11-24 16:43 . 2008-11-29 21:23 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-11-24 16:43 . 2009-11-24 16:43 -------- d-----w- c:\program files\Java
    2009-11-24 16:42 . 2009-11-05 12:48 152576 ----a-w- c:\documents and settings\Escander\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
    2009-11-23 20:01 . 2009-11-20 06:15 -------- d-----w- c:\program files\Sony
    2009-11-23 20:01 . 2009-11-23 20:01 -------- d-----w- c:\program files\Fichiers communs\Sony Shared
    2009-11-23 20:00 . 2009-11-23 20:00 -------- d-----w- c:\program files\Microsoft Games
    2009-11-23 19:59 . 2009-11-23 19:59 -------- d-----w- c:\program files\Lexmark 2300 Series
    2009-11-23 19:59 . 2009-11-23 18:06 -------- d-----w- c:\program files\Java(2)
    2009-11-21 20:58 . 2008-10-25 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
    2009-11-21 20:53 . 2009-11-09 06:00 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
    2009-11-20 06:16 . 2009-05-21 07:42 -------- d-----w- c:\documents and settings\Escander\Application Data\Sony
    2009-11-20 06:08 . 2009-11-20 06:08 -------- d-----w- c:\documents and settings\Escander\Application Data\Sony Setup
    2009-11-20 06:08 . 2009-05-21 07:38 -------- d-----w- c:\program files\Sony Setup
    2009-11-09 06:03 . 2009-11-09 06:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
    2009-11-08 22:19 . 2009-04-19 21:16 -------- d-----w- c:\program files\Messenger Plus! Live
    2009-11-08 00:19 . 2009-11-08 00:14 1167 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
    2009-11-08 00:19 . 2008-04-17 14:50 71918 ----a-w- c:\windows\BricoPackUninst.cmd
    2009-11-08 00:19 . 2001-08-28 10:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
    2009-10-29 07:44 . 2001-08-28 10:00 832512 ----a-w- c:\windows\system32\wininet.dll
    2009-10-29 07:44 . 2008-04-16 15:00 78336 ------w- c:\windows\system32\ieencode.dll
    2009-10-29 07:44 . 2001-08-28 10:00 17408 ------w- c:\windows\system32\corpol.dll
    2009-10-21 05:39 . 2008-04-16 15:00 25088 ----a-w- c:\windows\system32\httpapi.dll
    2009-10-21 05:39 . 2008-04-16 15:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
    2009-10-20 16:20 . 2008-04-16 15:00 265728 ------w- c:\windows\system32\drivers\http.sys
    2009-10-13 10:33 . 2001-08-28 10:00 271360 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:39 . 2001-08-28 10:00 79872 ----a-w- c:\windows\system32\raschap.dll
    2009-10-12 13:39 . 2001-08-28 10:00 150528 ----a-w- c:\windows\system32\rastls.dll
    .

    ------- Sigcheck -------

    [-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
    [-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
    [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe

    [-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
    [-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
    [-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
    [-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-24 149280]
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-04-13 46080]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-04-13 3309568]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "InstallHardware"="c:\windows\system32\InstallHardware.exe" [2002-12-17 45056]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\WINDOWS\\system32\\lxcgcoms.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\WINDOWS\\system32\\java.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "443:UDP"= 443:UDP:*:Disabled:UDP port 443 ooVoo
    "37674:TCP"= 37674:TCP:*:Disabled:TCP port 37674 ooVoo
    "37674:UDP"= 37674:UDP:*:Disabled:UDP port 37674 ooVoo
    "37675:UDP"= 37675:UDP:*:Disabled:UDP port 37675 ooVoo

    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/12/2009 14:29 108289]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/03/2009 13:41 54752]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
    S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16/04/2008 16:10 717296]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
    .
    Contenu du dossier 'Tâches planifiées'

    2009-12-31 c:\windows\Tasks\OGADaily.job
    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2009-12-31 c:\windows\Tasks\OGALogon.job
    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
    .
    .
    ------- Examen supplémentaire -------
    .
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    TCP: {67DE3CAB-3E60-4D43-BD8E-AA4186E8D357} = 192.168.1.1
    FF - ProfilePath - c:\documents and settings\Escander\Application Data\Mozilla\Firefox\Profiles\4o1w8ptf.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
    FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&q=
    FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{A057A204-BACC-4D26-8087-36EE87E26986} - (no file)

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 21:37
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-527237240-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\Security\AntiPhishing\ü*]
    "UserFile"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,
    00,00,00,1d,19,14,fa,f3,4a,7f,42,85,67,8c,c8,0c,5e,67,15,00,00,00,00,24,00,\
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'lsass.exe'(784)
    c:\windows\system32\scecli.dll
    .
    Heure de fin: 2009-12-31 21:41:34
    ComboFix-quarantined-files.txt 2009-12-31 20:41

    Avant-CF: 62 205 116 416 octets libres
    Après-CF: 62 171 402 240 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

    - - End Of File - - B6CF416A724D0FE8234B41AE3A976297
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Escander2 Messages postés 28 Statut Membre
     
    Bah en faites Mozilla et toutes les pages prennent jusque 20x fois plus de temps à charger, dépend si il y a beaucoup d'image ou de modules vidéos.
    Les vidéos et les images mettent aussi autant de temps à charger, c'est à dire que je devrais laisser une vidéo charger 3 à 4heure alors qu'elle ne dure que 10 minutes.
    Et c'est toujours pas réglé avec tous ces scans, mais merci beaucoup pour ton aide!
    0
  6. archet9
     
    Greee.....ça m'enerve un peu !!!!!

    Telecharges GENPROC

    http://www.genproc.com/GenProc.exe

    Copies et colles le rapport stp...

    a+
    0
  7. Escander2 Messages postés 28 Statut Membre
     
    C'est peut-être pas un virus, malware ou autre connerie, ça m'énerve aussi mais toi tu n'es pas obligé de te casser la tête et je t'en remercie c'est très courageux de ta part! ^^

    Rapport GenProc 2.660 [1] - 31/12/2009 à 22:58:35
    @ Windows XP Service Pack 3 - Mode normal
    @ Mozilla Firefox 3.5.6 (fr) [Navigateur par défaut]

    GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

    Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
    - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
    C:\Program Files\EsetOnlineScanner\log.txt

    ~~~~ INFORMATION COMPLEMENTAIRE ~~~~

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-31 22:59:23
    Windows 5.1.2600 Service Pack 3

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..

    scanning hidden registry entries ...

    scan completed successfully
    hidden services: 0

    Rapport de ZHPDiag v1.24.40 par Nicolas Coolman
    Run by Escander at 31/12/2009 23:06:00
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
    MSIE: Internet Explorer v7.0.5730.13
    MFIE: Mozilla Firefox (3.5.6)

    Boot mode: Normal (Normal boot)
    Total RAM: 1534 MB (48% free)
    System drive C: has 58 GB (77%) free of 75 GB

    ---\\
    [MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
    [MD5.6DF76965A0FB8237E9C3B3CAB9815EC2] - C:\Program Files\QuickTime\qttask.exe
    [MD5.04A9F0C58B170F30445BCC0683EF9FFC] - C:\Program Files\iTunes\iTunesHelper.exe
    [MD5.76940D1374ACBBC2275D7662ADB305E1] - C:\WINDOWS\system32\InstallHardware.exe
    [MD5.29680A793F690EEF4AAA68479D2A6DF8] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    [MD5.392845E8D49B5F0E81AAC4D795000A8C] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    [MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    [MD5.390679F7A217A5E73D756276C40AE887] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - C:\WINDOWS\system32\ctfmon.exe
    [MD5.9015BC03F62940527EC92D45EE89E46F] - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    [MD5.B8720A787C1223492E6F319465E996CE] - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    [MD5.E4BDF223CD75478BF44567B4D5C2634D] - C:\WINDOWS\System32\svchost.exe
    [MD5.C3FB1D70CB88722267949694BA51759E] - C:\WINDOWS\system32\services.exe
    [MD5.39133291CB607BDD87CFC565A4A1E7A5] - C:\Program Files\Java\jre6\bin\jqs.exe
    [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - C:\WINDOWS\system32\lsass.exe
    [MD5.271077B91D7AD1B616F8AFDFE8E3F981] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    [MD5.460E4CE148BD07218DA0B6A3D31885A9] - C:\WINDOWS\system32\spoolsv.exe

    ---\\
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    ---\\
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

    ---\\
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
    R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (not file)

    ---\\
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    ---\\
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    ---\\
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\system32\InstallHardware.exe
    O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
    O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
    O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
    O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
    O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
    O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
    O4 - HKCU\..\policies\Explorer: [NoDrives] Data=0
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE

    ---\\
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

    ---\\
    O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

    ---\\
    O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
    O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000004\Winsock LSP File - C:\WINDOWS\system32\nwprovau.dll

    ---\\
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    ---\\
    O17 - HKLM\System\CCS\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.199.2,192.168.199.6

    ---\\
    O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
    O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
    O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
    O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\System32\mshtml.dll
    O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
    O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
    O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
    O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

    ---\\
    O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll

    ---\\
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

    ---\\
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll

    ---\\
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
    O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

    ---\\
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGADaily.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job

    ---\\
    O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
    O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
    O41 - Driver: bdpredir (bdpredir) - C:\Program Files\Softwin\BitDefender10\bdpredir.sys
    O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
    O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
    O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
    O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
    O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
    O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
    O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
    O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys
    O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
    O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\System32\DRIVERS\processr.sys
    O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
    O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
    O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys
    O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\System32\DRIVERS\serial.sys
    O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
    O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\System32\DRIVERS\termdd.sys
    O41 - Driver: Carte vidéo VGA. (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

    ---\\
    O42 - Logiciel: Adobe Flash Player 10 ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin
    O42 - Logiciel: Adobe Reader 8.1.6 - Français
    O42 - Logiciel: Adobe Shockwave Player 11.5
    O42 - Logiciel: Assistant de connexion Windows Live
    O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
    O42 - Logiciel: BitDefender Internet Security v10
    O42 - Logiciel: CCleaner (remove only)
    O42 - Logiciel: Codeur Windows Media Série 9
    O42 - Logiciel: Galerie de photos Windows Live
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
    O42 - Logiciel: Installation Windows Live
    O42 - Logiciel: Java(TM) 6 Update 17
    O42 - Logiciel: Junk Mail filter update
    O42 - Logiciel: Lecteur Windows Media 11
    O42 - Logiciel: Lexmark 2300 Series
    O42 - Logiciel: LimeWire 5.3.6
    O42 - Logiciel: List_Kill'em 1.1.7.0
    O42 - Logiciel: MSVCRT
    O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
    O42 - Logiciel: MSXML 6.0 Parser (KB933579)
    O42 - Logiciel: Malwarebytes' Anti-Malware
    O42 - Logiciel: Messenger Plus! Live
    O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
    O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack
    O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
    O42 - Logiciel: Microsoft Age of Empires Trial
    O42 - Logiciel: Microsoft Choice Guard
    O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
    O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
    O42 - Logiciel: Microsoft National Language Support Downlevel APIs
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2)
    O42 - Logiciel: Microsoft Office Access MUI (French) 2007
    O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
    O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
    O42 - Logiciel: Microsoft Office Live Add-in 1.3
    O42 - Logiciel: Microsoft Office Outlook Connector
    O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
    O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
    O42 - Logiciel: Microsoft Office Professional Plus 2007
    O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
    O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
    O42 - Logiciel: Microsoft Office Proof (English) 2007
    O42 - Logiciel: Microsoft Office Proof (French) 2007
    O42 - Logiciel: Microsoft Office Proof (German) 2007
    O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
    O42 - Logiciel: Microsoft Office Proofing (French) 2007
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
    O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
    O42 - Logiciel: Microsoft Office Word MUI (French) 2007
    O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
    O42 - Logiciel: Microsoft Search Enhancement Pack
    O42 - Logiciel: Microsoft Silverlight
    O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
    O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
    O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
    O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
    O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
    O42 - Logiciel: Mozilla Firefox (3.5.6)
    O42 - Logiciel: NVIDIA Display Driver
    O42 - Logiciel: OGA Notifier 1.7.0105.35.0
    O42 - Logiciel: OpenOffice.org Installer 1.0
    O42 - Logiciel: Outil de téléchargement Windows Live
    O42 - Logiciel: Pack Vista Inspirat 2 1.0
    O42 - Logiciel: Plug&Play ADSL Modem Driver Suite
    O42 - Logiciel: QuickTime
    O42 - Logiciel: Realtek AC'97 Audio
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
    O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
    O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363)
    O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
    O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB969693)
    O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604)
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
    O42 - Logiciel: Segoe UI
    O42 - Logiciel: Spybot - Search & Destroy
    O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
    O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416)
    O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb976884)
    O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729)
    O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01
    O42 - Logiciel: WahOO
    O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
    O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130)
    O42 - Logiciel: Windows Imaging Component
    O42 - Logiciel: Windows Internet Explorer 7
    O42 - Logiciel: Windows Live Call
    O42 - Logiciel: Windows Live Communications Platform
    O42 - Logiciel: Windows Live Contrôle parental
    O42 - Logiciel: Windows Live FolderShare
    O42 - Logiciel: Windows Live Mail
    O42 - Logiciel: Windows Live Messenger
    O42 - Logiciel: Windows Live OneCare safety scanner
    O42 - Logiciel: Windows Live Toolbar
    O42 - Logiciel: Windows Live Writer
    O42 - Logiciel: Windows Media Format 11 runtime
    O42 - Logiciel: Windows Media Player 11
    O42 - Logiciel: Windows Presentation Foundation
    O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA)
    O42 - Logiciel: Windows Workflow Foundation FR Language Pack
    O42 - Logiciel: Windows XP Service Pack 3
    O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
    O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
    O42 - Logiciel: iTunes

    ---\\
    O44 - LFC:Last File Created 31/12/2009 - 21:41:35 ---A- C:\ComboFix.txt
    O44 - LFC:Last File Created 31/12/2009 - 21:37:57 ---A- C:\WINDOWS\system.ini
    O44 - LFC:Last File Created 31/12/2009 - 21:28:35 RSHA- C:\boot.ini
    O44 - LFC:Last File Created 31/12/2009 - 21:21:52 ---A- C:\WINDOWS\SchedLgU.Txt
    O44 - LFC:Last File Created 31/12/2009 - 21:21:32 ---A- C:\WINDOWS\WindowsUpdate.log
    O44 - LFC:Last File Created 31/12/2009 - 21:20:58 ---A- C:\WINDOWS\System32\wpa.dbl
    O44 - LFC:Last File Created 31/12/2009 - 21:20:53 ---A- C:\WINDOWS\0.log
    O44 - LFC:Last File Created 31/12/2009 - 21:20:33 ---A- C:\WINDOWS\wiadebug.log
    O44 - LFC:Last File Created 31/12/2009 - 21:20:22 ---A- C:\WINDOWS\wiaservc.log
    O44 - LFC:Last File Created 31/12/2009 - 21:20:11 -S-A- C:\WINDOWS\bootstat.dat
    O44 - LFC:Last File Created 31/12/2009 - 18:41:09 ---A- C:\List'em.txt
    O44 - LFC:Last File Created 31/12/2009 - 17:55:49 --HA- C:\WINDOWS\QTFont.qfn
    O44 - LFC:Last File Created 31/12/2009 - 17:55:45 ---A- C:\WINDOWS\SetupADSL.log
    O44 - LFC:Last File Created 31/12/2009 - 17:54:02 ---A- C:\rapport.txt
    O44 - LFC:Last File Created 31/12/2009 - 17:52:07 ---A- C:\WINDOWS\setupact.log
    O44 - LFC:Last File Created 31/12/2009 - 17:52:07 ---A- C:\WINDOWS\setuperr.log
    O44 - LFC:Last File Created 31/12/2009 - 17:50:26 ---A- C:\WINDOWS\System32\tmp.txt
    O44 - LFC:Last File Created 31/12/2009 - 17:48:43 ---A- C:\WINDOWS\ntbtlog.txt
    O44 - LFC:Last File Created 31/12/2009 - 17:13:04 ---A- C:\WINDOWS\System32\d3d9caps.dat
    O44 - LFC:Last File Created 31/12/2009 - 16:07:38 ---A- C:\lopR.txt
    O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfc009.dat
    O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfc00C.dat
    O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfh009.dat
    O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfh00C.dat
    O44 - LFC:Last File Created 29/12/2009 - 17:36:45 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
    O44 - LFC:Last File Created 29/12/2009 - 17:14:44 ---A- C:\Boot.bak
    O44 - LFC:Last File Created 29/12/2009 - 17:14:44 ---A- C:\WINDOWS\win.ini
    O44 - LFC:Last File Created 29/12/2009 - 16:30:06 ---A- C:\WINDOWS\QTFont.for
    O44 - LFC:Last File Created 27/12/2009 - 22:27:54 ---A- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
    O44 - LFC:Last File Created 27/12/2009 - 20:59:05 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
    O44 - LFC:Last File Created 12/12/2009 - 14:31:49 ---A- C:\WINDOWS\System32\drivers\avgntflt.sys
    O44 - LFC:Last File Created 09/12/2009 - 22:54:07 ---A- C:\WINDOWS\PEV.exe
    O44 - LFC:Last File Created 03/12/2009 - 16:14:06 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    O44 - LFC:Last File Created 03/12/2009 - 16:13:56 ---A- C:\WINDOWS\System32\drivers\mbam.sys
    O44 - LFC:Last File Created 02/12/2009 - 07:11:43 ---A- C:\WINDOWS\System32\drivers\SBREDrv.sys
    O44 - LFC:Last File Created 01/12/2009 - 21:06:19 ---A- C:\WINDOWS\System32\MRT.exe

    ---\\
    O63 - Logiciel: HijackThis 2.0.2
    O63 - Logiciel: GenProc
    O63 - Logiciel: Lop SD
    O63 - Logiciel: RSIT

    End of the scan: 340 lines

    ----------------------------------------------------------------------
    Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
    ----------------------------------------------------------------------

    ~~ Fin à 23:07:40 ~~
    0
  8. archet9
     
    ça m'énerve aussi mais toi tu n'es pas obligé de te casser la tête et je t'en remercie c'est très courageux de ta part! ^^


    ==> Le plus énervant pour ma part est de ne pas trouver ce qui foire !!!!

    REDEMARRE EN MODE SANS ECHEC

    Relance List&Kill'em (clic droit pour vista),

    mais cette fois-ci :

    choisis l'option 2 = Mode Destruction
    laisse travailler l'outil

    apres les verifications , un rapport va s'ouvrir.

    ferme-le.

    un deuxieme rapport va s'ouvrir ,

    colle son contenu dans ta reponse apres avoir redemarré en mode normal

    a*
    0
  9. Escander2 Messages postés 28 Statut Membre
     
    Voilà,
    ill'em by g3n-h@ckm@n 1.1.7.0

    User : Escander () # DALUXE
    Update on 30/12/2009 by g3n-h@ckm@n ::::: 23:45
    Start at: 23:36:50 | 31/12/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Pentium(R) 4 CPU 1.60GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 7.0.5730.13
    Windows Firewall Status : Enabled
    AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    FW : Bitdefender Firewall[ (!) Disabled ]8.0

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local | 74,55 Go (59,46 Go free) | NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM | 681 Mo (0 Mo free) [NEW_COMPILATION] | CDFS

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\List_Kill'em\List_Kill'em.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Documents and Settings\Escander\Local Settings\temp\1.tmp\pv.exe

    Detections :
    ==========

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    "C:\WINDOWS\mbr.exe"
    "C:\WINDOWS\System32\drivers\etc\hosts.msn"

    ¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

    Quarantine :

    hosts.msn.Kill'em
    MBR.exe.Kill'em

    ==============
    host file OK !
    ==============

    ========
    Registry
    ========
    Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
    Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe

    ============
    Disk Cleaned
    ============

    ================
    Prefetch cleaned
    ================

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  10. Escander2 Messages postés 28 Statut Membre
     
    J'ai enfin réussi, et tu vas pas en croire tes yeux c'est tout cons!
    J'ai d'abord redémarré mon modem et comme ça prenait du temps je suis allez dans panneau de config./gestion des réseau pour voir si c'était connecté, et là j'ai vu le bouton réparé je l'ai fais et ça fonctionne à nouveau comme avant!
    En tout cas comme le même type de problème est arriver à beaucoup de gens peut-être que c'est de là que ça vient en fin de compte! :D

    Un énorme merci à toi Archet et une bonne année!
    0
Précédent
  • 1
  • 2