Problème de lenteure internet

Escander2 Messages postés 28 Statut Membre -
Escander2 Messages postés 28 Statut Membre - 1 janv. 2010 à 04:48

Bonjour,
J'ai donc suivi le guide de [Virus]Méthode préliminaire de désinfection et je me retrouve donc ici, j'ai aussi entendu dire que les gens ici était très calé et serviable.^^

Comme la première étape était de faire un scan avec RSIT le voici, je pense être infecté à cause de la lenteur qui revient sans cesse sur mon ordinateur (ça reste souvent 1 semaine à 2 semaines)

Voici le scan:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Escander at 2009-12-28 21:05:40
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 51 GB (67%) free of 76 GB
Total RAM: 1535 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:42, on 28/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\InstallHardware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RAMBooster.Net\RAMBooster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Escander\Local Settings\Application Data\WahOO\WahOO.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Escander\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Escander.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bing.com/?toHttps=1&redig=F6E03C3CC058415AA40F1BC2D47E2332
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\system32\InstallHardware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RAMBooster.Net] C:\Program Files\RAMBooster.Net\RAMBooster.exe -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WahOO] "C:\Documents and Settings\Escander\Local Settings\Application Data\WahOO\WahOO.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.199.2,192.168.199.6
O20 - AppInit_DLLs: ,C:\WINDOWS\System32\dmserver32.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
End of file - 7067 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\OGADaily.job
C:\WINDOWS\tasks\OGALogon.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-04-13 46080]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"InstallHardware"=C:\WINDOWS\system32\InstallHardware.exe [2002-12-17 45056]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-24 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"RAMBooster.Net"=C:\Program Files\RAMBooster.Net\RAMBooster.exe [2003-08-11 1363968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"WahOO"=C:\Documents and Settings\Escander\Local Settings\Application Data\WahOO\WahOO.exe [2009-12-08 1841152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2004-04-13 3309568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin.lnk]
C:\PROGRA~1\Philips\SPC300~1\TrayMin.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"ose"=3
"odserv"=3
"lxcg_device"=3
"iPod Service"=3
"idsvc"=3
"IDriverT"=3
"fsssvc"=3
"SeaPort"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=",C:\WINDOWS\System32\dmserver32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ooVoo\ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\lxcgcoms.exe"="C:\WINDOWS\system32\lxcgcoms.exe:*:Enabled:2300 Series"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2009-12-28 21:01:51 ----D---- C:\rsit
2009-12-28 17:54:42 ----D---- C:\Program Files\RAMBooster.Net
2009-12-11 14:29:34 ----D---- C:\Program Files\Avira
2009-12-11 14:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-12-01 22:09:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-30 00:35:48 ----D---- C:\Documents and Settings\Escander\Application Data\vlc
2009-11-29 23:36:43 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 months======

2009-12-28 21:05:41 ----D---- C:\Program Files\Trend Micro
2009-12-28 21:02:38 ----D---- C:\WINDOWS\Temp
2009-12-28 21:00:38 ----D---- C:\WINDOWS\Prefetch
2009-12-28 20:30:12 ----D---- C:\Program Files\Mozilla Firefox
2009-12-28 20:26:38 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-28 20:25:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-28 17:54:42 ----D---- C:\Program Files
2009-12-28 17:54:41 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-28 14:37:41 ----SHD---- C:\WINDOWS\Installer
2009-12-28 14:37:40 ----D---- C:\Config.Msi
2009-12-28 14:37:34 ----D---- C:\Program Files\Fichiers communs
2009-12-28 14:37:33 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-28 14:34:42 ----D---- C:\WINDOWS
2009-12-28 14:33:13 ----D---- C:\WINDOWS\system32\config
2009-12-28 14:32:51 ----D---- C:\WINDOWS\system32\wbem
2009-12-28 14:32:49 ----D---- C:\WINDOWS\Registration
2009-12-28 14:32:15 ----RSD---- C:\WINDOWS\Fonts
2009-12-28 14:31:31 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-28 14:30:23 ----D---- C:\Program Files\Mumble
2009-12-28 14:30:23 ----D---- C:\Documents and Settings\Escander\Application Data\Mumble
2009-12-28 14:30:20 ----D---- C:\WINDOWS\WinSxS
2009-12-28 02:42:46 ----D---- C:\WINDOWS\system32
2009-12-25 16:21:14 ----D---- C:\Documents and Settings\Escander\Application Data\LimeWire
2009-12-23 00:03:48 ----D---- C:\Program Files\Windows Live Safety Center
2009-12-23 00:03:46 ----HD---- C:\WINDOWS\inf
2009-12-15 15:40:30 ----D---- C:\Documents and Settings\Escander\Application Data\skypePM
2009-12-11 14:30:40 ----D---- C:\WINDOWS\system32\drivers
2009-12-09 21:20:17 ----D---- C:\WINDOWS\Debug
2009-12-09 13:04:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 11:42:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-09 11:38:29 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-12-09 11:35:47 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-09 11:34:02 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-09 11:33:54 ----D---- C:\Program Files\Internet Explorer
2009-12-04 10:13:37 ----D---- C:\Program Files\LimeWire
2009-12-03 07:01:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-12-03 07:01:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-02 07:18:12 ----SD---- C:\WINDOWS\Tasks
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-30 05:29:35 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-04-02 5632]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-12 56816]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-28 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-28 55936]
R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-23 117760]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;Philips SPC 300NC PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-24 153376]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 lxcg_device;lxcg_device; C:\WINDOWS\system32\lxcgcoms.exe [2005-04-15 491520]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

Afficher la suite

A voir également:

Problème de lenteure internet
Gps sans internet - Guide
D'où peut venir un problème de connexion internet sur un ordinateur ? - Guide
Complete internet repair - Télécharger - Web & Internet
Mon pc rame sur internet - Guide
Problème internet aujourd'hui - Accueil - Outils

30 réponses

Réponse 21 / 30

Escander2 Messages postés 28 Statut Membre

Voilà :D

List'em by g3n-h@ckm@n 1.1.7.0

Thx to Chiquitine29.....& CCM team

User : Escander (Administrateurs) # DALUXE
Update on 30/12/2009 by g3n-h@ckm@n ::::: 23:45
Start at: 18:13:17 | 31/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]
FW : Bitdefender Firewall[ (!) Disabled ]8.0

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 74,55 Go (58,07 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM | 681 Mo (0 Mo free) [NEW_COMPILATION] | CDFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\InstallHardware.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Escander\Local Settings\Temp\16.tmp\pv.exe

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
SoundMan REG_SZ SOUNDMAN.EXE
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
InstallHardware REG_SZ C:\WINDOWS\system32\InstallHardware.exe
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\WINDOWS\System32\

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\Program Files\ooVoo\ooVoo.exe REG_SZ C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\WINDOWS\system32\lxcgcoms.exe REG_SZ C:\WINDOWS\system32\lxcgcoms.exe:*:Enabled:2300 Series
C:\Program Files\LimeWire\LimeWire.exe REG_SZ C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\aMSN\bin\wish.exe REG_SZ C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
C:\Program Files\Skype\Plugin Manager\skypePM.exe REG_SZ C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\WINDOWS\system32\java.exe REG_SZ C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6414512B-B978-451D-A0D8-FCFDF33E833C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}

===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}

==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2

=========

=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
74,55 Go total, 58,07 Go libre (77%), 1% fragment‚ (fragmentation du fichier 3%)

Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\WINDOWS\System32\404Fix.exe
C:\WINDOWS\System32\drivers\etc\hosts.msn
C:\WINDOWS\System32\dumphive.exe
C:\WINDOWS\System32\IEDFix.exe
C:\WINDOWS\System32\Process.exe
C:\WINDOWS\System32\SrchSTS.exe
C:\WINDOWS\System32\tmp.reg
C:\WINDOWS\System32\VACFix.exe
C:\WINDOWS\System32\VCCLSID.exe
C:\WINDOWS\System32\WS2Fix.exe

¤¤¤¤¤¤¤¤¤¤ Keys :

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"

================
Other infections
================

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 18:17:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

==========
Programs
==========

Adobe
Alwil Software
Avira
CCleaner
Common Files
ComPlus Applications
DAEMON Tools Lite
Enlight
Fichiers communs
Google
inKline Global
InstallShield Installation Information
Internet Explorer
iPod
iTunes
Java
Java(2)
Lexmark 2300 Series
LimeWire
List_Kill'em
Malwarebytes' Anti-Malware
Messenger
Messenger Plus! Live
Microsoft
microsoft frontpage
Microsoft Games
Microsoft Office
Microsoft Office Outlook Connector
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Visual Studio
Microsoft Works
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
MSXML 4.0
MSXML 6.0
Mumble
NetMeeting
oovooToolbar
Outlook Express
QuickTime
Real
Realtek AC97
Reference Assemblies
Services en ligne
Sony
Sony Setup
Spybot - Search & Destroy
Sun
support.com
Trend Micro
Uninstall Information
VideoLAN
Windows Live
Windows Live Safety Center
Windows Live SkyDrive
Windows Media Components
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
xerox

============
Lecteur C:
============

.jagex_cache_32
2d970bdf52621b4f616d4105ecf7
64e44f8677ca118aec90e9d67e
9f4235ae674290bf66d0dc2a00cbe4fb
aaw7boot.log
AILog.txt
aoedoppl.txt
aoeWVlog.txt
AUTOEXEC.BAT
boot.ini
Bootfont.bin
CDFE.log
Config.Msi
CONFIG.SYS
ConvertTemp
Documents and Settings
hiberfil.sys
Intel
IO.SYS
Kill'em
List'em.txt
Lop SD
lopR.txt
lxcg.log
lxcgfire.csv
LXCGINST.csv
lxcgUNST.000
lxcgUNST.csv
MSDOS.SYS
MSOCache
NTDETECT.COM
ntldr
NVIDIA
pass adsl.txt
Program Files
rapport.txt
RecorderSDKLog.txt
RECYCLER
rscache
rsit
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmdata09.sqm
sqmdata10.sqm
sqmdata11.sqm
sqmdata12.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
sqmnoopt09.sqm
sqmnoopt10.sqm
sqmnoopt11.sqm
sqmnoopt12.sqm
System Volume Information
Temp
VTPFiles
WINDOWS
zee_store
_OTM

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\Documents and Settings\All Users\Application Data\Age of Empires 3 XPack Trial\Patches
C:\Documents and Settings\Escander\Bureau\SmitfraudFix\o4Patch.exe
C:\Program Files\Mozilla Firefox\SmitfraudFix\o4Patch.exe
C:\WINDOWS\system32\o4Patch.exe

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Réponse 22 / 30

Utilisateur anonyme

Vu.......

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt

Réponse 23 / 30

Escander2 Messages postés 28 Statut Membre

Voilà désolé du temps que j'ai mis, merci encore et toujours :P :

ComboFix 09-12-31.02 - Escander 31/12/2009 21:29:59.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1154 [GMT 1:00]
Lancé depuis: c:\documents and settings\Escander\Mes documents\Téléchargements\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Bitdefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Bitdefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Escander\Application Data\02000000610c4185C.manifest
c:\documents and settings\Escander\Application Data\02000000610c4185O.manifest
c:\documents and settings\Escander\Application Data\02000000610c4185P.manifest
c:\documents and settings\Escander\Application Data\02000000610c4185S.manifest
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-28 au 2009-12-31 ))))))))))))))))))))))))))))))))))))
.

2009-12-31 17:12 . 2009-12-31 17:12 -------- d-----w- C:\Kill'em
2009-12-31 17:12 . 2009-12-31 17:12 -------- d-----w- c:\program files\List_Kill'em
2009-12-31 15:37 . 2009-12-31 15:37 -------- d-----w- C:\_OTM
2009-12-31 15:00 . 2009-12-31 15:07 -------- d-----w- C:\Lop SD
2009-12-29 21:34 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-29 21:34 . 2009-12-29 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-29 21:34 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-29 17:32 . 2009-12-29 17:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-29 16:02 . 2009-12-29 16:02 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-12-29 02:02 . 2009-12-29 02:02 -------- d-----w- c:\program files\inKline Global
2009-12-28 22:28 . 2009-12-28 22:28 -------- d-----w- c:\documents and settings\Escander\Application Data\Malwarebytes
2009-12-28 22:27 . 2009-12-28 22:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-28 20:01 . 2009-12-28 20:02 -------- d-----w- C:\rsit
2009-12-28 13:32 . 2009-12-28 13:32 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-11 13:29 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-11 13:29 . 2009-12-12 13:31 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-11 13:29 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-11 13:29 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-11 13:29 . 2009-12-11 13:29 -------- d-----w- c:\program files\Avira
2009-12-11 13:29 . 2009-12-11 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-02 06:11 . 2009-12-02 06:11 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-12-01 21:09 . 2009-12-30 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 16:13 . 2008-04-23 05:43 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-29 16:36 . 2001-08-28 10:00 551610 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-29 16:36 . 2001-08-28 10:00 103012 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-29 15:48 . 2009-11-21 22:53 -------- d-----w- c:\program files\Mumble
2009-12-29 02:02 . 2008-04-17 15:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-28 20:05 . 2009-02-24 01:52 -------- d-----w- c:\program files\Trend Micro
2009-12-28 13:37 . 2008-09-26 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-12-28 13:30 . 2009-11-21 22:53 -------- d-----w- c:\documents and settings\Escander\Application Data\Mumble
2009-12-27 21:27 . 2009-05-15 03:34 72712 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-27 20:51 . 2008-04-16 15:18 72712 ----a-w- c:\documents and settings\Escander\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-25 15:21 . 2008-10-25 11:53 -------- d-----w- c:\documents and settings\Escander\Application Data\LimeWire
2009-12-24 10:02 . 2009-12-24 10:01 223 ----a-w- c:\documents and settings\Escander\Local Settings\Application Data\GLF33.tmp
2009-12-22 23:03 . 2008-12-12 14:21 -------- d-----w- c:\program files\Windows Live Safety Center
2009-12-15 14:40 . 2008-09-26 20:04 -------- d-----w- c:\documents and settings\Escander\Application Data\skypePM
2009-12-09 10:38 . 2008-04-16 15:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-06 09:00 . 2009-11-29 23:35 -------- d-----w- c:\documents and settings\Escander\Application Data\vlc
2009-12-04 09:13 . 2009-05-09 04:04 -------- d-----w- c:\program files\LimeWire
2009-12-03 06:01 . 2009-02-23 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-29 22:36 . 2009-11-29 22:36 -------- d-----w- c:\program files\VideoLAN
2009-11-26 21:49 . 2009-11-09 06:03 -------- d-----w- c:\documents and settings\Escander\Application Data\AVS4YOU
2009-11-24 16:46 . 2009-11-24 16:30 79488 ----a-w- c:\documents and settings\Escander\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-24 16:43 . 2008-11-29 21:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-24 16:43 . 2009-11-24 16:43 -------- d-----w- c:\program files\Java
2009-11-24 16:42 . 2009-11-05 12:48 152576 ----a-w- c:\documents and settings\Escander\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-23 20:01 . 2009-11-20 06:15 -------- d-----w- c:\program files\Sony
2009-11-23 20:01 . 2009-11-23 20:01 -------- d-----w- c:\program files\Fichiers communs\Sony Shared
2009-11-23 20:00 . 2009-11-23 20:00 -------- d-----w- c:\program files\Microsoft Games
2009-11-23 19:59 . 2009-11-23 19:59 -------- d-----w- c:\program files\Lexmark 2300 Series
2009-11-23 19:59 . 2009-11-23 18:06 -------- d-----w- c:\program files\Java(2)
2009-11-21 20:58 . 2008-10-25 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-21 20:53 . 2009-11-09 06:00 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2009-11-20 06:16 . 2009-05-21 07:42 -------- d-----w- c:\documents and settings\Escander\Application Data\Sony
2009-11-20 06:08 . 2009-11-20 06:08 -------- d-----w- c:\documents and settings\Escander\Application Data\Sony Setup
2009-11-20 06:08 . 2009-05-21 07:38 -------- d-----w- c:\program files\Sony Setup
2009-11-09 06:03 . 2009-11-09 06:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-11-08 22:19 . 2009-04-19 21:16 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-08 00:19 . 2009-11-08 00:14 1167 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-11-08 00:19 . 2008-04-17 14:50 71918 ----a-w- c:\windows\BricoPackUninst.cmd
2009-11-08 00:19 . 2001-08-28 10:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-10-29 07:44 . 2001-08-28 10:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 2008-04-16 15:00 78336 ------w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 2001-08-28 10:00 17408 ------w- c:\windows\system32\corpol.dll
2009-10-21 05:39 . 2008-04-16 15:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2008-04-16 15:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2008-04-16 15:00 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2001-08-28 10:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2001-08-28 10:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2001-08-28 10:00 150528 ----a-w- c:\windows\system32\rastls.dll
.

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-24 149280]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-04-13 46080]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-04-13 3309568]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"InstallHardware"="c:\windows\system32\InstallHardware.exe" [2002-12-17 45056]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\lxcgcoms.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\java.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:UDP"= 443:UDP:*:Disabled:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:*:Disabled:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:*:Disabled:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:*:Disabled:UDP port 37675 ooVoo

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/12/2009 14:29 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/03/2009 13:41 54752]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16/04/2008 16:10 717296]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
.
Contenu du dossier 'Tâches planifiées'

2009-12-31 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-12-31 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {67DE3CAB-3E60-4D43-BD8E-AA4186E8D357} = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Escander\Application Data\Mozilla\Firefox\Profiles\4o1w8ptf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&q=
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{A057A204-BACC-4D26-8087-36EE87E26986} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 21:37
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-527237240-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\Security\AntiPhishing\ü*]
"UserFile"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,
00,00,00,1d,19,14,fa,f3,4a,7f,42,85,67,8c,c8,0c,5e,67,15,00,00,00,00,24,00,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(784)
c:\windows\system32\scecli.dll
.
Heure de fin: 2009-12-31 21:41:34
ComboFix-quarantined-files.txt 2009-12-31 20:41

Avant-CF: 62 205 116 416 octets libres
Après-CF: 62 171 402 240 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

- - End Of File - - B6CF416A724D0FE8234B41AE3A976297

Réponse 24 / 30

Utilisateur anonyme

Fais un point sur tes problèmes stp...

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 30

Escander2 Messages postés 28 Statut Membre

Bah en faites Mozilla et toutes les pages prennent jusque 20x fois plus de temps à charger, dépend si il y a beaucoup d'image ou de modules vidéos.
Les vidéos et les images mettent aussi autant de temps à charger, c'est à dire que je devrais laisser une vidéo charger 3 à 4heure alors qu'elle ne dure que 10 minutes.
Et c'est toujours pas réglé avec tous ces scans, mais merci beaucoup pour ton aide!

Réponse 26 / 30

Utilisateur anonyme

Greee.....ça m'enerve un peu !!!!!

Telecharges GENPROC

http://www.genproc.com/GenProc.exe

Copies et colles le rapport stp...

a+

Réponse 27 / 30

Escander2 Messages postés 28 Statut Membre

C'est peut-être pas un virus, malware ou autre connerie, ça m'énerve aussi mais toi tu n'es pas obligé de te casser la tête et je t'en remercie c'est très courageux de ta part! ^^

Rapport GenProc 2.660 [1] - 31/12/2009 à 22:58:35
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox 3.5.6 (fr) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt

~~~~ INFORMATION COMPLEMENTAIRE ~~~~

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 22:59:23
Windows 5.1.2600 Service Pack 3

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:a5,14,fe,f3,0a,0c,33,e9,43,8e,2a,58,c9,53,c5,3f,37,fd,6c,58,e9,..

scanning hidden registry entries ...

scan completed successfully
hidden services: 0

Rapport de ZHPDiag v1.24.40 par Nicolas Coolman
Run by Escander at 31/12/2009 23:06:00
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox (3.5.6)

Boot mode: Normal (Normal boot)
Total RAM: 1534 MB (48% free)
System drive C: has 58 GB (77%) free of 75 GB

---\\
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.6DF76965A0FB8237E9C3B3CAB9815EC2] - C:\Program Files\QuickTime\qttask.exe
[MD5.04A9F0C58B170F30445BCC0683EF9FFC] - C:\Program Files\iTunes\iTunesHelper.exe
[MD5.76940D1374ACBBC2275D7662ADB305E1] - C:\WINDOWS\system32\InstallHardware.exe
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
[MD5.392845E8D49B5F0E81AAC4D795000A8C] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[MD5.390679F7A217A5E73D756276C40AE887] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - C:\WINDOWS\system32\ctfmon.exe
[MD5.9015BC03F62940527EC92D45EE89E46F] - C:\Program Files\Avira\AntiVir Desktop\sched.exe
[MD5.B8720A787C1223492E6F319465E996CE] - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - C:\WINDOWS\System32\svchost.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - C:\WINDOWS\system32\services.exe
[MD5.39133291CB607BDD87CFC565A4A1E7A5] - C:\Program Files\Java\jre6\bin\jqs.exe
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - C:\WINDOWS\system32\lsass.exe
[MD5.271077B91D7AD1B616F8AFDFE8E3F981] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.460E4CE148BD07218DA0B6A3D31885A9] - C:\WINDOWS\system32\spoolsv.exe

---\\
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

---\\
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

---\\
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (not file)

---\\
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\system32\InstallHardware.exe
O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKCU\..\policies\Explorer: [NoDrives] Data=0
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE

---\\
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

---\\
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\WINDOWS\system32\nwprovau.dll

---\\
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://charon888.free.fr/plugins/hardwaredetection_2_0_4_13.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\
O17 - HKLM\System\CCS\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{67DE3CAB-3E60-4D43-BD8E-AA4186E8D357}: NameServer = 192.168.199.2,192.168.199.6

---\\
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

---\\
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll

---\\
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

---\\
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll

---\\
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

---\\
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGADaily.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job

---\\
O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: bdpredir (bdpredir) - C:\Program Files\Softwin\BitDefender10\bdpredir.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

---\\
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 8.1.6 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: BitDefender Internet Security v10
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Codeur Windows Media Série 9
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Lexmark 2300 Series
O42 - Logiciel: LimeWire 5.3.6
O42 - Logiciel: List_Kill'em 1.1.7.0
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Trial
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Access MUI (French) 2007
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office Outlook Connector
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Professional Plus 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: NVIDIA Display Driver
O42 - Logiciel: OGA Notifier 1.7.0105.35.0
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Pack Vista Inspirat 2 1.0
O42 - Logiciel: Plug&Play ADSL Modem Driver Suite
O42 - Logiciel: QuickTime
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB969693)
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416)
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb976884)
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729)
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01
O42 - Logiciel: WahOO
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130)
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live OneCare safety scanner
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA)
O42 - Logiciel: Windows Workflow Foundation FR Language Pack
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: iTunes

---\\
O44 - LFC:Last File Created 31/12/2009 - 21:41:35 ---A- C:\ComboFix.txt
O44 - LFC:Last File Created 31/12/2009 - 21:37:57 ---A- C:\WINDOWS\system.ini
O44 - LFC:Last File Created 31/12/2009 - 21:28:35 RSHA- C:\boot.ini
O44 - LFC:Last File Created 31/12/2009 - 21:21:52 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 31/12/2009 - 21:21:32 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 31/12/2009 - 21:20:58 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 31/12/2009 - 21:20:53 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 31/12/2009 - 21:20:33 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 31/12/2009 - 21:20:22 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 31/12/2009 - 21:20:11 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 31/12/2009 - 18:41:09 ---A- C:\List'em.txt
O44 - LFC:Last File Created 31/12/2009 - 17:55:49 --HA- C:\WINDOWS\QTFont.qfn
O44 - LFC:Last File Created 31/12/2009 - 17:55:45 ---A- C:\WINDOWS\SetupADSL.log
O44 - LFC:Last File Created 31/12/2009 - 17:54:02 ---A- C:\rapport.txt
O44 - LFC:Last File Created 31/12/2009 - 17:52:07 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 31/12/2009 - 17:52:07 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 31/12/2009 - 17:50:26 ---A- C:\WINDOWS\System32\tmp.txt
O44 - LFC:Last File Created 31/12/2009 - 17:48:43 ---A- C:\WINDOWS\ntbtlog.txt
O44 - LFC:Last File Created 31/12/2009 - 17:13:04 ---A- C:\WINDOWS\System32\d3d9caps.dat
O44 - LFC:Last File Created 31/12/2009 - 16:07:38 ---A- C:\lopR.txt
O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 29/12/2009 - 17:36:50 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 29/12/2009 - 17:36:45 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 29/12/2009 - 17:14:44 ---A- C:\Boot.bak
O44 - LFC:Last File Created 29/12/2009 - 17:14:44 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 29/12/2009 - 16:30:06 ---A- C:\WINDOWS\QTFont.for
O44 - LFC:Last File Created 27/12/2009 - 22:27:54 ---A- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
O44 - LFC:Last File Created 27/12/2009 - 20:59:05 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 12/12/2009 - 14:31:49 ---A- C:\WINDOWS\System32\drivers\avgntflt.sys
O44 - LFC:Last File Created 09/12/2009 - 22:54:07 ---A- C:\WINDOWS\PEV.exe
O44 - LFC:Last File Created 03/12/2009 - 16:14:06 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
O44 - LFC:Last File Created 03/12/2009 - 16:13:56 ---A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:Last File Created 02/12/2009 - 07:11:43 ---A- C:\WINDOWS\System32\drivers\SBREDrv.sys
O44 - LFC:Last File Created 01/12/2009 - 21:06:19 ---A- C:\WINDOWS\System32\MRT.exe

---\\
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: GenProc
O63 - Logiciel: Lop SD
O63 - Logiciel: RSIT

End of the scan: 340 lines

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 23:07:40 ~~

Réponse 28 / 30

Utilisateur anonyme

ça m'énerve aussi mais toi tu n'es pas obligé de te casser la tête et je t'en remercie c'est très courageux de ta part! ^^

==> Le plus énervant pour ma part est de ne pas trouver ce qui foire !!!!

REDEMARRE EN MODE SANS ECHEC

Relance List&Kill'em (clic droit pour vista),

mais cette fois-ci :

choisis l'option 2 = Mode Destruction
laisse travailler l'outil

apres les verifications , un rapport va s'ouvrir.

ferme-le.

un deuxieme rapport va s'ouvrir ,

colle son contenu dans ta reponse apres avoir redemarré en mode normal

a*

Réponse 29 / 30

Escander2 Messages postés 28 Statut Membre

Voilà,
ill'em by g3n-h@ckm@n 1.1.7.0

User : Escander () # DALUXE
Update on 30/12/2009 by g3n-h@ckm@n ::::: 23:45
Start at: 23:36:50 | 31/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Enabled
AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
FW : Bitdefender Firewall[ (!) Disabled ]8.0

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 74,55 Go (59,46 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM | 681 Mo (0 Mo free) [NEW_COMPILATION] | CDFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Escander\Local Settings\temp\1.tmp\pv.exe

Detections :
==========

¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\WINDOWS\mbr.exe"
"C:\WINDOWS\System32\drivers\etc\hosts.msn"

¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

hosts.msn.Kill'em
MBR.exe.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe

============
Disk Cleaned
============

================
Prefetch cleaned
================

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Réponse 30 / 30

Escander2 Messages postés 28 Statut Membre

J'ai enfin réussi, et tu vas pas en croire tes yeux c'est tout cons!
J'ai d'abord redémarré mon modem et comme ça prenait du temps je suis allez dans panneau de config./gestion des réseau pour voir si c'était connecté, et là j'ai vu le bouton réparé je l'ai fais et ça fonctionne à nouveau comme avant!
En tout cas comme le même type de problème est arriver à beaucoup de gens peut-être que c'est de là que ça vient en fin de compte! :D

Un énorme merci à toi Archet et une bonne année!

Discussions similaires

FOTOSE (allemagne)

35 GO à l'étranger

ATTENTION : escroquerie à la carte bleue !!

Problème de lenteure internet

30 réponses

Votre réponse

Discussions similaires

Newsletters