Sujet Précédent Sujet Suivant

Programmes qui ne s'ouvrent pas

Résolu/Fermé
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010 - 10 janv. 2010 à 23:50
 gen-hackman - 13 janv. 2010 à 00:19
Bonsoir,
Depuis quelques jours certains programmes qui marchaient très bien ne s'ouvrent pas. Ils n'ont même pas le temps de s'ouvrir que je reçois le message d'erreur "*Logiciel* a cessé de fonctionner".
De plus de temps en temps un pop-up s'ouvre, et quand je fais une recherche Google et que je clique sur un lien, un autre lien s'ouvre.
J'ai déjà essayé de réinstallé les programmes en question et ça ne marche pas.
J'ai Kapersky 9.0.0.736 (version d'essai).

Merci d'avance de votre aide.

22 réponses

  • 1
  • 2
Réponse 1 / 22
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
12 janv. 2010 à 18:30
bonjour

pourtant ceci ne va pas


O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')


il serait bien d'avoir le rapport MBAM

en attendant fais ceci

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

coche la case "creer une icone sur le bureau"

une fois terminée , clic sur "terminer" et le programme se lancer seul

choisis la langue puis choisis l'option 1 = Mode Recherche

▶ laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.

1
Réponse 2 / 22
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
12 janv. 2010 à 21:37
▶ Relance List&Kill'em avec le raccourci sur ton bureau ,

mais cette fois-ci :

▶ choisis l'option 2 = Mode Suppression

laisse travailler l'outil.

en fin de scan un rapport s'ouvre

▶ colle le contenu dans ta reponse

........

ensuite

• Télécharge Random's System Information Tool (RSIT) de Random/Random.

http://images.malwareremoval.com/random/RSIT.exe

• Enregistre le sur ton Bureau.

• Double clique sur RSIT.exe pour lancer l'outil.

• Clique sur "Continue" à l'écran Disclaimer.

• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)

et tu devras accepter la licence.

• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp

Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
1
Réponse 3 / 22
nikko77 Messages postés 1050 Date d'inscription vendredi 25 avril 2008 Statut Membre Dernière intervention 14 août 2017 127
11 janv. 2010 à 01:52
ca sent mauvais ton histoire la ....

As tu fais un scan COMPLET de ton pc avec Kaspersky?
0
Réponse 4 / 22
rainure
11 janv. 2010 à 08:02
bonjour
clic droit en bas a droite sur la barre d'icones
puis gestionnaire de taches puis processus trouve explorer.exe clic droit dessus puis supprimer puis en bas a droite dans le gestionnaire cliquer nouvelle tache et taper explorer.exe puis fichier quitter le gestionnaire de taches
et redemarrer
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
11 janv. 2010 à 17:48
Alors oui Nikko77 j'ai fait un scan complet et il n'a rien trouvé, et j'ai testé rainure et ça n'a marché que 30sec, c'est à dire que j'ai cliqué sur un des logiciels concernés et il s'est lancé, mais dès que je l'ai fermé pour en ouvrir d'autres non seulement je n'ai pas pu le refaire, mais en plus je ne pouvait même plus réouvrir le premier. :s
0
Réponse 6 / 22
nikko77 Messages postés 1050 Date d'inscription vendredi 25 avril 2008 Statut Membre Dernière intervention 14 août 2017 127
11 janv. 2010 à 21:22
télécharge malwarebyte, fais les maj et lance le scan.

Sinon tente une restauration du système avant que le problème ne surgisse
0
Réponse 7 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
11 janv. 2010 à 23:09
J'ai fait comme tu m'as conseillé, Malwarebyte m'a trouvé 11 problèmes qu'il a réparé, et pourtant toujours rien.
0
Réponse 8 / 22
elmoctarr9 Messages postés 170 Date d'inscription dimanche 30 mars 2008 Statut Membre Dernière intervention 26 mai 2013 21
11 janv. 2010 à 23:36
Tu dois etre infecté par un mechant virus on dirait essaye hijackthis. tu fais un scan apres tu auras un rapport que tu va apres poster sur le site de hijackthis.
0
Réponse 9 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 17:05
Voila mon rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:08, on 12/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
0
Réponse 10 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 21:29
Bonsoir, merci de m'aider d'abord, et voila le rapport.

List'em by g3n-h@ckm@n 1.1.8.1

Thx to El Desaparecido.....& CCM team

User : Yassine (Administrateurs) # YASSINE-PC
Update on 11/12/2009 by g3n-h@ckm@n ::::: 19:25
Start at: 20:52:36 | 12/01/2010
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) D CPU 3.40GHz
Microsoft Windows 7 Édition Familiale Basique (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled

C:\ -> Disque fixe local | 148,91 Go (7,88 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Marmot Project\TheTurtle v5.0.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yassine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Yassine\AppData\Local\Temp\F634.tmp\pv.exe

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Google Update REG_SZ "C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
The Turtle REG_SZ C:\Program Files\Marmot Project\TheTurtle v5.0.exe
FileHippo.com REG_SZ "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray REG_SZ C:\Windows\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\Windows\system32\hkcmd.exe
Persistence REG_SZ C:\Windows\system32\igfxpers.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
TkBellExe REG_SZ "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
AVP REG_SZ "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
ConsentPromptBehaviorAdmin REG_DWORD 0 (0x0)
ConsentPromptBehaviorUser REG_DWORD 3 (0x3)
EnableInstallerDetection REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 0 (0x0)
EnableSecureUIAPaths REG_DWORD 1 (0x1)
EnableUIADesktopToggle REG_DWORD 0 (0x0)
EnableVirtualization REG_DWORD 1 (0x1)
PromptOnSecureDesktop REG_DWORD 0 (0x0)
ValidateAdminCodeSignatures REG_DWORD 0 (0x0)
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0 (0x0)
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
FilterAdministratorToken REG_DWORD 0 (0x0)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7530BFB8-7293-4D34-9923-61A11451AFC5}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}

===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1DF6A8F6-5048-323F-8758-DA533CE0F07E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{547DCEAA-FBC9-1B84-BE69-D102B3146631}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}

==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x3
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
wscsvc : 0x2

=========

=======
Drive :
=======

D‚fragmenteur de disque Microsoft
Copyright (c) 2007 Microsoft Corp.

Invocation de analyse sur (C:)...



L'op‚ration a r‚ussi.

Post Defragmentation Report:


Informations sur le volumeÿ:
Taille du volume = 148,91 Go
Espace libre = 7,89 Go
Quantit‚ totale d'espace fragment‚ = 3%
Taille maximale d'espace libre = 740,43 Mo

Remarqueÿ: les fragments de fichier de plus de 64ÿMo ne sont pas inclus dans les statistiques de fragmentation.


Il n'est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\Program Files\Burn4Free
C:\Windows\System32\b4fm.dll
C:\Windows\System32\rezumatenoi.dat
C:\Windows\System32\SIntf16.dll
C:\Windows\System32\x64
C:\Users\Yassine\Application Data\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk

¤¤¤¤¤¤¤¤¤¤ Keys :

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Arrakis3.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdagent.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdreinit.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdsubwiz.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdwizreg.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\livesrv.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\seccenter.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\uiscan.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\upgrepl.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\vsserv.exe"

================
Other infections
================

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 21:18:42
Windows 6.1.7600 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
malicious code @ sector 0x12525d3e size 0x1e8 !

==========
Programs
==========

Adobe
Apple Software Update
AviSynth 2.5
Bonjour
Burn4Free
Cheat Engine
Common Files
Counter-Strike Source
Curse
DAEMON Tools Lite
desktop.ini
DivX
DVD Maker
eRightSoft
Fichiers communs
FileHippo.com
InstallShield Installation Information
Intel
Internet Explorer
IObit
iPod
iTunes
Java
JDownloader
JRE
Kaspersky Lab
List_Kill'em
ma-config.com
Malwarebytes' Anti-Malware
Marmot Project
Messenger Plus! Live
Microsoft
Microsoft Games
Microsoft Silverlight
Mozilla Firefox
MSBuild
OpenOffice.org 3
Opera
QuickTime
Real
RealVNC
Reference Assemblies
Skype
Sony
Trend Micro
Uninstall Information
VideoLAN
Virtual Dimension
Warcraft III
WBFS
Windows Defender
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Viewer
Windows Portable Devices
Windows Sidebar
WinRAR
WorldOfGoo
WowCartographe
Xfire
Xvid

============
Lecteur C:
============

$Recycle.Bin
a07150629c0179c498
autoexec.bat
bdlog.txt
Boot
Boot.BAK
Boot.ini.saved
Bootfont.bin
bootmgr
BOOTSECT.BAK
bootsqm.dat
Config.Msi
config.sys
Dell
divx
Doc
Documents and Settings
hiberfil.sys
Intel
IO.SYS
Kill'em
List'em.txt
Logs
MDL 2.0 Debug.txt
MSDOS.SYS
NTDETECT.COM
ntldr
pagefile.sys
PerfLogs
Program Files
ProgramData
Recovery
RECYCLER
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
System Volume Information
tempwave.tmp
Users
Windows
wmdm.log

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\Program Files\Warcraft III\Patch.txt
C:\Users\Public\Games\World of Warcraft\Patch.html
C:\Users\Public\Games\World of Warcraft\Patch.txt




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 11 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:29
J'ai executé L&K avec succès, par contre RSIT lorsque je le lance après avoir cliqué sur "Continuer", il m'affiche un message d'erreur
"AutoIt Error

Line-1:

Error: Variable used without being declared."
0
Réponse 12 / 22
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
12 janv. 2010 à 22:35
ok

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

postes le rapport en trois fois car il est long et je ne peux le consulter que du forum
0
Réponse 13 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:41
Rapport de ZHPDiag v1.24.43 par Nicolas Coolman
Run by Yassine at 12/01/2010 22:37:40
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Home Basic
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.5.6)

Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (43% free)
System drive C: has 8 GB (5%) free of 149 GB

---\\ Processus lancés
[MD5.68239842340DDFF8993DFD9127553EDA] - C:\Windows\system32\igfxtray.exe
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - C:\Windows\system32\hkcmd.exe
[MD5.CD1102E5D340216138C7F56FA8D26998] - C:\Windows\system32\igfxpers.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.29BE51557A3E686B297BE273EB17CA67] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[MD5.70843CC2A64D44D457472FB5E78209FF] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.A3EFD74C9996DF1FA7FFBCA301B1E43B] - C:\Program Files\Marmot Project\TheTurtle v5.0.exe
[MD5.6A77E3032131B41191C01282BDF3FAF8] - C:\Program Files\FileHippo.com\UpdateChecker.exe
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - C:\Program Files\Windows Sidebar\sidebar.exe
[MD5.BBA1A5B86134F496B926DDAF247DB871] - C:\Windows\System32\mctadmin.exe
[MD5.557F35D1CA42AEA14A6690E21887A31F] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.54A47F6B5E09A77E61649109C6A08866] - C:\Windows\System32\svchost.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.F42309C4191C506B71DB5D1126D26318] - C:\Windows\system32\lsass.exe
[MD5.49B6DD6AB3715B7A67965F17194E98A9] - C:\Windows\System32\spoolsv.exe
[MD5.F3EDC9909A02E6BCA863EB702D37B505] - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
[MD5.622D95520182F6D3D05310D5810CA8B3] - C:\Windows\system32\SearchIndexer.exe

---\\ Pages de recherche de Mozilla Firefox (M1)
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\linkfilter@kaspersky.ru

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Yassine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [The Turtle] C:\Program Files\Marmot Project\TheTurtle v5.0.exe
O4 - HKCU\..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\oest.tmp\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\Run: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - Global Startup: Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\kbrd.ico
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\logo.ico

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} () - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\Windows\system32\klogon.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" -r
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2399494538-949732695-2384740237-1000UA.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: .NET Framework - {1DF6A8F6-5048-323F-8758-DA533CE0F07E} - (not file)
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10c.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes
0
Réponse 14 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:43
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys

---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{0e5ae178-dc51-11de-b7ac-001372d1a711}\Shell\AutoRun\command - E:\autorun.exe
O51 - MPSK:{38b89d3b-e09c-11de-aaf8-001372d1a711}\Shell\AutoRun\command - F:\SETUP.EXE

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="i420vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XFR1"="xfcodec.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 6.9.1 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xfcodec.dll"="Xfire video codec [XFR1]"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
0
Réponse 15 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:46
Envoyé par MP.
0
Réponse 16 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:47
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
0
Réponse 17 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:48
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\WINDOWS\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: kl1 (kl1) - C:\WINDOWS\system32\DRIVERS\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) - C:\WINDOWS\system32\DRIVERS\klim6.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat
0
Réponse 18 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 22:54
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Bonjour
O42 - Logiciel: Burn4Free CD and DVD
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
O42 - Logiciel: Cheat Engine 5.5
O42 - Logiciel: Counter-Strike: Source v17
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Plus Web Player
O42 - Logiciel: FileHippo.com Update Checker
O42 - Logiciel: Game Booster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver
O42 - Logiciel: JDownloader
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Kaspersky Anti-Virus 2010
O42 - Logiciel: List_Kill'em 1.1.8.1
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: MSVCRT
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile Beta 1
O42 - Logiciel: Microsoft .NET Framework 4 Extended Beta 1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2010 Beta 1 x86 Redistributable - 10.0.20506
O42 - Logiciel: Mozilla Firefox (3.5.6)
O42 - Logiciel: OpenOffice.org 3.1
O42 - Logiciel: Opera 10.10
O42 - Logiciel: QuickTime
O42 - Logiciel: RealPlayer
O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010)
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: VNC Free Edition 4.1.3
O42 - Logiciel: WBFS Manager 3.0
O42 - Logiciel: Warcraft III
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sign-in Assistant
O42 - Logiciel: Windows Live Upload Tool
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.10
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Xvid 1.1.3 final uninstall
O42 - Logiciel: iTunes

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Cheat Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike Source
O43 - CFD:Common File Directory ----D- C:\Program Files\Curse
O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FileHippo.com
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IObit
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JDownloader
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Marmot Project
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Opera
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\RealVNC
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Virtual Dimension
O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\Xfire
O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.354eb5c8.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment.temp
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C3E85226013F5B3EB4A4374D87653359] - 12/01/2010 - 22:16:52 ---A- C:\Kill'em.txt
O44 - LFC:[MD5.94D19F5B3CFA8BEEB416456CCFB09BBD] - 12/01/2010 - 22:16:52 ---A- C:\autoexec.bat
O44 - LFC:[MD5.2E103F51F41303267AF5B3BF64A5816E] - 12/01/2010 - 21:20:29 ---A- C:\List'em.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 12/01/2010 - 18:34:43 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:[MD5.CAAD7D942EDE80D839600C824FAF668B] - 12/01/2010 - 16:52:19 ---A- C:\Windows\setupact.log
O44 - LFC:[MD5.F411C8D1E5629209B39CFFB1370B1CA0] - 12/01/2010 - 16:52:15 -S-A- C:\Windows\bootstat.dat
O44 - LFC:[MD5.0F73A1E2C3EBF82DF367061E84AFAEE8] - 12/01/2010 - 00:18:08 ---A- C:\Windows\PFRO.log
O44 - LFC:[MD5.7B6C8D7D7A8072BE6315DA61E89E3C79] - 12/01/2010 - 00:17:33 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.ECFC2AAAF1421A45418240D7FC587E55] - 11/01/2010 - 17:42:43 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:[MD5.37BC8772DD3011937BBA7768834E59C1] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:[MD5.612778A7214DA005D9B770FAABA7F75F] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:[MD5.3B7F58B20E0893F2FAE206E95483924A] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:[MD5.83AD6890E64075ABE1E427CEEA327761] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:[MD5.2994C704F2F70F99322E6A6222F350C9] - 11/01/2010 - 00:10:28 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2010 - 18:01:03 ---A- C:\Windows\setuperr.log
O44 - LFC:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 03/01/2010 - 15:37:20 ---A- C:\Windows\System32\drivers\klif.sys
O44 - LFC:[MD5.6C66FE9550703466BAF8F13A2C894967] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klick.dat
O44 - LFC:[MD5.E64757BAB11E4EC52085287AAEB7F9D0] - 03/01/2010 - 15:15:06 ---A- C:\Windows\System32\drivers\klin.dat
O44 - LFC:[MD5.E25B2BA9746BB7E452C492EBEF940B61] - 03/01/2010 - 14:18:05 ---A- C:\Windows\bdagent.INI
O44 - LFC:[MD5.2FB665F9C9FC52171C73EABDC7D02557] - 03/01/2010 - 14:17:56 ---A- C:\bdlog.txt
O44 - LFC:[MD5.E88C3218BAC1FB3D916E63520E5DC30B] - 03/01/2010 - 13:46:06 ---A- C:\Windows\System32\user_gensett.xml
O44 - LFC:[MD5.08499CED08F271FB6CCDDD7934126B6D] - 03/01/2010 - 12:32:22 ---A- C:\Windows\System32\omginstlog.txt
O44 - LFC:[MD5.338C86357871C167A96AB976519BF59E] - 29/12/2009 - 22:37:31 ---A- C:\Windows\System32\drivers\atapi.sys
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/12/2009 - 01:58:35 --HA- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
O44 - LFC:[MD5.50BA603F043479075FC8B1DA67EEBB6A] - 23/12/2009 - 11:28:40 ---A- C:\Windows\DirectX.log
O44 - LFC:[MD5.7718AF5BF33B18BE338F1CDD04AA8BCD] - 23/12/2009 - 00:59:32 ---A- C:\Windows\System32\xfcodec.dll
O44 - LFC:[MD5.E9B911E771FD9E7F9933B4C2E1E4BC83] - 16/12/2009 - 07:56:08 ---A- C:\Windows\srun.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/12/2009 - 22:13:52 ---A- C:\Windows\nsreg.dat

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
0
Réponse 19 / 22
Kleemer Messages postés 13 Date d'inscription mardi 6 octobre 2009 Statut Membre Dernière intervention 12 janvier 2010
12 janv. 2010 à 23:02
Ah mais apparemment List&Kill'em a réussi a supprimé le problème, je peux réutiliser mes programmes touchés, encore merci =D
0
Réponse 20 / 22
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
12 janv. 2010 à 23:04
recu je regarde

desinstalles killem

et retelecharges le là http://sd-1.archive-host.com/membres/up/829108531491024/sup_­Key.zip

il a été modifié par rapport à ton infection

fais directement l'option 2 et postes le rapport
0

Discussions similaires

Pourquoi Program files (x86) et Programmes?
peer_at -
abdelhak -

7 réponses
Pages internet qui ne s'ouvre pas malgres une bonne connexion
superlawid -
le druide -

15 réponses
plus d acces internet de certains sites
AFMANON -
JB3536 -

3 réponses
Certains sites internet ne s'ouvrent plus
Jessica29 -
kaumune -

5 réponses
Mes programmes ne veulent plus se lancer
FlyEmirates -
pistouri -

9 réponses