PC très lent
Tuleme
-
Tuleme -
Tuleme -
Bonjour, mon PC est trop ralentit depuis quelques jours j'ai fait multiple analyse antivirus anti malware, spyware...
mais rien de special alors je m'en remet a vous
voila un rapport combofix est ce que vous y voyez quelque chose d 'anormale?
ComboFix 08-02-25.3 - Christophe 2008-02-25 22:08:17.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1243 [GMT 1:00]
Endroit: C:\Users\Christophe\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
H:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-25 to 2008-02-25 ))))))))))))))))))))))))))))))))))))
.
Pas de nouveau fichier créé dans cet espace de temps
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 21:09 --------- d-----w C:\Users\Christophe\AppData\Roaming\DNA
2008-02-25 20:19 --------- d-----w C:\ProgramData\Saitek
2008-02-24 21:00 --------- d-----w C:\Program Files\Navilog1
2008-02-22 17:12 --------- d-----w C:\Program Files\Trend Micro
2008-02-22 17:07 --------- d-----w C:\ProgramData\Lavasoft
2008-02-21 20:05 --------- d-----w C:\Program Files\a-squared Anti-Malware
2008-02-20 20:46 --------- d-----w C:\Program Files\CCleaner
2008-02-18 19:19 --------- d-----w C:\Users\Christophe\AppData\Roaming\Winamp
2008-02-18 18:20 --------- d-----w C:\Program Files\Free Audio Pack
2008-02-15 13:28 --------- d-----w C:\Users\Christophe\AppData\Roaming\BitTorrent
2008-02-15 13:27 --------- d-----w C:\Program Files\BitTorrent
2008-02-15 13:19 --------- d-----w C:\Program Files\DNA
2008-02-14 16:05 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 16:05 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 16:01 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-14 16:01 613,888 ----a-w C:\Windows\System32\wpd_ci.dll
2008-02-14 16:01 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-14 16:01 558,080 ----a-w C:\Windows\System32\oleaut32.dll
2008-02-14 16:01 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-14 16:01 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-14 16:01 260,096 ----a-w C:\Windows\System32\dpx.dll
2008-02-14 16:01 224,824 ----a-w C:\Windows\System32\clfs.sys
2008-02-14 16:01 221,696 ----a-w C:\Windows\System32\umpnpmgr.dll
2008-02-14 16:01 19,456 ----a-w C:\Windows\System32\cfgmgr32.dll
2008-02-14 16:01 101,888 ----a-w C:\Windows\System32\drvinst.exe
2008-02-14 16:01 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-02-14 15:55 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 15:55 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 15:55 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 15:55 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 15:55 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 15:55 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 15:55 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 15:55 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 15:55 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 15:55 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 15:55 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 15:55 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 15:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 15:54 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 15:54 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 15:54 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 15:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 15:54 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-14 15:51 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 15:50 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 15:49 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 15:49 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 19:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-11 19:39 --------- d-----w C:\Program Files\Activision
2008-02-10 20:35 --------- d-----w C:\Program Files\Micro Scrabble
2008-02-10 16:19 621,056 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2008-02-10 16:19 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-01-14 20:52 --------- d-----w C:\Users\Christophe\AppData\Roaming\Ahead
2008-01-14 20:42 --------- d-----w C:\ProgramData\Ahead
2008-01-14 20:42 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-14 20:38 --------- d-----w C:\ProgramData\Nero
2008-01-14 20:15 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-09 20:14 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 20:14 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 11:34 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 11:34 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 11:33 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-07 20:05 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-01-07 20:02 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-01-03 19:35 --------- d-----w C:\Users\Christophe\AppData\Roaming\SampleView
2008-01-02 13:24 --------- d-----w C:\ProgramData\NVIDIA
2007-12-31 10:31 --------- d-----w C:\Program Files\ISO Commander
2007-12-31 10:15 --------- d-----w C:\Program Files\Macromedia
2007-12-30 22:09 --------- d-----w C:\Program Files\Ubisoft
2007-12-30 22:06 --------- d-----w C:\Users\Christophe\AppData\Roaming\DAEMON Tools
2007-12-30 22:04 --------- d-----w C:\Program Files\DAEMON Tools Lite
2007-12-30 22:04 --------- d-----w C:\Program Files\AdVantage
2007-12-30 21:58 715,248 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-12-28 18:51 --------- d-----w C:\Users\Christophe\AppData\Roaming\smc
2007-12-28 18:45 --------- d-----w C:\Program Files\Secret Maryo Chronicles
2007-12-28 13:04 --------- d-----w C:\Users\Christophe\AppData\Roaming\F-Secure
2007-12-27 17:16 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-12-27 04:43 --------- d-----w C:\ProgramData\LogiShrd
2007-12-26 20:25 --------- d-----w C:\Program Files\Common Files\Logitech
2007-12-26 20:25 --------- d-----w C:\Program Files\Common Files\Logishrd
2007-12-26 20:24 --------- d-----w C:\Users\Christophe\AppData\Roaming\InstallShield
2007-12-26 20:24 --------- d-----w C:\ProgramData\Logitech
2007-12-26 18:54 --------- d-----w C:\Program Files\MUSICMATCH
2007-12-26 18:35 --------- d-----w C:\Users\Christophe\AppData\Roaming\Logitech
2007-12-26 18:10 --------- d-----w C:\Program Files\Logitech
2007-12-26 06:48 --------- d-----w C:\Program Files\Smart Projects
2007-12-25 22:04 --------- d-----w C:\Users\Christophe\AppData\Roaming\Media Player Classic
2007-12-25 22:03 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-12-25 21:39 --------- d-----w C:\Program Files\WMV9_VCM
2007-12-21 18:38 174 --sha-w C:\Program Files\desktop.ini
2007-12-21 18:18 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-12-21 18:18 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-12-21 18:18 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-21 18:18 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-21 18:18 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-21 18:18 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-21 18:17 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-21 18:17 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:33 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"BitTorrent DNA"="C:\Users\Christophe\Program Files\DNA\btdna.exe" [2008-02-16 18:16 287040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-21 19:19 1006264]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 21:34 868352]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28 36352]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 12:01 1037736]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe" [2006-12-29 02:54 363008]
"F-Secure Manager"="C:\Program Files\Securitoo\av_fw\Common\FSM32.exe" [2007-06-13 14:58 176177]
"F-Secure TNB"="C:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe" [2007-06-13 14:57 733184]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-06 20:00 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-06 20:00 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-06 20:00 81920]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Ai Remote Help"="C:\Program Files\ASUS\AI Remote\AiRc.exe" [2007-01-19 14:24 3347456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-26 21:24:57 784912]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{EBB5A664-07A0-448B-B922-BEEF08B5A3F0}C:\users\christophe\documents\emule extreme\emule.exe"= UDP:C:\users\christophe\documents\emule extreme\emule.exe:emule.exe|Desc=emule.exe
"UDP Query User{2C3B1733-ABC4-4FFB-A594-57E7A3860EF0}C:\users\christophe\documents\emule extreme\emule.exe"= TCP:C:\users\christophe\documents\emule extreme\emule.exe:emule.exe|Desc=emule.exe
"{DFD43711-BD3F-4496-98AD-73A78A8FEF0F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{E4BC7574-0AB4-4BDC-94A9-A6D2A91817B1}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{43653064-14A4-463F-95DC-A26F1BB80ADD}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{5B4B99EB-1CD1-4E6C-B8D5-8F255ACC18DE}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{B9E8B7CF-389A-483D-BDE7-D0C46A59DE28}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Securitoo\av_fw\HIPS\fshs.sys [2007-06-13 14:58]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2007-06-13 14:58]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2007-06-13 14:58]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files\Securitoo\av_fw\Anti-Virus\minifilter\fsvista.sys [2007-06-13 14:58]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\atl01v32.sys [2006-11-16 06:24]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\av_fw\Anti-Virus\minifilter\fsgk.sys [2007-06-13 14:58]
S3 HauppaugeTVServer;HauppaugeTVServer;C:\PROGRA~1\WinTV\HCWTVS~1.EXE [2007-02-20 15:11]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 14:58]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSrec.sys [2007-06-13 14:58]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-25 12:23:49 C:\Windows\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\fsav.exeW /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus.
"2008-02-24 19:50:02 C:\Windows\Tasks\User_Feed_Synchronization-{721B811E-59A8-42E0-96C1-D3AD1EA5FEC2}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 22:10:55
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-25 22:11:30
ComboFix-quarantined-files.txt 2008-02-25 21:11:28
.
2008-02-22 11:36:35 --- E O F ---
Merci d 'avance
mais rien de special alors je m'en remet a vous
voila un rapport combofix est ce que vous y voyez quelque chose d 'anormale?
ComboFix 08-02-25.3 - Christophe 2008-02-25 22:08:17.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1243 [GMT 1:00]
Endroit: C:\Users\Christophe\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
H:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-25 to 2008-02-25 ))))))))))))))))))))))))))))))))))))
.
Pas de nouveau fichier créé dans cet espace de temps
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 21:09 --------- d-----w C:\Users\Christophe\AppData\Roaming\DNA
2008-02-25 20:19 --------- d-----w C:\ProgramData\Saitek
2008-02-24 21:00 --------- d-----w C:\Program Files\Navilog1
2008-02-22 17:12 --------- d-----w C:\Program Files\Trend Micro
2008-02-22 17:07 --------- d-----w C:\ProgramData\Lavasoft
2008-02-21 20:05 --------- d-----w C:\Program Files\a-squared Anti-Malware
2008-02-20 20:46 --------- d-----w C:\Program Files\CCleaner
2008-02-18 19:19 --------- d-----w C:\Users\Christophe\AppData\Roaming\Winamp
2008-02-18 18:20 --------- d-----w C:\Program Files\Free Audio Pack
2008-02-15 13:28 --------- d-----w C:\Users\Christophe\AppData\Roaming\BitTorrent
2008-02-15 13:27 --------- d-----w C:\Program Files\BitTorrent
2008-02-15 13:19 --------- d-----w C:\Program Files\DNA
2008-02-14 16:05 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 16:05 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 16:01 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-14 16:01 613,888 ----a-w C:\Windows\System32\wpd_ci.dll
2008-02-14 16:01 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-14 16:01 558,080 ----a-w C:\Windows\System32\oleaut32.dll
2008-02-14 16:01 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-14 16:01 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-14 16:01 260,096 ----a-w C:\Windows\System32\dpx.dll
2008-02-14 16:01 224,824 ----a-w C:\Windows\System32\clfs.sys
2008-02-14 16:01 221,696 ----a-w C:\Windows\System32\umpnpmgr.dll
2008-02-14 16:01 19,456 ----a-w C:\Windows\System32\cfgmgr32.dll
2008-02-14 16:01 101,888 ----a-w C:\Windows\System32\drvinst.exe
2008-02-14 16:01 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-02-14 15:55 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 15:55 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 15:55 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 15:55 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 15:55 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 15:55 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 15:55 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 15:55 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 15:55 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 15:55 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 15:55 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 15:55 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 15:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 15:54 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 15:54 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 15:54 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 15:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 15:54 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-14 15:51 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 15:50 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 15:49 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 15:49 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 19:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-11 19:39 --------- d-----w C:\Program Files\Activision
2008-02-10 20:35 --------- d-----w C:\Program Files\Micro Scrabble
2008-02-10 16:19 621,056 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2008-02-10 16:19 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-01-14 20:52 --------- d-----w C:\Users\Christophe\AppData\Roaming\Ahead
2008-01-14 20:42 --------- d-----w C:\ProgramData\Ahead
2008-01-14 20:42 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-14 20:38 --------- d-----w C:\ProgramData\Nero
2008-01-14 20:15 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-09 20:14 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 20:14 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 11:34 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 11:34 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 11:33 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-07 20:05 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-01-07 20:02 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-01-03 19:35 --------- d-----w C:\Users\Christophe\AppData\Roaming\SampleView
2008-01-02 13:24 --------- d-----w C:\ProgramData\NVIDIA
2007-12-31 10:31 --------- d-----w C:\Program Files\ISO Commander
2007-12-31 10:15 --------- d-----w C:\Program Files\Macromedia
2007-12-30 22:09 --------- d-----w C:\Program Files\Ubisoft
2007-12-30 22:06 --------- d-----w C:\Users\Christophe\AppData\Roaming\DAEMON Tools
2007-12-30 22:04 --------- d-----w C:\Program Files\DAEMON Tools Lite
2007-12-30 22:04 --------- d-----w C:\Program Files\AdVantage
2007-12-30 21:58 715,248 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-12-28 18:51 --------- d-----w C:\Users\Christophe\AppData\Roaming\smc
2007-12-28 18:45 --------- d-----w C:\Program Files\Secret Maryo Chronicles
2007-12-28 13:04 --------- d-----w C:\Users\Christophe\AppData\Roaming\F-Secure
2007-12-27 17:16 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-12-27 04:43 --------- d-----w C:\ProgramData\LogiShrd
2007-12-26 20:25 --------- d-----w C:\Program Files\Common Files\Logitech
2007-12-26 20:25 --------- d-----w C:\Program Files\Common Files\Logishrd
2007-12-26 20:24 --------- d-----w C:\Users\Christophe\AppData\Roaming\InstallShield
2007-12-26 20:24 --------- d-----w C:\ProgramData\Logitech
2007-12-26 18:54 --------- d-----w C:\Program Files\MUSICMATCH
2007-12-26 18:35 --------- d-----w C:\Users\Christophe\AppData\Roaming\Logitech
2007-12-26 18:10 --------- d-----w C:\Program Files\Logitech
2007-12-26 06:48 --------- d-----w C:\Program Files\Smart Projects
2007-12-25 22:04 --------- d-----w C:\Users\Christophe\AppData\Roaming\Media Player Classic
2007-12-25 22:03 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-12-25 21:39 --------- d-----w C:\Program Files\WMV9_VCM
2007-12-21 18:38 174 --sha-w C:\Program Files\desktop.ini
2007-12-21 18:18 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-12-21 18:18 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-12-21 18:18 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-21 18:18 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-21 18:18 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-21 18:18 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-21 18:17 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-21 18:17 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:33 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"BitTorrent DNA"="C:\Users\Christophe\Program Files\DNA\btdna.exe" [2008-02-16 18:16 287040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-21 19:19 1006264]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 21:34 868352]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28 36352]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 12:01 1037736]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe" [2006-12-29 02:54 363008]
"F-Secure Manager"="C:\Program Files\Securitoo\av_fw\Common\FSM32.exe" [2007-06-13 14:58 176177]
"F-Secure TNB"="C:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe" [2007-06-13 14:57 733184]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-06 20:00 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-06 20:00 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-06 20:00 81920]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Ai Remote Help"="C:\Program Files\ASUS\AI Remote\AiRc.exe" [2007-01-19 14:24 3347456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-26 21:24:57 784912]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{EBB5A664-07A0-448B-B922-BEEF08B5A3F0}C:\users\christophe\documents\emule extreme\emule.exe"= UDP:C:\users\christophe\documents\emule extreme\emule.exe:emule.exe|Desc=emule.exe
"UDP Query User{2C3B1733-ABC4-4FFB-A594-57E7A3860EF0}C:\users\christophe\documents\emule extreme\emule.exe"= TCP:C:\users\christophe\documents\emule extreme\emule.exe:emule.exe|Desc=emule.exe
"{DFD43711-BD3F-4496-98AD-73A78A8FEF0F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{E4BC7574-0AB4-4BDC-94A9-A6D2A91817B1}"= UDP:C:\Program Files\DNA\btdna.exe:DNA
"{43653064-14A4-463F-95DC-A26F1BB80ADD}"= TCP:C:\Program Files\DNA\btdna.exe:DNA
"{5B4B99EB-1CD1-4E6C-B8D5-8F255ACC18DE}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{B9E8B7CF-389A-483D-BDE7-D0C46A59DE28}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Securitoo\av_fw\HIPS\fshs.sys [2007-06-13 14:58]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2007-06-13 14:58]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2007-06-13 14:58]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files\Securitoo\av_fw\Anti-Virus\minifilter\fsvista.sys [2007-06-13 14:58]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\atl01v32.sys [2006-11-16 06:24]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Securitoo\av_fw\Anti-Virus\minifilter\fsgk.sys [2007-06-13 14:58]
S3 HauppaugeTVServer;HauppaugeTVServer;C:\PROGRA~1\WinTV\HCWTVS~1.EXE [2007-02-20 15:11]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 14:58]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSrec.sys [2007-06-13 14:58]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-25 12:23:49 C:\Windows\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\fsav.exeW /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1\report.txt $C:\PROGRA~1\SECURI~1\av_fw\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus.
"2008-02-24 19:50:02 C:\Windows\Tasks\User_Feed_Synchronization-{721B811E-59A8-42E0-96C1-D3AD1EA5FEC2}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 22:10:55
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-25 22:11:30
ComboFix-quarantined-files.txt 2008-02-25 21:11:28
.
2008-02-22 11:36:35 --- E O F ---
Merci d 'avance
A voir également:
- PC très lent
- Pc tres lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
- Double ecran pc - Guide
