Pc lent au demarrage 10 minutes pour l allumé
totophe
-
Rallymen007 Messages postés 665 Date d'inscription Statut Membre Dernière intervention -
Rallymen007 Messages postés 665 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
mon pc est devenue hyper lent au demarrage hier g eu a faire a quelqun sur ce site qui ma fait faire plein de manipulation est maintenant il faut que quelqun analyse le compte rendue de combofix merci a tous pour l aide que vous allez m apporter
ComboFix 08-09-12.06 - Tophe 2008-09-13 12:27:44.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.404 [GMT 2:00]Lancé depuis: C:\Documents and Settings\Tophe\Bureau\C-Fix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-13 au 2008-09-13 ))))))))))))))))))))))))))))))))))))
.
2008-09-13 11:37 . 2008-09-13 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\Malwarebytes
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-11 17:18 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-11 17:18 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-11 16:10 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-09-11 16:10 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-09-11 16:10 . 2008-09-08 23:38 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-11 16:10 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-09-11 16:10 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-09-11 16:10 . 2008-09-11 12:54 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-09-11 16:10 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-09-11 16:10 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-09-11 16:10 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-09-11 16:10 . 2008-09-11 16:33 6,034 --a------ C:\WINDOWS\system32\tmp.reg
2008-09-11 16:00 . 2008-09-12 16:45 <REP> d-------- C:\Program Files\Trend Micro
2008-09-10 15:32 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-10 09:01 . 2008-09-10 09:01 <REP> d-------- C:\Program Files\Seagate
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\InstallShield
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-09-09 07:53 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-09-09 07:53 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver
2008-09-07 11:09 . 2008-09-09 07:53 <REP> d-------- C:\Program Files\DEXXON
2008-09-07 11:09 . 2008-09-07 11:09 14 --a------ C:\WINDOWS\system32\drivers\S810
2008-09-06 18:38 . 2008-09-06 18:38 <REP> d-------- C:\Program Files\AxBx
2008-09-06 14:51 . 2008-09-10 15:11 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-06 14:51 . 2008-09-10 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-05 21:16 . 2008-09-05 21:16 25 --a------ C:\WINDOWS\cdplayer.ini
2008-09-05 16:03 . 2008-09-05 16:03 315,392 --a------ C:\WINDOWS\HideWin.exe
2008-09-04 10:35 . 2008-09-09 07:52 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-09-04 10:35 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-09-04 10:35 . 2008-09-09 07:52 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-09-04 10:35 . 2008-09-09 07:52 <REP> d-------- C:\Documents and Settings\Administrateur
2008-09-04 09:58 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-09-04 09:58 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-09-04 09:58 . 2008-09-04 09:58 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-09-04 09:58 . 2008-09-04 09:58 3,120 --a------ C:\WINDOWS\118294.78
2008-09-04 09:58 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-09-04 09:15 . 2008-09-04 09:15 268 --ah----- C:\sqmdata19.sqm
2008-09-04 09:15 . 2008-09-04 09:15 244 --ah----- C:\sqmnoopt19.sqm
2008-09-04 08:59 . 2008-09-04 08:59 268 --ah----- C:\sqmdata18.sqm
2008-09-04 08:59 . 2008-09-04 08:59 244 --ah----- C:\sqmnoopt18.sqm
2008-09-03 19:37 . 2008-09-03 19:37 268 --ah----- C:\sqmdata17.sqm
2008-09-03 19:37 . 2008-09-03 19:37 244 --ah----- C:\sqmnoopt17.sqm
2008-09-03 14:37 . 2008-09-11 18:17 <REP> d-------- C:\Program Files\MSA
2008-09-03 14:21 . 2008-09-03 14:21 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\LuckyTender
2008-09-03 13:03 . 2008-09-03 13:03 268 --ah----- C:\sqmdata16.sqm
2008-09-03 13:03 . 2008-09-03 13:03 244 --ah----- C:\sqmnoopt16.sqm
2008-09-03 12:46 . 2008-09-03 12:46 268 --ah----- C:\sqmdata15.sqm
2008-09-03 12:46 . 2008-09-03 12:46 244 --ah----- C:\sqmnoopt15.sqm
2008-09-03 12:44 . 2008-09-03 12:44 <REP> d-------- C:\Program Files\NewSoft
2008-09-03 12:44 . 2008-09-03 12:44 <REP> d-------- C:\Program Files\Fichiers communs\NewSoft
2008-09-03 12:23 . 2007-07-02 12:00 466,176 -ra------ C:\WINDOWS\system32\drivers\dvb7700all.sys
2008-09-03 11:18 . 2008-09-03 11:18 268 --ah----- C:\sqmdata13.sqm
2008-09-03 11:18 . 2008-09-03 11:18 244 --ah----- C:\sqmnoopt13.sqm
2008-09-03 09:10 . 2008-09-07 11:12 268 --ah----- C:\sqmdata12.sqm
2008-09-03 09:10 . 2008-09-07 11:12 244 --ah----- C:\sqmnoopt12.sqm
2008-08-28 10:32 . 2008-09-13 11:53 <REP> d-------- C:\Program Files\SPAMfighter
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\myBabylon
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Invadazoid
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2008-08-28 10:32 . 2008-08-28 10:36 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\Babylon
2008-08-24 08:53 . 2008-08-24 10:49 <REP> d-------- C:\divx
2008-08-23 17:31 . 2008-08-28 10:32 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\DivX
2008-08-23 17:26 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\DivX
2008-08-20 15:51 . 2008-08-20 15:51 <REP> d-------- C:\Program Files\InsDrvTemp_USB
2008-08-20 15:51 . 2005-11-10 15:30 1,028,096 --a------ C:\Program Files\libeay32.dll
2008-08-20 15:51 . 2000-04-06 20:13 995,383 --a------ C:\Program Files\MFC42.DLL
2008-08-20 15:51 . 2006-02-17 12:34 495,616 --a------ C:\Program Files\ZDWlan.exe
2008-08-20 15:51 . 2003-02-21 20:42 348,160 --a------ C:\Program Files\msvcr71.dll
2008-08-20 15:51 . 2005-11-10 15:31 286,720 --a------ C:\Program Files\openssl.exe
2008-08-20 15:51 . 2005-06-07 12:50 253,952 --a------ C:\Program Files\W32BRG55.EXE
2008-08-20 15:51 . 2003-04-21 14:09 245,408 --a------ C:\Program Files\UNICOWS.DLL
2008-08-20 15:51 . 2005-11-10 15:50 212,992 --a------ C:\Program Files\dot1x_dll.dll
2008-08-20 15:51 . 2005-11-10 15:30 196,608 --a------ C:\Program Files\ssleay32.dll
2008-08-20 15:51 . 2005-03-19 00:24 102,400 --a------ C:\Program Files\W32N55.DLL
2008-08-20 15:51 . 2005-06-07 11:36 102,400 --a------ C:\Program Files\W32BRG55.dll
2008-08-20 15:51 . 2006-02-17 12:34 45,056 --a------ C:\Program Files\ZDWlan.dll
2008-08-20 15:51 . 2003-03-14 12:24 24,576 --a------ C:\Program Files\ZyDelReg.exe
2008-08-20 15:51 . 2005-05-23 14:16 13,312 --a------ C:\Program Files\KCopy.exe
2008-08-20 15:50 . 2008-08-20 15:53 <REP> d-------- C:\Program Files\WiFi MAX
2008-08-17 17:39 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-13 09:57 --------- d-----w C:\Documents and Settings\Tophe\Application Data\OpenOffice.org2
2008-09-13 09:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-09-12 19:41 --------- d-----w C:\Program Files\eMule
2008-09-10 13:32 --------- d-----w C:\Program Files\Java
2008-09-09 05:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 15:52 --------- d-----w C:\Program Files\Norton Security Scan
2008-08-28 08:32 --------- d-----w C:\Program Files\YesMessenger
2008-08-28 08:32 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-08-25 13:06 --------- d-----w C:\Program Files\Conduit
2008-08-25 12:47 --------- d-----w C:\Program Files\Windows Live
2008-08-25 12:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-08-25 12:38 --------- d-----w C:\Program Files\Zylom Games
2008-08-03 09:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-08-03 09:01 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-08-03 09:01 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-08-03 08:59 --------- d-----w C:\Program Files\Google
2008-07-26 10:07 --------- d-----w C:\Program Files\eToro
2008-07-26 10:06 --------- d-----w C:\Program Files\WinAVI MP4 Converter
2008-07-26 10:06 --------- d-----w C:\Documents and Settings\Tophe\Application Data\LuckyTender
2008-07-26 09:44 --------- d-----w C:\Program Files\ReflexiveArcade
2008-07-26 09:38 --------- d-----w C:\Documents and Settings\Tophe\Application Data\Zylom
2008-07-26 09:37 --------- d-----w C:\Program Files\Zone.com Deluxe Games
2008-07-26 09:36 --------- d-----w C:\Program Files\LuckyTender
2008-07-26 09:24 --------- d-----w C:\Program Files\Babylon
2008-07-21 09:10 --------- d-----w C:\Documents and Settings\Tophe\Application Data\SPAMfighter
2008-07-20 09:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zylom
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2006-03-07 17:50 2,690 ----a-w C:\Program Files\ZDWlan.INI
2006-02-17 09:51 1,185 ----a-w C:\Program Files\W32BRG55.INI
2006-01-06 08:16 1,162 ----a-w C:\Program Files\W32N55.INI
2005-11-01 23:42 41,554 ----a-w C:\Program Files\ZDMLa.INI
2005-11-01 23:40 79,810 ----a-w C:\Program Files\ZDMLu.INI
2004-06-17 08:54 1,761 ----a-w C:\Program Files\caroot.pem
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
2008-02-14 14:54 1555480 --a------ C:\Program Files\myBabylon\tbmyBa.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E2402A0-5F99-4188-B30D-D8743996B340}]
2008-05-30 00:42 188416 --a------ C:\Program Files\LuckyTender\1.3.0\LuckyTender.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{34EA1C70-42CC-42C5-AA29-EC58B95A343E}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-13 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 40960]
"MsgCenterExe"="C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2008-08-03 69632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-28 766041]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 147456]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2008-08-03 214560]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-07-14 321160]
"Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2008-03-11 3551456]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-03 185896]
"ChangeFilterMerit"="C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="C:\Program Files\NewSoft\Presto! PVR\Monitor.exe" [2007-07-02 149328]
"VirusKeeper"="C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe" [2008-08-22 3000192]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2005-05-31 10368]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 149376]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 SPAMfighter Update Service;SPAMfighter Update Service;C:\Program Files\SPAMfighter\sfus.exe [2008-07-14 184968]
R2 vkservice;VirusKeeper antivirus/antispyware;C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe [2008-05-22 1119576]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-EPSON PictureMate 100 - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAKE.EXE
HKLM-Run-NWEReboot - (no file)
.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Tophe\Application Data\Mozilla\Firefox\Profiles\fdxcj0qp.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://french.ircfast2.com/index.php?rvs=hompag
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 12:50:21
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cach‚s ...
Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...
Recherche de fichiers cach‚s ...
Scan termin‚ avec succŠs
Fichiers cach‚s: 0
**************************************************************************
"ImagePath"="\"c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe\"\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u2\[u]0/u0\[u]0/u0\[u]0/u0¨
[%\[u]0/u0«Ô’|\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u05\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0+\[u]0/u3pè\13\[u]0/u0pè\13\[u]0/u0\18î"
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ZDWlan.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.bin
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanprocess.exe
.
**************************************************************************
.
Heure de fin: 2008-09-13 13:11:35 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-13 11:11:08
Avant-CF: 39,100,968,960 octets libres
Après-CF: 39,214,465,024 octets libres
283 --- E O F --- 2008-09-11 17:51:03
mon pc est devenue hyper lent au demarrage hier g eu a faire a quelqun sur ce site qui ma fait faire plein de manipulation est maintenant il faut que quelqun analyse le compte rendue de combofix merci a tous pour l aide que vous allez m apporter
ComboFix 08-09-12.06 - Tophe 2008-09-13 12:27:44.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.404 [GMT 2:00]Lancé depuis: C:\Documents and Settings\Tophe\Bureau\C-Fix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-13 au 2008-09-13 ))))))))))))))))))))))))))))))))))))
.
2008-09-13 11:37 . 2008-09-13 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\Malwarebytes
2008-09-11 17:18 . 2008-09-11 17:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-11 17:18 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-11 17:18 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-11 16:10 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-09-11 16:10 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-09-11 16:10 . 2008-09-08 23:38 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-11 16:10 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-09-11 16:10 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-09-11 16:10 . 2008-09-11 12:54 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-09-11 16:10 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-09-11 16:10 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-09-11 16:10 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-09-11 16:10 . 2008-09-11 16:33 6,034 --a------ C:\WINDOWS\system32\tmp.reg
2008-09-11 16:00 . 2008-09-12 16:45 <REP> d-------- C:\Program Files\Trend Micro
2008-09-10 15:32 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-10 09:01 . 2008-09-10 09:01 <REP> d-------- C:\Program Files\Seagate
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\InstallShield
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-09-09 07:53 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-09-09 07:53 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau
2008-09-09 07:53 . 2008-09-09 07:53 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver
2008-09-07 11:09 . 2008-09-09 07:53 <REP> d-------- C:\Program Files\DEXXON
2008-09-07 11:09 . 2008-09-07 11:09 14 --a------ C:\WINDOWS\system32\drivers\S810
2008-09-06 18:38 . 2008-09-06 18:38 <REP> d-------- C:\Program Files\AxBx
2008-09-06 14:51 . 2008-09-10 15:11 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-06 14:51 . 2008-09-10 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-05 21:16 . 2008-09-05 21:16 25 --a------ C:\WINDOWS\cdplayer.ini
2008-09-05 16:03 . 2008-09-05 16:03 315,392 --a------ C:\WINDOWS\HideWin.exe
2008-09-04 10:35 . 2008-09-09 07:52 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-09-04 10:35 . 2008-09-09 07:53 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-09-04 10:35 . 2008-09-09 07:52 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-09-04 10:35 . 2008-09-09 07:52 <REP> d-------- C:\Documents and Settings\Administrateur
2008-09-04 09:58 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-09-04 09:58 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-09-04 09:58 . 2008-09-04 09:58 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-09-04 09:58 . 2008-09-04 09:58 3,120 --a------ C:\WINDOWS\118294.78
2008-09-04 09:58 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-09-04 09:15 . 2008-09-04 09:15 268 --ah----- C:\sqmdata19.sqm
2008-09-04 09:15 . 2008-09-04 09:15 244 --ah----- C:\sqmnoopt19.sqm
2008-09-04 08:59 . 2008-09-04 08:59 268 --ah----- C:\sqmdata18.sqm
2008-09-04 08:59 . 2008-09-04 08:59 244 --ah----- C:\sqmnoopt18.sqm
2008-09-03 19:37 . 2008-09-03 19:37 268 --ah----- C:\sqmdata17.sqm
2008-09-03 19:37 . 2008-09-03 19:37 244 --ah----- C:\sqmnoopt17.sqm
2008-09-03 14:37 . 2008-09-11 18:17 <REP> d-------- C:\Program Files\MSA
2008-09-03 14:21 . 2008-09-03 14:21 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\LuckyTender
2008-09-03 13:03 . 2008-09-03 13:03 268 --ah----- C:\sqmdata16.sqm
2008-09-03 13:03 . 2008-09-03 13:03 244 --ah----- C:\sqmnoopt16.sqm
2008-09-03 12:46 . 2008-09-03 12:46 268 --ah----- C:\sqmdata15.sqm
2008-09-03 12:46 . 2008-09-03 12:46 244 --ah----- C:\sqmnoopt15.sqm
2008-09-03 12:44 . 2008-09-03 12:44 <REP> d-------- C:\Program Files\NewSoft
2008-09-03 12:44 . 2008-09-03 12:44 <REP> d-------- C:\Program Files\Fichiers communs\NewSoft
2008-09-03 12:23 . 2007-07-02 12:00 466,176 -ra------ C:\WINDOWS\system32\drivers\dvb7700all.sys
2008-09-03 11:18 . 2008-09-03 11:18 268 --ah----- C:\sqmdata13.sqm
2008-09-03 11:18 . 2008-09-03 11:18 244 --ah----- C:\sqmnoopt13.sqm
2008-09-03 09:10 . 2008-09-07 11:12 268 --ah----- C:\sqmdata12.sqm
2008-09-03 09:10 . 2008-09-07 11:12 244 --ah----- C:\sqmnoopt12.sqm
2008-08-28 10:32 . 2008-09-13 11:53 <REP> d-------- C:\Program Files\SPAMfighter
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\myBabylon
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Invadazoid
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-08-28 10:32 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2008-08-28 10:32 . 2008-08-28 10:36 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\Babylon
2008-08-24 08:53 . 2008-08-24 10:49 <REP> d-------- C:\divx
2008-08-23 17:31 . 2008-08-28 10:32 <REP> d-------- C:\Documents and Settings\Tophe\Application Data\DivX
2008-08-23 17:26 . 2008-08-28 10:32 <REP> d-------- C:\Program Files\DivX
2008-08-20 15:51 . 2008-08-20 15:51 <REP> d-------- C:\Program Files\InsDrvTemp_USB
2008-08-20 15:51 . 2005-11-10 15:30 1,028,096 --a------ C:\Program Files\libeay32.dll
2008-08-20 15:51 . 2000-04-06 20:13 995,383 --a------ C:\Program Files\MFC42.DLL
2008-08-20 15:51 . 2006-02-17 12:34 495,616 --a------ C:\Program Files\ZDWlan.exe
2008-08-20 15:51 . 2003-02-21 20:42 348,160 --a------ C:\Program Files\msvcr71.dll
2008-08-20 15:51 . 2005-11-10 15:31 286,720 --a------ C:\Program Files\openssl.exe
2008-08-20 15:51 . 2005-06-07 12:50 253,952 --a------ C:\Program Files\W32BRG55.EXE
2008-08-20 15:51 . 2003-04-21 14:09 245,408 --a------ C:\Program Files\UNICOWS.DLL
2008-08-20 15:51 . 2005-11-10 15:50 212,992 --a------ C:\Program Files\dot1x_dll.dll
2008-08-20 15:51 . 2005-11-10 15:30 196,608 --a------ C:\Program Files\ssleay32.dll
2008-08-20 15:51 . 2005-03-19 00:24 102,400 --a------ C:\Program Files\W32N55.DLL
2008-08-20 15:51 . 2005-06-07 11:36 102,400 --a------ C:\Program Files\W32BRG55.dll
2008-08-20 15:51 . 2006-02-17 12:34 45,056 --a------ C:\Program Files\ZDWlan.dll
2008-08-20 15:51 . 2003-03-14 12:24 24,576 --a------ C:\Program Files\ZyDelReg.exe
2008-08-20 15:51 . 2005-05-23 14:16 13,312 --a------ C:\Program Files\KCopy.exe
2008-08-20 15:50 . 2008-08-20 15:53 <REP> d-------- C:\Program Files\WiFi MAX
2008-08-17 17:39 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-13 09:57 --------- d-----w C:\Documents and Settings\Tophe\Application Data\OpenOffice.org2
2008-09-13 09:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-09-12 19:41 --------- d-----w C:\Program Files\eMule
2008-09-10 13:32 --------- d-----w C:\Program Files\Java
2008-09-09 05:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 15:52 --------- d-----w C:\Program Files\Norton Security Scan
2008-08-28 08:32 --------- d-----w C:\Program Files\YesMessenger
2008-08-28 08:32 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-08-25 13:06 --------- d-----w C:\Program Files\Conduit
2008-08-25 12:47 --------- d-----w C:\Program Files\Windows Live
2008-08-25 12:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-08-25 12:38 --------- d-----w C:\Program Files\Zylom Games
2008-08-03 09:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-08-03 09:01 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-08-03 09:01 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-08-03 08:59 --------- d-----w C:\Program Files\Google
2008-07-26 10:07 --------- d-----w C:\Program Files\eToro
2008-07-26 10:06 --------- d-----w C:\Program Files\WinAVI MP4 Converter
2008-07-26 10:06 --------- d-----w C:\Documents and Settings\Tophe\Application Data\LuckyTender
2008-07-26 09:44 --------- d-----w C:\Program Files\ReflexiveArcade
2008-07-26 09:38 --------- d-----w C:\Documents and Settings\Tophe\Application Data\Zylom
2008-07-26 09:37 --------- d-----w C:\Program Files\Zone.com Deluxe Games
2008-07-26 09:36 --------- d-----w C:\Program Files\LuckyTender
2008-07-26 09:24 --------- d-----w C:\Program Files\Babylon
2008-07-21 09:10 --------- d-----w C:\Documents and Settings\Tophe\Application Data\SPAMfighter
2008-07-20 09:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zylom
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2006-03-07 17:50 2,690 ----a-w C:\Program Files\ZDWlan.INI
2006-02-17 09:51 1,185 ----a-w C:\Program Files\W32BRG55.INI
2006-01-06 08:16 1,162 ----a-w C:\Program Files\W32N55.INI
2005-11-01 23:42 41,554 ----a-w C:\Program Files\ZDMLa.INI
2005-11-01 23:40 79,810 ----a-w C:\Program Files\ZDMLu.INI
2004-06-17 08:54 1,761 ----a-w C:\Program Files\caroot.pem
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
2008-02-14 14:54 1555480 --a------ C:\Program Files\myBabylon\tbmyBa.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E2402A0-5F99-4188-B30D-D8743996B340}]
2008-05-30 00:42 188416 --a------ C:\Program Files\LuckyTender\1.3.0\LuckyTender.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{34ea1c70-42cc-42c5-aa29-ec58b95a343e}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{34EA1C70-42CC-42C5-AA29-EC58B95A343E}"= "C:\Program Files\myBabylon\tbmyBa.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-13 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 40960]
"MsgCenterExe"="C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2008-08-03 69632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-28 766041]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"PCMService"="c:\APPS\Powercinema\PCMService.exe" [2006-02-23 147456]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2008-08-03 214560]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-07-14 321160]
"Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2008-03-11 3551456]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-03 185896]
"ChangeFilterMerit"="C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="C:\Program Files\NewSoft\Presto! PVR\Monitor.exe" [2007-07-02 149328]
"VirusKeeper"="C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe" [2008-08-22 3000192]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2005-05-31 10368]
R0 tffsport;M-Systems DiskOnChip 2000;C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-04 149376]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 SPAMfighter Update Service;SPAMfighter Update Service;C:\Program Files\SPAMfighter\sfus.exe [2008-07-14 184968]
R2 vkservice;VirusKeeper antivirus/antispyware;C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_service.exe [2008-05-22 1119576]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-EPSON PictureMate 100 - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAKE.EXE
HKLM-Run-NWEReboot - (no file)
.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Tophe\Application Data\Mozilla\Firefox\Profiles\fdxcj0qp.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://french.ircfast2.com/index.php?rvs=hompag
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 12:50:21
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cach‚s ...
Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...
Recherche de fichiers cach‚s ...
Scan termin‚ avec succŠs
Fichiers cach‚s: 0
**************************************************************************
"ImagePath"="\"c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe\"\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u2\[u]0/u0\[u]0/u0\[u]0/u0¨
[%\[u]0/u0«Ô’|\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u05\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0\[u]0/u0+\[u]0/u3pè\13\[u]0/u0pè\13\[u]0/u0\18î"
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ZDWlan.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.bin
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\vk_scanprocess.exe
.
**************************************************************************
.
Heure de fin: 2008-09-13 13:11:35 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-13 11:11:08
Avant-CF: 39,100,968,960 octets libres
Après-CF: 39,214,465,024 octets libres
283 --- E O F --- 2008-09-11 17:51:03
A voir également:
- Pc lent au demarrage 10 minutes pour l allumé
- Pc lent au démarrage - Guide
- Forcer demarrage pc - Guide
- Reinitialiser pc au demarrage - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Demarrage windows 10 - Guide
