Sujet Précédent Sujet Suivant

2 envoi pour ep44 au suhjet de navipromo. ge

hans -  
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,
ep44 voici le deuxieme rapport
Logfile of random's system information tool 1.04 (written by random/random)
Run by Papoute at 2008-11-15 19:09:23
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 156 GB (82%) free of 191 GB
Total RAM: 1023 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\rpc.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-11-12 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF}]
PCCBHO.CPCCBHO - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll [2008-04-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-12 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{01A7812B-59E8-4A4F-BFD6-EEE6D4CB6BA2} - Barre &Magique - C:\Program Files\Telecom Italia France\Barre Magique 1.05.08.22\Tiscali BBar.dll [2005-08-22 221184]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0\bin\jusched.exe [2007-10-22 36972]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-01 7311360]
"nwiz"=nwiz.exe /install []
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-04-02 290816]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2006-08-19 49152]
"Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]
"LXCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll []
"lxccmon.exe"=C:\Program Files\Lexmark 3300 Series\lxccmon.exe [2005-07-21 192512]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2005-07-12 299008]
"RegistryMechanic"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-20 77824]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-11-12 21760296]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-11-26 68856]
"kyiimsk"=c:\documents and settings\papoute\local settings\application data\kyiimsk.exe [2008-11-14 315392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v3 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v3\WG111v3.exe [2006-05-29 1527808]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sockspy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\SH3Autorun.exe

======List of files/folders created in the last 1 months======

2008-11-15 19:02:50 ----D---- C:\Program Files\trend micro
2008-11-15 19:02:38 ----D---- C:\rsit
2008-11-13 21:22:22 ----A---- C:\WINDOWS\system32\Process.exe
2008-11-13 21:22:22 ----A---- C:\cleannavi.txt
2008-11-13 13:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-13 13:44:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-12 19:15:20 ----A---- C:\fixnavi.txt
2008-11-12 19:12:41 ----D---- C:\Program Files\Navilog1
2008-11-02 16:02:15 ----D---- C:\Program Files\IncrediMail
2008-10-24 18:24:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-19 09:11:29 ----D---- C:\Program Files\Common Files
2008-10-19 08:59:53 ----A---- C:\WINDOWS\system32\WINUTIL5.DLL
2008-10-19 08:59:53 ----A---- C:\WINDOWS\system32\WINLCTL5.DLL
2008-10-19 08:59:49 ----D---- C:\Program Files\Free Offers from Freeze.com
2008-10-19 08:59:48 ----A---- C:\WINDOWS\system32\CapiCom.dll
2008-10-19 08:59:47 ----D---- C:\Program Files\Winferno
2008-10-19 08:59:13 ----D---- C:\Program Files\Yahoo!
2008-10-16 20:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 20:32:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 20:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 20:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 20:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

======List of files/folders modified in the last 1 months======

2008-11-15 19:08:56 ----D---- C:\WINDOWS\Temp
2008-11-15 19:02:50 ----RD---- C:\Program Files
2008-11-15 19:02:37 ----D---- C:\WINDOWS\Prefetch
2008-11-15 18:59:39 ----D---- C:\WINDOWS\system32
2008-11-15 18:46:57 ----D---- C:\Documents and Settings\Papoute\Application Data\Skype
2008-11-15 18:46:23 ----D---- C:\Documents and Settings\Papoute\Application Data\skypePM
2008-11-15 17:56:12 ----A---- C:\WINDOWS\win.ini
2008-11-15 09:17:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-15 09:08:51 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-14 22:20:39 ----D---- C:\Program Files\eMule
2008-11-13 19:12:35 ----D---- C:\WINDOWS
2008-11-13 13:45:51 ----HD---- C:\WINDOWS\inf
2008-11-13 13:45:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-13 13:45:33 ----D---- C:\WINDOWS\system32\drivers
2008-11-13 13:45:25 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-13 13:45:19 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 21:55:15 ----D---- C:\Program Files\Lx_cats
2008-11-09 17:21:13 ----SHD---- C:\WINDOWS\Installer
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-02 16:02:35 ----RSD---- C:\WINDOWS\Fonts
2008-11-02 10:14:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 18:31:31 ----D---- C:\Program Files\McDonaldsFairies
2008-10-19 09:11:34 ----SD---- C:\WINDOWS\Tasks
2008-10-18 07:48:09 ----D---- C:\Program Files\Internet Explorer
2008-10-16 20:31:01 ----D---- C:\WINDOWS\ie7updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;BitDefender Firewall TDI Filter; \??\C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys []
R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-23 21035]
R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-02-02 71040]
R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-01 3535424]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys [2007-04-23 224896]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 catchme;catchme; \??\C:\DOCUME~1\Papoute\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 o1394bul;o1394bul; \??\C:\DOCUME~1\Papoute\LOCALS~1\Temp\o1394bul.sys []
S3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC211;Webcam (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys [2006-10-18 391866]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-07 278528]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-01 131139]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-11-07 462848]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 lxcc_device;lxcc_device; C:\WINDOWS\system32\lxcccoms.exe [2005-07-06 466944]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-18 138168]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

-----------------EOF-----------------
A voir également:

1 réponse

Réponse 1 / 1
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Reste sur ton poste initial stp.

A+
0

Discussions similaires

'Votre colis est dans le site de livraison qui dessert votre adresse' que faire
relakztek82 -
Unemeuf -

25 réponses
Comment faire le signe au carré ² sur iPhone ?
Chloe0007 -
Jaks- -

5 réponses
Echec d'envoi message sur Messenger
Kris68 -
Colibri -

2 réponses
Colissimo problème
Tshno -
Afrikarnak -

17 réponses
Envoie impossible messenger
LynaMorgana -
Kuroni -

1 réponse