|
|
Auteur
|
Message
|
1
|
|
|
|
bonjour
voila je surfer tranquille sur le net et sur un site j ai eu un long transfert depuis mon ordi rame au taquet panda me dis dans les failles de securité qu il y a sasser A blaster il y en a plein d autres encore pouvais vous m aidé svp
merci beaucoup!!!
|
|
|
|
|
Télécharge Deckard System Scanner
>>> Lien et Tuto ici <<<
# Suis les indications et poste le rapport obtenu dans ton prochain message.
|
|
|
|
|
Deckard's System Scanner v20071014.68
Run by Benjamin on 2008-07-14 12:59:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-07-14 10:59:28 UTC - RP8 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Benjamin.exe) --------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59, on 2008-07-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Benjamin\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Benjamin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 4607 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys <Not Verified; BitDefender S.R.L.; BitDefender>
S3 catchme - c:\combofix\catchme.sys (file missing)
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - j:\everest\kerneld.wnt (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 ADSLAutoconnect - "c:\program files\adsl autoconnect\adsl autoconnect.exe" -z <Not Verified; ; ADSLAutoconnect>
R2 FTRTSVC (France Telecom Routing Table Service) - c:\windows\system32\ftrtsvc.exe <Not Verified; France Telecom; FTRTSVC NT Service>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-14 and 2008-07-14 -----------------------------
2008-07-14 12:59:25 262144 --a------ C:\Documents and Settings\Administrateur\NTUSER.DAT
2008-07-14 11:34:26 0 d-------- C:\Program Files\Arovax AntiSpyware
2008-07-14 11:31:54 0 dr-h----- C:\Documents and Settings\Benjamin\Recent
2008-07-13 18:14:36 0 d-------- C:\Documents and Settings\Administrateur\Application Data\BitDefender
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\SendTo
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Recent
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-07-13 18:13:35 0 d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-07-13 18:13:35 0 d-------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings
2008-07-13 18:13:35 0 d-------- C:\Documents and Settings\Administrateur\Favoris
2008-07-13 18:13:35 0 d--hs---- C:\Documents and Settings\Administrateur\Cookies
2008-07-13 18:13:35 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-07-13 18:13:35 0 d--h----- C:\Documents and Settings\Administrateur\Application Data
2008-07-13 18:13:35 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2008-07-13 17:56:45 0 d-------- C:\VundoFix Backups
2008-07-13 17:46:34 68096 --a------ C:\WINDOWS\zip.exe
2008-07-13 17:46:34 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-13 17:46:34 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-13 17:46:34 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-13 17:46:34 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-13 17:46:34 98816 --a------ C:\WINDOWS\sed.exe
2008-07-13 17:46:34 80412 --a------ C:\WINDOWS\grep.exe
2008-07-13 17:46:34 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-13 13:14:37 0 d-------- C:\Program Files\Trend Micro
2008-07-13 11:46:32 0 d-------- C:\Program Files\Steam
2008-07-12 12:35:28 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-07-12 12:32:52 0 d-------- C:\Program Files\THQ
2008-07-11 20:55:55 0 d-------- C:\Program Files\VirtualDJ
2008-07-11 20:22:34 0 d-------- C:\Documents and Settings\Benjamin\Start Menu
2008-07-11 17:09:17 0 d-------- C:\Program Files\DivX
2008-07-11 12:30:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-11 12:12:26 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-11 10:04:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-10 22:38:56 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Mozilla
2008-07-10 22:35:35 0 d-------- C:\Program Files\Messenger Plus! Live
2008-07-10 20:37:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Arovax
2008-07-10 12:21:46 0 d-------- C:\Program Files\eMule
2008-07-10 12:19:24 0 d-------- C:\Program Files\Winamp
2008-07-10 12:19:24 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Winamp
2008-07-10 12:16:21 0 d-------- C:\Program Files\BeClean
2008-07-10 11:59:15 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-07-10 11:59:13 0 d-------- C:\Program Files\DVD Shrink
2008-07-10 11:58:50 0 d-------- C:\Documents and Settings\Benjamin\Application Data\WinRAR
2008-07-10 11:13:08 0 d-------- C:\Program Files\ADSL Autoconnect
2008-07-10 11:08:33 0 d-------- C:\WINDOWS\pss
2008-07-10 10:47:21 0 d-------- C:\Documents and Settings\Benjamin\Contacts
2008-07-10 10:46:47 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-10 10:31:25 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-10 10:31:10 0 d-------- C:\Program Files\Windows Live
2008-07-10 10:31:02 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-10 10:29:13 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Macromedia
2008-07-10 10:29:11 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Adobe
2008-07-10 10:24:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-10 10:20:08 0 d-------- C:\Program Files\CCleaner
2008-07-10 10:06:28 32768 --a------ C:\WINDOWS\system32\WooDial2000.dll <Not Verified; France Télécom R&D; Kit de Connexion et de Services>
2008-07-10 10:06:21 0 d-------- C:\WINDOWS\system32\AlertModule
2008-07-10 10:06:13 36864 --a------ C:\WINDOWS\system32\IfHelper.dll <Not Verified; France Télécom R&D; IfHelper>
2008-07-10 10:06:12 40960 --a------ C:\WINDOWS\system32\FTRTSVC.exe <Not Verified; France Telecom; FTRTSVC NT Service>
2008-07-10 10:05:27 32768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll <Not Verified; Forefront, Incorporated; ffJmpWeb Dynamic Link Library>
2008-07-10 10:05:23 0 d-------- C:\Program Files\Wanadoo Messager
2008-07-10 10:02:50 0 d-------- C:\Program Files\Wanadoo
2008-07-10 10:02:03 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-10 09:32:10 327168 --a------ C:\WINDOWS\IsUn040c.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-07-10 09:31:32 0 d-------- C:\Program Files\Hewlett-Packard
2008-07-10 01:18:55 0 d--hs---- C:\WINDOWS\Installer
2008-07-10 01:18:54 0 d-------- C:\Program Files\Fichiers communs\ODBC
2008-07-10 01:18:50 0 dr------- C:\Program Files
2008-07-10 01:18:50 0 d-------- C:\Program Files\Fichiers communs
2008-07-10 01:18:50 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines
2008-07-10 01:18:16 0 d--h----- C:\Documents and Settings\Default User\Voisinage réseau
2008-07-10 01:18:16 0 d--h----- C:\Documents and Settings\Default User\Voisinage d'impression
2008-07-10 01:18:16 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-07-10 01:18:16 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-07-10 01:18:16 0 d--h----- C:\Documents and Settings\Default User\Modèles
2008-07-10 01:18:16 0 d-------- C:\Documents and Settings\Default User\Mes documents
2008-07-10 01:18:16 0 dr------- C:\Documents and Settings\Default User\Menu Démarrer
2008-07-10 01:18:16 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-07-10 01:18:16 0 d-------- C:\Documents and Settings\Default User\Favoris
2008-07-10 01:18:16 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-07-10 01:18:16 0 d-------- C:\Documents and Settings\Default User\Bureau
2008-07-10 01:18:16 0 d--h----- C:\Documents and Settings\All Users\Modèles
2008-07-10 01:18:16 0 dr------- C:\Documents and Settings\All Users\Menu Démarrer
2008-07-10 01:18:16 0 d-------- C:\Documents and Settings\All Users\Favoris
2008-07-10 01:18:16 0 dr------- C:\Documents and Settings\All Users\Documents
2008-07-10 01:18:16 0 d-------- C:\Documents and Settings\All Users\Bureau
2008-07-10 01:16:18 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-07-10 01:16:18 0 d-------- C:\WINDOWS\system32\CatRoot
2008-07-10 01:16:13 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-07-10 01:16:13 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-07-10 01:16:13 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-07-10 01:16:13 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-07-10 01:15:52 0 d-------- C:\Documents and Settings
2008-07-10 01:15:51 0 d--hs---- C:\System Volume Information
2008-07-10 01:11:10 0 d-------- C:\WINDOWS
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\WinSxS
2008-07-10 01:11:10 0 dr------- C:\WINDOWS\Web
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\twain_32
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\wins
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\wbem
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\usmt
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\spool
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\ShellExt
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\Setup
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\ras
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\oobe
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\npp
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\mui
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\inetsrv
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\IME
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\icsxml
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\ias
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\export
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\drivers
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-07-10 01:11:10 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\dhcp
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\config
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\3076
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\2052
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1054
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1042
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1041
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1037
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1036
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1033
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1031
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1028
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system32\1025
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\system
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\security
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Resources
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\repair
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Provisioning
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\PeerNet
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\pchealth
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\mui
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\msapps
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\msagent
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Media
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\java
2008-07-10 01:11:10 0 d--h----- C:\WINDOWS\inf
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\ime
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Help
2008-07-10 01:11:10 0 dr--s---- C:\WINDOWS\Fonts
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Driver Cache
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Debug
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Cursors
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Connection Wizard
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\Config
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\AppPatch
2008-07-10 01:11:10 0 d-------- C:\WINDOWS\addins
2008-07-10 00:13:58 0 d-------- C:\WINDOWS\Prefetch
2008-07-10 00:10:07 0 d-------- C:\WINDOWS\system32\fr-fr
2008-07-10 00:10:07 0 d-------- C:\WINDOWS\system32\fr
2008-07-10 00:10:07 0 d-------- C:\WINDOWS\system32\bits
2008-07-10 00:10:07 0 d-------- C:\WINDOWS\l2schemas
2008-07-10 00:09:05 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-10 00:07:51 0 d-------- C:\WINDOWS\network diagnostic
2008-07-10 00:06:47 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-07-10 00:05:14 0 d-------- C:\WINDOWS\EHome
2008-07-09 23:57:51 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Identities
2008-07-09 23:57:36 0 d--h----- C:\Documents and Settings\Benjamin\Voisinage réseau
2008-07-09 23:57:36 0 d--h----- C:\Documents and Settings\Benjamin\Voisinage d'impression
2008-07-09 23:57:36 0 dr-h----- C:\Documents and Settings\Benjamin\SendTo
2008-07-09 23:57:36 1835008 --ah----- C:\Documents and Settings\Benjamin\NTUSER.DAT
2008-07-09 23:57:36 0 d--h----- C:\Documents and Settings\Benjamin\Modèles
2008-07-09 23:57:36 0 dr------- C:\Documents and Settings\Benjamin\Mes documents
2008-07-09 23:57:36 0 dr------- C:\Documents and Settings\Benjamin\Menu Démarrer
2008-07-09 23:57:36 0 d--h----- C:\Documents and Settings\Benjamin\Local Settings
2008-07-09 23:57:36 0 dr------- C:\Documents and Settings\Benjamin\Favoris
2008-07-09 23:57:36 0 d--hs---- C:\Documents and Settings\Benjamin\Cookies
2008-07-09 23:57:36 0 d-------- C:\Documents and Settings\Benjamin\Bureau
2008-07-09 23:57:36 0 dr-h----- C:\Documents and Settings\Benjamin\Application Data
2008-07-09 23:51:12 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-07-09 23:51:09 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-07-09 23:51:09 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-07-09 23:51:09 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-07-09 23:51:09 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-07-09 23:51:09 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-07-09 23:51:08 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-07-09 23:51:01 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-07-09 23:51:01 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-07-09 23:51:01 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-07-09 23:51:01 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-07-09 23:51:01 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-07-09 23:48:20 0 d-------- C:\WINDOWS\system32\xircom
2008-07-09 23:48:20 0 d-------- C:\Program Files\microsoft frontpage
2008-07-09 23:47:50 241725 -----n--- C:\WINDOWS\system32\msuni11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2008-07-09 23:47:49 163840 -----n--- C:\WINDOWS\system32\mindex.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2008-07-09 23:47:47 368710 -----n--- C:\WINDOWS\system32\msisam11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2008-07-09 23:47:23 0 d-------- C:\Program Files\Windows Media Connect 2
2008-07-09 23:47:15 0 d-------- C:\WINDOWS\RegisteredPackages
2008-07-09 23:47:00 0 d--h----- C:\WINDOWS\$hf_mig$
2008-07-09 23:46:45 0 -rahs---- C:\MSDOS.SYS
2008-07-09 23:46:45 0 -rahs---- C:\IO.SYS
2008-07-09 23:46:45 0 --a------ C:\CONFIG.SYS
2008-07-09 23:46:45 0 --a------ C:\AUTOEXEC.BAT
2008-07-09 23:45:44 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-07-09 23:45:32 0 dr------- C:\WINDOWS\Offline Web Pages
2008-07-09 23:45:32 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-07-09 23:45:21 0 d--h----- C:\Program Files\WindowsUpdate
2008-07-09 23:45:15 0 d-------- C:\Program Files\Services en ligne
2008-07-09 23:44:57 0 d-------- C:\WINDOWS\system32\DirectX
2008-07-09 23:44:18 0 d---s---- C:\WINDOWS\Tasks
2008-07-09 23:44:17 0 d-------- C:\Program Files\Fichiers communs\MSSoap
2008-07-09 23:44:12 0 d-------- C:\WINDOWS\srchasst
2008-07-09 23:44:11 0 d-------- C:\WINDOWS\system32\Macromed
2008-07-09 23:44:01 0 d-------- C:\Program Files\Movie Maker
2008-07-09 23:43:51 0 d-------- C:\WINDOWS\system32\Restore
2008-07-09 23:43:31 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-07-09 23:43:10 0 d-------- C:\WINDOWS\Registration
2008-07-09 23:42:38 0 d-------- C:\Program Files\Online Services
2008-07-09 23:42:32 0 d-------- C:\Program Files\Messenger
2008-07-09 23:42:28 0 d-------- C:\Program Files\MSN Gaming Zone
2008-07-09 23:41:45 0 d-------- C:\Program Files\Windows NT
2008-07-09 23:41:42 0 d-------- C:\WINDOWS\system32\MsDtc
2008-07-09 23:41:39 0 d-------- C:\WINDOWS\system32\Com
2008-07-09 16:57:26 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Ahead
2008-07-09 16:48:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-07-09 16:43:50 0 d-------- C:\Program Files\Nero
2008-07-09 16:43:50 0 d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-09 16:43:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-07-09 16:18:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-09 16:17:15 0 d--hs---- C:\Documents and Settings\Benjamin\UserData
2008-07-09 16:13:21 81984 --a------ C:\WINDOWS\system32\bdod.bin
2008-07-09 16:11:57 0 d-------- C:\WINDOWS\system32\LogFiles
2008-07-09 16:11:26 0 d-------- C:\Documents and Settings\Benjamin\Application Data\Bitdefender
2008-07-09 16:11:10 0 d-------- C:\Program Files\BitDefender
2008-07-09 16:11:10 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-07-09 16:08:06 0 d-------- C:\Program Files\Fichiers communs\BitDefender
2008-07-09 16:07:17 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-09 16:04:17 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-09 15:50:39 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-07-09 15:50:06 0 d-------- C:\Program Files\Realtek AC97
2008-07-09 15:50:04 315392 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool>
2008-07-09 15:50:04 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-09 15:49:44 0 d-------- C:\Program Files\Fichiers communs\InstallShield
-- Find3M Report ---------------------------------------------------------------
2008-07-10 01:18:16 62 --ahs---- C:\Documents and Settings\Benjamin\Application Data\desktop.ini
2008-07-10 00:15:14 367658 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-07-10 00:15:14 48616 --a------ C:\WINDOWS\system32\perfc00C.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
2008-06-11 22:33 75128 --a------ C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 16:46]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-05-23 19:16]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
bdx scan
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
*Newly Created Service* - 58931212
*Newly Created Service* - 9EBEF7E3
*Newly Created Service* - KPROCCHECK
-- End of Deckard's System Scanner: finished at 2008-07-14 13:02:27 ------------
|
|
|
|
|
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 3.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) XP 2600+
Percentage of Memory in Use: 23%
Physical Memory (total/avail): 2047.36 MiB / 1563.1 MiB
Pagefile Memory (total/avail): 3944 MiB / 3519.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.6 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 152.66 GiB total, 132.83 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (FAT)
\\.\PHYSICALDRIVE0 - Maxtor 6L160P0 - 152.67 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 152.66 GiB - C:
\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device
\\.\PHYSICALDRIVE1 - Memorex Cool Drive B USB Device - 1961.06 MiB - 1 partition
\PARTITION0 - Win95 avec Inter. 13 étendue - 1967.98 MiB - J:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Benjamin\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=PROPRIETAIRE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Benjamin
LOGONSERVER=\\PROPRIETAIRE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Ahead\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Benjamin\LOCALS~1\Temp
TMP=C:\DOCUME~1\Benjamin\LOCALS~1\Temp
USERDOMAIN=PROPRIETAIRE
USERNAME=Benjamin
USERPROFILE=C:\Documents and Settings\Benjamin
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Benjamin [I](admin)[/I]
Administrateur [I](new local, admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
ADSL Autoconnect --> C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe -u
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
BeClean --> "C:\Program Files\BeClean\unins000.exe"
BitDefender Internet Security 2008 --> MsiExec.exe /I{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}
Counter-Strike: Source --> MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
eMule --> "C:\Program Files\eMule\Uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
Les Chevaliers de Baphomet - Les Gardiens du Temple de Salomon --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F41C11EC-7C13-47A7-A07C-251D96EC3879}\setup.exe" -l0x40c -removeonly
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mozilla Firefox (2.0) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
Navigateur Wanadoo --> C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Nero 7 Essentials --> MsiExec.exe /X{9B4E6CB9-E54D-47F7-A414-E2D5740E1036}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuenet.exe UninstallGUI
Outil de connexion Wanadoo --> C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Virtual DJ - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Wanadoo Messager --> C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Connect -->
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type389 / Error
Event Submitted/Written: 07/14/2008 00:59:16 PM
Event ID/Source: 9 / ADSLAutoconnect
Event Description:
L'ordinateur distant n'a pas répondu. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support.
Event Record #/Type377 / Success
Event Submitted/Written: 07/14/2008 09:55:12 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type357 / Error
Event Submitted/Written: 07/13/2008 11:38:37 PM
Event ID/Source: 9 / ADSLAutoconnect
Event Description:
L'ordinateur distant n'a pas répondu. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support.
Event Record #/Type343 / Success
Event Submitted/Written: 07/13/2008 06:45:17 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type336 / Error
Event Submitted/Written: 07/13/2008 05:51:06 PM
Event ID/Source: 9 / ADSLAutoconnect
Event Description:
L'ordinateur distant n'a pas répondu. Pour obtenir de l'assistance, cliquez sur Plus d'informations ou recherchez le numéro de cette erreur dans le centre d'aide et de support.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type1490 / Warning
Event Submitted/Written: 07/13/2008 11:39:07 PM
Event ID/Source: 1007 / Dhcp
Event Description:
Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 000C6EFF5D25. L'adresse IP utilisée est 169.254.161.84.
Event Record #/Type1483 / Error
Event Submitted/Written: 07/13/2008 11:38:46 PM
Event ID/Source: 10010 / DCOM
Event Description:
Le serveur {DAD72320-0CEB-4B96-8AF0-89ED2C7A711A} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.
Event Record #/Type1482 / Warning
Event Submitted/Written: 07/13/2008 11:38:31 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 000C6EFF5D25. Il s'est
produit l'erreur suivante :
%%1223.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
Event Record #/Type1453 / Warning
Event Submitted/Written: 07/13/2008 06:44:45 PM
Event ID/Source: 1007 / Dhcp
Event Description:
Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 000C6EFF5D25. L'adresse IP utilisée est 169.254.161.84.
Event Record #/Type1451 / Warning
Event Submitted/Written: 07/13/2008 06:44:39 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 000C6EFF5D25. Il s'est
produit l'erreur suivante :
%%121.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
-- End of Deckard's System Scanner: finished at 2008-07-14 13:02:27 ------------
|
|
|
|
|
dans le demarrage j ai des fichiers qui me genent
NTUSER \NTUSER.DAT Common Startup
ntuser.dat \ntuser.dat.Log Common Startup
ntuser \ntuser.ini Common Startup
cwshredder.exe m a trouvé aussi cws.msconfig
|
|
|
|
|
Execute une Analyse Online via Kaspersky
==>Lien et Tuto ici<==
# Suis les indications et poste le rapport obtenu dans ton prochain message.
Post le rapport!!
|
|
|
1
|
|
|
|
