Votre question

Ordinateur tres lent au demarrage

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Décembre 2009 12:17:33

bonjour a tous;
mon ordinateur portable a et e infecte par security tool que j'ai reussi a supprimer avec Malwarebytes' Anti-Malware; mais il est toujours lent (tres lent) au demarrage, est ce que quelqu'un peut m'aider
merci

Autres pages sur : ordinateur tres lent demarrage

29 Décembre 2009 13:34:42

Salut, tu pourrais poster le rapport de malwarebytes, tu peux l'obtenir en lançant ce dernier et en allant dans l'onglet rapport/log, puis ensuite:

Télécharge sur le bureau « RSIT »
* Double-clic dessus
(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller les deux rapports dans la réponse
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
29 Décembre 2009 15:00:33


Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3444
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.11

28/12/2009 20:36:30
mbam-log-2009-12-28 (20-36-30).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 227284
Temps écoulé: 1 hour(s), 39 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\90120315 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysgif32 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\90120315 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\90120315\90120315.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\~TM1C.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\~TM57.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alain\Bureau\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alain\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alain\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\fvgqad.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\fvgqad.dat (Malware.Trace) -> Quarantined and deleted successfully.
Contenus similaires
29 Décembre 2009 15:01:21

Logfile of random's system information tool 1.06 (written by random/random)
Run by Alain at 2009-12-29 15:00:57
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 31 GB (41%) free of 76 GB
Total RAM: 1022 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01:00, on 29/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alain\Local Settings\Temporary Internet Files\Content.IE5\OBDP9UO9\RSIT[1].exe
C:\Program Files\trend micro\Alain.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.freebox.fr/admin/newcount.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\DOCUME~1\Alain\MESDOC~1\MAMUSI~1\SsAAD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SB1.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - http://www.vanessaparadis.net/images/474.jpg
O24 - Desktop Component 1: (no name) - http://vanessa.forever.free.fr/images/Vanessa-Paradis/g...

--
End of file - 9170 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [2009-05-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll [2006-10-12 434279]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-17 2153536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [2009-12-28 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-17 2153536]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-09-27 344064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-19 729178]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2005-10-11 409600]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-08-01 233534]
"SsAAD.exe"=C:\DOCUME~1\Alain\MESDOC~1\MAMUSI~1\SsAAD.exe []
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-05-25 303376]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-12-01 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-05-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\Temp\~TM1C.tmp"="C:\WINDOWS\Temp\~TM1C.tmp:*:Enabled:services"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\WINDOWS\Temp\~TM55.tmp"="C:\WINDOWS\Temp\~TM55.tmp:*:Enabled:~TM55"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2009-12-29 14:53:31 ----DC---- C:\rsit
2009-12-29 14:53:31 ----D---- C:\Program Files\trend micro
2009-12-29 14:48:37 ----D---- C:\WINDOWS\LastGood
2009-12-29 14:14:20 ----D---- C:\WINDOWS\Prefetch
2009-12-29 14:03:34 ----AC---- C:\AUTOEXEC.BAT
2009-12-29 14:01:34 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-29 13:42:30 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-29 13:42:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-29 13:41:41 ----RA---- C:\WINDOWS\SETED.tmp
2009-12-29 13:41:37 ----RA---- C:\WINDOWS\SETE1.tmp
2009-12-29 13:41:34 ----RA---- C:\WINDOWS\SETDE.tmp
2009-12-29 13:39:45 ----A---- C:\WINDOWS\setuplog.txt
2009-12-28 18:54:31 ----D---- C:\Documents and Settings\Alain\Application Data\Malwarebytes
2009-12-28 18:54:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-28 18:54:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-28 17:02:39 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-28 14:45:47 ----D---- C:\Program Files\Kaspersky Lab
2009-12-28 14:45:47 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-12-28 14:43:53 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

======List of files/folders modified in the last 1 months======

2009-12-29 15:00:52 ----D---- C:\WINDOWS\Temp
2009-12-29 14:53:31 ----RD---- C:\Program Files
2009-12-29 14:52:51 ----HD---- C:\WINDOWS\inf
2009-12-29 14:52:51 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-29 14:52:48 ----D---- C:\WINDOWS
2009-12-29 14:52:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-29 14:52:42 ----D---- C:\WINDOWS\system32
2009-12-29 14:52:34 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-29 14:44:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-29 14:43:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-29 14:37:01 ----D---- C:\WINDOWS\system32\Setup
2009-12-29 14:36:47 ----D---- C:\WINDOWS\system32\usmt
2009-12-29 14:36:34 ----D---- C:\WINDOWS\AppPatch
2009-12-29 14:36:32 ----D---- C:\WINDOWS\ime
2009-12-29 14:36:29 ----RSD---- C:\WINDOWS\Fonts
2009-12-29 14:36:28 ----D---- C:\WINDOWS\Media
2009-12-29 14:36:11 ----D---- C:\WINDOWS\PeerNet
2009-12-29 14:35:48 ----D---- C:\WINDOWS\system32\npp
2009-12-29 14:35:38 ----D---- C:\WINDOWS\msagent
2009-12-29 14:31:35 ----D---- C:\WINDOWS\system32\1036
2009-12-29 14:31:17 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-29 14:31:07 ----D---- C:\WINDOWS\Help
2009-12-29 14:31:00 ----D---- C:\WINDOWS\twain_32
2009-12-29 14:29:59 ----D---- C:\WINDOWS\system32\icsxml
2009-12-29 14:29:02 ----D---- C:\WINDOWS\system32\1033
2009-12-29 14:27:15 ----D---- C:\WINDOWS\Driver Cache
2009-12-29 14:27:14 ----D---- C:\WINDOWS\WinSxS
2009-12-29 14:24:33 ----D---- C:\WINDOWS\security
2009-12-29 14:21:22 ----SHD---- C:\System Volume Information
2009-12-29 14:21:22 ----D---- C:\WINDOWS\system32\Restore
2009-12-29 14:20:35 ----SD---- C:\Documents and Settings\Alain\Application Data\Microsoft
2009-12-29 14:19:44 ----D---- C:\WINDOWS\Registration
2009-12-29 14:18:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-29 14:13:13 ----D---- C:\WINDOWS\system32\drivers
2009-12-29 14:13:13 ----D---- C:\WINDOWS\system32\config
2009-12-29 14:12:18 ----A---- C:\WINDOWS\imsins.BAK
2009-12-29 14:10:59 ----D---- C:\WINDOWS\repair
2009-12-29 14:04:13 ----D---- C:\Program Files\Windows Media Player
2009-12-29 14:03:17 ----AC---- C:\WINDOWS\OEWABLog.txt
2009-12-29 14:03:07 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-29 14:02:31 ----D---- C:\WINDOWS\system32\ias
2009-12-29 14:01:40 ----RD---- C:\WINDOWS\Web
2009-12-29 14:01:22 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-29 14:00:58 ----A---- C:\WINDOWS\win.ini
2009-12-29 14:00:48 ----D---- C:\WINDOWS\system32\oobe
2009-12-29 14:00:43 ----D---- C:\WINDOWS\srchasst
2009-12-29 14:00:27 ----D---- C:\Program Files\Movie Maker
2009-12-29 14:00:07 ----D---- C:\Program Files\NetMeeting
2009-12-29 14:00:00 ----D---- C:\Program Files\Outlook Express
2009-12-29 13:59:59 ----D---- C:\Program Files\Fichiers communs\System
2009-12-29 13:59:34 ----D---- C:\Program Files\Internet Explorer
2009-12-29 13:59:08 ----D---- C:\WINDOWS\system32\Com
2009-12-29 13:57:10 ----D---- C:\Program Files\Windows NT
2009-12-29 13:56:56 ----D---- C:\WINDOWS\system32\wbem
2009-12-29 13:54:34 ----SHC---- C:\boot.ini
2009-12-29 13:42:44 ----A---- C:\WINDOWS\system.ini
2009-12-29 13:42:29 ----D---- C:\WINDOWS\system
2009-12-29 13:42:03 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-12-29 05:22:16 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-28 20:37:41 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-12-28 19:37:29 ----D---- C:\Program Files\Mozilla Firefox
2009-12-28 16:29:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-28 14:47:45 ----SHD---- C:\WINDOWS\Installer
2009-12-28 14:47:43 ----HD---- C:\Config.Msi
2009-12-24 08:23:13 ----D---- C:\Program Files\Google
2009-12-23 11:57:16 ----D---- C:\Program Files\DivX
2009-12-22 18:33:51 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-22 18:33:46 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-22 18:33:30 ----SD---- C:\WINDOWS\Tasks
2009-12-22 18:31:15 ----D---- C:\Program Files\McDonaldsDragons
2009-12-10 22:01:48 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-12-28 296976]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-05 8832]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-01 1412608]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-12-17 424320]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camc6aud.sys [2005-08-02 38016]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camc6hal.sys [2005-08-02 349312]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-05 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-08-22 1035008]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 231424]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-06-21 74496]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-19 190400]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-22 162176]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-18 56648]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys []
S3 SMCIRDA;Pilote de périphérique SMC IrCC Miniport; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-23 36937]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-12-01 393216]
R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-05-25 303376]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2005-09-22 53248]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2005-10-11 102400]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2005-06-07 53337]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2005-06-07 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2005-06-07 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2005-06-03 69632]
S3 UMWdf;Infrastructure de pilote-mode utilisateur Windows; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
29 Décembre 2009 16:55:50

petit up :-)
31 Décembre 2009 15:50:44

Désolé pour le temps de réponse! J'ai des problèmes de connexions ;) 

Tu as encore des soucis?
31 Décembre 2009 15:58:00

il y a quelqu un pour m'aider ( sujet Virus) merci rl593
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS