Se connecter / S'enregistrer
Votre question

Au Secour ! Envahi par Flec006 ! [ Résolu ]

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Mai 2008 22:48:49

Bonsoir ,

En cette sombre soirée je viens à vous pour vous demander de l'aide ! J'ai choper un virus sur internet qui m'a bousillé le WIFI qui est désormais inactivable , avast est inactivable et certaines appli se ferment toutes seules ! J'ai parcouru les forum mais il me faudrais une aide personnalisé car j'ai vu que tous demandés des rapports etc ... Flec006 était présent jusqu'a ce que je le détruise et qu'il ne recrée d'autree fichiers inféctés ! Je vous en suppli aidez moi sa fait 5 jours que sa dure !

Autres pages sur : secour envahi flec006 resolu

19 Mai 2008 23:13:20

Hello ,

C'est le virus Bagle ..

Télécharge ComboFix [:eric_71] < ici

Enregistre le sur ton Bureau et pas ailleurs !
Double clique combofix.exe ( le .exe peut ne pas apparaitre )
Pour démarrer , tape [1] puis valide , attend la fin du scan
il peut y avoir un Redémarrage du PC !

Copie / Colle le rapport généré ( C:\Combofix.txt )

20 Mai 2008 17:44:13

Salut ! Merci pour ta réponse . Voici le rapport de ComboFix :

ComboFix 08-05-19.4 - Baptiste 2008-05-20 17:37:54.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1312 [GMT 2:00]
Endroit: C:\Users\Baptiste\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\drivers\downld
C:\Windows\system32\drivers\downld\224547.exe
C:\Windows\system32\drivers\downld\242409.exe
C:\Windows\system32\drivers\downld\2442866.exe
C:\Windows\system32\drivers\downld\2473395.exe
C:\Windows\system32\drivers\downld\2492505.exe
C:\Windows\system32\drivers\downld\2496702.exe
C:\Windows\system32\drivers\downld\2537231.exe
C:\Windows\system32\drivers\downld\2554251.exe
C:\Windows\system32\drivers\downld\255607.exe
C:\Windows\system32\drivers\downld\2566154.exe
C:\Windows\system32\drivers\downld\2572269.exe
C:\Windows\system32\drivers\downld\26218042.exe
C:\Windows\system32\drivers\downld\26224048.exe
C:\Windows\system32\drivers\downld\26265498.exe
C:\Windows\system32\drivers\downld\262846.exe
C:\Windows\system32\drivers\downld\26344902.exe
C:\Windows\system32\drivers\downld\26508454.exe
C:\Windows\system32\drivers\downld\26596204.exe
C:\Windows\system32\drivers\downld\307961.exe
C:\Windows\system32\drivers\downld\322454.exe
C:\Windows\system32\drivers\downld\331439.exe
C:\Windows\system32\drivers\downld\354356.exe
C:\Windows\system32\drivers\downld\62153762.exe
C:\Windows\system32\drivers\downld\62163933.exe
C:\Windows\system32\drivers\downld\62177677.exe
C:\Windows\system32\drivers\downld\62411756.exe
C:\Windows\system32\drivers\downld\62424892.exe
C:\Windows\system32\drivers\downld\62434626.exe
C:\Windows\system32\drivers\downld\62439774.exe
C:\Windows\system32\drivers\downld\66366210.exe
C:\Windows\system32\drivers\downld\66442307.exe
C:\Windows\system32\drivers\downld\66471760.exe
C:\Windows\system32\drivers\downld\66677276.exe
C:\Windows\system32\drivers\downld\66715824.exe
C:\Windows\system32\drivers\downld\66738850.exe
C:\Windows\system32\drivers\downld\66749348.exe
C:\Windows\system32\drivers\downld\724297.exe
C:\Windows\system32\drivers\downld\740287.exe
C:\Windows\system32\drivers\downld\76844813.exe
C:\Windows\system32\drivers\downld\76882612.exe
C:\Windows\system32\drivers\downld\76908711.exe
C:\Windows\system32\drivers\downld\76983232.exe
C:\Windows\system32\drivers\downld\77009877.exe
C:\Windows\system32\drivers\downld\77027038.exe
C:\Windows\system32\drivers\downld\77037458.exe
C:\Windows\system32\drivers\downld\774981.exe
C:\Windows\system32\drivers\downld\81163654.exe
C:\Windows\system32\drivers\downld\81180907.exe
C:\Windows\system32\drivers\downld\81187335.exe
C:\Windows\system32\drivers\downld\81203949.exe
C:\Windows\system32\drivers\downld\812406.exe
C:\Windows\system32\drivers\downld\81263463.exe
C:\Windows\system32\drivers\downld\81275179.exe
C:\Windows\system32\drivers\downld\81280405.exe
C:\Windows\system32\drivers\downld\825962.exe
C:\Windows\system32\drivers\downld\838286.exe
C:\Windows\system32\drivers\downld\847678.exe
C:\Windows\system32\drivers\downld\95690186.exe
C:\Windows\system32\drivers\downld\95724709.exe
C:\Windows\system32\drivers\downld\95746222.exe
C:\Windows\system32\drivers\downld\95839011.exe
C:\Windows\system32\drivers\downld\95860009.exe
C:\Windows\system32\drivers\downld\95868121.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-20 to 2008-05-20 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 15:38 --------- d-----w C:\Users\Baptiste\AppData\Roaming\Free Download Manager
2008-05-18 19:45 --------- d-----w C:\Program Files\Windows Mail
2008-05-18 19:45 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-05-18 19:24 691 ----a-w C:\Users\Baptiste\AppData\Roaming\GetValue.vbs
2008-05-18 19:24 35 ----a-w C:\Users\Baptiste\AppData\Roaming\SetValue.bat
2008-05-18 19:24 2,778 ----a-w C:\Windows\System32\tmp.reg
2008-05-18 19:22 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-05-18 17:06 42,049 ----a-w C:\Users\Show Diam's\AppData\Roaming\nvModes.dat
2008-05-18 16:37 --------- d-----w C:\Program Files\CCleaner
2008-05-17 15:52 63,201 ----a-w C:\Users\Baptiste\AppData\Roaming\nvModes.dat
2008-05-17 13:57 --------- d-----w C:\PROGRA~2\Grisoft
2008-05-15 21:22 86,528 ----a-w C:\Windows\System32\VACFix.exe
2008-05-15 15:11 --------- d-----w C:\PROGRA~2\PC SOFT
2008-05-14 17:59 --------- d-----w C:\Program Files\IncrediMail
2008-05-14 14:57 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-13 14:19 --------- d-----w C:\Users\Baptiste\AppData\Roaming\Oxemis
2008-05-12 15:08 --------- d-----w C:\Program Files\Goto Software
2008-05-11 17:18 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\Oxemis
2008-05-11 17:18 --------- d-----w C:\Program Files\Oxemis
2008-05-11 16:21 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\DivX
2008-05-10 16:32 --------- d-----w C:\Program Files\Java
2008-05-10 16:23 --------- d-----w C:\PROGRA~2\IM
2008-05-10 16:21 --------- d-----w C:\PROGRA~2\IncrediMail
2008-05-08 01:44 --------- d-----w C:\Program Files\GestProdRemb
2008-05-06 07:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-05 16:44 --------- d-----w C:\Program Files\Anuman Interactive
2008-05-04 15:04 --------- d-----w C:\Program Files\Graphex3
2008-04-28 18:07 --------- d-----w C:\Users\Baptiste\AppData\Roaming\Orbit
2008-04-28 17:58 --------- d-----w C:\Users\Baptiste\AppData\Roaming\vlc
2008-04-28 17:55 --------- d-----w C:\Program Files\HomePlayer1.5.4
2008-04-28 06:03 82,944 ----a-w C:\Windows\System32\IEDFix.exe
2008-04-28 06:03 82,944 ----a-w C:\Windows\System32\404Fix.exe
2008-04-27 08:56 --------- d-----w C:\Program Files\AviSynth 2.5
2008-04-27 08:55 --------- d-----w C:\Program Files\eRightSoft
2008-04-27 08:52 --------- d-----w C:\Program Files\Free Music Zilla
2008-04-19 16:48 --------- d-----w C:\Program Files\Firefly Studios
2008-04-19 14:45 --------- d-----w C:\PROGRA~2\FLEXnet
2008-04-19 13:43 --------- d-----w C:\Program Files\PopCap Games
2008-04-19 13:43 --------- d-----w C:\PROGRA~2\PopCap
2008-04-19 13:00 --------- d-----w C:\Users\Baptiste\AppData\Roaming\InstallShield Installation Information
2008-04-19 10:50 --------- d-----w C:\Program Files\IndustryGiant 2
2008-04-19 00:53 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-18 23:31 --------- d-----w C:\Program Files\Maïdo Production
2008-04-18 22:33 --------- d-----w C:\Program Files\HP
2008-04-18 22:12 --------- d-----w C:\Program Files\DivX
2008-04-17 18:28 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\Talkback
2008-04-09 12:28 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\HP
2008-04-01 22:40 311,296 ------w C:\Windows\Setup1.exe
2008-04-01 22:40 --------- d-----w C:\Program Files\eX-Sense
2008-04-01 22:39 73,216 ----a-w C:\Windows\ST6UNST.EXE
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-31 19:08 --------- d-----w C:\Program Files\PIXELA
2008-03-31 18:20 --------- d-----w C:\PROGRA~2\Ciel
2008-03-31 13:12 --------- d-----w C:\Program Files\Ciel
2008-03-31 13:09 --------- d-----w C:\Program Files\Common Files\Ciel
2008-03-31 13:07 --------- d-----w C:\Program Files\Common Files\Sage
2008-03-29 22:53 --------- d-----w C:\Program Files\LMSOFT Web Creator Pro 4
2008-03-29 22:36 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00006.tmp
2008-03-29 22:35 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00005.tmp
2008-03-29 22:31 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00004.tmp
2008-03-29 22:31 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00003.tmp
2008-03-29 22:29 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00002.tmp
2008-03-29 22:27 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00001.tmp
2008-03-29 21:21 --------- d-----w C:\Program Files\Mindscape
2008-03-29 21:11 --------- d-----w C:\Program Files\CoffeeCup Software
2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 11:34 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-03-29 11:34 25,416 ----a-w C:\Windows\system32\drivers\lirsgt.sys
2008-03-29 11:12 --------- d-----w C:\Program Files\Elektrogames
2008-03-29 09:54 --------- d-----w C:\Program Files\EA GAMES
2008-03-28 22:00 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-28 21:58 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-27 17:56 --------- d-----w C:\Program Files\Electronic Arts
2008-03-27 15:09 --------- d-----w C:\Program Files\EBP
2008-03-26 17:59 174 --sha-w C:\Program Files\desktop.ini
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Journal
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Defender
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Calendar
2008-03-26 17:32 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-26 17:31 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-26 16:39 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-26 16:39 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-26 13:57 --------- d-----w C:\Program Files\Infogrames
2008-03-26 13:54 --------- d-----w C:\Program Files\UltraDefrag
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 43,528 ------w C:\Windows\system32\drivers\pxhelp20.sys
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2006-05-03 10:06 163,328 --sh--r C:\Windows\System32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\Windows\System32\msfDX.dll
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 00:33 1233920]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2007-11-02 01:04 2445359]
"Free Upload Manager"="C:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [ ]
"L08FXLRD_43933594"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe" [ ]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 00:33 125952]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 00:33 202240]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 00:38 1008184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 08:23 102400]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
ImageMixer HDD Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2008-03-31 21:08:15 2117632]
La Solution Ciel.lnk - C:\Program Files\Ciel\Starter.exe [2008-03-31 15:06:19 524288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^games.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\games.lnk
backup=C:\Windows\pss\games.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agendatronic Alarm]
C:\PROGRA~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-12-23 18:05 143360 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GenePccMon.exe]
--a------ 2007-02-13 17:21 36864 C:\Program Files\Genesys PC Camera Device\GenePccMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-12-10 22:52 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L08FXLRD_24088410]
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L08FXLRD_35605590]
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2007-02-07 16:21 54832 C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2007-03-14 21:01 71216 C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4080839928-3581851634-3062702128-1000]
"EnableNotificationsRef"=dword:00000005

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C0D73858-52AC-43B4-9CED-BA631C817A7E}"= C:\Program Files\Home Cinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{FD5BFD9B-4D3F-45F3-96C8-53E84C851206}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{66C85590-C5F2-46DD-963C-04BA7890921E}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{79DC2606-CDA0-4EC2-B8DE-2DF95AAF08C0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{8BC7E3A2-7686-4696-AE9B-ECA86B669DA9}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{4278C95A-3DCE-4706-8EDE-D91A19AC65F1}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{04AD27ED-0D6C-4929-81DE-C6B60A4F4419}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{702341EB-4633-4C95-93D3-D66B2DCE75E5}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{04F93144-140D-47A3-8AAA-46A0E6899C70}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{E6AB6BB0-7BB7-401A-BCD5-128BEFBDF92D}C:\\program files\\free music zilla\\fmzilla.exe"= UDP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"UDP Query User{5AF037C0-DF06-43D2-80F2-1ECDE5A4B917}C:\\program files\\free music zilla\\fmzilla.exe"= TCP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"{106634E0-2A2E-42BC-ACCB-1A6498DE72E9}"= Disabled:UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{6EB3FE0F-3FA1-4453-B047-138D0AF2E445}"= Disabled:TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{7B37E610-7E70-48F8-845A-B4F919548610}"= UDP:C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{3D209BA5-BC52-4130-A313-488E51090F1E}"= TCP:C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{15F736A1-893B-492A-B640-739A3B7171ED}"= UDP:C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander - Forged Alliance
"{68A0320C-BC7B-43BC-9FD6-1C430813858F}"= TCP:C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander - Forged Alliance
"TCP Query User{6839FF96-2036-4992-B7F0-2DA3368A954F}C:\\program files\\promptpilote\\promptpilote.exe"= UDP:C:\program files\promptpilote\promptpilote.exe:p romptPilote
"UDP Query User{54A59DF8-61BE-432E-9391-9D8A1172E6E8}C:\\program files\\promptpilote\\promptpilote.exe"= TCP:C:\program files\promptpilote\promptpilote.exe:p romptPilote
"TCP Query User{8435AC73-3924-40F9-A5A0-82A9B6EB085E}C:\\windows\\temp\\occ.exe"= UDP:C:\windows\temp\occ.exe:o cc.exe
"UDP Query User{5D1F1D4F-3561-4191-9B3A-70CF4E353AFB}C:\\windows\\temp\\occ.exe"= TCP:C:\windows\temp\occ.exe:o cc.exe
"TCP Query User{896CA3AD-BF88-4773-800A-A1C1624F20A6}C:\\users\\baptiste\\appdata\\local\\temp\\rar$ex00.652\\freezer.exe"= UDP:C:\users\baptiste\appdata\local\temp\rar$ex00.652\freezer.exe:freezer.exe
"UDP Query User{67E7C573-536B-40DE-B0CE-4A81BC9F6628}C:\\users\\baptiste\\appdata\\local\\temp\\rar$ex00.652\\freezer.exe"= TCP:C:\users\baptiste\appdata\local\temp\rar$ex00.652\freezer.exe:freezer.exe
"TCP Query User{7FB21591-DD84-4D83-9AD2-3E0286FACBFC}C:\\users\\baptiste\\desktop\\freezer.exe"= UDP:C:\users\baptiste\desktop\freezer.exe:freezer.exe
"UDP Query User{D7CB5F5A-9D98-4E36-BE6B-21341BEFEB14}C:\\users\\baptiste\\desktop\\freezer.exe"= TCP:C:\users\baptiste\desktop\freezer.exe:freezer.exe
"TCP Query User{316B9FAE-B850-4E58-B309-BE17A8F00AE0}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= UDP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{D966E60E-4B35-48C4-9BFC-44848A51649D}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= TCP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4B3FED5B-FF46-4FFF-BF05-1356F2FB3513}C:\\program files\\maïdo production\\izispot 4\\izispot.exe"= UDP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"UDP Query User{9B038FC7-4582-45F8-9224-CDDA5954E190}C:\\program files\\maïdo production\\izispot 4\\izispot.exe"= TCP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"TCP Query User{D0799156-98F3-4E0C-8C98-81A8BA6BE506}C:\\program files\\free music zilla\\fmzilla.exe"= UDP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"UDP Query User{35D698C8-040F-437F-B99D-9006B8D91992}C:\\program files\\free music zilla\\fmzilla.exe"= TCP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"TCP Query User{02929E58-670F-411C-BA2C-7AB3CDD98A76}C:\\program files\\homeplayer1.5.4\\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.4\homeplayer.exe:HomePlayer
"UDP Query User{BEE4A4C8-4958-4929-83B9-768CAE7525F6}C:\\program files\\homeplayer1.5.4\\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.4\homeplayer.exe:HomePlayer
"{C9AB4F60-2D73-4F79-9C59-1DED6F4D775F}"= Disabled:UDP:C:\Users\Baptiste\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{26B24D5D-0A91-4EAA-B441-9B975EB1542C}"= Disabled:TCP:C:\Users\Baptiste\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{EBDAED39-E14E-430C-A46F-E236931F2777}"= Disabled:UDP:C:\Users\Show Diam's\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{51122B6C-C8A5-4620-8648-9632BBE9ECEA}"= Disabled:TCP:C:\Users\Show Diam's\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{473626C1-96BC-4704-A45E-A4C185C13C8E}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{6A9D5F64-E313-4AB7-B1F4-6FFB56269D66}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{141DBCAA-7EE4-4E8C-8943-9FECC2B7D04E}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{C0A138CD-69A8-469A-A6F6-4D12F079B33E}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{EC9719A8-A7D0-43FC-BC35-719CE02D78BB}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{B2B6F742-EB18-45D4-B950-C6EDB0999528}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{5ACF0AB2-9A0A-4695-AECC-9AE0D8F33DEC}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{21CF4D9D-AF4F-42FB-9E8C-661537DC20C3}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{AE9BACA2-0A74-4148-B06F-7030982DFAF0}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{FC976B91-6B36-4719-B01C-1D4918875C4D}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\Home Cinema\PowerDVD\000.fcl [2006-11-02 16:51]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
R3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;C:\Windows\system32\DRIVERS\usbgene.sys [2007-06-26 13:44]
R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS [2007-06-15 21:47]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;C:\Windows\system32\Drivers\PMUSB.sys [2004-11-25 17:11]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S3 rockusb;Driver for rockusb Device;C:\Windows\system32\DRIVERS\rockusb.sys [2006-03-22 20:57]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6314ffc3-8d40-11dc-85d9-806e6f6e6963}]
\shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c826d863-f685-11dc-8bbb-0040d0c101c2}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\launcher\launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c1ff-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - F:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c211-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - H:\menu.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c213-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - I:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c215-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - J:\Autorun.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-20 17:40:11
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-20 17:41:22
ComboFix-quarantined-files.txt 2008-05-20 15:41:14

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

334 --- E O F --- 2008-05-18 19:45:58


Contenus similaires
20 Mai 2008 21:26:22

Re ,

Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer , fais le )

Fais un scan en ligne Kaspersky [:eric_71:19] < ici avec Internet Explorer !

Clique sur Demarrer Online-Scanner ( en bas à droite )
Clique sur J'accepte , si necessaire valide l'installation des ActiveX
laisse installer les Mises à jour , choisis l'analyse du Poste de travail

à la fin de l'analyse , Sauvegarde le rapport puis colle le dans ta réponse

Si tu vois ce message : La licence de Kaspersky On-line Scanner est périmée
vas dans Ajout / Suppression de programmes et désinstalle On-Line Scanner
retourne sur le site et retente le scan

21 Mai 2008 00:01:18

Sa ne marche pas ! Il me dit qu'il n'arrive pas à télécharger les Active X ! Malgrés plusieurs tentatives !
21 Mai 2008 20:59:08

Ok , on va changer ,

Télécharge MalwareBytes' Anti-Malwares [:eric_71:21] < ici

Double clique sur Download_mbam-setup.exe pour lancer l'installation
Autorise le téléchargement des mises à jour !

Redémarre en mode sans echec ( > Mode Sans Echec < )

Double clique sur le raccourci Malwarebytes présent sur ton bureau
Coche Exécuter un examen complet , puis clique sur [Rechercher]
A la fin du scan , clique sur [Afficher les resultats]
Si objets infectés sont trouvés , clique sur [Supprimer la sélection]

Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )

23 Mai 2008 08:30:36

Désolé pour ma réponse tardive mais j'ai eu beaucoup de travail ses derniers jours .

La rapport de MalwareBytes dit qu'il n'y à rien d'infécté c'est tout ...
23 Mai 2008 12:19:01


Ok , tu as toujours des problèmes ?
23 Mai 2008 18:47:25

Oui , toujours pas de Wifi malgré sa réinstalation , Avast toujours désactivé etc...
23 Mai 2008 18:55:37

Ok , tu peux refaire un Combofix ?
23 Mai 2008 20:42:01

ComboFix 08-05-19.4 - Baptiste 2008-05-23 19:35:41.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2183 [GMT 2:00]
Endroit: C:\Users\Baptiste\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

((((((((((((((((((((((((((((( Fichiers créés 2008-04-23 to 2008-05-23 ))))))))))))))))))))))))))))))))))))
.

2008-05-22 21:34 . 2008-05-22 21:34 1,048,576 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539864-6a70-11db-887c-d362bd253390}.TxR.2.regtrans-ms
2008-05-22 21:34 . 2008-05-22 21:34 1,048,576 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539864-6a70-11db-887c-d362bd253390}.TxR.1.regtrans-ms
2008-05-22 21:34 . 2008-05-22 21:34 1,048,576 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539864-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
2008-05-22 21:34 . 2008-05-22 21:34 65,536 --ahs---- C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539864-6a70-11db-887c-d362bd253390}.TxR.blf
2008-05-22 21:28 . 2008-05-22 21:28 <REP> d-------- C:\Users\Baptiste\AppData\Roaming\Malwarebytes
2008-05-22 21:28 . 2008-05-22 21:28 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-05-22 21:28 . 2008-05-22 21:28 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-22 21:28 . 2008-05-22 21:28 <REP> d-------- C:\PROGRA~2\Malwarebytes
2008-05-22 21:28 . 2008-05-05 20:46 27,048 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-05-22 21:28 . 2008-05-05 20:46 15,864 --a------ C:\Windows\System32\drivers\mbam.sys
2008-05-19 22:32 . 2008-05-19 22:37 1,905 --a------ C:\Windows\diagwrn.xml
2008-05-19 22:32 . 2008-05-19 22:37 1,905 --a------ C:\Windows\diagerr.xml
2008-05-18 21:24 . 2008-05-18 21:24 691 --a------ C:\Users\Baptiste\AppData\Roaming\GetValue.vbs
2008-05-18 21:24 . 2008-05-18 21:24 35 --a------ C:\Users\Baptiste\AppData\Roaming\SetValue.bat
2008-05-18 21:22 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-05-18 21:22 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-05-18 21:22 . 2008-05-15 23:22 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-05-18 21:22 . 2008-04-28 08:03 82,944 --a------ C:\Windows\System32\IEDFix.exe
2008-05-18 21:22 . 2008-04-28 08:03 82,944 --a------ C:\Windows\System32\404Fix.exe
2008-05-18 21:22 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-05-18 21:22 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-05-18 21:22 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-05-18 21:22 . 2008-05-18 21:24 2,778 --a------ C:\Windows\System32\tmp.reg
2008-05-18 19:25 . 2008-05-18 19:25 268 --ah----- C:\sqmdata09.sqm
2008-05-18 19:25 . 2008-05-18 19:25 244 --ah----- C:\sqmnoopt09.sqm
2008-05-18 18:37 . 2008-05-18 18:37 <REP> d-------- C:\Program Files\CCleaner
2008-05-17 17:55 . 2008-05-17 17:55 268 --ah----- C:\sqmdata08.sqm
2008-05-17 17:55 . 2008-05-17 17:55 244 --ah----- C:\sqmnoopt08.sqm
2008-05-17 16:40 . 2008-05-17 16:41 49 --a------ C:\Windows\NeroDigital.ini
2008-05-17 15:57 . 2008-05-17 15:57 <REP> d-------- C:\Users\All Users\Grisoft
2008-05-17 15:57 . 2008-05-17 15:57 <REP> d-------- C:\PROGRA~2\Grisoft
2008-05-17 12:49 . 2008-05-17 12:49 268 --ah----- C:\sqmdata07.sqm
2008-05-17 12:49 . 2008-05-17 12:49 244 --ah----- C:\sqmnoopt07.sqm
2008-05-17 12:44 . 2008-05-17 12:44 268 --ah----- C:\sqmdata06.sqm
2008-05-17 12:44 . 2008-05-17 12:44 244 --ah----- C:\sqmnoopt06.sqm
2008-05-17 00:15 . 2008-05-17 00:15 268 --ah----- C:\sqmdata05.sqm
2008-05-17 00:15 . 2008-05-17 00:15 244 --ah----- C:\sqmnoopt05.sqm
2008-05-15 17:11 . 2008-05-15 17:11 <REP> d-------- C:\Users\All Users\PC SOFT
2008-05-15 17:11 . 2008-05-15 17:11 <REP> d-------- C:\PROGRA~2\PC SOFT
2008-05-15 17:11 . 2008-05-15 17:11 <REP> d-------- C:\EmailingPro
2008-05-14 19:13 . 2008-05-14 19:13 268 --ah----- C:\sqmdata04.sqm
2008-05-14 19:13 . 2008-05-14 19:13 244 --ah----- C:\sqmnoopt04.sqm
2008-05-13 19:15 . 2008-05-13 19:15 244 --ah----- C:\sqmnoopt03.sqm
2008-05-13 19:15 . 2008-05-13 19:15 232 --ah----- C:\sqmdata03.sqm
2008-05-13 17:21 . 2008-05-13 18:52 <REP> d-------- C:\Windows\BDOSCAN8
2008-05-13 17:14 . 2008-05-18 19:25 <REP> d-------- C:\Users\Baptiste\.housecall6.6
2008-05-13 17:09 . 2008-05-13 17:09 268 --ah----- C:\sqmdata02.sqm
2008-05-13 17:09 . 2008-05-13 17:09 244 --ah----- C:\sqmnoopt02.sqm
2008-05-13 16:35 . 2008-05-13 16:35 268 --ah----- C:\sqmdata01.sqm
2008-05-13 16:35 . 2008-05-13 16:35 244 --ah----- C:\sqmnoopt01.sqm
2008-05-13 16:21 . 2008-05-13 16:21 268 --ah----- C:\sqmdata00.sqm
2008-05-13 16:21 . 2008-05-13 16:21 244 --ah----- C:\sqmnoopt00.sqm
2008-05-13 16:19 . 2008-05-13 16:19 <REP> d-------- C:\Users\Baptiste\AppData\Roaming\Oxemis
2008-05-12 17:08 . 2008-05-12 17:08 <REP> d-------- C:\Program Files\Goto Software
2008-05-11 19:19 . 2008-05-11 19:19 <REP> d-------- C:\temp\Oxemis
2008-05-11 19:18 . 2008-05-11 19:18 <REP> d-------- C:\Users\Show Diam's\AppData\Roaming\Oxemis
2008-05-11 19:18 . 2008-05-11 19:18 <REP> d-------- C:\Program Files\Oxemis
2008-05-11 18:21 . 2008-05-11 18:21 <REP> d-------- C:\Users\Show Diam's\AppData\Roaming\DivX
2008-05-10 18:22 . 2008-05-10 18:23 <REP> d-------- C:\Users\All Users\IM
2008-05-10 18:22 . 2008-05-10 18:23 <REP> d-------- C:\PROGRA~2\IM
2008-05-10 18:21 . 2008-05-10 18:21 <REP> d-------- C:\Users\All Users\IncrediMail
2008-05-10 18:21 . 2008-05-14 19:59 <REP> d-------- C:\Program Files\IncrediMail
2008-05-10 18:21 . 2008-05-10 18:21 <REP> d-------- C:\PROGRA~2\IncrediMail
2008-05-08 03:33 . 2008-05-08 03:44 <REP> d-------- C:\Program Files\GestProdRemb
2008-05-05 18:44 . 2008-05-05 18:44 <REP> d-------- C:\Program Files\Anuman Interactive
2008-05-04 18:00 . 2008-05-20 17:50 <REP> d-------- C:\Program Files\Mozilla Firefox 3 Beta 5
2008-05-04 17:04 . 2008-05-04 17:04 <REP> d-------- C:\Program Files\Graphex3
2008-05-04 17:04 . 2008-05-04 17:07 77 --a------ C:\Windows\Graphex3.ini
2008-04-28 20:05 . 2008-04-28 20:07 <REP> d-------- C:\Users\Baptiste\AppData\Roaming\Orbit
2008-04-28 19:58 . 2008-04-28 19:58 <REP> d-------- C:\Users\Baptiste\AppData\Roaming\vlc
2008-04-28 19:55 . 2008-04-28 19:58 <REP> d-------- C:\Users\Baptiste\.homeplayer
2008-04-28 19:54 . 2008-04-28 19:55 <REP> d-------- C:\Program Files\HomePlayer1.5.4
2008-04-27 10:56 . 2008-04-27 10:56 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-04-27 10:56 . 2004-05-11 08:14 719,872 --a------ C:\Windows\System32\devil.dll
2008-04-27 10:56 . 2006-05-11 18:32 502,784 --a------ C:\Windows\x2.64.exe
2008-04-27 10:56 . 2006-12-12 14:15 471,552 --a------ C:\Windows\System32\Smab.dll
2008-04-27 10:56 . 2006-11-12 13:44 306,688 --a------ C:\Windows\System32\avisynth.dll
2008-04-27 10:56 . 2005-11-10 13:16 240,128 --a------ C:\Windows\System32\x.264.exe
2008-04-27 10:56 . 2006-04-12 09:47 217,073 --a------ C:\Windows\meta4.exe
2008-04-27 10:56 . 2004-01-03 00:08 70,656 --a------ C:\Windows\System32\yv12vfw.dll
2008-04-27 10:56 . 2004-01-03 00:08 70,656 --a------ C:\Windows\System32\i420vfw.dll
2008-04-27 10:56 . 2006-04-05 08:09 66,560 --a------ C:\Windows\MOTA113.exe
2008-04-27 10:56 . 2005-07-11 12:31 27,648 --a------ C:\Windows\System32\AVSredirect.dll
2008-04-27 10:55 . 2008-04-27 10:55 <REP> d-------- C:\Program Files\eRightSoft
2008-04-27 10:52 . 2008-04-27 10:52 <REP> d-------- C:\Program Files\Free Music Zilla
2008-04-25 19:36 . 2003-09-20 10:09 1,118,720 --a------ C:\Windows\System32\~GLH28a3.TMP
2008-04-25 19:36 . 2003-09-20 10:09 44,032 --a------ C:\Windows\System32\~GLH28a5.TMP

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 17:36 --------- d-----w C:\Users\Baptiste\AppData\Roaming\Free Download Manager
2008-05-18 19:45 --------- d-----w C:\Program Files\Windows Mail
2008-05-18 19:45 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-05-18 17:06 42,049 ----a-w C:\Users\Show Diam's\AppData\Roaming\nvModes.dat
2008-05-17 15:52 63,201 ----a-w C:\Users\Baptiste\AppData\Roaming\nvModes.dat
2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-05-14 14:57 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-10 16:32 --------- d-----w C:\Program Files\Java
2008-05-06 07:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-19 16:48 --------- d-----w C:\Program Files\Firefly Studios
2008-04-19 14:45 --------- d-----w C:\PROGRA~2\FLEXnet
2008-04-19 13:43 --------- d-----w C:\Program Files\PopCap Games
2008-04-19 13:43 --------- d-----w C:\PROGRA~2\PopCap
2008-04-19 13:00 --------- d-----w C:\Users\Baptiste\AppData\Roaming\InstallShield Installation Information
2008-04-19 10:50 --------- d-----w C:\Program Files\IndustryGiant 2
2008-04-19 00:53 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-18 23:31 --------- d-----w C:\Program Files\Maïdo Production
2008-04-18 22:33 --------- d-----w C:\Program Files\HP
2008-04-18 22:12 --------- d-----w C:\Program Files\DivX
2008-04-17 18:28 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\Talkback
2008-04-09 12:28 --------- d-----w C:\Users\Show Diam's\AppData\Roaming\HP
2008-04-01 22:40 311,296 ------w C:\Windows\Setup1.exe
2008-04-01 22:40 --------- d-----w C:\Program Files\eX-Sense
2008-04-01 22:39 73,216 ----a-w C:\Windows\ST6UNST.EXE
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-31 19:08 --------- d-----w C:\Program Files\PIXELA
2008-03-31 18:20 --------- d-----w C:\PROGRA~2\Ciel
2008-03-31 13:12 --------- d-----w C:\Program Files\Ciel
2008-03-31 13:09 --------- d-----w C:\Program Files\Common Files\Ciel
2008-03-31 13:07 --------- d-----w C:\Program Files\Common Files\Sage
2008-03-29 22:53 --------- d-----w C:\Program Files\LMSOFT Web Creator Pro 4
2008-03-29 22:36 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00006.tmp
2008-03-29 22:35 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00005.tmp
2008-03-29 22:31 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00004.tmp
2008-03-29 22:31 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00003.tmp
2008-03-29 22:29 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00002.tmp
2008-03-29 22:27 --------- d-----w C:\Users\Baptiste\AppData\Roaming\~LM00001.tmp
2008-03-29 21:21 --------- d-----w C:\Program Files\Mindscape
2008-03-29 21:11 --------- d-----w C:\Program Files\CoffeeCup Software
2008-03-29 11:34 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-03-29 11:34 25,416 ----a-w C:\Windows\system32\drivers\lirsgt.sys
2008-03-29 11:12 --------- d-----w C:\Program Files\Elektrogames
2008-03-29 09:54 --------- d-----w C:\Program Files\EA GAMES
2008-03-28 22:00 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-28 21:58 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-27 17:56 --------- d-----w C:\Program Files\Electronic Arts
2008-03-27 15:09 --------- d-----w C:\Program Files\EBP
2008-03-26 17:59 174 --sha-w C:\Program Files\desktop.ini
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Journal
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Defender
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-26 17:50 --------- d-----w C:\Program Files\Windows Calendar
2008-03-26 17:32 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-26 17:31 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-26 16:39 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-26 16:39 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-26 13:57 --------- d-----w C:\Program Files\Infogrames
2008-03-26 13:54 --------- d-----w C:\Program Files\UltraDefrag
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-03-05 14:03 479,752 ----a-w C:\Windows\System32\XAudio2_0.dll
2008-03-05 14:03 238,088 ----a-w C:\Windows\System32\xactengine3_0.dll
2008-03-05 14:00 25,608 ----a-w C:\Windows\System32\X3DAudio1_3.dll
2008-03-05 13:56 3,786,760 ----a-w C:\Windows\System32\D3DX9_37.dll
2008-03-05 13:56 1,420,824 ----a-w C:\Windows\System32\D3DCompiler_37.dll
2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 04:21 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2007-11-16 19:25 1,569 ----a-w C:\Program Files\uninstal.log
2006-05-03 10:06 163,328 --sh--r C:\Windows\System32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\Windows\System32\msfDX.dll
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 00:33 1233920]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2007-11-02 01:04 2445359]
"Free Upload Manager"="C:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 20:13 253952]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [ ]
"L08FXLRD_43933594"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe" [ ]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 00:33 125952]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 00:33 202240]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 00:38 1008184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 08:23 102400]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
ImageMixer HDD Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2008-03-31 21:08:15 2117632]
La Solution Ciel.lnk - C:\Program Files\Ciel\Starter.exe [2008-03-31 15:06:19 524288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^games.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\games.lnk
backup=C:\Windows\pss\games.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agendatronic Alarm]
C:\PROGRA~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-12-23 18:05 143360 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GenePccMon.exe]
--a------ 2007-02-13 17:21 36864 C:\Program Files\Genesys PC Camera Device\GenePccMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-12-10 22:52 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L08FXLRD_24088410]
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L08FXLRD_35605590]
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2007-02-07 16:21 54832 C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2007-03-14 21:01 71216 C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4080839928-3581851634-3062702128-1000]
"EnableNotificationsRef"=dword:00000005

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C0D73858-52AC-43B4-9CED-BA631C817A7E}"= C:\Program Files\Home Cinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{FD5BFD9B-4D3F-45F3-96C8-53E84C851206}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{66C85590-C5F2-46DD-963C-04BA7890921E}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{79DC2606-CDA0-4EC2-B8DE-2DF95AAF08C0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{8BC7E3A2-7686-4696-AE9B-ECA86B669DA9}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{4278C95A-3DCE-4706-8EDE-D91A19AC65F1}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{04AD27ED-0D6C-4929-81DE-C6B60A4F4419}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{702341EB-4633-4C95-93D3-D66B2DCE75E5}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{04F93144-140D-47A3-8AAA-46A0E6899C70}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{E6AB6BB0-7BB7-401A-BCD5-128BEFBDF92D}C:\\program files\\free music zilla\\fmzilla.exe"= UDP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"UDP Query User{5AF037C0-DF06-43D2-80F2-1ECDE5A4B917}C:\\program files\\free music zilla\\fmzilla.exe"= TCP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"{106634E0-2A2E-42BC-ACCB-1A6498DE72E9}"= Disabled:UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{6EB3FE0F-3FA1-4453-B047-138D0AF2E445}"= Disabled:TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{7B37E610-7E70-48F8-845A-B4F919548610}"= UDP:C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{3D209BA5-BC52-4130-A313-488E51090F1E}"= TCP:C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{15F736A1-893B-492A-B640-739A3B7171ED}"= UDP:C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander - Forged Alliance
"{68A0320C-BC7B-43BC-9FD6-1C430813858F}"= TCP:C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander - Forged Alliance
"TCP Query User{6839FF96-2036-4992-B7F0-2DA3368A954F}C:\\program files\\promptpilote\\promptpilote.exe"= UDP:C:\program files\promptpilote\promptpilote.exe:p romptPilote
"UDP Query User{54A59DF8-61BE-432E-9391-9D8A1172E6E8}C:\\program files\\promptpilote\\promptpilote.exe"= TCP:C:\program files\promptpilote\promptpilote.exe:p romptPilote
"TCP Query User{8435AC73-3924-40F9-A5A0-82A9B6EB085E}C:\\windows\\temp\\occ.exe"= UDP:C:\windows\temp\occ.exe:o cc.exe
"UDP Query User{5D1F1D4F-3561-4191-9B3A-70CF4E353AFB}C:\\windows\\temp\\occ.exe"= TCP:C:\windows\temp\occ.exe:o cc.exe
"TCP Query User{896CA3AD-BF88-4773-800A-A1C1624F20A6}C:\\users\\baptiste\\appdata\\local\\temp\\rar$ex00.652\\freezer.exe"= UDP:C:\users\baptiste\appdata\local\temp\rar$ex00.652\freezer.exe:freezer.exe
"UDP Query User{67E7C573-536B-40DE-B0CE-4A81BC9F6628}C:\\users\\baptiste\\appdata\\local\\temp\\rar$ex00.652\\freezer.exe"= TCP:C:\users\baptiste\appdata\local\temp\rar$ex00.652\freezer.exe:freezer.exe
"TCP Query User{7FB21591-DD84-4D83-9AD2-3E0286FACBFC}C:\\users\\baptiste\\desktop\\freezer.exe"= UDP:C:\users\baptiste\desktop\freezer.exe:freezer.exe
"UDP Query User{D7CB5F5A-9D98-4E36-BE6B-21341BEFEB14}C:\\users\\baptiste\\desktop\\freezer.exe"= TCP:C:\users\baptiste\desktop\freezer.exe:freezer.exe
"TCP Query User{316B9FAE-B850-4E58-B309-BE17A8F00AE0}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= UDP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{D966E60E-4B35-48C4-9BFC-44848A51649D}C:\\program files\\java\\jre1.6.0_03\\bin\\javaw.exe"= TCP:C:\program files\java\jre1.6.0_03\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{4B3FED5B-FF46-4FFF-BF05-1356F2FB3513}C:\\program files\\maïdo production\\izispot 4\\izispot.exe"= UDP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"UDP Query User{9B038FC7-4582-45F8-9224-CDDA5954E190}C:\\program files\\maïdo production\\izispot 4\\izispot.exe"= TCP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot
"TCP Query User{D0799156-98F3-4E0C-8C98-81A8BA6BE506}C:\\program files\\free music zilla\\fmzilla.exe"= UDP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"UDP Query User{35D698C8-040F-437F-B99D-9006B8D91992}C:\\program files\\free music zilla\\fmzilla.exe"= TCP:C:\program files\free music zilla\fmzilla.exe:FMZilla Module
"TCP Query User{02929E58-670F-411C-BA2C-7AB3CDD98A76}C:\\program files\\homeplayer1.5.4\\homeplayer.exe"= UDP:C:\program files\homeplayer1.5.4\homeplayer.exe:HomePlayer
"UDP Query User{BEE4A4C8-4958-4929-83B9-768CAE7525F6}C:\\program files\\homeplayer1.5.4\\homeplayer.exe"= TCP:C:\program files\homeplayer1.5.4\homeplayer.exe:HomePlayer
"{C9AB4F60-2D73-4F79-9C59-1DED6F4D775F}"= Disabled:UDP:C:\Users\Baptiste\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{26B24D5D-0A91-4EAA-B441-9B975EB1542C}"= Disabled:TCP:C:\Users\Baptiste\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{EBDAED39-E14E-430C-A46F-E236931F2777}"= Disabled:UDP:C:\Users\Show Diam's\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{51122B6C-C8A5-4620-8648-9632BBE9ECEA}"= Disabled:TCP:C:\Users\Show Diam's\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{473626C1-96BC-4704-A45E-A4C185C13C8E}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{6A9D5F64-E313-4AB7-B1F4-6FFB56269D66}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{141DBCAA-7EE4-4E8C-8943-9FECC2B7D04E}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{C0A138CD-69A8-469A-A6F6-4D12F079B33E}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{EC9719A8-A7D0-43FC-BC35-719CE02D78BB}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{B2B6F742-EB18-45D4-B950-C6EDB0999528}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{5ACF0AB2-9A0A-4695-AECC-9AE0D8F33DEC}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{21CF4D9D-AF4F-42FB-9E8C-661537DC20C3}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{AE9BACA2-0A74-4148-B06F-7030982DFAF0}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{FC976B91-6B36-4719-B01C-1D4918875C4D}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\Home Cinema\PowerDVD\000.fcl [2006-11-02 16:51]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;C:\Windows\system32\DRIVERS\usbgene.sys [2007-06-26 13:44]
R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS [2007-06-15 21:47]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;C:\Windows\system32\Drivers\PMUSB.sys [2004-11-25 17:11]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S3 rockusb;Driver for rockusb Device;C:\Windows\system32\DRIVERS\rockusb.sys [2006-03-22 20:57]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c826d863-f685-11dc-8bbb-0040d0c101c2}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\launcher\launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c1ff-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - F:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c211-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - H:\menu.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c213-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - I:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9f8c215-8f78-11dc-a22d-0040d0c101c2}]
\shell\AutoRun\command - J:\Autorun.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-23 19:38:57
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\Windows\Explorer.exe
-> ?:\Windows\system32\urlmon.dll
.
Temps d'accomplissement: 2008-05-23 19:40:38
ComboFix-quarantined-files.txt 2008-05-23 17:40:29
ComboFix2.txt 2008-05-20 15:41:24

Pre-Run: 88,778,317,824 octets libres
Post-Run: 88,748,949,504 octets libres

349 --- E O F --- 2008-05-18 19:45:58
24 Mai 2008 00:19:31

C'est fait ... Le centre de sécu remarche , le pare feu aussi , toujours pas de Wifi impossible à reactiver ...
24 Mai 2008 08:46:50

Je viens de re-reinstaller les pilotes Wifi mais toujours rien ...
24 Mai 2008 23:03:00

SAYEZ !!! J'ai trouvé la solution sur internet !!!! Mon wifi remarche ! Pour ceux que sa interresse :

Vous devez aller dans la base de registre avec regedit ou autre.

1. Demarrer > executer > Tapez : "regedit" en ok

2. Allez sur HKEY Local Machine > system > CurrentControlSet > Services > Ndisuio

Dans cette clé il y a une entrée nommée "START", double cliquez dessus. Cette entrée doit être 2 pour que le protocole NDIS E/S demarre correctement.

Un virus comme "bagle / Beagle" change cette entrée et la met sur 4 (disable) et cause le probleme que vous avez.

si vous trouvez 4, remettez 2.

Reboutez ensuite votre PC et tout devrait rentrer dans l'ordre.



source : http://www.commentcamarche.net/forum/affich-5364521-ser...




MERCI ENCORE POUR TES CONSEILS ET TON AIDE ! LONGUE VIE A INFOS DU NET !
25 Mai 2008 00:58:25

Ok , merci pour l'info :) 

Clique, dans ton premier message, sur le bouton "Editer"
Ajoute [Résolu] au titre
Clique ensuite sur "Valider votre message"



Bonne continuation ;) 

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS