pb mon pc rame et de bcp de logiciels bug. Virus?
Forum Sécurité - Virus : pb mon pc rame et de bcp de logiciels bug. Virus?
Bonsoir a tous.
Depuis quelques jour mon pc rame de plus en plus. Je n'arrive plus a insteller ou a deseinstaller des programmes et j'ai des problème d'affichage de page avec firefox. Cela est peut être causé par un virus, j'ai fais un scan avec Hijackthis. J'attend vos conseil.
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 17:31:51, on 16/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cleanmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
H:\logiciel contre les virus\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://G:\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Bonsoir,
| Citation : j'ai des problème d'affichage de page avec firefox |
des pubs intempestives ?
- Renomme le fichier HijackThis.exe par exemple en Scanner.exe
(le renommer permet de faire apparaître des infections qui se cachent dès qu'elles détectent HijackThis.exe)
- Lance Scanner.exe
- Clique sur "Do a system scan and save a logfile" et poste le rapport avec copier/coller
Répondre à esteban54
voila le scan après que j'ai rennomer en Scanner.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:53:43, on 16/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
H:\logiciel contre les virus\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://G:\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
rien de méchant avec HijackThis.
1/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
2/ Télécharge F-Secure Blacklight
- Lance F-Secure Blacklight (fichier blbeta.exe)
- Accepte la licence, et clique enfin sur "Scan" puis Next et Exit.
- Un rapport fsbl-bxxxx.log (xx sont des chiffres) va être créé dans le même dossier que blbeta.exe
- Ouvre fsbl-bxxxx.log et copie/colle le contenu ici.
3/ Télécharge combofix.exe (par sUBs) sur ton Bureau.
Double-clique sur combofix.exe.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra (localisé ici : C:\ComboFix.txt)
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau rapport Hijackthis.
Répondre à esteban54
alors voila hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:52:45, on 16/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
H:\logiciel contre les virus\Scanner.exe.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://G:\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
maintenant Combofix
Hamza - 06-12-16 23:49:35,34 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Program Files\Mozilla Firefox"
((((((((((((((((((((((((((((((( Files Created from 2006-11-16 to 2006-12-16 ))))))))))))))))))))))))))))))))))
2006-12-16 12:07 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\Lavasoft
2006-12-16 11:22 <REP> d-------- C:\Program Files\Lavasoft
2006-12-16 00:38 <REP> dr-h----- C:\Documents and Settings\Hamza\Recent
2006-12-13 22:17 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\BitTorrent
2006-12-13 22:10 <REP> d-------- C:\Program Files\BitTorrent
2006-12-13 20:42 <REP> d-------- C:\Program Files\Azureus
2006-12-06 22:13 <REP> d-------- C:\Program Files\LocalCooling
2006-12-03 20:10 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-12-03 20:08 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2006-12-03 20:08 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2006-12-03 20:08 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
2006-12-03 20:08 <REP> d-------- C:\Program Files\AVSMedia
2006-12-03 00:28 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\vlc
2006-12-02 21:53 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\dvdcss
2006-11-26 20:51 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\ESTSoft
2006-11-26 20:50 <REP> d-------- C:\Program Files\ESTsoft
2006-11-26 19:26 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\Help
2006-11-25 08:26 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2006-11-25 08:24 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2006-11-25 08:23 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2006-11-25 08:22 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2006-11-25 08:22 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2006-11-25 08:21 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2006-11-25 08:21 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2006-11-25 08:20 <REP> d-------- C:\TELL ME MORE ARABIC
2006-11-19 22:13 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
2006-11-19 22:13 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2006-11-18 12:17 <REP> d-------- C:\842d049da59fbbb43420f56c4a
2006-11-18 04:03 <REP> d-------- C:\3cb423fa1a8272b1e0213ee4dd
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-16 23:49 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-16 17:38 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Tor
2006-12-10 20:46 0 --a------ C:\Documents and Settings\Hamza\Application Data\AVSDVDPlayer.m3u
2006-12-06 19:37 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-12-03 20:08 -------- d-------- C:\Program Files\Fichiers communs
2006-12-03 10:52 -------- d---s---- C:\Documents and Settings\Hamza\Application Data\Microsoft
2006-11-25 08:26 -------- d-------- C:\Program Files\Windows Media Player
2006-11-19 23:06 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-19 22:15 -------- d-------- C:\Program Files\Astonsoft
2006-11-18 12:18 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-17 18:14 -------- d-------- C:\Program Files\Internet Explorer
2006-10-28 21:51 -------- d-------- C:\Program Files\Free Audio Pack
2006-10-28 21:41 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Macromedia
2006-10-28 17:50 -------- d-------- C:\Documents and Settings\Hamza\Application Data\DeepBurner
2006-10-27 11:44 -------- d-------- C:\Documents and Settings\Hamza\Application Data\AdobeUM
2006-10-27 09:31 -------- d-------- C:\Program Files\Neodivx
2006-10-27 01:32 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-27 01:08 -------- d-------- C:\Program Files\Fichiers communs\DirectX
2006-10-26 11:13 -------- d-------- C:\Program Files\IP Anonymizer
2006-10-26 11:03 -------- d-------- C:\Program Files\Tor
2006-10-26 10:51 -------- d-------- C:\Program Files\Fichiers communs\Real
2006-10-26 10:51 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Real
2006-10-26 10:48 -------- d-------- C:\Program Files\ID-Blaster Plus
2006-10-26 10:24 -------- d-------- C:\Program Files\Real
2006-10-25 15:32 -------- d-------- C:\Program Files\CCleaner
2006-10-20 21:41 -------- d-------- C:\Program Files\Postal2
2006-10-20 20:22 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 20:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 20:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-28 19:34 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-09-27 20:38 62 ---hs---- C:\Documents and Settings\Hamza\Application Data\desktop.ini
2006-09-27 18:52 0 -rahs---- C:\MSDOS.SYS
2006-09-27 18:52 0 -rahs---- C:\IO.SYS
2006-09-27 18:52 0 --a------ C:\CONFIG.SYS
2006-09-27 18:52 0 --a------ C:\AUTOEXEC.BAT
2006-09-27 18:05 73728 --a------ C:\WINDOWS\system32\sockspy.dll
2006-09-27 18:03 77824 --a------ C:\WINDOWS\system32\xcomm.dll
2006-09-27 17:22 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-09-27 17:19 81920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-09-27 17:19 17134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"VTTimer"="VTTimer.exe"
"VTTrayp"="VTtrayp.exe"
"SoundMan"="SOUNDMAN.EXE"
"BDMCon"="C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdmcon.exe"
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\""
"HPHUPD08"="C:\\Program Files\\HP\\Digital Imaging\\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\\hphupd08.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"USBDetector"="C:\\USBStorage\\USBDetector.exe"
"LocalCooling"="\"C:\\Program Files\\LocalCooling\\localcooling.exe\" -s"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoSizeChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoActiveDesktop"=dword:00000000
"NoSaveSettings"=dword:00000000
"ClassicShell"=dword:00000000
"NoThemesTab"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableTaskMgr"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Démarrage rapide du logiciel HP Image Zone.lnk"
"backup"="C:\\WINDOWS\\pss\\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s"
"item"="Démarrage rapide du logiciel HP Image Zone"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPAnonymizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IP Anonymizer"
"hkey"="HKLM"
"command"="C:\\Program Files\\IP Anonymizer\\IP Anonymizer.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="steam"
"hkey"="HKCU"
"command"="\"c:\\program files\\valve\\steam\\steam.exe\" -silent"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=dword:00000003
"MSIServer"=dword:00000003
"Eventlog"=dword:00000002
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\HPpromotions journeysoftware.job
Completion time: 06-12-16 23:51:08.64
C:\ComboFix.txt ... 06-12-16 23:51
Et pour finir le rapport de F-Secure
Hamza - 06-12-16 23:49:35,34 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Program Files\Mozilla Firefox"
((((((((((((((((((((((((((((((( Files Created from 2006-11-16 to 2006-12-16 ))))))))))))))))))))))))))))))))))
2006-12-16 12:07 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\Lavasoft
2006-12-16 11:22 <REP> d-------- C:\Program Files\Lavasoft
2006-12-16 00:38 <REP> dr-h----- C:\Documents and Settings\Hamza\Recent
2006-12-13 22:17 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\BitTorrent
2006-12-13 22:10 <REP> d-------- C:\Program Files\BitTorrent
2006-12-13 20:42 <REP> d-------- C:\Program Files\Azureus
2006-12-06 22:13 <REP> d-------- C:\Program Files\LocalCooling
2006-12-03 20:10 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-12-03 20:08 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2006-12-03 20:08 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2006-12-03 20:08 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
2006-12-03 20:08 <REP> d-------- C:\Program Files\AVSMedia
2006-12-03 00:28 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\vlc
2006-12-02 21:53 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\dvdcss
2006-11-26 20:51 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\ESTSoft
2006-11-26 20:50 <REP> d-------- C:\Program Files\ESTsoft
2006-11-26 19:26 <REP> d-------- C:\Documents and Settings\Hamza\Application Data\Help
2006-11-25 08:26 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2006-11-25 08:24 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2006-11-25 08:23 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2006-11-25 08:22 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2006-11-25 08:22 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2006-11-25 08:21 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2006-11-25 08:21 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2006-11-25 08:20 <REP> d-------- C:\TELL ME MORE ARABIC
2006-11-19 22:13 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
2006-11-19 22:13 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2006-11-18 12:17 <REP> d-------- C:\842d049da59fbbb43420f56c4a
2006-11-18 04:03 <REP> d-------- C:\3cb423fa1a8272b1e0213ee4dd
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-16 23:49 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-16 17:38 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Tor
2006-12-10 20:46 0 --a------ C:\Documents and Settings\Hamza\Application Data\AVSDVDPlayer.m3u
2006-12-06 19:37 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-12-03 20:08 -------- d-------- C:\Program Files\Fichiers communs
2006-12-03 10:52 -------- d---s---- C:\Documents and Settings\Hamza\Application Data\Microsoft
2006-11-25 08:26 -------- d-------- C:\Program Files\Windows Media Player
2006-11-19 23:06 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-19 22:15 -------- d-------- C:\Program Files\Astonsoft
2006-11-18 12:18 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-17 18:14 -------- d-------- C:\Program Files\Internet Explorer
2006-10-28 21:51 -------- d-------- C:\Program Files\Free Audio Pack
2006-10-28 21:41 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Macromedia
2006-10-28 17:50 -------- d-------- C:\Documents and Settings\Hamza\Application Data\DeepBurner
2006-10-27 11:44 -------- d-------- C:\Documents and Settings\Hamza\Application Data\AdobeUM
2006-10-27 09:31 -------- d-------- C:\Program Files\Neodivx
2006-10-27 01:32 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-27 01:08 -------- d-------- C:\Program Files\Fichiers communs\DirectX
2006-10-26 11:13 -------- d-------- C:\Program Files\IP Anonymizer
2006-10-26 11:03 -------- d-------- C:\Program Files\Tor
2006-10-26 10:51 -------- d-------- C:\Program Files\Fichiers communs\Real
2006-10-26 10:51 -------- d-------- C:\Documents and Settings\Hamza\Application Data\Real
2006-10-26 10:48 -------- d-------- C:\Program Files\ID-Blaster Plus
2006-10-26 10:24 -------- d-------- C:\Program Files\Real
2006-10-25 15:32 -------- d-------- C:\Program Files\CCleaner
2006-10-20 21:41 -------- d-------- C:\Program Files\Postal2
2006-10-20 20:22 -------- d-------- C:\Program Files\Fichiers communs\InstallShield
2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 20:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 20:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-28 19:34 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-09-27 20:38 62 ---hs---- C:\Documents and Settings\Hamza\Application Data\desktop.ini
2006-09-27 18:52 0 -rahs---- C:\MSDOS.SYS
2006-09-27 18:52 0 -rahs---- C:\IO.SYS
2006-09-27 18:52 0 --a------ C:\CONFIG.SYS
2006-09-27 18:52 0 --a------ C:\AUTOEXEC.BAT
2006-09-27 18:05 73728 --a------ C:\WINDOWS\system32\sockspy.dll
2006-09-27 18:03 77824 --a------ C:\WINDOWS\system32\xcomm.dll
2006-09-27 17:22 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-09-27 17:19 81920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-09-27 17:19 17134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"VTTimer"="VTTimer.exe"
"VTTrayp"="VTtrayp.exe"
"SoundMan"="SOUNDMAN.EXE"
"BDMCon"="C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdmcon.exe"
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\progra~1\\softwin\\bitdef~1\\bdswitch.exe\""
"HPHUPD08"="C:\\Program Files\\HP\\Digital Imaging\\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\\hphupd08.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"USBDetector"="C:\\USBStorage\\USBDetector.exe"
"LocalCooling"="\"C:\\Program Files\\LocalCooling\\localcooling.exe\" -s"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoSizeChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoActiveDesktop"=dword:00000000
"NoSaveSettings"=dword:00000000
"ClassicShell"=dword:00000000
"NoThemesTab"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableTaskMgr"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Démarrage rapide du logiciel HP Image Zone.lnk"
"backup"="C:\\WINDOWS\\pss\\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s"
"item"="Démarrage rapide du logiciel HP Image Zone"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPAnonymizer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IP Anonymizer"
"hkey"="HKLM"
"command"="C:\\Program Files\\IP Anonymizer\\IP Anonymizer.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="steam"
"hkey"="HKCU"
"command"="\"c:\\program files\\valve\\steam\\steam.exe\" -silent"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=dword:00000003
"MSIServer"=dword:00000003
"Eventlog"=dword:00000002
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\HPpromotions journeysoftware.job
Completion time: 06-12-16 23:51:08.64
C:\ComboFix.txt ... 06-12-16 23:51
Merci de ton aide!!!
1/ Télécharge Pocket KillBox de Option^Explicit
2/ Lance KillBox.exe
Coche "Delete on reboot"
Dans "Full Path of File to Delete" mets C:\WINDOWS\system32\drivers\oreans32.sys
Clique sur la croix rouge
Le message suivant apparaîtra : "File will be Removed on Reboot, Do you want to reboot now?"
Réponds OUI si tu es prêt à procéder. Attention le PC redémarrera.
Si Pocket KillBox ne fait pas redémarrer le PC, redémarre-le toi même.
3/ Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.
Et poste un nouveau rapport HijackThis.
4/ Fais un scan en ligne chez kaspersky et poste le rapport.
Répondre à esteban54
Le rapport killbox :
Pocket Killbox version 2.0.0.881
Running on Windows XP as Hamza(Administrator)
was started @ dimanche, décembre 17, 2006, 1:23 AM
Killbox Closed(Exit) @ 1:24:40 AM
__________________________________________________
Pocket Killbox version 2.0.0.881
Running on Windows XP as Hamza(Administrator)
was started @ dimanche, décembre 17, 2006, 1:26 AM
# 1 [Delete on Reboot]
Path = C:\WINDOWS\system32\drivers\oreans32.sys
I Rebooted @ 1:31:19 AM
# 2 [Delete on Reboot]
Path = C:\WINDOWS\system32\drivers\oreans32.sys
I Rebooted @ 1:33:07 AM
Killbox Closed(Exit) @ 1:33:26 AM
__________________________________________________
Pocket Killbox version 2.0.0.881
Running on Windows XP as Hamza(Administrator)
was started @ dimanche, décembre 17, 2006, 1:44 AM
Killbox Closed(Exit) @ 1:48:14 AM
__________________________________________________
Pocket Killbox version 2.0.0.881
Running on Windows XP as Hamza(Administrator)
was started @ dimanche, décembre 17, 2006, 11:10 AM
le rapport Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 11:10:46, on 17/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
H:\logiciel contre les virus\Scanner.exe.exe
C:\Documents and Settings\Hamza\Mes documents\KillBox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O8 - Extra context menu item: Download all links using BitComet - res://G:\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Le scan Kapersky risque d'être très long, je te l'enverrai dès qu'il sera finit.
l'analyse kapersky
KASPERSKY ON-LINE SCANNER REPORT
Sunday, December 17, 2006 2:46:45 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 17/12/2006
Enregistrements dans la base antivirus Kaspersky : 237268
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
G:\
H:\
Statistiques de l'analyse
Total d'objets analysés 70618
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 03:11:30
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Application Data\Mozilla\Firefox\Profiles\ykdl4tdg.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Temp\Acr4A6.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Hamza\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Softwin\BitDefender9\asdict.dat L'objet est verrouillé ignoré
C:\Program Files\Softwin\BitDefender9\aspdict.dat L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{2B6646F3-3AEA-47A2-87C0-910A9852B123}\RP85\change.log L'objet est verrouillé ignoré
C:\UFantasy.ini L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\httpgf1.tmp L'objet est verrouillé ignoré
C:\WINDOWS\Temp\httpgf2.tmp L'objet est verrouillé ignoré
C:\WINDOWS\Temp\httpgf3.tmp L'objet est verrouillé ignoré
C:\WINDOWS\Temp\httpgf4.tmp L'objet est verrouillé ignoré
C:\WINDOWS\Temp\tmp000018e8\tmp00000000 L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\be57e5262ba7b9f73de807b1a2b5c5f8_a60476c0-7378-4582-ac97-fe64b016c7c7 L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
H:\System Volume Information\_restore{2B6646F3-3AEA-47A2-87C0-910A9852B123}\RP85\change.log L'objet est verrouillé ignoré
Analyse terminée.
Bonjour,
Ca me semble OK.
Répondre à Angeldark
ok donc mon problème vient peut être du fait que je n'ai pas assez de barette de ram, j'ai seulement une barette de 256.
Surement 
Répondre à Angeldark
Il y a 1746 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
