Monté de ping/ralentissement
Forum Sécurité - Virus : Monté de ping/ralentissement
Bonsoir.
Donc depuis que mon frère à mis des crack sur le pc j'ai des monté de ping sur Counter strike,des ralentissement,steam parfois ne veut pas ce lancer et j'ai vu que sa pouvait venir d'un spyware.
Voilà mon scan Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:29, on 21/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 1767311484
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 1767493187
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 6876 bytes
Merci.
Bonjour,
Apparemment ok.
Désactive tes protections résidentes (antivirus...) !
- Télécharge combofix.exe (par sUBs) sur ton Bureau.
- Double clique combofix.exe.
- Tape sur la touche 1 (Yes) pour démarrer le scan.
- Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Répondre à Angeldark
ComboFix 07-12-21.4 - ddf 2007-12-21 19:35:40.3 - [color=red]FAT32[/color]x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.250 [GMT 1:00]
Running from: C:\Documents and Settings\ddf\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-21 to 2007-12-21 ))))))))))))))))))))))))))))))))))))
.
2007-12-21 17:34 . 2007-12-21 17:42 91,492 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-12-21 17:34 . 2007-12-21 17:42 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-12-21 17:33 . 2007-12-21 17:33 <REP> d-------- C:\Program Files\Kaspersky Lab
2007-12-21 17:33 . 2007-12-21 17:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2007-12-21 17:33 . 2007-12-21 17:33 3,616 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-21 17:33 . 2007-12-21 17:33 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-21 17:33 . 2007-12-21 17:33 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-21 17:33 . 2007-12-21 17:33 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-21 17:32 . 2007-12-21 17:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2007-12-21 16:37 . 2007-12-21 16:37 <REP> d-------- C:\Program Files\SystemRequirementsLab
2007-12-20 20:38 . 2007-12-20 20:38 <REP> d--hs---- C:\FOUND.026
2007-12-20 17:54 . 2007-12-20 17:54 <REP> d--hs---- C:\FOUND.025
2007-12-19 01:57 . 2007-12-19 01:57 <REP> d-------- C:\Program Files\VideoMach-4.0.4
2007-12-19 01:52 . 2007-12-19 01:52 <REP> d-------- C:\Program Files\MovieMaking
2007-12-19 01:07 . 2007-12-19 01:07 <REP> d-------- C:\Program Files\CSE Demoplayer
2007-12-19 00:55 . 2007-12-19 00:55 <REP> d-------- C:\Documents and Settings\ddf\Application Data\Publish Providers
2007-12-19 00:47 . 2007-12-19 00:47 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-12-19 00:47 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-12-19 00:47 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2007-12-19 00:47 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2007-12-19 00:47 . 2002-09-26 14:30 20,480 --------- C:\WINDOWS\system32\cliconfg.exe
2007-12-19 00:46 . 2007-12-19 00:46 <REP> d-------- C:\Documents and Settings\ddf\Application Data\Sony
2007-12-19 00:44 . 2007-12-19 00:44 <REP> d-------- C:\Program Files\Vstplugins
2007-12-19 00:44 . 2007-12-19 00:44 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
2007-12-19 00:43 . 2007-12-19 00:43 <REP> d-------- C:\Program Files\Sony
2007-12-19 00:19 . 2007-12-19 00:19 <REP> d-------- C:\Program Files\Sony Setup
2007-12-19 00:19 . 2007-12-19 00:19 <REP> d-------- C:\Documents and Settings\ddf\Application Data\Sony Setup
2007-12-18 21:37 . 2007-12-18 21:37 <REP> d-------- C:\Program Files\X-Chat 2
2007-12-15 19:25 . 2007-12-15 19:25 <REP> d--hs---- C:\FOUND.024
2007-12-15 12:45 . 2007-12-15 12:45 <REP> d--hs---- C:\FOUND.023
2007-12-15 00:01 . 2005-04-09 17:43 <REP> d-------- C:\Documents and Settings\ddf\nuked_klan_173
2007-12-10 17:53 . 2007-12-10 17:53 <REP> d--hs---- C:\FOUND.022
2007-12-10 17:36 . 2007-12-10 17:36 249,856 --------- C:\WINDOWS\Setup1.exe
2007-12-10 17:36 . 2007-12-10 17:36 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-12-10 16:50 . 2007-12-10 16:50 <REP> d-------- C:\Program Files\EA GAMES
2007-12-09 01:13 . 2007-12-09 01:13 <REP> d--hs---- C:\FOUND.021
2007-12-08 20:08 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-12-07 19:46 . 2007-12-07 19:46 <REP> d--hs---- C:\FOUND.020
2007-12-06 22:46 . 2007-12-06 22:46 <REP> d--hs---- C:\FOUND.019
2007-12-05 23:52 . 2007-12-05 23:52 <REP> d-------- C:\Program Files\mIRC
2007-12-05 23:52 . 2007-12-05 23:52 <REP> d-------- C:\Documents and Settings\ddf\Application Data\mIRC
2007-12-04 14:23 . 2007-12-04 14:23 <REP> d-------- C:\Program Files\Custom-Strike
2007-12-04 14:23 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2007-12-03 23:04 . 2007-12-03 23:04 <REP> d-------- C:\Documents and Settings\ddf\Application Data\FileZilla
2007-12-03 23:03 . 2007-12-03 23:03 <REP> d-------- C:\Program Files\FileZilla Client
2007-12-01 20:57 . 2007-12-01 20:57 <REP> d--hs---- C:\FOUND.018
2007-12-01 20:20 . 2007-12-01 20:20 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2007-11-30 21:27 . 2007-11-30 21:27 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2007-11-30 21:27 . 2007-11-30 21:27 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2007-11-30 21:00 . 2007-11-30 21:00 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-11-28 16:46 . 2007-11-28 16:46 <REP> d--hs---- C:\FOUND.017
2007-11-27 20:16 . 2007-01-13 09:49 184,320 --a------ C:\WINDOWS\system32\igfxres.dll
2007-11-27 20:10 . 2007-11-27 20:10 <REP> d--hs---- C:\FOUND.016
2007-11-27 18:33 . 2007-01-18 13:38 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2007-11-25 16:27 . 2001-08-28 14:00 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2007-11-21 18:06 . 2001-09-30 19:10 246,784 --a------ C:\WINDOWS\system32\ActiveSkin.ocx
2007-11-21 18:06 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2007-11-21 18:06 . 2002-01-18 18:12 112 --a------ C:\WINDOWS\ActiveSkin.INI
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-20 11:40 --------- d--h--w C:\Program Files\Fichiers communs\Carlson.1
2007-11-20 11:39 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2007-11-19 23:58 --------- d-----w C:\Program Files\Trend Micro
2007-11-19 16:44 35,930,112 ------w C:\WINDOWS\system32\tftp.exe
2007-11-17 18:51 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2007-11-09 11:34 1,444 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2007-10-29 02:49 --------- d-----w C:\Documents and Settings\ddf\Application Data\LogoMaker
2007-10-29 02:20 --------- d-----w C:\Program Files\Sunbelt Software
2007-10-27 21:59 --------- d-----w C:\Program Files\Opera
2007-10-24 11:28 --------- d-----w C:\Program Files\Google
2007-10-23 23:29 --------- d-----w C:\Program Files\Avira
2007-10-23 23:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2007-10-23 19:48 --------- d-----w C:\Program Files\Teamspeak2_RC2
2007-10-23 19:48 --------- d-----w C:\Documents and Settings\ddf\Application Data\teamspeak2
2007-05-16 20:35 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 11:45]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-19 16:10]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
"Steam"="c:\program files\valve\steam\steam.exe" [2007-12-20 20:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-04 12:12]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-04 12:11]
"Broadcom Wireless Manager UI"="C:\WINDOWS\System32\WLTRAY" []
"ACU"="C:\Program Files\Atheros\ACU.exe" [2005-01-31 08:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-01-13 09:47]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-01-13 09:47]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-01-13 09:46]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^ddf^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\ddf\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 16:40 155648 --a------ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vista Sidebar]
C:\Program Files\Vista Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-09-13 18:24 39424 --a------ C:\Program Files\Winamp\winampa.exe
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-21 16:15:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-21 19:40:52
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-21 19:41:31 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-26 21:12
C:\ComboFix3.txt ... 2007-09-26 21:12
C:\ComboFix2.txt ... 2007-11-11 20:08
Voilà.
J'oubliais aussi j'ai beaucoup de spam aussi...
Répondre à djej68
Apparemment clean.
Répondre à Angeldark
Il y a 277 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
