persomax

bonjour oui je travaille sur un reseau a plusieur pc

salut, si c'est possible je veux bloquer les protocols de connexion a msn et dces jeux et pour les echange p2p j'ai un routeur de mark d-link merci d'avance pour votre aide.

bonjour , cher technicien de zebulon j'ai l'honneur de vous demander de m'aider. j'ai un grand probleme dans mon pc de bureau , j'avais un virus malveillant quand j'ai voulu démarrer il ne passe méme au chargement de windows il se bloque apres la première page ou il y a <f10 setup> <F9 boot> .... je serai reconnaissant pour votre aide , et merci d'avance pour votre aide. merci,

bonjour , ou je peux trouver les cours du autocad je suis bloqué j'ai trouver des cours mais il sont payant svp je demande votre aide si quelqu'un sait n'hésiter pas de me doner le lien svp plz . merci d'avance. persomax

bonjour , Je viens d'acceuillir linux sur mon ordinateur (version ubuntu 9.10 karmic koala) alors tout marche bien. sauf qu'il y a des petits problem avec la resolution d'écran(quand je veux changer la resolution il écrit sur l'écran inconnu) je ne peux mettre que 800x600 ou 640x480 svp je veux de l'aide pour mettre 1280x1024 merci d'avance .

bonjour , j'ai linux ubuntu comme os et je pas pu detecter tout les driver est ce que qulequn px m'aider merci d'avance

je peux te dire que ca peut etre un tout petit probleme d'allimentation avec la carte mere ou avec l'un des materiel !!!! essaye de verifier tout tes sortie d'alimentation j'avais le meme probleme

le virus ne me laisse pas l'occasion d'installer l'anti-virus quand je lance ca se ferme automatiqument

bonjour , merci d'avance mais il me fait la fenêtre ou il y envoyer le rapport ou ne pas envoyer toujours .

ComboFix 10-04-10.02 - hatim 10/04/2010 23:19:17.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.502.98 [GMT 0:00] Lancé depuis: c:\documents and settings\hatim\Bureau\hatim.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Exécution préalable ------- . c:\documents and settings\hatim\Application Data\keygen.exe C:\install.exe c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll c:\windows\system32\DLL\logg.dat c:\windows\system32\drivers\dsti.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ABP470N5 -------\Service_abp470n5 -------\Service_xotsjvh -------\Legacy_ABP470N5 ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-10 au 2010-04-10 )))))))))))))))))))))))))))))))))))) . 2010-04-10 21:47 . 2010-04-10 21:47 -------- d-----w- c:\program files\trend micro 2010-04-10 21:47 . 2010-04-10 21:47 -------- d-----w- C:\rsit 2010-04-10 18:03 . 2010-04-10 18:04 213605 ----a-w- c:\documents and settings\hatim\Application Data\Move Networks\uninstall.exe 2010-04-10 18:03 . 2010-04-10 18:12 -------- d-----w- c:\documents and settings\hatim\Application Data\Move Networks 2010-04-07 20:23 . 2010-04-07 20:23 -------- d-----w- c:\documents and settings\hatim\Application Data\Malwarebytes 2010-04-07 20:23 . 2010-03-30 00:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-07 20:23 . 2010-04-07 20:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-07 20:23 . 2010-04-07 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-04-07 20:23 . 2010-03-30 00:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-07 20:14 . 2010-04-07 20:14 -------- d-----w- C:\Python26 2010-04-07 20:03 . 2010-04-07 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\usb-set 2010-04-07 20:03 . 2010-04-07 20:10 -------- d-----w- c:\program files\USB-set 2010-04-06 15:07 . 2010-04-06 15:08 -------- d-----w- c:\program files\EasyPHP5.3.0 2010-04-06 14:03 . 2010-04-06 14:03 -------- d--h--w- c:\windows\PIF 2010-04-03 18:49 . 2010-04-03 18:49 -------- d-----w- c:\program files\Prg Chris 2010-04-03 18:08 . 2010-04-03 18:08 27009 ----a-w- C:\UsbFix_Upload_Me_HATIM-4FBD2203A.zip 2010-04-03 17:59 . 2010-04-03 18:08 -------- d-----w- C:\UsbFix 2010-03-31 17:26 . 2010-03-31 18:36 -------- d-----w- c:\documents and settings\hatim\Application Data\Notepad++ 2010-03-31 17:26 . 2010-03-31 17:26 -------- d-----w- c:\program files\Notepad++ 2010-03-29 22:24 . 2010-03-29 22:24 -------- d-s---w- c:\documents and settings\hatim\UserData 2010-03-27 18:15 . 2010-03-27 18:15 -------- d-----w- c:\program files\Realtek 2010-03-27 18:12 . 2010-02-12 19:02 1247776 ----a-w- c:\windows\RtlExUpd.dll 2010-03-27 12:44 . 2010-03-27 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2010-03-27 12:41 . 2010-03-27 12:41 -------- d-----w- c:\program files\Eidos Interactive 2010-03-27 11:13 . 2010-03-27 11:13 198064 ----a-w- c:\documents and settings\hatim\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2010-03-27 11:09 . 2010-04-10 23:41 -------- d-----w- c:\documents and settings\hatim\Application Data\DMCache 2010-03-27 11:09 . 2010-03-27 18:07 -------- d-----w- c:\documents and settings\hatim\Application Data\IDM 2010-03-27 11:09 . 2010-03-27 11:09 -------- d-----w- c:\program files\Internet Download Manager 2010-03-26 12:04 . 2010-03-26 12:04 -------- d-----w- c:\documents and settings\hatim\Application Data\Blender Foundation 2010-03-26 12:03 . 2010-03-26 12:03 -------- d-----w- c:\program files\Blender Foundation 2010-03-24 22:20 . 2010-03-24 22:21 -------- d-----w- c:\program files\vgif 2010-03-24 21:57 . 2010-03-24 21:57 -------- d-----w- c:\program files\Advanced GIF Animator 2010-03-24 21:52 . 2010-03-24 21:52 236159 ----a-w- c:\windows\EasyGifAnimator_Toolbar_Uninstaller_2031.exe 2010-03-24 21:52 . 2010-03-24 21:52 -------- d-----w- c:\program files\Easy Gif Animator Extension 2010-03-24 21:52 . 2010-03-24 21:52 -------- d-----w- c:\program files\Easy GIF Animator 2010-03-22 18:46 . 2010-03-22 18:46 -------- d-----w- c:\program files\Guitar Pro 5 2010-03-19 21:52 . 2010-03-19 21:52 2145280 ----a-w- c:\windows\system32\python26.dll 2010-03-19 10:37 . 2010-04-06 17:54 -------- d-----w- C:\Mes Sites Web 2010-03-19 10:36 . 2010-03-19 10:36 -------- d-----w- c:\program files\WinHTTrack 2010-03-15 23:54 . 2010-03-15 23:54 -------- d-----w- c:\program files\ASIO4ALL v2 2010-03-15 23:54 . 2010-03-15 23:54 -------- d-----w- c:\program files\VstPlugins 2010-03-15 23:54 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2010-03-15 23:53 . 2010-03-15 23:53 -------- d-----w- c:\program files\Outsim 2010-03-15 23:51 . 2010-03-15 23:54 -------- d-----w- c:\program files\Image-Line 2010-03-12 14:17 . 2010-03-12 14:17 -------- d-----w- C:\GAMES 2010-03-12 11:21 . 2000-07-15 00:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL 2010-03-12 11:21 . 2010-03-12 11:21 -------- d-----w- c:\program files\Plustech Inc 2010-03-12 11:21 . 1998-07-30 12:51 305152 ----a-w- c:\windows\IsUninst.exe 2010-03-12 11:20 . 2010-03-12 11:20 -------- d-----w- c:\documents and settings\hatim\WINDOWS . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-10 23:31 . 2009-11-25 20:13 -------- d-----w- c:\program files\Fichiers communs\Akamai 2010-04-10 18:03 . 2009-09-24 21:45 5644224 ----a-w- c:\documents and settings\hatim\Application Data\Move Networks\plugins\npqmp071700000016.dll 2010-04-03 18:23 . 2009-12-22 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2010-04-01 11:01 . 2009-11-16 16:51 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-03-31 18:09 . 2009-11-06 14:11 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2010-03-27 20:54 . 2010-02-24 10:48 -------- d-----w- c:\documents and settings\hatim\Application Data\BitTorrent 2010-03-27 18:15 . 2009-10-16 17:38 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-22 18:46 . 2009-10-16 18:13 40272 ----a-w- c:\documents and settings\hatim\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-12 14:20 . 2010-02-19 10:06 -------- d-----w- c:\program files\SpeedBit Video Downloader 2010-03-12 14:20 . 2009-10-16 22:06 -------- d-----w- c:\program files\SpeedBit Video Accelerator 2010-03-12 14:20 . 2009-11-16 16:39 -------- d-----w- c:\program files\PC Inspector File Recovery 2010-03-12 14:20 . 2009-10-16 17:37 -------- d-----w- c:\program files\Menara 2010-03-08 21:05 . 2010-03-08 21:05 -------- d-----w- c:\program files\Google 2010-03-08 20:11 . 2010-03-08 20:11 -------- d-----w- c:\documents and settings\hatim\Application Data\enchant 2010-03-07 14:29 . 2010-02-19 10:10 -------- d-----w- c:\program files\SpeedOptimizer 2010-03-03 11:01 . 2009-10-16 17:53 -------- d-----w- c:\program files\ma-config.com 2010-03-03 11:01 . 2009-10-16 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2010-02-26 19:07 . 2010-02-26 19:07 -------- d-----w- c:\program files\Rockstar Games 2010-02-24 11:38 . 2010-02-24 11:38 -------- d-----w- c:\program files\EA GAMES 2010-02-24 10:48 . 2010-02-24 10:48 -------- d-----w- c:\program files\BitTorrent 2010-02-22 21:53 . 2010-02-22 21:53 -------- d-----w- c:\program files\Sega 2010-02-22 20:40 . 2010-02-22 20:40 -------- d-----w- c:\program files\Mailinfo 2010-02-22 20:27 . 2010-02-22 20:27 -------- d-----w- c:\program files\SystemRequirementsLab 2010-02-22 20:27 . 2010-02-22 20:27 84480 ----a-w- c:\documents and settings\hatim\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.64.0A.dll 2010-02-22 20:27 . 2010-02-22 20:27 -------- d-----w- c:\documents and settings\hatim\Application Data\SystemRequirementsLab 2010-02-20 17:28 . 2010-02-19 10:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Speedbit 2010-02-19 10:11 . 2010-02-19 10:11 -------- d-----w- c:\documents and settings\hatim\Application Data\SpeedBit 2010-02-19 10:07 . 2010-02-19 10:07 -------- d-----w- c:\program files\SearchPredict 2010-02-19 10:06 . 2010-02-19 10:06 -------- d-----w- c:\documents and settings\hatim\Application Data\Toolbar4 2010-02-19 10:00 . 2010-02-19 10:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\igraal 2010-02-15 19:37 . 2010-02-15 19:36 -------- d-----w- c:\program files\AbiWord 2010-02-15 19:31 . 2009-10-17 16:09 -------- d-----w- c:\program files\MSECache 2010-01-17 17:44 . 2004-08-05 10:00 71248 ----a-w- c:\windows\system32\perfc00C.dat 2010-01-17 17:44 . 2004-08-05 10:00 458230 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-08 21:06 . 2010-03-08 21:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}] 2010-02-19 10:07 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F}"= "c:\program files\iGraal\Toolbar.dll" [2009-10-12 92872] [HKEY_CLASSES_ROOT\clsid\{d01b1f7d-9d7f-46c3-8db9-5a55819e2a7f}] [HKEY_CLASSES_ROOT\Toolbar.iGraalToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{FD15C801-40BA-41E2-A8EE-1D3113BE5282}] [HKEY_CLASSES_ROOT\Toolbar.iGraalToolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2010-02-19 1685096] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-01-25 3257776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 598016] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-16 218912] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 118784] "D-Link D-Link Wireless G DWA-110"="c:\program files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2008-04-15 1744896] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 200704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 237568] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 204800] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360] c:\documents and settings\hatim\Menu D‚marrer\Programmes\D‚marrage\ Anti-Autorun-inf.lnk - c:\program files\Prg Chris\Anti-Autorun.inf\Anti-Autorun.inf.exe [2010-4-3 251904] WampServer.lnk - c:\wamp\wampmanager.exe [2009-12-3 1141760] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ DSLMON.lnk - c:\program files\Menara\dslmon.exe [2009-10-16 913408] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "HonorAutoRunSetting"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 07:58 611712 ----a-w- c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2010-03-08 21:05 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2009-12-11 12:31 213488 ----atw- c:\documents and settings\hatim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HideMyIP2007] 2007-08-20 13:41 954368 ----a-w- c:\program files\Hide My IP 2007\HideMyIP2007.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IP Changer 2.0] 2001-10-11 13:41 745472 ----a-w- c:\program files\Plustech Inc\IP Changer 2.0\IPChanger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nektra OEAPI] 2008-06-29 16:19 892928 ----a-w- c:\program files\Mailinfo\Mailinfo for Outlook Express\oe_mailinfo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 10:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"= c:\\wamp\\bin\\apache\\apache2.2.11\\bin\\httpd.exe "c:\\Documents and Settings\\hatim\\Bureau\\www.telechargementz.org pro 6 compresser by youssinio\\pes6.exe"= "c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"= "c:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Rockstar Games\\Midnight Club II Demo\\mc2_demo.exe"= "c:\\Documents and Settings\\hatim\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\WINDOWS\\system32\\igfxtray.exe"= "c:\\Program Files\\ANI\\ANIWZCS2 Service\\ANIWZCSdS.exe"= "c:\\Program Files\\VIA\\VIAudioi\\SBADeck\\ADeck.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"= "c:\\Program Files\\Adobe\\Adobe Dreamweaver CS4\\Dreamweaver.exe"= "c:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe"= "c:\\WINDOWS\\TEMP\\winbkne.exe"= "c:\\DOCUME~1\\hatim\\LOCALS~1\\Temp\\vqkf.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "1064:TCP"= 1064:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [05/08/2004 10:00 14336] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?] R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\kkkors.sys --> c:\windows\system32\drivers\kkkors.sys [?] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [08/03/2010 21:05 30192] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [26/01/2010 17:45 312688] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - ABP470N5 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contenu du dossier 'Tâches planifiées' 2010-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-515967899-1801674531-1003Core.job - c:\documents and settings\hatim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-11 12:31] 2010-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-515967899-1801674531-1003UA.job - c:\documents and settings\hatim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-11 12:31] 2010-03-31 c:\windows\Tasks\Norton Security Scan for hatim.job - c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-11-06 16:45] 2010-04-10 c:\windows\Tasks\SpeedOptimizer Startup.job - c:\progra~1\speedo~1\SPO.exe [2010-02-19 10:10] . . ------- Examen supplémentaire ------- . IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: {{32893F3D-2B10-4B09-BA6A-8F20E7D33925} - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - c:\program files\iGraal\Button.dll LSP: c:\windows\system32\idmmbc.dll LSP: c:\progra~1\SPEEDB~1\sblsp.dll . - - - - ORPHELINS SUPPRIMES - - - - URLSearchHooks-{F4F10C1D-87C7-404A-B4B3-000000000000} - c:\progra~1\DAP\SBSearch.dll MSConfigStartUp-ares - c:\program files\Ares\Ares.exe MSConfigStartUp-DownloadAccelerator - c:\program files\DAP\DAP.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-10 23:46 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1???????????????????????????????????????????????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2581bae0-7fa5-4933-9ce0-5a3f959f4174}] @Denied: (Full) (Everyone) "Model"=dword:00000063 "Therad"=dword:0000000f [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):71,28,d3,dd,8f,89,e0,27,c8,89,e7,3a,e6,68,61,a5,fe,ab,b6,07,8d, f2,db,01,81,c6,a9,ed,39,aa,c7,5b,0e,ed,69,e1,ca,88,a9,c6,00,00,00,00,00,00,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(684) c:\windows\system32\idmmbc.dll c:\progra~1\SPEEDB~1\sblsp.dll c:\program files\SpeedBit Video Accelerator\Accelerator.dll c:\program files\SpeedBit Video Accelerator\Collector.dll - - - - - - - > 'explorer.exe'(3344) c:\windows\system32\msi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe c:\wamp\apache2\bin\httpd.exe c:\wamp\apache2\bin\httpd.exe c:\windows\TEMP\winbkne.exe c:\progra~1\SPEEDB~1\VideoAcceleratorEngine.exe c:\program files\Internet Download Manager\IEMonitor.exe c:\wamp\mysql\bin\mysqld-nt.exe c:\docume~1\hatim\LOCALS~1\Temp\vqkf.exe . ************************************************************************** . Heure de fin: 2010-04-10 23:49:16 - La machine a redémarré ComboFix-quarantined-files.txt 2010-04-10 23:49 Avant-CF: 56 712 912 896 octets libres Après-CF: 56 374 304 768 octets libres - - End Of File - - 3E0197F35C5374D99DB68B9CFA66EA3D

ComboFix 10-04-10.02 - hatim 10/04/2010 22:35:01.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.502.251 [GMT 0:00] Lancé depuis: C:\Documents and Settings\hatim\Bureau\persomax.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\hatim\Application Data\keygen.exe C:\install.exe C:\Program Files\SpeedBit Video Downloader\Toolbar\tbhelper.dll C:\WINDOWS\system32\dll C:\WINDOWS\system32\DLL\logg.dat c:\windows\system32\drivers\dsti.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ABP470N5 -------\Service_abp470n5 -------\Service_xotsjvh ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-10 au 2010-04-10 )))))))))))))))))))))))))))))))))))) . vous êtes très gentille Thanos merci beaucoup

Logfile of random's system information tool 1.06 (written by random/random) Run by hatim at 2010-04-10 21:47:38 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 54 GB (70%) free of 76 GB Total RAM: 502 MB (18% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:47:50, on 10/04/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe c:\wamp\apache2\bin\httpd.exe C:\wamp\apache2\bin\httpd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Menara\dslmon.exe C:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Autorun.inf.exe C:\wamp\wampmanager.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe C:\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\DOCUME~1\hatim\LOCALS~1\Temp\wincvdckm.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\hatim\Mes documents\Downloads\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\hatim.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbhelper.dll R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing) O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [speedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Autorun-inf.lnk = C:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Autorun.inf.exe O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - C:\wamp\mysql\bin\mysqld-nt.exe -- End of file - 8218 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-515967899-1801674531-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-515967899-1801674531-1003UA.job C:\WINDOWS\tasks\Norton Security Scan for hatim.job C:\WINDOWS\tasks\SpeedOptimizer Startup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}] SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-02-19 2447360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] SearchPredictObj Class - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL [2010-02-18 411112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}] Easy Gif Animator Toolbar Helper - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2010-03-24 815104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}] iGraal Module - C:\Program Files\iGraal\BHO.dll [2009-10-12 61640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-16 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-16 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}] GrabberObj Class - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll [2010-02-19 185944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - iGraal Toolbar - C:\Program Files\iGraal\Toolbar.dll [2009-10-12 92872] {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-02-19 2447360] {35065594-9169-4A34-B167-FC4865038E53} - Easy Gif Animator Toolbar - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2010-03-24 815104] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "AudioDeck"=C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2007-08-09 598016] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-16 218912] "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 118784] "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2008-04-15 1744896] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-01-13 200704] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 237568] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 204800] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-03-30 1168776] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "SpeedBitVideoAccelerator"=C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [2010-02-19 1685096] "IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-01-25 3257776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator] C:\Program Files\DAP\DAP.EXE /STARTUP [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-03-08 30192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-11 213488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HideMyIP2007] C:\Program Files\Hide My IP 2007\HideMyIP2007.exe [2007-08-20 954368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IP Changer 2.0] C:\Program Files\Plustech Inc\IP Changer 2.0\IPChanger.exe [2001-10-11 745472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nektra OEAPI] C:\Program Files\Mailinfo\Mailinfo for Outlook Express\oe_mailinfo.exe [2008-06-29 892928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage DSLMON.lnk - C:\Program Files\Menara\dslmon.exe C:\Documents and Settings\hatim\Menu Démarrer\Programmes\Démarrage Anti-Autorun-inf.lnk - C:\Program Files\Prg Chris\Anti-Autorun.inf\Anti-Autorun.inf.exe WampServer.lnk - C:\wamp\wampmanager.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-01-13 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableChangePassword"=1 "DisableLockWorkstation"=1 "DisableRegistryTools"=1 "DisableTaskMgr"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutoRun"=255 "HonorAutoRunSetting"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe:*:Enabled:ipsec" "C:\Documents and Settings\hatim\Bureau\www.telechargementz.org pro 6 compresser by youssinio\pes6.exe"="C:\Documents and Settings\hatim\Bureau\www.telechargementz.org pro 6 compresser by youssinio\pes6.exe:*:Enabled:pes6.exe" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator" "C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorService" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" "C:\Program Files\Rockstar Games\Midnight Club II Demo\mc2_demo.exe"="C:\Program Files\Rockstar Games\Midnight Club II Demo\mc2_demo.exe:*:Disabled:mc2_demo" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\hatim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec" "E:\turu.exe"="E:\turu.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winfemabf.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winfemabf.exe:*:Enabled:ipsec" "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\yfrol.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\yfrol.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\dll\procees.exe"="C:\WINDOWS\system32\dll\procees.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\igfxtray.exe"="C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winmktk.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winmktk.exe:*:Enabled:ipsec" "C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe"="C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe:*:Enabled:ipsec" "C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wincidmlf.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wincidmlf.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\tfvt.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\tfvt.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winvvwpg.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winvvwpg.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\winvuwage.exe"="C:\WINDOWS\TEMP\winvuwage.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\dmeahh.exe"="C:\WINDOWS\TEMP\dmeahh.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\winbsrhnv.exe"="C:\WINDOWS\TEMP\winbsrhnv.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\winqahr.exe"="C:\WINDOWS\TEMP\winqahr.exe:*:Enabled:ipsec" "C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winjgtin.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winjgtin.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\egqd.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\egqd.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winnbubn.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winnbubn.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winasiyy.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winasiyy.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winuuocf.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winuuocf.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winfvkxh.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winfvkxh.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\dambo.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\dambo.exe:*:Enabled:ipsec" "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe"="C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wincfqt.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wincfqt.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\oahk.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\oahk.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winyylh.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winyylh.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\entg.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\entg.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winusxys.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winusxys.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winuwacm.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winuwacm.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winclulu.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winclulu.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winbebfmf.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winbebfmf.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wintpdw.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wintpdw.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winefjkc.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winefjkc.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winvfgn.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winvfgn.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winxbaenp.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winxbaenp.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\caxx.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\caxx.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\xbbjnc.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\xbbjnc.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\mnditn.exe"="C:\WINDOWS\TEMP\mnditn.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winqbwly.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winqbwly.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\xgom.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\xgom.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winbbkfoi.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winbbkfoi.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winqycxb.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winqycxb.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\fmkurw.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\fmkurw.exe:*:Enabled:ipsec" "C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\trudm.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\trudm.exe:*:Enabled:ipsec" "C:\WINDOWS\TEMP\winteevw.exe"="C:\WINDOWS\TEMP\winteevw.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winqjot.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winqjot.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\ualoc.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\ualoc.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wingroat.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wingroat.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wintgpkj.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wintgpkj.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winpmwdmj.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winpmwdmj.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\dqept.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\dqept.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\winxjofag.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\winxjofag.exe:*:Enabled:ipsec" "C:\DOCUME~1\hatim\LOCALS~1\Temp\wincvdckm.exe"="C:\DOCUME~1\hatim\LOCALS~1\Temp\wincvdckm.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2010-04-10 21:47:39 ----D---- C:\Program Files\trend micro 2010-04-10 21:47:38 ----D---- C:\rsit 2010-04-10 18:03:47 ----D---- C:\Documents and Settings\hatim\Application Data\Move Networks 2010-04-07 20:23:50 ----D---- C:\Documents and Settings\hatim\Application Data\Malwarebytes 2010-04-07 20:23:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-07 20:23:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-04-07 20:14:17 ----D---- C:\Python26 2010-04-07 20:03:53 ----D---- C:\Program Files\USB-set 2010-04-07 20:03:53 ----D---- C:\Documents and Settings\All Users\Application Data\usb-set 2010-04-06 15:07:40 ----D---- C:\Program Files\EasyPHP5.3.0 2010-04-06 14:03:39 ----HD---- C:\WINDOWS\PIF 2010-04-03 18:49:48 ----D---- C:\Program Files\Prg Chris 2010-04-03 18:08:31 ----RASHD---- C:\autorun.inf 2010-04-03 18:02:58 ----A---- C:\UsbFix.txt 2010-04-03 17:59:27 ----D---- C:\UsbFix 2010-03-31 17:26:11 ----D---- C:\Program Files\Notepad++ 2010-03-31 17:26:11 ----D---- C:\Documents and Settings\hatim\Application Data\Notepad++ 2010-03-27 18:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2010-03-27 18:15:09 ----D---- C:\Program Files\Realtek 2010-03-27 18:12:44 ----A---- C:\WINDOWS\RtlExUpd.dll 2010-03-27 12:44:04 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia 2010-03-27 12:41:36 ----D---- C:\Program Files\Eidos Interactive 2010-03-27 11:09:39 ----D---- C:\Documents and Settings\hatim\Application Data\IDM 2010-03-27 11:09:39 ----D---- C:\Documents and Settings\hatim\Application Data\DMCache 2010-03-27 11:09:30 ----D---- C:\Program Files\Internet Download Manager 2010-03-26 12:04:03 ----D---- C:\Documents and Settings\hatim\Application Data\Blender Foundation 2010-03-26 12:03:58 ----D---- C:\Program Files\Blender Foundation 2010-03-26 11:00:23 ----A---- C:\Documents and Settings\hatim\Application Data\keygen.exe 2010-03-24 22:20:25 ----D---- C:\Program Files\vgif 2010-03-24 21:57:55 ----D---- C:\Program Files\Advanced GIF Animator 2010-03-24 21:52:54 ----A---- C:\WINDOWS\EasyGifAnimator_Toolbar_Uninstaller_2031.exe 2010-03-24 21:52:52 ----D---- C:\Program Files\Easy Gif Animator Extension 2010-03-24 21:52:41 ----D---- C:\Program Files\Easy GIF Animator 2010-03-23 18:05:17 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-03-22 18:46:28 ----D---- C:\Program Files\Guitar Pro 5 2010-03-19 21:52:08 ----A---- C:\WINDOWS\system32\python26.dll 2010-03-19 10:37:49 ----D---- C:\Mes Sites Web 2010-03-19 10:36:39 ----D---- C:\Program Files\WinHTTrack 2010-03-15 23:54:20 ----D---- C:\Program Files\ASIO4ALL v2 2010-03-15 23:54:11 ----D---- C:\Program Files\VstPlugins 2010-03-15 23:54:11 ----A---- C:\WINDOWS\system32\rewire.dll 2010-03-15 23:53:21 ----D---- C:\Program Files\Outsim 2010-03-15 23:51:37 ----D---- C:\Program Files\Image-Line 2010-03-12 14:17:41 ----D---- C:\GAMES 2010-03-12 11:21:18 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL 2010-03-12 11:21:16 ----D---- C:\Program Files\Plustech Inc 2010-03-12 11:21:03 ----A---- C:\WINDOWS\IsUninst.exe ======List of files/folders modified in the last 1 months====== 2010-04-10 21:47:39 ----RD---- C:\Program Files 2010-04-10 21:34:03 ----D---- C:\Program Files\Fichiers communs\Akamai 2010-04-10 20:36:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-04-10 19:53:48 ----D---- C:\WINDOWS\Temp 2010-04-10 19:52:17 ----D---- C:\WINDOWS\Prefetch 2010-04-10 17:02:29 ----D---- C:\WINDOWS\system32\drivers 2010-04-07 20:14:34 ----SHD---- C:\WINDOWS\Installer 2010-04-07 20:14:17 ----D---- C:\WINDOWS\system32 2010-04-07 20:12:24 ----D---- C:\Program Files\Mozilla Firefox 2010-04-07 19:54:59 ----D---- C:\wamp 2010-04-07 18:28:44 ----D---- C:\WINDOWS\system32\CatRoot2 2010-04-06 14:03:39 ----D---- C:\WINDOWS 2010-04-03 18:23:04 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2010-04-03 18:21:26 ----HD---- C:\WINDOWS\inf 2010-04-03 18:08:29 ----SHD---- C:\RECYCLER 2010-04-03 15:34:24 ----D---- C:\WINDOWS\Minidump 2010-04-01 12:41:54 ----A---- C:\WINDOWS\system.ini 2010-04-01 11:01:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2010-03-31 18:09:58 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2010-03-27 20:54:36 ----D---- C:\Documents and Settings\hatim\Application Data\BitTorrent 2010-03-27 18:15:09 ----HD---- C:\Program Files\InstallShield Installation Information 2010-03-23 21:01:02 ----SH---- C:\boot.ini 2010-03-23 21:01:02 ----A---- C:\WINDOWS\win.ini 2010-03-22 18:46:30 ----RSD---- C:\WINDOWS\Fonts 2010-03-12 14:20:44 ----D---- C:\Program Files\SpeedBit Video Downloader 2010-03-12 14:20:43 ----D---- C:\Program Files\SpeedBit Video Accelerator 2010-03-12 14:20:41 ----D---- C:\Program Files\PC Inspector File Recovery 2010-03-12 14:20:35 ----D---- C:\Program Files\Messenger 2010-03-12 14:20:32 ----D---- C:\Program Files\Menara ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS [] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-05 88448] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936] R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\kkkors.sys [] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-13 5672032] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-05 163584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2008-01-15 459520] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2005-09-19 126489] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-16 153376] R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2010-02-19 300656] R2 wampapache;wampapache; c:\wamp\apache2\bin\httpd.exe [2007-09-05 24635] R3 wampmysqld;wampmysqld; C:\wamp\mysql\bin\mysqld-nt.exe [2007-07-06 5730304] S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 118784] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-26 655624] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-03-08 30192] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-01-26 312688] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 158768] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408] -----------------EOF-----------------

Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Version de la base de données: 3967 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 10/04/2010 21:40:40 mbam-log-2010-04-10 (21-40-40).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 195384 Temps écoulé: 40 minute(s), 11 seconde(s) Processus mémoire infecté(s): 8 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 5 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 16 Processus mémoire infecté(s): C:\WINDOWS\Temp\winteevw.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winqjot.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\ualoc.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\wingroat.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\wintgpkj.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winpmwdmj.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\dqept.exe (Trojan.Downloader) -> Unloaded process successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winxjofag.exe (Trojan.Downloader) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9d71d88c-c598-4935-c5d1-43aa4db90836} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\Temp\winteevw.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winqjot.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\ualoc.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\wingroat.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\wintgpkj.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winpmwdmj.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\dqept.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Local Settings\Temp\winxjofag.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dll\procees.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\hatim\Mes documents\Downloads\unconfirmed 30600.download (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Program Files\Adobe\Adobe Photoshop CS4\adobe.photoshop.cs4-nope.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{7F98B8F8-CACE-4407-B6ED-A30FB359398F}\RP80\A0122022.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{7F98B8F8-CACE-4407-B6ED-A30FB359398F}\RP85\A0126156.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{7F98B8F8-CACE-4407-B6ED-A30FB359398F}\RP87\A0130778.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dll\logg.dat (Malware.Trace) -> Delete on reboot. C:\Documents and Settings\hatim\Application Data\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

bonjour, merci d'avance pour votre aide . ############################## | UsbFix V6.100 | User : hatim (Administrateurs) # HATIM-4FBD2203A Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8 Start at: 18:03:16 | 03/04/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : [email protected] Intel® Pentium® 4 CPU 3.00GHz Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2 Internet Explorer 6.0.2900.2180 Windows Firewall Status : Disabled AV : Kaspersky Anti-Virus 9.0.0.736 [ (!) Disabled | Updated ] FW : Kaspersky Anti-Virus[ (!) Disabled ]9.0.0.736 A:\ -> Lecteur de disquettes 3 ½ pouces C:\ -> Disque fixe local # 74,5 Go (54,82 Go free) # NTFS D:\ -> Disque CD-ROM # 611,61 Mo (0 Mo free) [XP_PRO_SP2] # CDFS ################## | Elements infectieux | Supprimé ! C:\DOCUME~1\hatim\APPLIC~1\addons.dat Supprimé ! C:\Recycler\S-1-5-21-1202660629-515967899-1801674531-1003 (!) Non supprimé ! D:\autorun.inf ################## | Registre | Supprimé ! [HKCU\SOFTWARE\Bifrost] Supprimé ! [HKLM\SOFTWARE\Bifrost] Supprimé ! [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System] "DisableRegistryTools" Supprimé ! [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System] "DisableTaskMgr" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools" Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr" ################## | Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\{c053b838-3d84-11df-b9ed-002401a0d73a}\Shell\AuTOpLAy\Command ################## | Listing des fichiers présent | [16/10/2009 17:27|--a------|0] C:\AUTOEXEC.BAT [23/03/2010 21:01|---hs----|212] C:\boot.ini [05/08/2004 10:00|-rahs----|4952] C:\Bootfont.bin [16/10/2009 17:27|--a------|0] C:\CONFIG.SYS [30/03/2010 17:57|--a------|34149] C:\dance.jpg [07/11/2007 08:00|--a------|17734] C:\eula.1028.txt [07/11/2007 08:00|--a------|17734] C:\eula.1031.txt [07/11/2007 08:00|--a------|10134] C:\eula.1033.txt [07/11/2007 08:00|--a------|17734] C:\eula.1036.txt [07/11/2007 08:00|--a------|17734] C:\eula.1040.txt [07/11/2007 08:00|--a------|118] C:\eula.1041.txt [07/11/2007 08:00|--a------|17734] C:\eula.1042.txt [07/11/2007 08:00|--a------|17734] C:\eula.2052.txt [07/11/2007 08:00|--a------|17734] C:\eula.3082.txt [07/11/2007 08:00|--a------|1110] C:\globdata.ini [07/11/2007 08:03|--a------|636416] C:\install.exe [07/11/2007 08:00|--a------|843] C:\install.ini [07/11/2007 08:03|--a------|76304] C:\install.res.1028.dll [07/11/2007 08:03|--a------|96272] C:\install.res.1031.dll [07/11/2007 08:03|--a------|91152] C:\install.res.1033.dll [07/11/2007 08:03|--a------|97296] C:\install.res.1036.dll [07/11/2007 08:03|--a------|95248] C:\install.res.1040.dll [07/11/2007 08:03|--a------|81424] C:\install.res.1041.dll [07/11/2007 08:03|--a------|79888] C:\install.res.1042.dll [07/11/2007 08:03|--a------|75792] C:\install.res.2052.dll [07/11/2007 08:03|--a------|96272] C:\install.res.3082.dll [16/10/2009 17:27|-rahs----|0] C:\IO.SYS [16/10/2009 17:27|-rahs----|0] C:\MSDOS.SYS [05/08/2004 10:00|-rahs----|47564] C:\NTDETECT.COM [05/08/2004 10:00|-rahs----|251712] C:\ntldr [?|?|?] C:\pagefile.sys [03/04/2010 18:08|--a------|3349] C:\UsbFix.txt [07/11/2007 08:00|--a------|5686] C:\vcredist.bmp [07/11/2007 08:09|--a------|1442522] C:\VC_RED.cab [07/11/2007 08:12|--a------|232960] C:\VC_RED.MSI [05/08/2004 12:00|-r-------|112] D:\AUTORUN.INF [05/08/2004 12:00|-r-------|4952] D:\BOOTFONT.BIN [05/08/2004 12:00|-r-------|37874] D:\LISEZMOI.HTM [05/08/2004 12:00|-r-------|2584576] D:\SETUP.EXE [05/08/2004 12:00|-r-------|105053] D:\SETUPXP.HTM [05/08/2004 12:00|-r-------|10] D:\WIN51 [05/08/2004 12:00|-r-------|10] D:\WIN51IP [05/08/2004 12:00|-r-------|10] D:\WIN51IP.SP2 ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido). ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_HATIM-4FBD2203A.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.100 ! |

bonjour, svp je demande de l'aide parce que mon pc est infecté d'un virus malveillant qui ne me laisse pas l'occasion d'installer un anti-virus il a désactiver le gestionnaire des taches et le registre aidez moi (j'ai du travail sur mon pc je peux pas formater ) merci d'avance . merci, hatim,