Analyse HiJackThis

[maxcool99]

SmitFraudFix v2.102

 

Rapport fait à 11:22:39,73, 30/09/2006

Executé à partir de C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\maxime

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\maxime\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\maxime\Favoris

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

------------------------------

 

FPort v2.0 - TCP/IP Process to Port Mapper

Copyright 2000 by Foundstone, Inc.

http://www.foundstone.com

 

Pid Process Port Proto Path

452 -> 1028 TCP

1864 -> 1042 TCP

1080 -> 135 TCP

1380 -> 2869 TCP

4 System -> 139 TCP

0 System -> 2108 TCP

0 System -> 2111 TCP

0 System -> 2123 TCP

4 System -> 445 TCP

3232 Ventrilo -> 1378 TCP E:\Program Files\Ventrilo\Ventrilo.exe

324 iexplore -> 2114 TCP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 2115 TCP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 2116 TCP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 2119 TCP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 2122 TCP C:\Program Files\Internet Explorer\iexplore.exe

 

1864 -> 1030 UDP

1380 -> 1044 UDP

452 -> 1900 UDP

1080 -> 445 UDP

0 System -> 1098 UDP

0 System -> 123 UDP

0 System -> 137 UDP

0 System -> 1376 UDP

0 System -> 138 UDP

0 System -> 1598 UDP

0 System -> 1900 UDP

4 System -> 500 UDP

4 System -> 53 UDP

3232 Ventrilo -> 1082 UDP E:\Program Files\Ventrilo\Ventrilo.exe

324 iexplore -> 1031 UDP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 1155 UDP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 123 UDP C:\Program Files\Internet Explorer\iexplore.exe

324 iexplore -> 4500 UDP C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

PsList 1.26 - Process Information Lister

Copyright © 1999-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

Process information for YVES-PSVBU48ITW:

 

Name Pid Pri Thd Hnd VM WS Priv

Idle 0 0 2 0 0 16 0

System 4 8 70 621 1904 248 0

smss 648 11 3 21 3828 396 168

csrss 708 13 12 500 66344 5152 1784

winlogon 788 13 15 419 54292 6276 7132

services 832 9 16 284 37524 4464 2032

alg 452 8 6 107 33436 3680 1156

svchost 992 8 17 220 61640 5752 3060

svchost 1080 8 9 286 38156 7260 1804

svchost 1200 8 78 1660 151228 34376 18536

svchost 1308 8 6 87 30420 3408 1300

svchost 1380 8 20 279 49328 7716 3648

spoolsv 1508 8 11 146 44572 6204 3832

guard 1840 8 8 56 53920 1680 26048

kavsvc 1864 8 0 871 132460 15768 27276

svchost 1924 8 6 129 36312 4424 2384

wdfmgr 1940 8 4 67 14836 1924 1508

svchost 2136 8 8 95 36868 3612 1548

lsass 844 9 20 361 41900 1416 3788

explorer 180 8 23 653 99760 14180 20804

cmd 320 8 1 19 13860 1804 1544

iexplore 324 8 23 676 167696 21080 26400

rundll32 684 8 1 28 26260 2752 1640

kav 692 8 0 114 37708 1708 1692

hpwuSchd2 748 8 1 24 24704 2016 532

jusched 768 8 1 24 18492 2072 472

ctfmon 1064 8 1 67 29796 3188 836

hpqtra08 1228 8 4 165 48872 9352 5160

hpqste08 2600 8 2 208 62364 14352 5528

cmd 2388 8 1 21 13824 1512 1484

pslist 3952 13 2 92 17788 1736 752

Ventrilo 3232 8 12 380 68684 10992 5052

SMax4PNP 3000 8 3 96 36932 3868 2152

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 180

Command line: C:\WINDOWS\Explorer.EXE

 

Base Size Version Path

*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:

*** File timestamp: Wed Jul 05 06:56:38 2006

*** Loaded image timestamp: Wed Jul 05 06:56:39 2006

*** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll

0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll

0x77f40000 0x76000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll

0x7c9d0000 0x823000 6.00.2900.2951 C:\WINDOWS\system32\SHELL32.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x75f10000 0xfd000 6.00.2900.2937 C:\WINDOWS\system32\BROWSEUI.dll

0x77720000 0x16f000 6.00.2900.2937 C:\WINDOWS\system32\SHDOCVW.dll

0x6fee0000 0x54000 5.01.2600.2952 C:\WINDOWS\system32\NETAPI32.dll

0x77aa0000 0xa7000 6.00.2900.2937 C:\WINDOWS\system32\WININET.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll

0x77170000 0xa0000 6.00.2900.2960 C:\WINDOWS\system32\urlmon.dll

0x01330000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll

0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv

0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x00fb0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x03960000 0x13000 5.00.0001.0018 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll

0x75be0000 0x6e000 5.06.0000.8831 c:\windows\system32\jscript.dll

0x039d0000 0xc000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll

0x039e0000 0xc000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\FSSync.dll

0x039f0000 0x1d000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll

0x03a10000 0x9000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ccclient.dll

0x03a20000 0x8000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll

0x03a30000 0x24000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KLUtil.dll

0x20500000 0x11000 5.00.0388.0002 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\rpt.dll

0x03a60000 0x76000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll

0x5dd00000 0x20000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prloader.dll

0x03b00000 0x24000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prkernel.ppl

0x5da00000 0xc000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\prstring.ppl

0x03bb0000 0x17000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_srv.ppl

0x03bd0000 0x18000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_clnt.ppl

0x5db00000 0x7000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\tempfile.ppl

0x73a80000 0x15000 5.01.2600.2709 C:\WINDOWS\system32\mscms.dll

0x10000000 0x13000 4.00.0000.0172 C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll

0x086d0000 0x246000 10.00.0000.3802 C:\WINDOWS\system32\wmvcore.dll

0x070d0000 0x3a000 10.00.0000.3802 C:\WINDOWS\system32\WMASF.DLL

0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL

0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll

0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL

0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL

0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

iexplore.exe pid: 324

Command line: "C:\Program Files\Internet Explorer\iexplore.exe"

 

Base Size Version Path

*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:

*** File timestamp: Wed Jul 05 06:56:38 2006

*** Loaded image timestamp: Wed Jul 05 06:56:39 2006

*** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll

0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll

0x77f40000 0x76000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll

0x77720000 0x16f000 6.00.2900.2937 C:\WINDOWS\system32\SHDOCVW.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x6fee0000 0x54000 5.01.2600.2952 C:\WINDOWS\system32\NETAPI32.dll

0x77aa0000 0xa7000 6.00.2900.2937 C:\WINDOWS\system32\WININET.dll

0x7c9d0000 0x823000 6.00.2900.2951 C:\WINDOWS\system32\SHELL32.dll

0x75f10000 0xfd000 6.00.2900.2937 C:\WINDOWS\system32\BROWSEUI.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x77170000 0xa0000 6.00.2900.2960 C:\WINDOWS\system32\urlmon.dll

0x6d600000 0x2d000 5.00.0060.0005 C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll

0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll

0x76ed0000 0x27000 5.01.2600.2938 C:\WINDOWS\system32\DNSAPI.dll

0x76f70000 0x6000 5.01.2600.2938 C:\WINDOWS\system32\rasadhlp.dll

0x7dbf0000 0x2f5000 6.00.2900.2963 C:\WINDOWS\System32\mshtml.dll

0x74630000 0x27000 3.10.0349.0000 C:\WINDOWS\System32\msls31.dll

0x10000000 0x13000 5.00.0001.0018 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrchpg.dll

0x75be0000 0x6e000 5.06.0000.8831 c:\windows\system32\jscript.dll

0x02240000 0xc000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\scrch_ag.dll

0x02250000 0xc000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\FSSync.dll

0x02260000 0x1d000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\pr_rmt.dll

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x02280000 0x9000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ccclient.dll

0x02290000 0x8000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klipc.dll

0x022a0000 0x24000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KLUtil.dll

0x20500000 0x11000 5.00.0388.0002 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\rpt.dll

0x20200000 0x76000 5.00.0388.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\CCIFACE.dll

0x5dd00000 0x20000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prloader.dll

0x023f0000 0x24000 5.00.0388.0000 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\prkernel.ppl

0x5da00000 0xc000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\prstring.ppl

0x02560000 0x17000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_srv.ppl

0x02580000 0x18000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\pr_clnt.ppl

0x5db00000 0x7000 5.00.0388.0000 c:\program files\kaspersky lab\kaspersky anti-virus personal pro\tempfile.ppl

0x672b0000 0x40000 6.00.2900.2937 C:\WINDOWS\System32\iepeers.dll

0x30000000 0x2de000 9.00.0016.0000 C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx

0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv

0x07510000 0x549000 10.00.0000.4036 C:\WINDOWS\system32\wmp.dll

0x08260000 0x344000 10.00.0000.3646 C:\WINDOWS\system32\wmploc.dll

0x73250000 0x67000 5.06.0000.8820 C:\WINDOWS\system32\vbscript.dll

0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL

0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL

0x79000000 0x45000 2.00.50727.0042 C:\WINDOWS\system32\mscoree.dll

0x63f00000 0xc000 2.00.50727.0042 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll

0x05190000 0x8000 5.01.2600.2937 C:\WINDOWS\system32\xpsp3res.dll

0x761c0000 0x71000 6.00.2900.2937 C:\WINDOWS\System32\mshtmled.dll

0x748f0000 0x130000 8.50.2162.0000 C:\WINDOWS\System32\msxml3.dll

0x7df30000 0x89000 5.02.3790.2744 C:\WINDOWS\System32\hhctrl.ocx

0x68d60000 0x19000 4.74.9273.0000 C:\WINDOWS\System32\mui\000c\hhctrlui.dll

0x68100000 0x24000 5.01.2600.2133 C:\WINDOWS\system32\dssenh.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll

0x73220000 0x5000 5.131.2600.0000 C:\WINDOWS\system32\SOFTPUB.DLL

0x6c270000 0x36000 6.03.2900.2937 C:\WINDOWS\System32\dxtrans.dll

0x6c2b0000 0x5a000 6.03.2900.2937 C:\WINDOWS\System32\dxtmsft.dll

0x506a0000 0x74000 5.08.0000.2469 C:\WINDOWS\System32\wuapi.dll

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 788

Command line: winlogon.exe

 

Base Size Version Path

0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe

*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:

*** File timestamp: Wed Jul 05 06:56:38 2006

*** Loaded image timestamp: Wed Jul 05 06:56:39 2006

*** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll

0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll

0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll

0x6fee0000 0x54000 5.01.2600.2952 C:\WINDOWS\system32\NETAPI32.dll

0x7c9d0000 0x823000 6.00.2900.2951 C:\WINDOWS\system32\SHELL32.dll

0x77f40000 0x76000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll

0x011d0000 0xae000 1.05.0540.0000 C:\WINDOWS\system32\WgaLogon.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

services.exe pid: 832

Command line: C:\WINDOWS\system32\services.exe

 

Base Size Version Path

*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:

*** File timestamp: Wed Jul 05 06:56:38 2006

*** Loaded image timestamp: Wed Jul 05 06:56:39 2006

*** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll

0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll

0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll

0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll

0x7dbc0000 0x21000 5.01.2600.2744 C:\WINDOWS\system32\umpnpmgr.dll

0x6fee0000 0x54000 5.01.2600.2952 C:\WINDOWS\system32\NETAPI32.dll

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll

0x7c9d0000 0x823000 6.00.2900.2951 C:\WINDOWS\system32\SHELL32.dll

0x77f40000 0x76000 6.00.2900.2937 C:\WINDOWS\system32\SHLWAPI.dll

Le volume dans le lecteur C n'a pas de nom.

Le num‚ro de s‚rie du volume est 789D-D796

 

R‚pertoire de C:\Program Files

 

29/09/2006 16:16 <REP> .

29/09/2006 16:16 <REP> ..

02/09/2006 14:35 <REP> Adobe

12/08/2006 09:36 <REP> Analog Devices

12/08/2006 17:58 <REP> AssistantInternet

23/09/2006 15:44 <REP> BeClean

12/08/2006 10:12 <REP> Common Files

12/08/2006 09:22 <REP> ComPlus Applications

29/09/2006 22:17 <REP> ewido anti-spyware 4.0

13/09/2006 07:41 <REP> Fichiers communs

29/09/2006 16:24 <REP> Free Download Manager

09/09/2006 19:23 <REP> Hasbro

13/08/2006 17:31 <REP> Hewlett-Packard

30/09/2006 09:11 <REP> HiJackThis

14/08/2006 23:15 <REP> HP

12/08/2006 09:33 <REP> Intel

29/09/2006 22:18 <REP> Internet Explorer

02/09/2006 09:58 <REP> Java

13/08/2006 10:13 <REP> Kaspersky Lab

12/09/2006 16:27 <REP> KSIGN

26/08/2006 23:28 <REP> Lavasoft

12/08/2006 21:12 <REP> Messenger

12/08/2006 09:24 <REP> microsoft frontpage

20/08/2006 17:22 <REP> Microsoft Office

29/08/2006 15:46 <REP> Microsoft SQL Server

12/08/2006 10:12 <REP> Motive

12/08/2006 16:42 <REP> Movie Maker

12/08/2006 09:22 <REP> MSN

12/08/2006 09:21 <REP> MSN Gaming Zone

30/08/2006 17:22 <REP> MSN Messenger

12/08/2006 16:41 <REP> NetMeeting

13/09/2006 07:40 <REP> Nexon

12/08/2006 21:11 <REP> Outlook Express

13/09/2006 19:38 <REP> RegCleaner

12/08/2006 09:22 <REP> Services en ligne

23/09/2006 13:39 <REP> Spybot - Search & Destroy

23/09/2006 15:49 <REP> Symantec

16/08/2006 12:37 <REP> Teamspeak2_RC2

29/09/2006 16:16 <REP> ToniArts

29/08/2006 15:46 <REP> Vstplugins

12/08/2006 20:40 <REP> Winamp

20/08/2006 17:16 <REP> Windows Media Player

12/08/2006 16:41 <REP> Windows NT

12/08/2006 09:24 <REP> xerox

0 fichier(s) 0 octets

44 R‚p(s) 12ÿ749ÿ377ÿ536 octets libres

C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal Pro\5.0\Bases\Patches\patch_ppro_5.0.388_390_to_5.0.391.exe

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2700_symnet$20consumer_5.0.0_english\Message.exe

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2700_symnet$20consumer_5.0.0_english\setup.exe

C:\Documents and Settings\maxime\Application Data\LimeWire\.NetworkShare\LimeWireWin4.12.6-fixed.exe

C:\Documents and Settings\maxime\Application Data\LimeWire\.NetworkShare\LimeWireWin4.12.6-nopack2.exe

C:\Documents and Settings\maxime\Bureau\ATF-Cleaner.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\blbeta.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\ewido-setup_4.0.0.172b.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\Fixwareout.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\dumphive.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\GenericRenosFix.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\Process.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\Reboot.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\restart.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\SmiUpdate.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\SrchSTS.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\swreg.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\swsc.exe

C:\Documents and Settings\maxime\Bureau\Nettoyage\SmitfraudFix\unzip.exe

C:\Documents and Settings\maxime\Local Settings\Temporary Internet Files\Content.IE5\89ATCDEF\blbeta[1].exe

C:\Documents and Settings\maxime\Mes documents\Mes fichiers re‡us\Kaspersky Anti-Virus Personal Pro 5.0.390[www.yahaa.org]\Kaspersky Anti-Virus Personal Pro 5.0.390[www.yahaa.org]\kav5.0.388_personalproen.exe

C:\Documents and Settings\yves\Mes documents\RegCleaner.exe

--------------------------

Voila ! Je sens déjà moins de ralentissement !

[maxcool99]

Je recommence a sentir les ralentissements.. et avoir 150ping sur counter-strike.. des 125-1000 ping sur ventrilo.. J'va peter les plombs -_-

Modifié le 30 septembre 2006 par maxcool99

[maxcool99]

Je viens de faire un analyse en mode sans échec avec AntiVir et il a detecté : WIN95/Blumblebee.1738 ( Je pense qu'il est très dangereux ) et j'ai cliquer sur Delete pour qu'il le supprime

 

Est-il dangereux se WIN95/Blumblebee.1738 ?

Modifié le 30 septembre 2006 par maxcool99

[Thanos]

salut

 

malheureusement , aucun détail sur ce WIN95/Blumblebee.1738 !! est ce que tu as conservé le rapport d'Antivir à tout hasard?si oui, poste le stp.

les rapports ne montrent rien...est ce que tu rencontres toujours le même problème? il est possible que ca ne vienne pas de ton pc, mais plutôt du serveur!

Tiens quelques infos à ce propos => http://www.siteduzero.com/tuto-3-362-1-halte-au-lag.html

 

je pense que ton problème n'est pas d'origine infectieuse!

 

Dis moi si tu as trouvé