probleme carte réseau il me semble!!! • page 4

[joedalton]

Tu as rentrer ta clef Wep?
postes nous ton rapport hijackthis tu est peu etre infecté!!!
Sinon suis les conseilles du tuto a Psychocat pour l'installer par la suite

[tupac43]

voila mon rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:12, on 28/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32 askeng.exe
C:WindowsExplorer.EXE
C:Windowsehomeehtray.exe
C:Windowsehomeehmsas.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
C:WindowsSystem32mobsync.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
C:Windowssystem32wuauclt.exe
E:HiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.packardbell.com/?id=9136
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:Windowssystem32userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program FilesGoogleGoogle_BAEBAE.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [EPSON Stylus DX4000 Series] C:Windowssystem32spoolDRIVERSW32X863E_FATIBEE.EXE /FU "C:WindowsTEMPE_S89F6.tmp" /EF "HKLM"
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [drvsyskit] C:UsersHugoAppDataRoamingdriverswinupgro.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [ccleaner] "C:Program FilesCCleanerCCleaner.exe" /AUTO (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [ccleaner] "C:Program FilesCCleanerCCleaner.exe" /AUTO (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:Program FilesCommon FilesAutodesk Sharedacstart16.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3Office10EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie_ctx.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra 'Tools' menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O13 - Gopher Prefix:
O17 - HKLMSystemCCSServicesTcpip..{BC2C0E78-7E3B-416B-9F41-47A397E25B2C}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:Program FilesCarboniteCarbonite Backupcarboniteservice.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:Program FilesO2Micro Flash Memory Card Drivero2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:Windowssystem32IoctlSvc.exe

--
End of file - 7905 bytes

[tupac43]

je n'arrive plus a me connecter.
j'ai une connection limité que faire?

[joedalton]

Bon tu vas pouvoir fixer ces lignes a l'aide de hijackthis

F2 - REG:system.ini: UserInit=C:Windowssystem32userinit.exe

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)

O4 - HKCU..Run: [drvsyskit] C:UsersHugoAppDataRoamingdriverswinupgro.exe

[tupac43]

j'ai donc fait fix checked les élément que vous m'avez dit mais je n'avais plus
O4 - HKCU..Run: [drvsyskit] C:UsersHugoAppDataRoamingdriverswinupgro.exe
je ne sais pas pourquoi.
Que dois-je faire maintenant?
Merci joedalton c'est vraiment gentil à vous.

[tupac43]

voila donc mon nouveau rapport :
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:17, on 29/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32 askeng.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
C:Windowsehomeehmsas.exe
C:WindowsSystem32mobsync.exe
C:Windowssystem32wbemunsecapp.exe
C:UsersHugoDesktopHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.packardbell.com/?id=9136
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5coIEPlg.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program FilesGoogleGoogle_BAEBAE.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.5CoIEPlg.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [EPSON Stylus DX4000 Series] C:Windowssystem32spoolDRIVERSW32X863E_FATIBEE.EXE /FU "C:WindowsTEMPE_S89F6.tmp" /EF "HKLM"
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [ccleaner] "C:Program FilesCCleanerCCleaner.exe" /AUTO (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [ccleaner] "C:Program FilesCCleanerCCleaner.exe" /AUTO (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:Program FilesCommon FilesAutodesk Sharedacstart16.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~3Office10EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie_ctx.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra 'Tools' menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:Program FilesCarboniteCarbonite Backupcarboniteservice.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:Program FilesO2Micro Flash Memory Card Drivero2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:Windowssystem32IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe

--
End of file - 7560 bytes

[joedalton]

Salut tu rapport est super propre génial...
ps:tu peut me tutoyer pas de probleme

Sinon comment est ta connection?

[tupac43]

je ne peux toujours pas me conencter a internet car j'ai une connection limité avec IPv6
Je ne sais pas pourquoi!
avant ma wifi n'avais pas ce soucis

[tupac43]

Je n'ose pas vous tutoyer lol.
Mais je vais essayer

[tupac43]

j'ai télécharger combo fix et voila mon rapport et surtout es-ce qu'il est bon?

ComboFix 08-12-28.03 - Hugo 2008-12-29 15:46:30.1 - NTFSx86
Microsoft® Windows Vista™ Edition Familiale Premium 6.0.6001.1.1252.1.1036.18.3322.2514 [GMT 1:00]
Lancé depuis: c:usersHugoDesktopCombo-Fix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:InfoSat.txt
c:usersHugoAppDataRoamingdriversdownld
c:usersHugoAppDataRoamingdriverssrosa2.sys
c:usersHugoAppDataRoamingdriverswinupgro.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------Legacy_SK9OU0S
-------Legacy_SROSA
-------Service_sK9Ou0s


((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 ))))))))))))))))))))))))))))))))))))
.

2008-12-28 18:11 . 2008-12-28 18:11 <REP> d-------- c:program filesSAGEM
2008-12-28 18:11 . 2004-08-20 18:02 159,744 --a------ c:windowsUninstWiFi.exe
2008-12-28 14:17 . 2008-12-29 15:30 <REP> d-------- c:usersAll UsersSpybot - Search & Destroy
2008-12-28 14:17 . 2008-12-28 16:15 <REP> d-------- c:program filesSpybot - Search & Destroy
2008-12-28 14:17 . 2008-12-29 15:30 <REP> d-------- c:progra~2Spybot - Search & Destroy
2008-12-28 13:45 . 2008-12-28 14:33 <REP> d-------- c:usersAll UsersLavasoft
2008-12-28 13:45 . 2008-12-28 14:33 <REP> d-------- c:progra~2Lavasoft
2008-12-27 16:57 . 2008-12-28 14:22 <REP> d-------- c:program filesCCleaner
2008-12-27 15:33 . 2008-12-27 15:33 <REP> d-------- c:program filesAlwil Software
2008-12-27 15:33 . 2003-03-18 22:20 1,060,864 --a------ c:windowsSystem32MFC71.dll
2008-12-25 21:36 . 2008-12-29 15:47 <REP> d--h----- c:usersHugoAppDataRoamingdrivers
2008-12-19 21:32 . 2008-12-19 21:32 <REP> d-------- c:usersAll UserseMule
2008-12-19 21:32 . 2008-12-19 21:32 <REP> d-------- c:progra~2eMule
2008-12-19 21:29 . 2008-12-19 21:29 <REP> d-------- c:program fileseMule
2008-12-13 08:45 . 2008-10-22 02:22 2,048 --a------ c:windowsSystem32 zres.dll
2008-12-12 16:45 . 2008-11-01 02:21 4,240,384 --a------ c:windowsSystem32GameUXLegacyGDFs.dll
2008-12-12 16:45 . 2008-10-21 06:25 296,960 --a------ c:windowsSystem32gdi32.dll
2008-12-12 16:45 . 2008-11-01 04:44 28,672 --a------ c:windowsSystem32Apphlpdm.dll
2008-12-12 16:44 . 2008-10-29 07:29 2,927,104 --a------ c:windowsexplorer.exe
2008-12-12 16:44 . 2008-06-23 02:59 2,868,736 --a------ c:windowsSystem32mf.dll
2008-12-12 16:44 . 2008-06-23 02:59 996,352 --a------ c:windowsSystem32WMNetMgr.dll
2008-12-12 16:44 . 2008-10-16 05:47 827,392 --a------ c:windowsSystem32wininet.dll
2008-12-12 16:44 . 2008-06-23 02:58 94,720 --a------ c:windowsSystem32logagent.exe
2008-12-11 19:17 . 2008-12-11 19:17 0 --a------ c:windows
sreg.dat
2008-12-07 21:15 . 2008-12-26 00:35 69 --a------ c:windowsNeroDigital.ini
2008-12-03 13:02 . 2005-12-09 02:03 71,168 --a------ c:windowsSystem32E_FLBBEE.DLL
2008-12-03 13:02 . 2005-04-11 02:01 62,976 --a------ c:windowsSystem32E_FD4BBEE.DLL
2008-12-03 13:02 . 2004-09-10 21:12 49,152 --a------ c:windowsSystem32E_DCINST.DLL
2008-12-03 12:56 . 2008-12-03 13:04 <REP> d-------- c:program filesepson
2008-12-03 12:56 . 2005-02-25 00:00 46,080 --a------ c:windowsSystem32escimgd.dll
2008-12-03 12:56 . 2005-02-25 00:00 29,696 --a------ c:windowsSystem32escwiad.dll
2008-12-03 12:56 . 2005-02-25 00:00 22,016 --a------ c:windowsSystem32esccmd.dll
2008-12-03 12:55 . 2008-12-03 12:55 27 --a------ c:windowsCDE DX4000EFDG.ini
2008-12-02 17:48 . 2008-12-02 17:48 <REP> d-------- c:program files3DO
2008-12-01 21:27 . 1998-10-07 14:08 327,168 --a------ c:windowsIsUn040c.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 14:49 1,572,864 --sha-w c:usersInvitéNTUSER.DAT
2008-12-29 14:49 1,572,864 --sha-w c:usersInvitéNTUSER.DAT
2008-12-28 17:11 --------- d--h--w c:program filesInstallShield Installation Information
2008-12-28 17:11 --------- d-----w c:program filesCommon FilesInstallShield
2008-12-28 13:38 --------- d-----w c:program filesGoogle
2008-12-27 15:43 174 --sha-w c:program filesdesktop.ini
2008-12-24 21:03 --------- d-----w c:usersHugoAppDataRoamingdvdcss
2008-12-20 12:20 --------- d-----w c:program filesMicrosoft.NET
2008-12-13 07:52 --------- d-----w c:program filesWindows Mail
2008-12-13 07:51 --------- d-----w c:progra~2Microsoft Help
2008-12-02 16:43 --------- d-----w c:usersHugoAppDataRoamingAutodesk
2008-12-02 16:40 --------- d-----w c:progra~2Autodesk
2008-12-02 16:39 --------- d-----w c:program filesCommon FilesAutodesk Shared
2008-12-02 16:38 --------- d-----w c:program filesAutoCAD 2006
2008-12-02 16:38 --------- d-----w c:program filesAnswerWorks 4.0
2008-11-20 17:08 --------- d-----w c:program filesSKTools
2008-11-16 21:38 0 ---ha-w c:windowssystem32driversMsft_User_WpdRapi2_01_00_00.Wdf
2008-11-15 20:59 0 ---ha-w c:windowssystem32driversMsft_User_WpdRapi_01_00_00.Wdf
2008-11-08 11:39 --------- d-----w c:program filesCommon FilesSymantec Shared
2008-11-01 13:01 92,181 ----a-w c:windowsCute Kitties Screen Saver Uninstaller.exe
2008-11-01 12:14 --------- d-----w c:program filesFreeze.com
2008-11-01 03:44 541,696 ----a-w c:windowsAppPatchAcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:windowsAppPatchiebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:windowsAppPatchAcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:windowsAppPatchAcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:windowsAppPatchAcXtrnal.dll
2008-10-31 17:48 --------- d-----w c:usersHugoAppDataRoamingvlc
2008-10-31 17:47 --------- d-----w c:program filesVideoLAN
2008-10-29 22:22 --------- d-----w c:progra~2Symantec
2008-10-20 18:48 106 ----a-w c:usersHugoAppDataRoamingwklnhst.dat
2008-06-30 11:44 324,976 ----a-w c:program filesmozilla firefoxcomponentscoFFPlgn.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersCarbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOTCLSID{95A27763-F62A-4114-9072-E81D87DE3B68}]
2008-08-18 08:51 527304 -ra------ c:program filesCarboniteCarbonite BackupCarboniteNSE.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersCarbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOTCLSID{E300CD91-100F-4E67-9AF3-1384A6124015}]
2008-08-18 08:51 527304 -ra------ c:program filesCarboniteCarbonite BackupCarboniteNSE.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersCarbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOTCLSID{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2008-08-18 08:51 527304 -ra------ c:program filesCarboniteCarbonite BackupCarboniteNSE.dll

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ehTray.exe"="c:windowsehomeehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:program filesWindows Media PlayerWMPNSCFG.exe" [2008-01-21 202240]
"SpybotSD TeaTimer"="c:program filesSpybot - Search & DestroyTeaTimer.exe" [2008-07-07 2156368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"ccApp"="c:program filesCommon FilesSymantec SharedccApp.exe" [2008-12-28 51048]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
"ccleaner"="c:program filesCCleanerCCleaner.exe" [2008-12-19 1434864]

c:usersHugoAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
OneNote 2007 - Capture d',cran et lancement.lnk - c:program filesMicrosoft OfficeOffice12ONENOTEM.EXE [2007-12-07 101440]

c:progra~2MICROS~1WindowsSTARTM~1ProgramsStartup
Acc,l,rateur de d,marrage AutoCAD.lnk - c:program filesCommon FilesAutodesk Sharedacstart16.exe [2005-03-05 10872]
BTTray.lnk - c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2007-10-02 727592]

c:usersHugoAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartup
OneNote 2007 - Capture d',cran et lancement.lnk - c:program filesMicrosoft OfficeOffice12ONENOTEM.EXE [2007-12-07 101440]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"EnableUIADesktopToggle"= 0 (0x0)

[HKLM~startupfolderC:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:programdataMicrosoftWindowsStart MenuProgramsStartupMicrosoft Office.lnk
backup=c:windowspssMicrosoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
--a------ 2008-01-11 21:16 39792 c:program filesAdobeReader 8.0Reader eader_sl.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCarbonite Backup]
-ra------ 2008-08-18 08:51 600008 c:program filesCarboniteCarbonite BackupCarboniteUI.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-01-14 13:12 1688872 c:program filesCommon FilesNeroLibNMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSmpcSys]
--a------ 2008-02-04 11:13 1038136 c:program filesPackard BellSetUpMyPCSmpSys.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregStartCCC]
--a------ 2008-01-21 11:17 61440 c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSynTPEnh]
--a------ 2007-06-08 03:53 894512 c:program filesSynapticsSynTPSynTPEnh.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreg oolbar_eula_launcher]
--a------ 2007-02-20 17:20 28672 c:program filesPackard BellGOOGLE_EULAEULALauncher.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWindows Mobile Device Center]
--a------ 2007-05-31 09:21 648072 c:windowsWindowsMobilewmdc.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRtHDVCpl]
--a------ 2008-06-27 04:42 6295552 c:windowsRtHDVCpl.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerSvcS-1-5-21-3047808049-51775153-882078025-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicyFirewallRules]
"{2897CA9D-CAB6-4F83-9229-915094C19AD7}"= Disabled:UDP:c:program filesAdobePhotoshop Elements 6.0AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{9251A774-E712-4264-BBCE-459B49949AB5}"= Disabled:TCP:c:program filesAdobePhotoshop Elements 6.0AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{381120F4-7E6C-4F8F-B6E1-96F5B179DF30}"= UDP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
"{4D531D75-2299-4525-9014-19DF5FF3F076}"= TCP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
"{026880E2-89CF-4914-8FDD-EE25D77DE8CB}"= c:program filesWindows LiveMessengerlivecall.exe:Windows Live Messenger (Phone)
"{158AC9D2-E52A-461A-80A0-50AED3532FF3}"= c:program filesSkypePhoneSkype.exe:Skype
"TCP Query User{E9F3C936-6BB6-48C9-9A09-B82812884DDC}c:\program files\emule\emule.exe"= UDP:c:program filesemuleemule.exe:eMule
"UDP Query User{9E8764FE-0104-482A-9D88-6950C67BDB90}c:\program files\emule\emule.exe"= TCP:c:program filesemuleemule.exe:eMule

[HKLM~servicessharedaccessparametersfirewallpolicyPublicProfile]
"EnableFirewall"= 0 (0x0)

R1 IDSvix86;Symantec Intrusion Prevention Driver;??c:progra~2SymantecDEFINI~1SymcDataipsdefs20081220.001IDSvix86.sys [2008-12-21 270384]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:program filesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:windowssystem32svchost.exe -k netsvcs [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service;c:program filesSpybot - Search & DestroySDWinSec.exe [2008-12-28 809296]
R3 O2MDRDR;O2MDRDR;c:windowssystem32DRIVERSo2media.sys [2008-05-13 51288]
R3 O2SDRDR;O2SDRDR;c:windowssystem32DRIVERSo2sd.sys [2008-05-13 43736]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:windowssystem32DRIVERSRTL8187B.sys [2008-08-23 288768]
S2 LiveUpdate Notice;LiveUpdate Notice;"c:program filesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon [2008-02-06 149352]
S3 COH_Mon;COH_Mon;??c:windowssystem32DriversCOH_Mon.sys [2008-01-12 23888]
S3 SYMNDISV;SYMNDISV;c:windowssystem32DriversSYMNDISV.SYS [2008-06-13 41008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost - NetSvcs
ezSharedSvc

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1f57ce92-9c7d-11dd-8961-806e6f6e6963}]
shellAutoRuncommand - D:LiveBox.EXE

*Newly Created Service* - COMHOST
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-Google Desktop Search - c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe
MSConfigStartUp-trioService - c:progra~1Freeze.comLiving 3D Dolphins rioService.exe



**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 15:50:56
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(636)
c:program filesCarboniteCarbonite BackupCarboniteNSE.dll
c:windowssystem32tmmhook.dll
c:windowssystem32tncopy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:windowsSystem32Ati2evxx.exe
c:windowsSystem32audiodg.exe
c:windowsSystem32Ati2evxx.exe
c:program filesCarboniteCarbonite BackupCarboniteService.exe
c:program filesCommon Filesmicrosoft sharedVS7Debugmdm.exe
c:program filesNeroNero8Nero BackItUpNBService.exe
c:program filesO2Micro Flash Memory Card Drivero2flash.exe
c:windowsSystem32IoctlSvc.exe
c:windowsSystem32conime.exe
c:program filesWindows Media Playerwmpnetwk.exe
c:windowsehomeehmsas.exe
c:windowsSystem32wbemunsecapp.exe
c:windowsSystem32VSSVC.exe
c:windowsservicingTrustedInstaller.exe
c:windowsSystem32dllhost.exe
.
**************************************************************************
.
Heure de fin: 2008-12-29 16:00:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-29 15:00:28

Avant-CF: 103 056 019 456 octets libres
Après-CF: 102,542,483,456 octets libres

232 --- E O F --- 2008-12-25 20:05:35

[joedalton]

Désolé Tupac mais je ne connais pas trop combofix

[tupac43]

ah ben tant pis mais merci quand même.
Tu n'as quand mm pas une réponse pourquoi ma connection reste limité même après avoir apparament viré ce Bagle?

[joedalton]

tu as fais ta réinstallatation en suivant les conseils du tuto a Psychocat?

[tupac43]

oui j'ai bien suivi ces conseil!

[jyl2803]

j'ai une connection limité avec IPv6

ça, ça me dérange. Pourquoi IpV6 et non IpV4 ??? je ne crois pas qu'il y ait beuacoup de FAI fonctionnant IpV6 (à part free, me semble t il ??)

Maintenant, comment repasser en V4, je ne sais pas, je n'ai pas de livebox...

Par ailleurs, l'aide microsoft demande de démarre le service téléphonie et le service RPC je crois (service d'accès à distance) . Est ce fait ?