× Aidez la recherche contre le COVID-19 avec votre ordi ! Rejoignez l'équipe PC Astuces Folding@home
 > Tous les forums > Forum Sécurité
 aider moi svp,mon ordi est trés lent au démarrage
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
misterdy
  Posté le 08/10/2008 @ 16:55 
Aller en bas de la page 
Nouvel astucien

slt mon ordi est trés lent au démarrage, et g souvent un message d'érreur:

L'instruction à "0x012c7d2d" emploie l'adresse mémoire "0x00000000". La mémoire ne peut pas être "written".

aidez moi svp voici un rapport:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Misterdy at 2008-10-08 18:52:52
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 11 GB (13%) free of 79 GB
Total RAM: 3070 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:54, on 08/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\WINDOWS\System32\smss.exe
C:\WINDOWS\WINDOWS\system32\winlogon.exe
C:\WINDOWS\WINDOWS\system32\services.exe
C:\WINDOWS\WINDOWS\system32\lsass.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe
C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\WINDOWS\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\ApvxdWin.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ASUS\AI Gear\GearHelp.exe
C:\Program Files\ASUS\AI Booster\OverClk.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\WINDOWS\system32\dumprep.exe
C:\WINDOWS\WINDOWS\system32\dumprep.exe
C:\WINDOWS\WINDOWS\system32\dwwin.exe
C:\WINDOWS\WINDOWS\system32\dwwin.exe
C:\WINDOWS\WINDOWS\system32\dumprep.exe
C:\WINDOWS\WINDOWS\system32\dwwin.exe
C:\WINDOWS\WINDOWS\system32\dumprep.exe
C:\WINDOWS\WINDOWS\system32\dwwin.exe
C:\WINDOWS\WINDOWS\explorer.exe
C:\Documents and Settings\Misterdy\Mes documents\téléchar\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Misterdy.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\avciman.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\psimreal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\AI Gear\GearHelp.exe"
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215475890671
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1217337138619&h=2c3920350a9de81ccdc322dba702228f/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe

--
End of file - 11830 bytes

======Scheduled tasks folder======

C:\WINDOWS\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-07-09 2582136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-07-09 654320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-07-09 2582136]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"JMB36X IDE Setup"=C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"36X Raid Configurer"=C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe [2006-11-16 1953792]
"Ai Gear Help"=C:\Program Files\ASUS\AI Gear\GearHelp.exe [2006-07-27 415744]
"Launch Ai Booster"=C:\Program Files\ASUS\AI Booster\OverClk.exe [2006-11-28 3714048]
"AsusStartupHelp"=C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe [2006-11-14 363008]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"UserFaultCheck"=C:\WINDOWS\WINDOWS\system32\dumprep 0 -u []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NvCplDaemon"=C:\WINDOWS\WINDOWS\system32\NvCpl.dll [2008-03-24 13524992]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\WINDOWS\system32\NvMcTray.dll [2008-03-24 86016]
"APVXDWIN"=C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE [2008-07-16 857344]
"SCANINICIO"=C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe [2008-07-07 50432]
"KernelFaultCheck"=C:\WINDOWS\WINDOWS\system32\dumprep 0 -k []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"ctfmon.exe"=C:\WINDOWS\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-07-09 9216]
"Center Agent"=C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [2007-07-13 1435648]

C:\Documents and Settings\Misterdy\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\WINDOWS\WINDOWS\system32\avldr.dll [2008-03-18 58672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\TightVNC\WinVNC.exe"="C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server"
"C:\Program Files\TightVNC\vncviewer.exe"="C:\Program Files\TightVNC\vncviewer.exe:*:Enabled:vncviewer"
"C:\Program Files\UltraVNC\vncviewer.exe"="C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:VNCViewer"
"C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Disabled:GRAW"
"C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\Misterdy\Mes documents\eMule0.49a\emule.exe"="C:\Documents and Settings\Misterdy\Mes documents\eMule0.49a\emule.exe:*:Enabled:eMule"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Valve\CStrike_1.6\hl.exe"="C:\Program Files\Valve\CStrike_1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"C:\Program Files\Counter-Strike 1.6 V35\hl.exe"="C:\Program Files\Counter-Strike 1.6 V35\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11aefc8c-6ed7-11dd-ac89-001e8ce1ec2b}]
shell\AutoRun\command - C:\WINDOWS\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cftmonn.exe
shell\setup\command - cftmonn.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1a3f3e-8d21-11dd-acea-001e8ce1ec2b}]
shell\AutoRun\command - RavMon.exe
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51a999f1-802c-11dd-acb1-001e8ce1ec2b}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5ca3fe8-8fd0-11dd-acf3-001e8ce1ec2b}]
shell\AutoRun\command - RavMon.exe
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe


======File associations======

.js - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*
.vbs - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*

======List of files/folders created in the last 1 months======

2008-10-08 18:07:54 ----RASHD---- C:\autorun.inf
2008-10-07 20:13:33 ----D---- C:\Program Files\Microsoft Bootvis
2008-10-07 18:42:58 ----D---- C:\rsit
2008-10-05 20:43:41 ----D---- C:\Documents and Settings\Misterdy\Application Data\Apple Computer
2008-10-05 20:43:30 ----A---- C:\WINDOWS\WINDOWS\system32\GEARAspi.dll
2008-10-05 20:43:08 ----D---- C:\Program Files\iPod
2008-10-05 20:43:05 ----D---- C:\Program Files\iTunes
2008-10-05 20:43:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-05 20:42:46 ----D---- C:\Program Files\Bonjour
2008-10-05 20:41:59 ----D---- C:\Program Files\QuickTime
2008-10-05 20:41:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-10-05 20:41:38 ----D---- C:\Program Files\Apple Software Update
2008-10-05 20:41:07 ----D---- C:\Program Files\Fichiers communs\Apple
2008-10-05 20:41:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-10-03 19:12:02 ----D---- C:\Program Files\Microsoft Games
2008-10-02 20:11:56 ----A---- C:\WINDOWS\WINDOWS\SchedLgU.Txt
2008-10-02 16:42:39 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB941568$
2008-10-01 21:34:10 ----D---- C:\UT2004
2008-10-01 19:17:55 ----A---- C:\WINDOWS\WINDOWS\TVP3XDrv.ini
2008-10-01 18:47:04 ----D---- C:\Program Files\SuperCopier
2008-09-30 22:01:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\Malwarebytes
2008-09-30 22:01:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-30 22:01:39 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-30 21:09:33 ----A---- C:\cleannavi2.txt
2008-09-30 20:59:21 ----A---- C:\cleannavi.txt
2008-09-30 18:11:14 ----A---- C:\fixnavi.txt
2008-09-30 17:58:38 ----D---- C:\Program Files\Navilog1
2008-09-30 06:50:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\DivX
2008-09-29 20:50:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
2008-09-29 20:01:49 ----A---- C:\WINDOWS\WINDOWS\system32\msvbvm60.dll
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxinsi64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxinsa64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxcpyi64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxcpya64.exe
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\vxblock.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxwave.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxsfs.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxhpinst.exe
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxdrv.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxafs.dll
2008-09-29 19:25:44 -------- C:\WINDOWS\WINDOWS\system32\pxmas.dll
2008-09-29 19:25:44 -------- C:\WINDOWS\WINDOWS\system32\px.dll
2008-09-29 18:57:03 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-27 19:46:37 ----D---- C:\WINDOWS\WINDOWS\pss
2008-09-27 19:21:20 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB921503$
2008-09-27 18:50:26 ----HDC---- C:\WINDOWS\WINDOWS\ie8
2008-09-27 14:53:59 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB904706$
2008-09-27 14:39:43 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB919007$
2008-09-27 14:29:03 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB938829$
2008-09-27 00:10:41 ----HD---- C:\WINDOWS\WINDOWS\system32\GroupPolicy
2008-09-25 15:55:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Backup
2008-09-25 15:54:59 ----A---- C:\WINDOWS\WINDOWS\system32\HHActiveX.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\TpUtil.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\SYSTOOLS.DLL
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\PavLspHook.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\pavipc.dll
2008-09-25 15:54:44 ----A---- C:\WINDOWS\WINDOWS\system32\PavSHook.dll
2008-09-25 15:54:31 ----D---- C:\WINDOWS\WINDOWS\system32\PAV
2008-09-25 15:54:31 ----A---- C:\WINDOWS\WINDOWS\system32\avldr.dll
2008-09-25 15:54:28 ----D---- C:\Program Files\Panda Security
2008-09-25 15:54:28 ----D---- C:\Documents and Settings\Misterdy\Application Data\Panda Security
2008-09-25 15:54:28 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2008-09-25 15:52:59 ----D---- C:\Program Files\Fichiers communs\Panda Security
2008-09-25 15:07:33 ----D---- C:\WINDOWS\WINDOWS\Minidump
2008-09-25 14:24:09 ----D---- C:\Temp
2008-09-25 13:32:03 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot_bak
2008-09-25 12:04:08 ----D---- C:\Documents and Settings\Misterdy\Application Data\Ubisoft
2008-09-25 12:04:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-09-25 11:54:53 ----D---- C:\Documents and Settings\Misterdy\Application Data\InstallShield
2008-09-25 09:37:53 ----A---- C:\WINDOWS\WINDOWS\system32\IJL15.dll
2008-09-22 11:24:02 ----A---- C:\WINDOWS\WINDOWS\system32\WNASPI2K.BAK
2008-09-22 11:22:59 ----D---- C:\WINDOWS\WINDOWS\system32\QuickTime
2008-09-19 20:35:40 ----RA---- C:\WINDOWS\WINDOWS\system32\vp6vfw.dll
2008-09-18 15:49:20 ----D---- C:\WINDOWS\WINDOWS\system32\URTTEMP
2008-09-18 15:46:00 ----A---- C:\WINDOWS\WINDOWS\system32\pbsvc.exe
2008-09-18 09:10:52 ----A---- C:\WINDOWS\WINDOWS\system32\ScrUnZip.dll
2008-09-16 02:14:26 ----A---- C:\WINDOWS\WINDOWS\system32\DivXsm.exe
2008-09-16 02:14:24 ----A---- C:\WINDOWS\WINDOWS\system32\qt-dx331.dll
2008-09-16 02:12:54 ----A---- C:\WINDOWS\WINDOWS\system32\ssldivx.dll
2008-09-16 02:12:54 ----A---- C:\WINDOWS\WINDOWS\system32\libdivx.dll
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dtu100.dll.manifest
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dtu100.dll
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dpl100.dll.manifest
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dpl100.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpv11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpus11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpuGUI11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpuGUI10.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpu11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpu10.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx11.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx0c.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx0a.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx07.dll
2008-09-16 02:11:56 ----A---- C:\WINDOWS\WINDOWS\system32\DivX.dll
2008-09-16 02:11:28 ----A---- C:\WINDOWS\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-16 02:11:10 ----A---- C:\WINDOWS\WINDOWS\system32\DivXWMPExtType.dll
2008-09-14 22:47:59 ----D---- C:\Documents and Settings\Misterdy\Application Data\codeblocks
2008-09-14 20:18:41 ----D---- C:\Program Files\Kaspersky Lab
2008-09-14 20:09:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-09-14 15:38:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\Help
2008-09-10 20:23:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-09-10 20:22:25 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallXPSEPSCLP$
2008-09-10 19:32:56 ----D---- C:\WINDOWS\WINDOWS\system32\XPSViewer
2008-09-10 19:32:42 ----D---- C:\WINDOWS\WINDOWS\system32\en-us
2008-09-10 19:31:33 -------- C:\WINDOWS\WINDOWS\system32\spmsg2.dll

======List of files/folders modified in the last 1 months======

2008-10-08 18:52:17 ----D---- C:\WINDOWS\WINDOWS\Temp
2008-10-08 18:49:58 ----D---- C:\WINDOWS\WINDOWS\Prefetch
2008-10-08 18:07:30 ----D---- C:\Program Files\Mozilla Firefox
2008-10-08 18:01:36 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot2
2008-10-08 17:56:45 ----D---- C:\WINDOWS\WINDOWS\system32\drivers
2008-10-08 17:55:57 ----AD---- C:\WINDOWS\WINDOWS\system32
2008-10-07 21:01:47 ----A---- C:\AUTOEXEC.BAT
2008-10-07 20:52:16 ----A---- C:\WINDOWS\WINDOWS\system32\PerfStringBackup.INI
2008-10-07 20:16:12 ----D---- C:\WINDOWS\WINDOWS\system32\Logfiles
2008-10-07 20:13:35 ----SHD---- C:\WINDOWS\WINDOWS\Installer
2008-10-07 20:13:35 ----SD---- C:\Documents and Settings\Misterdy\Application Data\Microsoft
2008-10-07 20:13:35 ----D---- C:\Config.Msi
2008-10-07 20:13:33 ----D---- C:\Program Files
2008-10-07 19:26:22 ----D---- C:\WINDOWS\WINDOWS\system32\config
2008-10-07 19:26:01 ----D---- C:\WINDOWS\WINDOWS\system32\wbem
2008-10-07 19:26:01 ----D---- C:\WINDOWS\WINDOWS\Registration
2008-10-07 19:21:13 ----N---- C:\WINDOWS\WINDOWS\win.ini
2008-10-07 19:21:13 ----N---- C:\WINDOWS\WINDOWS\system.ini
2008-10-07 19:21:13 ----ASH---- C:\boot.ini
2008-10-05 21:41:39 ----HD---- C:\WINDOWS\WINDOWS\inf
2008-10-05 20:43:30 ----DC---- C:\WINDOWS\WINDOWS\system32\DRVSTORE
2008-10-05 20:41:43 ----SD---- C:\WINDOWS\WINDOWS\Tasks
2008-10-05 20:41:07 ----D---- C:\Program Files\Fichiers communs
2008-10-05 20:00:23 ----A---- C:\WINDOWS\WINDOWS\NeroDigital.ini
2008-10-03 21:28:25 ----D---- C:\WINDOWS\WINDOWS\system32\DirectX
2008-10-03 21:28:24 ----RSD---- C:\WINDOWS\WINDOWS\assembly
2008-10-02 16:42:19 ----HD---- C:\WINDOWS\WINDOWS\$hf_mig$
2008-10-02 15:36:13 ----D---- C:\Program Files\Google
2008-10-01 22:08:03 ----D---- C:\Program Files\SuperCopier2
2008-10-01 21:34:43 ----D---- C:\Program Files\VstPlugins
2008-10-01 20:09:56 ----SHD---- C:\RECYCLER
2008-10-01 19:19:53 ----D---- C:\Program Files\CyberLink
2008-10-01 19:19:49 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-01 19:17:48 ----RSHDC---- C:\WINDOWS\WINDOWS\system32\dllcache
2008-09-30 23:38:46 ----D---- C:\WINDOWS\WINDOWS\security
2008-09-30 23:37:34 ----D---- C:\Documents and Settings\Misterdy\Application Data\Desktopicon
2008-09-30 22:27:04 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2008-09-30 22:25:49 ----D---- C:\Program Files\Adobe
2008-09-30 21:51:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-29 20:50:33 ----SD---- C:\WINDOWS\WINDOWS\Downloaded Program Files
2008-09-29 19:26:25 ----D---- C:\Program Files\DivX
2008-09-29 18:57:01 ----D---- C:\WINDOWS\WINDOWS\AppPatch
2008-09-29 18:56:56 ----D---- C:\Program Files\WinRAR
2008-09-29 18:56:56 ----D---- C:\Program Files\Unlocker
2008-09-29 18:56:50 ----D---- C:\Program Files\CCleaner
2008-09-29 18:49:49 ----D---- C:\WINDOWS\WINDOWS\Debug
2008-09-29 18:19:05 ----D---- C:\Program Files\Olympus
2008-09-27 20:36:08 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-27 18:58:19 ----D---- C:\WINDOWS\WINDOWS\system32\fr-fr
2008-09-27 18:58:18 ----D---- C:\WINDOWS\WINDOWS\Media
2008-09-27 18:58:18 ----D---- C:\Program Files\Internet Explorer
2008-09-27 18:58:17 ----D---- C:\WINDOWS\WINDOWS\Help
2008-09-27 18:52:14 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot
2008-09-27 14:54:41 ----D---- C:\WINDOWS\WINDOWS\ie7updates
2008-09-27 00:01:22 ----D---- C:\Documents and Settings\Misterdy\Application Data\BitTorrent
2008-09-25 11:55:08 ----D---- C:\Program Files\Ubisoft
2008-09-22 13:35:47 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2008-09-22 13:24:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-22 13:21:05 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2008-09-22 11:24:01 ----D---- C:\WINDOWS\WINDOWS\system
2008-09-19 19:42:04 ----D---- C:\WINDOWS\WINDOWS\WinSxS
2008-09-19 19:41:06 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-09-18 15:46:11 ----A---- C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe
2008-09-18 14:04:38 ----D---- C:\Program Files\Microsoft Works
2008-09-18 08:00:25 ----D---- C:\Program Files\Electronic Arts
2008-09-16 21:14:51 ----D---- C:\Program Files\Microsoft SQL Server
2008-09-14 20:13:45 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-09-12 21:27:24 ----D---- C:\Program Files\Microsoft Silverlight
2008-09-11 21:13:04 ----D---- C:\WINDOWS\WINDOWS\Microsoft.NET
2008-09-10 20:37:30 ----D---- C:\Program Files\Microsoft.NET
2008-09-10 19:35:32 ----D---- C:\WINDOWS\WINDOWS\system32\mui
2008-09-10 19:33:07 ----D---- C:\Program Files\MSBuild
2008-09-10 19:33:02 ----RSD---- C:\WINDOWS\WINDOWS\Fonts
2008-09-10 19:31:52 ----D---- C:\WINDOWS\WINDOWS\system32\spool
2008-09-09 00:22:42 ----A---- C:\WINDOWS\WINDOWS\system32\ieframe.dll.mui
2008-09-09 00:21:12 ----A---- C:\WINDOWS\WINDOWS\system32\advpack.dll.mui

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 APPFLT;App Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\APPFLT.SYS []
R1 AsIO;AsIO; C:\WINDOWS\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 DSAFLT;DSA Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\DSAFLT.SYS []
R1 FNETMON;NetMon Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\fnetmon.SYS []
R1 IDSFLT;Ids Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\IDSFLT.SYS []
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\WINDOWS\WINDOWS\system32\Drivers\NETFLTDI.SYS []
R1 ShldDrv;Panda File Shield Driver; C:\WINDOWS\WINDOWS\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\WNMFLT.SYS []
R2 Aspi32;Aspi32; C:\WINDOWS\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 PAVDRV;pavdrv; C:\WINDOWS\WINDOWS\system32\DRIVERS\pavdrv51.sys [2008-04-28 84024]
R2 PavProc;Panda Process Protection Driver; \??\C:\WINDOWS\WINDOWS\system32\DRIVERS\PavProc.sys []
R3 3xHybrid;3xHybrid service; C:\WINDOWS\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 AvFlt;Antivirus Filter Driver; C:\WINDOWS\WINDOWS\system32\drivers\av5flt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\WINDOWS\WINDOWS\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-24 6547872]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 PavSRK.sys;PavSRK.sys; \??\C:\WINDOWS\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\WINDOWS\system32\PavTPK.sys []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 InCDPass;InCDPass; C:\WINDOWS\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\WINDOWS\system32\drivers\InCDRm.sys []
S3 a11un281;a11un281; C:\WINDOWS\WINDOWS\system32\drivers\a11un281.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Misterdy\LOCALS~1\Temp\catchme.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 vncdrv;vncdrv; C:\WINDOWS\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 VNUSB;VN Series Device; C:\WINDOWS\WINDOWS\system32\DRIVERS\VNUSB.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 InCDFs;InCD File System; C:\WINDOWS\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\WINDOWS\WINDOWS\system32\svchost -k Panda []
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe [2008-07-04 288512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe [2008-07-15 66872]
R2 PSHost;Panda Host Service; c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE [2008-06-12 226608]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TPSrv;Panda TPSrv; C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe [2008-07-17 157440]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S1 udffsrec;udffsrec; C:\WINDOWS\WINDOWS\system32\drivers\udffsrec.sys [2005-05-30 5376]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-09 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\WINDOWS\system32\nvsvc32.exe [2008-03-24 155716]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

Publicité
chrifleur
 Posté le 08/10/2008 à 17:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

bonjour il y a effectivement infection

Ton infection RavMon, c'est une infection qui se propage par les périphériques externes, donc si tu désinfectes ton Pc mais pas tes périphériques - clé USB, DD externe, tout périphérique qui se connecte sur ton PC, etc... cela se relance..
Tu vas faire ceci dans un 1er temps
Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
Télécharge Rav Antivirus: http://www.evosla.com/compteur.php?soft=rav_antivirus
· Clique droit sur le fichier .ZIP > Extraire sur > le Bureau
· Double clique sur >> RAV.exe << afin de lancer l'outil.
· Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il Scanne automatiquement tous les lecteurs (disques fixes et amovibles)
· Si infection > un rapport s'établira, sinon s'affichera (très rapide) ==>Votre Ordinateur est sain.
· Retire tes disques amovibles et redémarre ton ordinateur.

puis ensuite tu vaccines tes clés USB comme cela tu ne te réinfecteras plus de cette façon... à lire et à suivre toute la manip... merci gof

http://forum.zebulon.fr/index.php?showtopic=131959

ensuite tu me poste un nouveau rapport RSIT

misterdy
 Posté le 08/10/2008 à 17:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

merçi de ton aide voici le rapport:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Misterdy at 2008-10-08 19:47:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 11 GB (14%) free of 79 GB
Total RAM: 3070 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:31, on 08/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\WINDOWS\System32\smss.exe
C:\WINDOWS\WINDOWS\system32\winlogon.exe
C:\WINDOWS\WINDOWS\system32\services.exe
C:\WINDOWS\WINDOWS\system32\lsass.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe
C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\WINDOWS\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
C:\WINDOWS\WINDOWS\Explorer.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\ApvxdWin.exe
c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ASUS\AI Gear\GearHelp.exe
C:\Program Files\ASUS\AI Booster\OverClk.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Misterdy\Mes documents\téléchar\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Misterdy.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\psimreal.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\avciman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\AI Gear\GearHelp.exe"
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215475890671
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1217337138619&h=2c3920350a9de81ccdc322dba702228f/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe

--
End of file - 11510 bytes

======Scheduled tasks folder======

C:\WINDOWS\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-07-09 2582136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-07-09 654320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-07-09 2582136]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"JMB36X IDE Setup"=C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"36X Raid Configurer"=C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe [2006-11-16 1953792]
"Ai Gear Help"=C:\Program Files\ASUS\AI Gear\GearHelp.exe [2006-07-27 415744]
"Launch Ai Booster"=C:\Program Files\ASUS\AI Booster\OverClk.exe [2006-11-28 3714048]
"AsusStartupHelp"=C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe [2006-11-14 363008]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"UserFaultCheck"=C:\WINDOWS\WINDOWS\system32\dumprep 0 -u []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NvCplDaemon"=C:\WINDOWS\WINDOWS\system32\NvCpl.dll [2008-03-24 13524992]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\WINDOWS\system32\NvMcTray.dll [2008-03-24 86016]
"APVXDWIN"=C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE [2008-07-16 857344]
"SCANINICIO"=C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe [2008-07-07 50432]
"KernelFaultCheck"=C:\WINDOWS\WINDOWS\system32\dumprep 0 -k []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"ctfmon.exe"=C:\WINDOWS\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-07-09 9216]
"Center Agent"=C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [2007-07-13 1435648]

C:\Documents and Settings\Misterdy\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\WINDOWS\WINDOWS\system32\avldr.dll [2008-03-18 58672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NofolderOptions"=0
"NoFind"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\TightVNC\WinVNC.exe"="C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server"
"C:\Program Files\TightVNC\vncviewer.exe"="C:\Program Files\TightVNC\vncviewer.exe:*:Enabled:vncviewer"
"C:\Program Files\UltraVNC\vncviewer.exe"="C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:VNCViewer"
"C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Disabled:GRAW"
"C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\Misterdy\Mes documents\eMule0.49a\emule.exe"="C:\Documents and Settings\Misterdy\Mes documents\eMule0.49a\emule.exe:*:Enabled:eMule"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Valve\CStrike_1.6\hl.exe"="C:\Program Files\Valve\CStrike_1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"C:\Program Files\Counter-Strike 1.6 V35\hl.exe"="C:\Program Files\Counter-Strike 1.6 V35\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11aefc8c-6ed7-11dd-ac89-001e8ce1ec2b}]
shell\AutoRun\command - C:\WINDOWS\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cftmonn.exe
shell\setup\command - cftmonn.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1a3f3e-8d21-11dd-acea-001e8ce1ec2b}]
shell\AutoRun\command - RavMon.exe
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51a999f1-802c-11dd-acb1-001e8ce1ec2b}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5ca3fe8-8fd0-11dd-acf3-001e8ce1ec2b}]
shell\AutoRun\command - RavMon.exe
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe


======File associations======

.js - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*
.vbs - open - C:\PROGRA~1\PANDAS~1\PANDAI~1\PAVSCRIP.EXE "%1" %*

======List of files/folders created in the last 1 months======

2008-10-08 19:41:04 ----RASHD---- C:\zPharaoh.exe
2008-10-08 19:41:04 ----RASHD---- C:\winfile.exe
2008-10-08 19:41:04 ----RASHD---- C:\temp2.exe
2008-10-08 19:41:04 ----RASHD---- C:\temp1.exe
2008-10-08 19:41:04 ----RASHD---- C:\temp.exe
2008-10-08 19:41:04 ----RASHD---- C:\sqlserv.exe
2008-10-08 19:41:04 ----RASHD---- C:\ravmon.log
2008-10-08 19:41:04 ----RASHD---- C:\ravmon.exe
2008-10-08 19:41:04 ----RASHD---- C:\msvcr71.dll
2008-10-08 19:41:04 ----RASHD---- C:\info.exe
2008-10-08 19:41:04 ----RASHD---- C:\host.exe
2008-10-08 19:41:04 ----RASHD---- C:\copy.exe
2008-10-08 19:41:04 ----RASHD---- C:\comment.htt
2008-10-08 19:41:04 ----RASHD---- C:\adober.exe
2008-10-08 19:41:04 ----A---- C:\VaccinUSB.txt
2008-10-08 19:41:00 ----A---- C:\VaccinUSB.exe
2008-10-08 18:07:54 ----D---- C:\autorun.inf
2008-10-07 20:13:33 ----D---- C:\Program Files\Microsoft Bootvis
2008-10-07 18:42:58 ----D---- C:\rsit
2008-10-05 20:43:41 ----D---- C:\Documents and Settings\Misterdy\Application Data\Apple Computer
2008-10-05 20:43:30 ----A---- C:\WINDOWS\WINDOWS\system32\GEARAspi.dll
2008-10-05 20:43:08 ----D---- C:\Program Files\iPod
2008-10-05 20:43:05 ----D---- C:\Program Files\iTunes
2008-10-05 20:43:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-05 20:42:46 ----D---- C:\Program Files\Bonjour
2008-10-05 20:41:59 ----D---- C:\Program Files\QuickTime
2008-10-05 20:41:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-10-05 20:41:38 ----D---- C:\Program Files\Apple Software Update
2008-10-05 20:41:07 ----D---- C:\Program Files\Fichiers communs\Apple
2008-10-05 20:41:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-10-03 19:12:02 ----D---- C:\Program Files\Microsoft Games
2008-10-02 20:11:56 ----A---- C:\WINDOWS\WINDOWS\SchedLgU.Txt
2008-10-02 16:42:39 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB941568$
2008-10-01 21:34:10 ----D---- C:\UT2004
2008-10-01 19:17:55 ----A---- C:\WINDOWS\WINDOWS\TVP3XDrv.ini
2008-10-01 18:47:04 ----D---- C:\Program Files\SuperCopier
2008-09-30 22:01:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\Malwarebytes
2008-09-30 22:01:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-30 22:01:39 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-30 21:09:33 ----A---- C:\cleannavi2.txt
2008-09-30 20:59:21 ----A---- C:\cleannavi.txt
2008-09-30 18:11:14 ----A---- C:\fixnavi.txt
2008-09-30 17:58:38 ----D---- C:\Program Files\Navilog1
2008-09-30 06:50:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\DivX
2008-09-29 20:50:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
2008-09-29 20:01:49 ----A---- C:\WINDOWS\WINDOWS\system32\msvbvm60.dll
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxinsi64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxinsa64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxcpyi64.exe
2008-09-29 19:25:46 -------- C:\WINDOWS\WINDOWS\system32\pxcpya64.exe
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\vxblock.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxwave.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxsfs.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxhpinst.exe
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxdrv.dll
2008-09-29 19:25:45 -------- C:\WINDOWS\WINDOWS\system32\pxafs.dll
2008-09-29 19:25:44 -------- C:\WINDOWS\WINDOWS\system32\pxmas.dll
2008-09-29 19:25:44 -------- C:\WINDOWS\WINDOWS\system32\px.dll
2008-09-29 18:57:03 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-27 19:46:37 ----D---- C:\WINDOWS\WINDOWS\pss
2008-09-27 19:21:20 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB921503$
2008-09-27 18:50:26 ----HDC---- C:\WINDOWS\WINDOWS\ie8
2008-09-27 14:53:59 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB904706$
2008-09-27 14:39:43 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB919007$
2008-09-27 14:29:03 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallKB938829$
2008-09-27 00:10:41 ----HD---- C:\WINDOWS\WINDOWS\system32\GroupPolicy
2008-09-25 15:55:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Backup
2008-09-25 15:54:59 ----A---- C:\WINDOWS\WINDOWS\system32\HHActiveX.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\TpUtil.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\SYSTOOLS.DLL
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\PavLspHook.dll
2008-09-25 15:54:46 ----A---- C:\WINDOWS\WINDOWS\system32\pavipc.dll
2008-09-25 15:54:44 ----A---- C:\WINDOWS\WINDOWS\system32\PavSHook.dll
2008-09-25 15:54:31 ----D---- C:\WINDOWS\WINDOWS\system32\PAV
2008-09-25 15:54:31 ----A---- C:\WINDOWS\WINDOWS\system32\avldr.dll
2008-09-25 15:54:28 ----D---- C:\Program Files\Panda Security
2008-09-25 15:54:28 ----D---- C:\Documents and Settings\Misterdy\Application Data\Panda Security
2008-09-25 15:54:28 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2008-09-25 15:52:59 ----D---- C:\Program Files\Fichiers communs\Panda Security
2008-09-25 15:07:33 ----D---- C:\WINDOWS\WINDOWS\Minidump
2008-09-25 14:24:09 ----D---- C:\Temp
2008-09-25 13:32:03 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot_bak
2008-09-25 12:04:08 ----D---- C:\Documents and Settings\Misterdy\Application Data\Ubisoft
2008-09-25 12:04:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-09-25 11:54:53 ----D---- C:\Documents and Settings\Misterdy\Application Data\InstallShield
2008-09-25 09:37:53 ----A---- C:\WINDOWS\WINDOWS\system32\IJL15.dll
2008-09-22 11:24:02 ----A---- C:\WINDOWS\WINDOWS\system32\WNASPI2K.BAK
2008-09-22 11:22:59 ----D---- C:\WINDOWS\WINDOWS\system32\QuickTime
2008-09-19 20:35:40 ----RA---- C:\WINDOWS\WINDOWS\system32\vp6vfw.dll
2008-09-18 15:49:20 ----D---- C:\WINDOWS\WINDOWS\system32\URTTEMP
2008-09-18 15:46:00 ----A---- C:\WINDOWS\WINDOWS\system32\pbsvc.exe
2008-09-18 09:10:52 ----A---- C:\WINDOWS\WINDOWS\system32\ScrUnZip.dll
2008-09-16 02:14:26 ----A---- C:\WINDOWS\WINDOWS\system32\DivXsm.exe
2008-09-16 02:14:24 ----A---- C:\WINDOWS\WINDOWS\system32\qt-dx331.dll
2008-09-16 02:12:54 ----A---- C:\WINDOWS\WINDOWS\system32\ssldivx.dll
2008-09-16 02:12:54 ----A---- C:\WINDOWS\WINDOWS\system32\libdivx.dll
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dtu100.dll.manifest
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dtu100.dll
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dpl100.dll.manifest
2008-09-16 02:12:02 ----A---- C:\WINDOWS\WINDOWS\system32\dpl100.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpv11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpus11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpuGUI11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpuGUI10.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpu11.dll
2008-09-16 02:12:00 ----A---- C:\WINDOWS\WINDOWS\system32\dpu10.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx11.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx0c.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx0a.dll
2008-09-16 02:11:58 ----A---- C:\WINDOWS\WINDOWS\system32\divx_xx07.dll
2008-09-16 02:11:56 ----A---- C:\WINDOWS\WINDOWS\system32\DivX.dll
2008-09-16 02:11:28 ----A---- C:\WINDOWS\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-16 02:11:10 ----A---- C:\WINDOWS\WINDOWS\system32\DivXWMPExtType.dll
2008-09-14 22:47:59 ----D---- C:\Documents and Settings\Misterdy\Application Data\codeblocks
2008-09-14 20:18:41 ----D---- C:\Program Files\Kaspersky Lab
2008-09-14 20:09:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-09-14 15:38:43 ----D---- C:\Documents and Settings\Misterdy\Application Data\Help
2008-09-10 20:23:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-09-10 20:22:25 ----HDC---- C:\WINDOWS\WINDOWS\$NtUninstallXPSEPSCLP$
2008-09-10 19:32:56 ----D---- C:\WINDOWS\WINDOWS\system32\XPSViewer
2008-09-10 19:32:42 ----D---- C:\WINDOWS\WINDOWS\system32\en-us
2008-09-10 19:31:33 -------- C:\WINDOWS\WINDOWS\system32\spmsg2.dll

======List of files/folders modified in the last 1 months======

2008-10-08 19:42:53 ----D---- C:\WINDOWS\WINDOWS\Prefetch
2008-10-08 19:42:16 ----A---- C:\WINDOWS\WINDOWS\NeroDigital.ini
2008-10-08 19:40:51 ----D---- C:\WINDOWS\WINDOWS\Temp
2008-10-08 19:36:07 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot2
2008-10-08 19:28:05 ----D---- C:\Program Files\Mozilla Firefox
2008-10-08 19:26:29 ----D---- C:\WINDOWS\WINDOWS\system32\drivers
2008-10-08 19:25:52 ----AD---- C:\WINDOWS\WINDOWS\system32
2008-10-07 21:01:47 ----A---- C:\AUTOEXEC.BAT
2008-10-07 20:52:16 ----A---- C:\WINDOWS\WINDOWS\system32\PerfStringBackup.INI
2008-10-07 20:16:12 ----D---- C:\WINDOWS\WINDOWS\system32\Logfiles
2008-10-07 20:13:35 ----SHD---- C:\WINDOWS\WINDOWS\Installer
2008-10-07 20:13:35 ----SD---- C:\Documents and Settings\Misterdy\Application Data\Microsoft
2008-10-07 20:13:35 ----D---- C:\Config.Msi
2008-10-07 20:13:33 ----D---- C:\Program Files
2008-10-07 19:26:22 ----D---- C:\WINDOWS\WINDOWS\system32\config
2008-10-07 19:26:01 ----D---- C:\WINDOWS\WINDOWS\system32\wbem
2008-10-07 19:26:01 ----D---- C:\WINDOWS\WINDOWS\Registration
2008-10-07 19:21:13 ----N---- C:\WINDOWS\WINDOWS\win.ini
2008-10-07 19:21:13 ----N---- C:\WINDOWS\WINDOWS\system.ini
2008-10-07 19:21:13 ----ASH---- C:\boot.ini
2008-10-05 21:41:39 ----HD---- C:\WINDOWS\WINDOWS\inf
2008-10-05 20:43:30 ----DC---- C:\WINDOWS\WINDOWS\system32\DRVSTORE
2008-10-05 20:41:43 ----SD---- C:\WINDOWS\WINDOWS\Tasks
2008-10-05 20:41:07 ----D---- C:\Program Files\Fichiers communs
2008-10-03 21:28:25 ----D---- C:\WINDOWS\WINDOWS\system32\DirectX
2008-10-03 21:28:24 ----RSD---- C:\WINDOWS\WINDOWS\assembly
2008-10-02 16:42:19 ----HD---- C:\WINDOWS\WINDOWS\$hf_mig$
2008-10-02 15:36:13 ----D---- C:\Program Files\Google
2008-10-01 22:08:03 ----D---- C:\Program Files\SuperCopier2
2008-10-01 21:34:43 ----D---- C:\Program Files\VstPlugins
2008-10-01 20:09:56 ----SHD---- C:\RECYCLER
2008-10-01 19:19:53 ----D---- C:\Program Files\CyberLink
2008-10-01 19:19:49 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-01 19:17:48 ----RSHDC---- C:\WINDOWS\WINDOWS\system32\dllcache
2008-09-30 23:38:46 ----D---- C:\WINDOWS\WINDOWS\security
2008-09-30 23:37:34 ----D---- C:\Documents and Settings\Misterdy\Application Data\Desktopicon
2008-09-30 22:27:04 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2008-09-30 22:25:49 ----D---- C:\Program Files\Adobe
2008-09-30 21:51:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-29 20:50:33 ----SD---- C:\WINDOWS\WINDOWS\Downloaded Program Files
2008-09-29 19:26:25 ----D---- C:\Program Files\DivX
2008-09-29 18:57:01 ----D---- C:\WINDOWS\WINDOWS\AppPatch
2008-09-29 18:56:56 ----D---- C:\Program Files\WinRAR
2008-09-29 18:56:56 ----D---- C:\Program Files\Unlocker
2008-09-29 18:56:50 ----D---- C:\Program Files\CCleaner
2008-09-29 18:49:49 ----D---- C:\WINDOWS\WINDOWS\Debug
2008-09-29 18:19:05 ----D---- C:\Program Files\Olympus
2008-09-27 20:36:08 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-27 18:58:19 ----D---- C:\WINDOWS\WINDOWS\system32\fr-fr
2008-09-27 18:58:18 ----D---- C:\WINDOWS\WINDOWS\Media
2008-09-27 18:58:18 ----D---- C:\Program Files\Internet Explorer
2008-09-27 18:58:17 ----D---- C:\WINDOWS\WINDOWS\Help
2008-09-27 18:52:14 ----D---- C:\WINDOWS\WINDOWS\system32\CatRoot
2008-09-27 14:54:41 ----D---- C:\WINDOWS\WINDOWS\ie7updates
2008-09-27 00:01:22 ----D---- C:\Documents and Settings\Misterdy\Application Data\BitTorrent
2008-09-25 11:55:08 ----D---- C:\Program Files\Ubisoft
2008-09-22 13:35:47 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2008-09-22 13:24:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-22 13:21:05 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2008-09-22 11:24:01 ----D---- C:\WINDOWS\WINDOWS\system
2008-09-19 19:42:04 ----D---- C:\WINDOWS\WINDOWS\WinSxS
2008-09-19 19:41:06 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-09-18 15:46:11 ----A---- C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe
2008-09-18 14:04:38 ----D---- C:\Program Files\Microsoft Works
2008-09-18 08:00:25 ----D---- C:\Program Files\Electronic Arts
2008-09-16 21:14:51 ----D---- C:\Program Files\Microsoft SQL Server
2008-09-14 20:13:45 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-09-12 21:27:24 ----D---- C:\Program Files\Microsoft Silverlight
2008-09-11 21:13:04 ----D---- C:\WINDOWS\WINDOWS\Microsoft.NET
2008-09-10 20:37:30 ----D---- C:\Program Files\Microsoft.NET
2008-09-10 19:35:32 ----D---- C:\WINDOWS\WINDOWS\system32\mui
2008-09-10 19:33:07 ----D---- C:\Program Files\MSBuild
2008-09-10 19:33:02 ----RSD---- C:\WINDOWS\WINDOWS\Fonts
2008-09-10 19:31:52 ----D---- C:\WINDOWS\WINDOWS\system32\spool
2008-09-09 00:22:42 ----A---- C:\WINDOWS\WINDOWS\system32\ieframe.dll.mui
2008-09-09 00:21:12 ----A---- C:\WINDOWS\WINDOWS\system32\advpack.dll.mui

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 APPFLT;App Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\APPFLT.SYS []
R1 AsIO;AsIO; C:\WINDOWS\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 DSAFLT;DSA Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\DSAFLT.SYS []
R1 FNETMON;NetMon Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\fnetmon.SYS []
R1 IDSFLT;Ids Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\IDSFLT.SYS []
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\WINDOWS\WINDOWS\system32\Drivers\NETFLTDI.SYS []
R1 ShldDrv;Panda File Shield Driver; C:\WINDOWS\WINDOWS\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\WINDOWS\WINDOWS\system32\Drivers\WNMFLT.SYS []
R2 Aspi32;Aspi32; C:\WINDOWS\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 PAVDRV;pavdrv; C:\WINDOWS\WINDOWS\system32\DRIVERS\pavdrv51.sys [2008-04-28 84024]
R2 PavProc;Panda Process Protection Driver; \??\C:\WINDOWS\WINDOWS\system32\DRIVERS\PavProc.sys []
R2 usbhub;DSC Composite USB Device; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 AvFlt;Antivirus Filter Driver; C:\WINDOWS\WINDOWS\system32\drivers\av5flt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\WINDOWS\WINDOWS\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-24 6547872]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 PavSRK.sys;PavSRK.sys; \??\C:\WINDOWS\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\WINDOWS\system32\PavTPK.sys []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 InCDPass;InCDPass; C:\WINDOWS\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\WINDOWS\system32\drivers\InCDRm.sys []
S3 aboqu4o9;aboqu4o9; C:\WINDOWS\WINDOWS\system32\drivers\aboqu4o9.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Misterdy\LOCALS~1\Temp\catchme.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 vncdrv;vncdrv; C:\WINDOWS\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 VNUSB;VN Series Device; C:\WINDOWS\WINDOWS\system32\DRIVERS\VNUSB.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 InCDFs;InCD File System; C:\WINDOWS\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\WINDOWS\WINDOWS\system32\svchost -k Panda []
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe [2008-07-04 288512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe [2008-07-15 66872]
R2 PSHost;Panda Host Service; c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE [2008-06-12 226608]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TPSrv;Panda TPSrv; C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe [2008-07-17 157440]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S1 udffsrec;udffsrec; C:\WINDOWS\WINDOWS\system32\drivers\udffsrec.sys [2005-05-30 5376]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-09 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\WINDOWS\system32\nvsvc32.exe [2008-03-24 155716]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

chrifleur
 Posté le 08/10/2008 à 18:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Pour tous les lecteurs :
-- Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
-- Ne pas utiliser en dehors de ce cas de figure : dangereux!

Télécharge Combofix (de sUBs) -> sur ton Bureau et pas ailleurs :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (s'ils fonctionnent encore! )
Désactiver les protections résidentes - Tutoriel

  • Assure-toi que tous les programmes sont fermés avant de lancer le fix.
  • Double clique sur "combofix.exe" et suis les invites.
  • Clique sur "Oui" au message de "Limitation de Garantie" qui s'affiche.
  • Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte!

/!\ Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide!

  • Lorsque le scan sera complété, un rapport apparaîtra.
  • Copie/colle ce rapport dans ta prochaine réponse.

Note: Le rapport se trouve également dans -> C:\ComboFix.txt

Ce guide permet de suivre les étapes de Combofix.

/!\ Par la suite, il est possible que ton antivirus fasse une détection sur ce fichier >>nircmd.com<<, clique sur Ignorer
--- puis valide par OK. Ce fichier appartient à ComboFix, ce n'est pas un malware!

misterdy
 Posté le 08/10/2008 à 19:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

voila:

ComboFix 08-10-07.06 - Misterdy 2008-10-08 21:41:49.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2495 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Misterdy\Bureau\ComboFix.exe

[COLOR=RED]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/COLOR]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-09-08 au 2008-10-08 ))))))))))))))))))))))))))))))))))))
.

2008-10-08 20:09 . 2008-10-08 20:09 268 --ah----- C:\sqmdata07.sqm
2008-10-08 20:09 . 2008-10-08 20:09 244 --ah----- C:\sqmnoopt07.sqm
2008-10-08 19:23 . 2008-10-08 19:23 268 --ah----- C:\sqmdata06.sqm
2008-10-08 19:23 . 2008-10-08 19:23 244 --ah----- C:\sqmnoopt06.sqm
2008-10-07 21:20 . 2008-10-07 21:20 268 --ah----- C:\sqmdata05.sqm
2008-10-07 21:20 . 2008-10-07 21:20 244 --ah----- C:\sqmnoopt05.sqm
2008-10-07 21:16 . 2008-10-07 21:16 268 --ah----- C:\sqmdata04.sqm
2008-10-07 21:16 . 2008-10-07 21:16 244 --ah----- C:\sqmnoopt04.sqm
2008-10-07 20:20 . 2008-10-07 20:20 268 --ah----- C:\sqmdata03.sqm
2008-10-07 20:20 . 2008-10-07 20:20 244 --ah----- C:\sqmnoopt03.sqm
2008-10-07 20:14 . 2008-10-07 20:14 268 --ah----- C:\sqmdata02.sqm
2008-10-07 20:14 . 2008-10-07 20:14 244 --ah----- C:\sqmnoopt02.sqm
2008-10-07 20:13 . 2008-10-07 20:25 <REP> d-------- C:\Program Files\Microsoft Bootvis
2008-10-07 19:21 . 2008-10-07 19:21 268 --ah----- C:\sqmdata01.sqm
2008-10-07 19:21 . 2008-10-07 19:21 244 --ah----- C:\sqmnoopt01.sqm
2008-10-07 18:42 . 2008-10-07 18:43 <REP> d-------- C:\rsit
2008-10-07 13:23 . 2008-10-07 13:23 268 --ah----- C:\sqmdata00.sqm
2008-10-07 13:23 . 2008-10-07 13:23 244 --ah----- C:\sqmnoopt00.sqm
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Program Files\iTunes
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Program Files\iPod
2008-10-05 20:43 . 2008-10-07 17:21 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Apple Computer
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-05 20:43 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\WINDOWS\system32\GEARAspi.dll
2008-10-05 20:43 . 2008-04-17 13:12 15,464 --a------ C:\WINDOWS\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-10-05 20:42 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\Bonjour
2008-10-05 20:41 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\QuickTime
2008-10-05 20:41 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-10-05 20:41 . 2008-10-05 20:41 <REP> d-------- C:\Program Files\Apple Software Update
2008-10-05 20:41 . 2008-10-05 20:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-10-05 20:41 . 2008-10-05 20:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-10-03 19:12 . 2008-10-03 19:12 <REP> d-------- C:\Program Files\Microsoft Games
2008-10-01 21:34 . 2008-10-03 18:00 <REP> d-------- C:\UT2004
2008-10-01 21:34 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\WINDOWS\system32\vorbis.acm
2008-10-01 20:08 . 2008-10-01 20:08 <REP> d-------- C:\Documents and Settings\Administrateur.MISTERDY\Application Data\Malwarebytes
2008-10-01 19:17 . 2007-04-20 07:34 674,048 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\3xHybrid.sys
2008-10-01 19:17 . 2007-01-29 04:29 1,748 --a------ C:\WINDOWS\WINDOWS\French.lng
2008-10-01 19:17 . 2007-02-13 08:03 1,324 --a------ C:\WINDOWS\WINDOWS\TVP3XDrv.ini
2008-10-01 18:47 . 2008-10-01 18:50 <REP> d-------- C:\Program Files\SuperCopier
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Malwarebytes
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-30 22:01 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-30 22:01 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\WINDOWS\system32\drivers\mbam.sys
2008-09-30 17:58 . 2008-10-02 19:09 <REP> d-------- C:\Program Files\Navilog1
2008-09-30 06:50 . 2008-09-30 06:50 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\DivX
2008-09-29 20:50 . 2008-09-29 20:50 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
2008-09-29 20:01 . 2008-09-29 20:00 1,388,544 --a------ C:\WINDOWS\WINDOWS\system32\msvbvm60.dll
2008-09-29 18:57 . 2008-09-30 21:51 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-27 19:19 . 2008-09-27 19:19 <REP> d--hs---- C:\Documents and Settings\Misterdy\PrivacIE
2008-09-27 18:50 . 2008-09-27 18:51 <REP> d--h-c--- C:\WINDOWS\WINDOWS\ie8
2008-09-27 00:10 . 2008-09-27 00:10 <REP> d--h----- C:\WINDOWS\WINDOWS\system32\GroupPolicy
2008-09-25 19:34 . 2008-09-25 19:34 45 --a------ C:\WINDOWS\WINDOWS\system32\initdebug.nfo
2008-09-25 16:34 . 2008-10-07 10:03 8,627 --a------ C:\WINDOWS\WINDOWS\system32\PAV_FOG.OPC
2008-09-25 15:55 . 2008-09-25 15:55 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Backup
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\WINDOWS\WINDOWS\system32\PAV
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Program Files\Panda Security
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Panda Security
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2008-09-25 15:54 . 2008-06-18 18:03 520,448 --a------ C:\WINDOWS\WINDOWS\system32\PavSHook.dll
2008-09-25 15:54 . 2003-10-22 18:23 446,464 --a------ C:\WINDOWS\WINDOWS\system32\HHActiveX.dll
2008-09-25 15:54 . 2008-06-26 11:25 197,888 --a------ C:\WINDOWS\WINDOWS\system32\drivers\neti1634.sys
2008-09-25 15:54 . 2008-06-24 14:48 193,280 --a------ C:\WINDOWS\WINDOWS\system32\TpUtil.dll
2008-09-25 15:54 . 2007-02-08 11:53 107,568 --a------ C:\WINDOWS\WINDOWS\system32\SYSTOOLS.DLL
2008-09-25 15:54 . 2008-06-18 18:03 87,296 --a------ C:\WINDOWS\WINDOWS\system32\PavLspHook.dll
2008-09-25 15:54 . 2008-03-18 16:58 58,672 --a------ C:\WINDOWS\WINDOWS\system32\avldr.dll
2008-09-25 15:54 . 2008-06-18 18:03 55,552 --a------ C:\WINDOWS\WINDOWS\system32\pavipc.dll
2008-09-25 15:53 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\WINDOWS\system32\drivers\pavboot.sys
2008-09-25 15:52 . 2008-09-25 15:52 <REP> d-------- C:\Program Files\Fichiers communs\Panda Security
2008-09-25 15:52 . 2008-02-07 12:03 179,640 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\PavProc.sys
2008-09-25 15:52 . 2008-03-04 15:59 41,144 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\ShlDrv51.sys
2008-09-25 14:24 . 2008-09-30 06:46 <REP> d-------- C:\Temp
2008-09-25 13:32 . 2008-09-27 16:14 <REP> d-------- C:\WINDOWS\WINDOWS\system32\CatRoot_bak
2008-09-25 12:04 . 2008-09-25 12:04 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Ubisoft
2008-09-25 12:04 . 2008-09-25 12:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-09-25 11:54 . 2008-09-25 11:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\InstallShield
2008-09-25 09:37 . 2008-09-25 09:37 129,536 --a------ C:\WINDOWS\WINDOWS\system32\IJL15.dll
2008-09-22 11:24 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\WINDOWS\system32\WNASPI2K.BAK
2008-09-22 11:24 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\WINDOWS\system32\drivers\ASPI2K.BAK
2008-09-22 11:24 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\WINDOWS\system\WINASPI.BAK
2008-09-22 11:24 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\WINDOWS\system\WOWPOST.BAK
2008-09-22 11:22 . 2008-10-05 20:41 <REP> d-------- C:\WINDOWS\WINDOWS\system32\QuickTime
2008-09-22 11:22 . 2003-03-25 06:49 301,568 -ra------ C:\WINDOWS\WINDOWS\system32\L3codeca.acm
2008-09-22 11:22 . 2004-08-04 00:55 294,912 --a------ C:\WINDOWS\WINDOWS\system32\msh263.drv
2008-09-19 20:35 . 2005-02-26 07:34 442,368 -ra------ C:\WINDOWS\WINDOWS\system32\vp6vfw.dll
2008-09-18 15:49 . 2008-09-18 15:49 <REP> d-------- C:\WINDOWS\WINDOWS\system32\URTTEMP
2008-09-18 15:46 . 2008-09-18 15:46 669,184 --a------ C:\WINDOWS\WINDOWS\system32\pbsvc.exe
2008-09-18 09:10 . 2008-09-25 09:37 94,208 --a------ C:\WINDOWS\WINDOWS\system32\ScrUnZip.dll
2008-09-16 02:14 . 2008-09-16 02:14 3,596,288 --a------ C:\WINDOWS\WINDOWS\system32\qt-dx331.dll
2008-09-16 02:14 . 2008-09-16 02:14 524,288 --a------ C:\WINDOWS\WINDOWS\system32\DivXsm.exe
2008-09-16 02:14 . 2008-09-16 02:14 9,878 --a------ C:\WINDOWS\WINDOWS\system32\dsm_fr.qm
2008-09-16 02:14 . 2008-09-16 02:14 4,816 --a------ C:\WINDOWS\WINDOWS\system32\divxsm.tlb
2008-09-16 02:11 . 2008-09-16 02:11 823,296 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx0c.dll
2008-09-16 02:11 . 2008-09-16 02:11 823,296 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx07.dll
2008-09-16 02:11 . 2008-09-16 02:11 815,104 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx0a.dll
2008-09-16 02:11 . 2008-09-16 02:11 802,816 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx11.dll
2008-09-16 02:11 . 2008-09-16 02:11 683,520 --a------ C:\WINDOWS\WINDOWS\system32\DivX.dll
2008-09-16 02:11 . 2008-09-16 02:11 634,880 --a------ C:\WINDOWS\WINDOWS\system32\divxdec.ax
2008-09-16 02:11 . 2008-09-16 02:11 352,401 --a------ C:\WINDOWS\WINDOWS\system32\DivXMedia.ax
2008-09-16 02:11 . 2008-09-16 02:11 161,096 --a------ C:\WINDOWS\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-16 02:11 . 2008-09-16 02:11 12,288 --a------ C:\WINDOWS\WINDOWS\system32\DivXWMPExtType.dll
2008-09-14 22:47 . 2008-09-14 22:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\codeblocks
2008-09-14 20:18 . 2008-09-17 22:58 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-09-14 20:09 . 2008-09-14 20:09 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-09-10 20:23 . 2008-09-19 19:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-09-10 19:32 . 2008-09-10 19:36 <REP> d-------- C:\WINDOWS\WINDOWS\system32\XPSViewer
2008-09-10 19:31 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\WINDOWS\system32\spmsg2.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-08 19:24 1,132 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-10-08 19:24 1,132 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFLTR.CFG
2008-10-08 17:39 122,880 ----a-w C:\VaccinUSB.exe
2008-10-07 17:18 292,816 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-10-07 17:18 292,816 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFCONT.DAT
2008-10-02 13:36 --------- d-----w C:\Program Files\Google
2008-10-01 20:08 --------- d-----w C:\Program Files\SuperCopier2
2008-10-01 19:34 --------- d-----w C:\Program Files\VstPlugins
2008-10-01 17:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-01 17:19 --------- d-----w C:\Program Files\CyberLink
2008-09-30 21:37 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Desktopicon
2008-09-30 19:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-29 17:26 --------- d-----w C:\Program Files\DivX
2008-09-29 16:56 --------- d-----w C:\Program Files\Unlocker
2008-09-29 16:56 --------- d-----w C:\Program Files\CCleaner
2008-09-29 16:19 --------- d-----w C:\Program Files\Olympus
2008-09-27 18:36 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-27 18:06 31 ----a-w C:\Program Files\Fichiers communs\appop.log
2008-09-26 22:01 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\BitTorrent
2008-09-25 09:55 --------- d-----w C:\Program Files\Ubisoft
2008-09-22 11:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-09-22 11:24 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-18 13:46 22,328 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-18 13:46 22,328 ----a-w C:\Documents and Settings\Misterdy\Application Data\PnkBstrK.sys
2008-09-18 13:46 103,736 ----a-w C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe
2008-09-18 12:04 --------- d-----w C:\Program Files\Microsoft Works
2008-09-18 06:00 --------- d-----w C:\Program Files\Electronic Arts
2008-09-16 19:14 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-09-16 00:14 9,464 ------w C:\WINDOWS\WINDOWS\system32\drivers\cdralw2k.sys
2008-09-16 00:14 9,336 ------w C:\WINDOWS\WINDOWS\system32\drivers\cdr4_xp.sys
2008-09-16 00:14 43,528 ------w C:\WINDOWS\WINDOWS\system32\drivers\PxHelp20.sys
2008-09-16 00:14 129,784 ------w C:\WINDOWS\WINDOWS\system32\pxafs.dll
2008-09-16 00:14 120,056 ------w C:\WINDOWS\WINDOWS\system32\pxcpyi64.exe
2008-09-16 00:14 118,520 ------w C:\WINDOWS\WINDOWS\system32\pxinsi64.exe
2008-09-16 00:12 81,920 ----a-w C:\WINDOWS\WINDOWS\system32\dpl100.dll
2008-09-16 00:12 593,920 ----a-w C:\WINDOWS\WINDOWS\system32\dpuGUI11.dll
2008-09-16 00:12 57,344 ----a-w C:\WINDOWS\WINDOWS\system32\dpv11.dll
2008-09-16 00:12 53,248 ----a-w C:\WINDOWS\WINDOWS\system32\dpuGUI10.dll
2008-09-16 00:12 344,064 ----a-w C:\WINDOWS\WINDOWS\system32\dpus11.dll
2008-09-16 00:12 294,912 ----a-w C:\WINDOWS\WINDOWS\system32\dpu11.dll
2008-09-16 00:12 294,912 ----a-w C:\WINDOWS\WINDOWS\system32\dpu10.dll
2008-09-16 00:12 200,704 ----a-w C:\WINDOWS\WINDOWS\system32\ssldivx.dll
2008-09-16 00:12 196,608 ----a-w C:\WINDOWS\WINDOWS\system32\dtu100.dll
2008-09-16 00:12 1,044,480 ----a-w C:\WINDOWS\WINDOWS\system32\libdivx.dll
2008-09-14 18:13 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-09-12 19:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-10 18:37 --------- d-----w C:\Program Files\Microsoft.NET
2008-09-10 17:33 --------- d-----w C:\Program Files\MSBuild
2008-08-29 08:18 87,336 ----a-w C:\WINDOWS\WINDOWS\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w C:\WINDOWS\WINDOWS\system32\dnssd.dll
2008-08-22 19:22 --------- d-----w C:\Program Files\Fichiers communs\BOONTY Shared
2008-08-22 19:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BOONTY
2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\WINDOWS\system32\wininet.dll
2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\WINDOWS\system32\licmgr10.dll
2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\WINDOWS\system32\corpol.dll
2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\WINDOWS\system32\admparse.dll
2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\WINDOWS\system32\iesetup.dll
2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\WINDOWS\system32\vbscript.dll
2008-08-22 01:05 48,640 ------w C:\WINDOWS\WINDOWS\system32\PrivacIE.dll
2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\WINDOWS\system32\mshtmler.dll
2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\WINDOWS\system32\imgutil.dll
2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\WINDOWS\system32\mshta.exe
2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\WINDOWS\system32\msls31.dll
2008-08-17 16:09 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
2008-08-17 15:26 --------- d-----w C:\Program Files\Eidos
2008-08-13 19:11 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-08-13 17:49 --------- d-----w C:\Program Files\Trend Micro
2008-08-13 06:45 --------- d-----w C:\Program Files\GFi
2008-08-12 07:46 --------- d-----w C:\Program Files\Fichiers communs\DirectX
2008-08-11 23:23 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\wmp
2008-08-11 22:03 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Talkback
2008-08-11 11:42 --------- d-----w C:\Program Files\Valve
2008-08-11 11:27 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Azureus
2008-08-11 10:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\WINDOWS\system32\msdbg2.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WINDOWS\WLXPGSS.SCR
2008-07-15 10:29 66,872 ----a-w C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
2008-07-09 13:00 98,304 ----a-w C:\WINDOWS\WINDOWS\system32\CmdLineExt.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"ctfmon.exe"="C:\WINDOWS\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-07-09 9216]
"Center Agent"="C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2007-07-13 1435648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="C:\WINDOWS\WINDOWS\system32\dumprep 0 -u" [X]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe" [2006-11-16 1953792]
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe" [2006-07-27 415744]
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe" [2006-11-28 3714048]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe" [2006-11-14 363008]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NvCplDaemon"="C:\WINDOWS\WINDOWS\system32\NvCpl.dll" [2008-03-24 13524992]
"NvMediaCenter"="C:\WINDOWS\WINDOWS\system32\NvMcTray.dll" [2008-03-24 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"nwiz"="nwiz.exe" [2008-03-24 C:\WINDOWS\WINDOWS\system32\nwiz.exe]

C:\Documents and Settings\Misterdy\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2008-03-18 16:58 58672 C:\WINDOWS\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"vidc.jpeg"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 38784]
R0 pavboot;Panda boot driver;C:\WINDOWS\WINDOWS\system32\Drivers\pavboot.sys [2008-06-19 28544]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\WINDOWS\system32\Drivers\NETFLTDI.SYS [2008-07-11 14:58 158848]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
R2 Gwmsrv;Panda Goodware Cache Manager;C:\WINDOWS\WINDOWS\system32\svchost -k Panda [ ]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\WINDOWS\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
R2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R3 3xHybrid;3xHybrid service;C:\WINDOWS\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\WINDOWS\system32\drivers\av5flt.sys [ ]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;C:\WINDOWS\WINDOWS\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\WINDOWS\system32\PavSRK.sys [ ]
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\WINDOWS\system32\PavTPK.sys [ ]
S3 VNUSB;VN Series Device;C:\WINDOWS\WINDOWS\system32\DRIVERS\VNUSB.sys [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
panda REG_MULTI_SZ Gwmsrv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11aefc8c-6ed7-11dd-ac89-001e8ce1ec2b}]
\Shell\AutoRun\command - C:\WINDOWS\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cftmonn.exe
\Shell\setup\command - cftmonn.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1a3f3e-8d21-11dd-acea-001e8ce1ec2b}]
\Shell\AutoRun\command - RavMon.exe
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5ca3fe8-8fd0-11dd-acf3-001e8ce1ec2b}]
\Shell\AutoRun\command - RavMon.exe
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-07 C:\WINDOWS\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-10-08 C:\WINDOWS\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Misterdy\Application Data\Mozilla\Firefox\Profiles\6xdphmv7.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.ffsearch.net/
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
FF -: plugin - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
FF -: plugin - C:\WINDOWS\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-08 21:45:40
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-08 21:47:29
ComboFix-quarantined-files.txt 2008-10-08 19:47:25
ComboFix2.txt 2008-10-08 19:40:00

Avant-CF: 11 065 217 024 octets libres
Après-CF: 11,051,728,896 octets libres

335 --- E O F --- 2008-09-20 17:26:54

chrifleur
 Posté le 08/10/2008 à 21:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité


Avis aux autres lecteurs, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser sur votre ordinateur !

/!\ Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent)
Désactiver les protections résidentes - Tutoriel

Sélectionne et copie (Ctrl+C) le texte (en bleu) ci-dessous :

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1a3f3e-8d21-11dd-acea-001e8ce1ec2b}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5ca3fe8-8fd0-11dd-acf3-001e8ce1ec2b}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11aefc8c-6ed7-11dd-ac89-001e8ce1ec2b}]

  • Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié. (Bloc-Notes: démarrer > Tous les programmes > Accessoires > Bloc-Notes...)
  • Sauvegarde ce fichier sous le nom de: CFScript.txt
  • Comme l'image le montre, fais glisser CFScript.txt sur ComboFix.exe

  • Une fenêtre bleue va apparaître; au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises, c'est normal!
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu dans ton prochain message.
  • Si le fichier ne s'ouvre pas, tu le trouveras dans -> C:\ComboFix.txt

suis ce tutoriel et poste le rapport obtenu

https://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s2.htm

misterdy
 Posté le 09/10/2008 à 18:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

voici le rapport:

ComboFix 08-10-07.06 - Misterdy 2008-10-09 20:37:30.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2333 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Misterdy\Bureau\ComboFix.exe
Commutateurs utilisés
C:\Documents and Settings\Misterdy\Bureau\CFScript.txt

[COLOR=RED]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/COLOR]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-09-09 au 2008-10-09 ))))))))))))))))))))))))))))))))))))
.

2008-10-09 19:46 . 2008-10-09 19:46 <REP> d--hs---- C:\Documents and Settings\Misterdy\UserData
2008-10-09 12:23 . 2008-10-09 12:23 268 --ah----- C:\sqmdata08.sqm
2008-10-09 12:23 . 2008-10-09 12:23 244 --ah----- C:\sqmnoopt08.sqm
2008-10-09 12:19 . 2001-08-24 14:00 2,864 --a------ C:\WINDOWS\WINDOWS\system32\MSCICH32.DLL
2008-10-09 12:17 . 2008-10-09 12:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\cadwork.cat
2008-10-09 12:04 . 2008-10-09 12:17 <REP> d-------- C:\Program Files\cadwork.dir
2008-10-09 12:04 . 2008-10-09 12:04 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\cadwork
2008-10-09 12:04 . 2008-10-09 12:08 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\cadwork
2008-10-08 20:09 . 2008-10-08 20:09 268 --ah----- C:\sqmdata07.sqm
2008-10-08 20:09 . 2008-10-08 20:09 244 --ah----- C:\sqmnoopt07.sqm
2008-10-08 19:23 . 2008-10-08 19:23 268 --ah----- C:\sqmdata06.sqm
2008-10-08 19:23 . 2008-10-08 19:23 244 --ah----- C:\sqmnoopt06.sqm
2008-10-07 21:20 . 2008-10-07 21:20 268 --ah----- C:\sqmdata05.sqm
2008-10-07 21:20 . 2008-10-07 21:20 244 --ah----- C:\sqmnoopt05.sqm
2008-10-07 21:16 . 2008-10-07 21:16 268 --ah----- C:\sqmdata04.sqm
2008-10-07 21:16 . 2008-10-07 21:16 244 --ah----- C:\sqmnoopt04.sqm
2008-10-07 20:20 . 2008-10-07 20:20 268 --ah----- C:\sqmdata03.sqm
2008-10-07 20:20 . 2008-10-07 20:20 244 --ah----- C:\sqmnoopt03.sqm
2008-10-07 20:14 . 2008-10-07 20:14 268 --ah----- C:\sqmdata02.sqm
2008-10-07 20:14 . 2008-10-07 20:14 244 --ah----- C:\sqmnoopt02.sqm
2008-10-07 20:13 . 2008-10-07 20:25 <REP> d-------- C:\Program Files\Microsoft Bootvis
2008-10-07 19:21 . 2008-10-07 19:21 268 --ah----- C:\sqmdata01.sqm
2008-10-07 19:21 . 2008-10-07 19:21 244 --ah----- C:\sqmnoopt01.sqm
2008-10-07 18:42 . 2008-10-07 18:43 <REP> d-------- C:\rsit
2008-10-07 13:23 . 2008-10-07 13:23 268 --ah----- C:\sqmdata00.sqm
2008-10-07 13:23 . 2008-10-07 13:23 244 --ah----- C:\sqmnoopt00.sqm
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Program Files\iTunes
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Program Files\iPod
2008-10-05 20:43 . 2008-10-07 17:21 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Apple Computer
2008-10-05 20:43 . 2008-10-05 20:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-05 20:43 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\WINDOWS\system32\GEARAspi.dll
2008-10-05 20:43 . 2008-04-17 13:12 15,464 --a------ C:\WINDOWS\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-10-05 20:42 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\Bonjour
2008-10-05 20:41 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\QuickTime
2008-10-05 20:41 . 2008-10-05 20:42 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-10-05 20:41 . 2008-10-05 20:41 <REP> d-------- C:\Program Files\Apple Software Update
2008-10-05 20:41 . 2008-10-05 20:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-10-05 20:41 . 2008-10-05 20:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-10-03 19:12 . 2008-10-03 19:12 <REP> d-------- C:\Program Files\Microsoft Games
2008-10-01 21:34 . 2008-10-03 18:00 <REP> d-------- C:\UT2004
2008-10-01 21:34 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\WINDOWS\system32\vorbis.acm
2008-10-01 20:08 . 2008-10-01 20:08 <REP> d-------- C:\Documents and Settings\Administrateur.MISTERDY\Application Data\Malwarebytes
2008-10-01 19:17 . 2007-04-20 07:34 674,048 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\3xHybrid.sys
2008-10-01 19:17 . 2007-01-29 04:29 1,748 --a------ C:\WINDOWS\WINDOWS\French.lng
2008-10-01 19:17 . 2007-02-13 08:03 1,324 --a------ C:\WINDOWS\WINDOWS\TVP3XDrv.ini
2008-10-01 18:47 . 2008-10-01 18:50 <REP> d-------- C:\Program Files\SuperCopier
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Malwarebytes
2008-09-30 22:01 . 2008-09-30 22:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-30 22:01 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-30 22:01 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\WINDOWS\system32\drivers\mbam.sys
2008-09-30 17:58 . 2008-10-02 19:09 <REP> d-------- C:\Program Files\Navilog1
2008-09-30 06:50 . 2008-09-30 06:50 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\DivX
2008-09-29 20:50 . 2008-09-29 20:50 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCPitstop
2008-09-29 20:01 . 2008-09-29 20:00 1,388,544 --a------ C:\WINDOWS\WINDOWS\system32\msvbvm60.dll
2008-09-29 18:57 . 2008-09-30 21:51 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-27 19:19 . 2008-09-27 19:19 <REP> d--hs---- C:\Documents and Settings\Misterdy\PrivacIE
2008-09-27 18:50 . 2008-09-27 18:51 <REP> d--h-c--- C:\WINDOWS\WINDOWS\ie8
2008-09-27 00:10 . 2008-09-27 00:10 <REP> d--h----- C:\WINDOWS\WINDOWS\system32\GroupPolicy
2008-09-25 19:34 . 2008-09-25 19:34 45 --a------ C:\WINDOWS\WINDOWS\system32\initdebug.nfo
2008-09-25 16:34 . 2008-10-07 10:03 8,627 --a------ C:\WINDOWS\WINDOWS\system32\PAV_FOG.OPC
2008-09-25 15:55 . 2008-09-25 15:55 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Backup
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\WINDOWS\WINDOWS\system32\PAV
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Program Files\Panda Security
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Panda Security
2008-09-25 15:54 . 2008-09-25 15:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2008-09-25 15:54 . 2008-06-18 18:03 520,448 --a------ C:\WINDOWS\WINDOWS\system32\PavSHook.dll
2008-09-25 15:54 . 2003-10-22 18:23 446,464 --a------ C:\WINDOWS\WINDOWS\system32\HHActiveX.dll
2008-09-25 15:54 . 2008-06-26 11:25 197,888 --a------ C:\WINDOWS\WINDOWS\system32\drivers\neti1634.sys
2008-09-25 15:54 . 2008-06-24 14:48 193,280 --a------ C:\WINDOWS\WINDOWS\system32\TpUtil.dll
2008-09-25 15:54 . 2007-02-08 11:53 107,568 --a------ C:\WINDOWS\WINDOWS\system32\SYSTOOLS.DLL
2008-09-25 15:54 . 2008-06-18 18:03 87,296 --a------ C:\WINDOWS\WINDOWS\system32\PavLspHook.dll
2008-09-25 15:54 . 2008-03-18 16:58 58,672 --a------ C:\WINDOWS\WINDOWS\system32\avldr.dll
2008-09-25 15:54 . 2008-06-18 18:03 55,552 --a------ C:\WINDOWS\WINDOWS\system32\pavipc.dll
2008-09-25 15:53 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\WINDOWS\system32\drivers\pavboot.sys
2008-09-25 15:52 . 2008-09-25 15:52 <REP> d-------- C:\Program Files\Fichiers communs\Panda Security
2008-09-25 15:52 . 2008-02-07 12:03 179,640 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\PavProc.sys
2008-09-25 15:52 . 2008-03-04 15:59 41,144 -ra------ C:\WINDOWS\WINDOWS\system32\drivers\ShlDrv51.sys
2008-09-25 14:24 . 2008-09-30 06:46 <REP> d-------- C:\Temp
2008-09-25 13:32 . 2008-09-27 16:14 <REP> d-------- C:\WINDOWS\WINDOWS\system32\CatRoot_bak
2008-09-25 12:04 . 2008-09-25 12:04 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\Ubisoft
2008-09-25 12:04 . 2008-09-25 12:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-09-25 11:54 . 2008-09-25 11:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\InstallShield
2008-09-25 09:37 . 2008-09-25 09:37 129,536 --a------ C:\WINDOWS\WINDOWS\system32\IJL15.dll
2008-09-22 11:24 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\WINDOWS\system32\WNASPI2K.BAK
2008-09-22 11:24 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\WINDOWS\system32\drivers\ASPI2K.BAK
2008-09-22 11:24 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\WINDOWS\system\WINASPI.BAK
2008-09-22 11:24 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\WINDOWS\system\WOWPOST.BAK
2008-09-22 11:22 . 2008-10-05 20:41 <REP> d-------- C:\WINDOWS\WINDOWS\system32\QuickTime
2008-09-22 11:22 . 2003-03-25 06:49 301,568 -ra------ C:\WINDOWS\WINDOWS\system32\L3codeca.acm
2008-09-22 11:22 . 2004-08-04 00:55 294,912 --a------ C:\WINDOWS\WINDOWS\system32\msh263.drv
2008-09-19 20:35 . 2005-02-26 07:34 442,368 -ra------ C:\WINDOWS\WINDOWS\system32\vp6vfw.dll
2008-09-18 15:49 . 2008-09-18 15:49 <REP> d-------- C:\WINDOWS\WINDOWS\system32\URTTEMP
2008-09-18 15:46 . 2008-09-18 15:46 669,184 --a------ C:\WINDOWS\WINDOWS\system32\pbsvc.exe
2008-09-18 09:10 . 2008-09-25 09:37 94,208 --a------ C:\WINDOWS\WINDOWS\system32\ScrUnZip.dll
2008-09-16 02:14 . 2008-09-16 02:14 3,596,288 --a------ C:\WINDOWS\WINDOWS\system32\qt-dx331.dll
2008-09-16 02:14 . 2008-09-16 02:14 524,288 --a------ C:\WINDOWS\WINDOWS\system32\DivXsm.exe
2008-09-16 02:14 . 2008-09-16 02:14 9,878 --a------ C:\WINDOWS\WINDOWS\system32\dsm_fr.qm
2008-09-16 02:14 . 2008-09-16 02:14 4,816 --a------ C:\WINDOWS\WINDOWS\system32\divxsm.tlb
2008-09-16 02:11 . 2008-09-16 02:11 823,296 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx0c.dll
2008-09-16 02:11 . 2008-09-16 02:11 823,296 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx07.dll
2008-09-16 02:11 . 2008-09-16 02:11 815,104 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx0a.dll
2008-09-16 02:11 . 2008-09-16 02:11 802,816 --a------ C:\WINDOWS\WINDOWS\system32\divx_xx11.dll
2008-09-16 02:11 . 2008-09-16 02:11 683,520 --a------ C:\WINDOWS\WINDOWS\system32\DivX.dll
2008-09-16 02:11 . 2008-09-16 02:11 634,880 --a------ C:\WINDOWS\WINDOWS\system32\divxdec.ax
2008-09-16 02:11 . 2008-09-16 02:11 352,401 --a------ C:\WINDOWS\WINDOWS\system32\DivXMedia.ax
2008-09-16 02:11 . 2008-09-16 02:11 161,096 --a------ C:\WINDOWS\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-16 02:11 . 2008-09-16 02:11 12,288 --a------ C:\WINDOWS\WINDOWS\system32\DivXWMPExtType.dll
2008-09-14 22:47 . 2008-09-14 22:54 <REP> d-------- C:\Documents and Settings\Misterdy\Application Data\codeblocks
2008-09-14 20:18 . 2008-09-17 22:58 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-09-14 20:09 . 2008-09-14 20:09 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-09-10 20:23 . 2008-09-19 19:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-09-10 19:32 . 2008-09-10 19:36 <REP> d-------- C:\WINDOWS\WINDOWS\system32\XPSViewer
2008-09-10 19:31 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\WINDOWS\system32\spmsg2.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-09 18:07 1,132 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-10-09 18:07 1,132 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFLTR.CFG
2008-10-09 10:23 294,988 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-10-09 10:23 294,988 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\APPFCONT.DAT
2008-10-08 17:39 122,880 ----a-w C:\VaccinUSB.exe
2008-10-02 13:36 --------- d-----w C:\Program Files\Google
2008-10-01 20:08 --------- d-----w C:\Program Files\SuperCopier2
2008-10-01 19:34 --------- d-----w C:\Program Files\VstPlugins
2008-10-01 17:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-01 17:19 --------- d-----w C:\Program Files\CyberLink
2008-09-30 21:37 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Desktopicon
2008-09-30 19:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-29 17:26 --------- d-----w C:\Program Files\DivX
2008-09-29 16:56 --------- d-----w C:\Program Files\Unlocker
2008-09-29 16:56 --------- d-----w C:\Program Files\CCleaner
2008-09-29 16:19 --------- d-----w C:\Program Files\Olympus
2008-09-27 18:36 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-27 18:06 31 ----a-w C:\Program Files\Fichiers communs\appop.log
2008-09-26 22:01 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\BitTorrent
2008-09-25 09:55 --------- d-----w C:\Program Files\Ubisoft
2008-09-22 11:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-09-22 11:24 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-18 13:46 22,328 ----a-w C:\WINDOWS\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-18 13:46 22,328 ----a-w C:\Documents and Settings\Misterdy\Application Data\PnkBstrK.sys
2008-09-18 13:46 103,736 ----a-w C:\WINDOWS\WINDOWS\system32\PnkBstrB.exe
2008-09-18 12:04 --------- d-----w C:\Program Files\Microsoft Works
2008-09-18 06:00 --------- d-----w C:\Program Files\Electronic Arts
2008-09-16 19:14 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-09-16 00:14 9,464 ------w C:\WINDOWS\WINDOWS\system32\drivers\cdralw2k.sys
2008-09-16 00:14 9,336 ------w C:\WINDOWS\WINDOWS\system32\drivers\cdr4_xp.sys
2008-09-16 00:14 43,528 ------w C:\WINDOWS\WINDOWS\system32\drivers\PxHelp20.sys
2008-09-16 00:14 129,784 ------w C:\WINDOWS\WINDOWS\system32\pxafs.dll
2008-09-16 00:14 120,056 ------w C:\WINDOWS\WINDOWS\system32\pxcpyi64.exe
2008-09-16 00:14 118,520 ------w C:\WINDOWS\WINDOWS\system32\pxinsi64.exe
2008-09-16 00:12 81,920 ----a-w C:\WINDOWS\WINDOWS\system32\dpl100.dll
2008-09-16 00:12 593,920 ----a-w C:\WINDOWS\WINDOWS\system32\dpuGUI11.dll
2008-09-16 00:12 57,344 ----a-w C:\WINDOWS\WINDOWS\system32\dpv11.dll
2008-09-16 00:12 53,248 ----a-w C:\WINDOWS\WINDOWS\system32\dpuGUI10.dll
2008-09-16 00:12 344,064 ----a-w C:\WINDOWS\WINDOWS\system32\dpus11.dll
2008-09-16 00:12 294,912 ----a-w C:\WINDOWS\WINDOWS\system32\dpu11.dll
2008-09-16 00:12 294,912 ----a-w C:\WINDOWS\WINDOWS\system32\dpu10.dll
2008-09-16 00:12 200,704 ----a-w C:\WINDOWS\WINDOWS\system32\ssldivx.dll
2008-09-16 00:12 196,608 ----a-w C:\WINDOWS\WINDOWS\system32\dtu100.dll
2008-09-16 00:12 1,044,480 ----a-w C:\WINDOWS\WINDOWS\system32\libdivx.dll
2008-09-14 18:13 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-09-12 19:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-10 18:37 --------- d-----w C:\Program Files\Microsoft.NET
2008-09-10 17:33 --------- d-----w C:\Program Files\MSBuild
2008-08-29 08:18 87,336 ----a-w C:\WINDOWS\WINDOWS\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w C:\WINDOWS\WINDOWS\system32\dnssd.dll
2008-08-22 19:22 --------- d-----w C:\Program Files\Fichiers communs\BOONTY Shared
2008-08-22 19:22 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\BOONTY
2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\WINDOWS\system32\wininet.dll
2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\WINDOWS\system32\licmgr10.dll
2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\WINDOWS\system32\corpol.dll
2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\WINDOWS\system32\admparse.dll
2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\WINDOWS\system32\iesetup.dll
2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\WINDOWS\system32\vbscript.dll
2008-08-22 01:05 48,640 ------w C:\WINDOWS\WINDOWS\system32\PrivacIE.dll
2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\WINDOWS\system32\mshtmler.dll
2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\WINDOWS\system32\imgutil.dll
2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\WINDOWS\system32\mshta.exe
2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\WINDOWS\system32\msls31.dll
2008-08-17 16:09 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
2008-08-17 15:26 --------- d-----w C:\Program Files\Eidos
2008-08-13 19:11 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-08-13 17:49 --------- d-----w C:\Program Files\Trend Micro
2008-08-13 06:45 --------- d-----w C:\Program Files\GFi
2008-08-12 07:46 --------- d-----w C:\Program Files\Fichiers communs\DirectX
2008-08-11 23:23 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\wmp
2008-08-11 22:03 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Talkback
2008-08-11 11:42 --------- d-----w C:\Program Files\Valve
2008-08-11 11:27 --------- d-----w C:\Documents and Settings\Misterdy\Application Data\Azureus
2008-08-11 10:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\WINDOWS\system32\msdbg2.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WINDOWS\WLXPGSS.SCR
2008-07-15 10:29 66,872 ----a-w C:\WINDOWS\WINDOWS\system32\PnkBstrA.exe
2008-07-09 13:00 98,304 ----a-w C:\WINDOWS\WINDOWS\system32\CmdLineExt.dll
.

((((((((((((((((((((((((((((( snapshot@2008-10-08_21.38.56.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-27 11:04:48 247,904 ----a-w C:\WINDOWS\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-09 17:39:22 251,088 ----a-w C:\WINDOWS\WINDOWS\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"ctfmon.exe"="C:\WINDOWS\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-07-09 9216]
"Center Agent"="C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2007-07-13 1435648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="C:\WINDOWS\WINDOWS\system32\dumprep 0 -u" [X]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="C:\WINDOWS\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="C:\WINDOWS\WINDOWS\system32\JMRaidSetup.exe" [2006-11-16 1953792]
"Ai Gear Help"="C:\Program Files\ASUS\AI Gear\GearHelp.exe" [2006-07-27 415744]
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe" [2006-11-28 3714048]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe" [2006-11-14 363008]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NvCplDaemon"="C:\WINDOWS\WINDOWS\system32\NvCpl.dll" [2008-03-24 13524992]
"NvMediaCenter"="C:\WINDOWS\WINDOWS\system32\NvMcTray.dll" [2008-03-24 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"nwiz"="nwiz.exe" [2008-03-24 C:\WINDOWS\WINDOWS\system32\nwiz.exe]

C:\Documents and Settings\Misterdy\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2008-03-18 16:58 58672 C:\WINDOWS\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"vidc.jpeg"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 38784]
R0 pavboot;Panda boot driver;C:\WINDOWS\WINDOWS\system32\Drivers\pavboot.sys [2008-06-19 28544]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\WINDOWS\system32\Drivers\NETFLTDI.SYS [2008-07-11 14:58 158848]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\WINDOWS\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
R2 Gwmsrv;Panda Goodware Cache Manager;C:\WINDOWS\WINDOWS\system32\svchost -k Panda [ ]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\WINDOWS\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
R2 PskSvcRetail;Panda PSK service;C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R3 3xHybrid;3xHybrid service;C:\WINDOWS\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\WINDOWS\system32\drivers\av5flt.sys [ ]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;C:\WINDOWS\WINDOWS\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\WINDOWS\system32\PavSRK.sys [ ]
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\WINDOWS\system32\PavTPK.sys [ ]
S3 VNUSB;VN Series Device;C:\WINDOWS\WINDOWS\system32\DRIVERS\VNUSB.sys [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
panda REG_MULTI_SZ Gwmsrv
.
Contenu du dossier 'Tâches planifiées'

2008-10-07 C:\WINDOWS\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-10-09 C:\WINDOWS\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-09 20:41:36
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-09 20:43:48
ComboFix-quarantined-files.txt 2008-10-09 18:43:36
ComboFix2.txt 2008-10-09 18:32:45
ComboFix3.txt 2008-10-08 19:47:29
ComboFix4.txt 2008-10-08 19:40:00

Avant-CF: 9 996 582 912 octets libres
Après-CF: 9,983,356,928 octets libres

330 --- E O F --- 2008-09-20 17:26:54

chrifleur
 Posté le 09/10/2008 à 19:06 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

le rapport de Bit Defender stp

misterdy
 Posté le 09/10/2008 à 19:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

merçi de ton aide l'analyse et en cours

Publicité
misterdy
 Posté le 09/10/2008 à 21:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

BitDefender Online Scanner - Rapport d'analyse

BitDefender Online Scanner

Rapport d'analyse généré à: Thu, Oct 09, 2008 - 22:32:06

Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;

Statistiques

Temps

00:56:30

Fichiers

167117

Directoires

13724

Secteurs de boot

0

Archives

2799

Paquets programmes

13269

Résultats

Virus identifiés

3

Fichiers infectés

3

Fichiers suspects

0

Avertissements

0

Désinfectés

0

Fichiers effacés

3

Info sur les moteurs

Définition virus

1854547

Version des moteurs

AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins

16

Archive des plugins

43

Unpack des plugins

7

E-mail plugins

6

Système plugins

4

Paramètres d'analyse

Première action

Désinfecté

Seconde Action

Supprimé

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analysées

exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions

Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui

Fichier analysé

Statut

C:\Documents and Settings\Misterdy\Mes documents\téléchar\pqremove.com

Infecté par: Trojan.Generic.169733

C:\Documents and Settings\Misterdy\Mes documents\téléchar\pqremove.com

Supprimé

C:\Program Files\Navilog1\Backupnavi\egsso.exe

Détecté avec: Adware.NaviPromo.Gen.2

C:\Program Files\Navilog1\Backupnavi\egsso.exe

Echec de la désinfection

C:\Program Files\Navilog1\Backupnavi\egsso.exe

Supprimé

E:\stock\EMule a RAzzo!\Speeder Xp v1.6 Crack(Acelera Emule Doble Velocidad)By Mc Stryker\SpeederXP1.6.exe=>(Instyler o)=>(Instyler Module 9)

Infecté par: Trojan.Pws.Lenmir.30

E:\stock\EMule a RAzzo!\Speeder Xp v1.6 Crack(Acelera Emule Doble Velocidad)By Mc Stryker\SpeederXP1.6.exe=>(Instyler o)=>(Instyler Module 9)

Echec de la désinfection

E:\stock\EMule a RAzzo!\Speeder Xp v1.6 Crack(Acelera Emule Doble Velocidad)By Mc Stryker\SpeederXP1.6.exe=>(Instyler o)=>(Instyler Module 9)

Supprimé

E:\stock\EMule a RAzzo!\Speeder Xp v1.6 Crack(Acelera Emule Doble Velocidad)By Mc Stryker\SpeederXP1.6.exe=>(Instyler o)

Echec de la mise à jour

chrifleur
 Posté le 24/10/2008 à 09:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

bonjour

j'ai changé de FAI et ai été coupée d'internet tous ces jours...

où en es tu ?

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Les bons plans du moment PC Astuces

Tous les Bons Plans
9,99 €Adaptateur Bluetooth USB TP-Link UB400 à 9,99 €
Valable jusqu'au 28 Septembre

Amazon fait une promotion sur l'adaptateur Bluetooth USB TP-Link UB400 qui passe à 9,99 €. Cet adaptateur à brancher sur un port USB va vous permettre d'ajouter le bluetooth à votre ordinateur et d'utiliser ensuite sans fil vos périphériques bluetooth : souris, clavier, casque, manette, téléphone, ...


> Voir l'offre
50,04 €Carte mémoire microSDXC UHS-I SanDisk Ultra 400 Go à 50,04 € livrée
Valable jusqu'au 30 Septembre

Amazon Allemagne propose la carte mémoire microSDHC UHS-I SanDisk Ultra 400 Go à 45,52 € (avec la TVA ajustée). Comptez 4,52 € pour la livraison en France, soit un total de 50,04 € livrée en France. On la trouve trouve ailleurs à partir de 80 €. Cette carte mémoire offre des vitesses jusqu'à 100 Mo/s et est idéale pour les téléphones, caméras et appareils photo HD. Elle est certifiée GoPro, Nintendo Switch et est accompagnée d'un adaptateur SD.

Vous pouvez utiliser votre compte Amazon France sur Amazon Allemagne et il n'y a pas de douanes. Si vous êtes perdu en allemand, vous pouvez traduire le site en anglais.


> Voir l'offre
599,90 €Ultrabook HONOR MagicBook 14 (Ryzen 5 3500U, 8Go, 256 Go SSD) + un cadeau à 599,90 €
Valable jusqu'au 02 Octobre

HONOR fait une promotion sur son ultrabook HONOR MagicBook 14 qui passe à 599,90 € au lieu de 800 €. Cet ordinateur portable possède un écran 14 pouces Full HD IPS, un processeur AMD Ryzen 5 3500U (avec chip graphique Vega 8), 8 Go de mémoire DDR4, un SSD 256 Go PCIe NVME, le WiFi5 / Bluetooth 5.0, un lecteur d'empreintes, une webcam, un clavier rétro éclairé, une batterie 56 Wh (jusqu'à 10h d'autonomie) et ne pèse que 1,38 kg. Il fonctionne sous Windows 10. De plus, pour cet achat, HONOR vous offre également un cadeau à choisir parmi une sélection : un pack comprenant un sac à dos, une souris bluetooth et des écouteurs ou une montre connectée Magic Watch ou des Magic EarBuds avec réduction de bruit active... Une très bonne affaire pour une machine compacte et puissante.


> Voir l'offre

Sujets relatifs
a chaque demarrage xp ordi tres lent durant 20 min
Ordi tres lent au demarrage
Mon ordi est très long au démarrage
ordi très lent
ordi très lent
PC très lent au démarrage
ordi très lent, merci pour votre aide
PC portable très lent au démarrage
Ordi très lent
Démarrage très lent, encore + récemment (écran noir trés long)
Plus de sujets relatifs à aider moi svp,mon ordi est trés lent au démarrage
 > Tous les forums > Forum Sécurité