> Tous les forums > Forum Sécurité
 system32updatenf.dll est ce un virus ?Sujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
serial75
  Posté le 30/12/2008 @ 14:35 
Aller en bas de la page 
Petit astucien

Slt tlm,

j ai fait un scan online avec kaspersky qui m a trouve ce fichier infecte:

C:\WINDOWS\system32\updatenf.dll

Je ne sais pas a quoi cela correspond comme c est un fichier systeme dois je l enlever ? Merci

Publicité
philae
 Posté le 30/12/2008 à 15:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour et bienvenue sur PCA Sécurité

visiblement tu es infecté par vundo.

fait ceci stp

* scan en suivant ce tuto

Malwarebyte's (scan rapide)

poste le rapport ici ensuite

et

Télécharge random's system information tool (RSIT) par random/random
TUTO

et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSITle téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
serial75
 Posté le 30/12/2008 à 17:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Slt philae merci de m aider

Voici le rapport de malewarebyte s

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1567
Windows 5.1.2600 Service Pack 3

30/12/2008 17:34:42
mbam-log-2008-12-30 (17-34-42).txt

Type de recherche: Examen rapide
Eléments examinés: 49985
Temps écoulé: 3 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Voici celui de RSIT :

Logfile of random's system information tool 1.05 (written by random/random)
Run by pc at 2008-12-30 17:35:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (25%) free of 238 GB
Total RAM: 1023 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35:53, on 30/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220183598109
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220198021609
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_4_0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 9030 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1532298954-682003330-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1056498-D09A-41E4-864B-505EDD640D9E}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll [2008-12-18 2498056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll [2008-12-18 185944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll [2008-12-18 2498056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-02 13680640]
"nwiz"=nwiz.exe /install []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-14 136600]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-02 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2008-12-18 3114496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluestork BS-W-USB Utility.lnk]
C:\PROGRA~1\BLUEST~1\BS-W-USB\BS-W-USB.exe [2006-07-13 491520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
C:\PROGRA~1\Tor\Privoxy\privoxy.exe [2006-11-20 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pc^Menu Démarrer^Programmes^Démarrage^Enregistrement de .lnk]
I:\Support\EAregister.exe /remind /language=FRA /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\VLC\vlc.exe"="C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\pc\Bureau\A4Proxy\A4Proxy.exe"="C:\Documents and Settings\pc\Bureau\A4Proxy\A4Proxy.exe:*:Enabled:Anonymity 4 Proxy Application"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Pro Evolution Soccer 2009\Pro Evolution Soccer 2009\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe"="C:\Program Files\Pro Evolution Soccer 2009\Pro Evolution Soccer 2009\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Disabled:maconfservice"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-12-30 16:14:47 ----D---- C:\Program Files\trend micro
2008-12-30 16:14:46 ----D---- C:\rsit
2008-12-30 15:47:24 ----A---- C:\Program Files\RSIT.exe
2008-12-30 01:08:33 ----D---- C:\WINDOWS\CSC
2008-12-30 01:08:28 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-29 13:58:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-29 13:57:58 ----D---- C:\Program Files\Alwil Software
2008-12-26 12:59:14 ----D---- C:\Program Files\adslTV
2008-12-24 18:09:49 ----D---- C:\Program Files\PegasusApps
2008-12-24 17:44:51 ----A---- C:\WINDOWS\system32\devil.dll
2008-12-24 17:44:51 ----A---- C:\WINDOWS\system32\avisynth.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\x.264.exe
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\i420vfw.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\MOTA113.exe
2008-12-24 17:44:49 ----D---- C:\Program Files\AviSynth 2.5
2008-12-24 17:44:49 ----A---- C:\WINDOWS\x2.64.exe
2008-12-24 17:44:49 ----A---- C:\WINDOWS\meta4.exe
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2008-12-24 17:43:56 ----D---- C:\Program Files\eRightSoft
2008-12-24 17:26:02 ----D---- C:\Documents and Settings\pc\Application Data\AVS4YOU
2008-12-24 17:25:53 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-12-24 17:25:16 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2008-12-24 16:56:47 ----D---- C:\Documents and Settings\pc\Application Data\Broad Intelligence
2008-12-24 16:33:49 ----D---- C:\Program Files\ConvertHelper
2008-12-24 16:23:23 ----D---- C:\Program Files\Audacity
2008-12-24 16:22:48 ----D---- C:\Documents and Settings\pc\Application Data\OpenCandy
2008-12-24 16:22:02 ----D---- C:\Program Files\MediaCoder
2008-12-24 13:36:22 ----D---- C:\Program Files\My Videos
2008-12-24 13:35:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apowersoft
2008-12-22 16:54:32 ----D---- C:\Documents and Settings\pc\Application Data\DAEMON Tools Pro
2008-12-22 16:53:17 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-12-22 16:52:16 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-12-22 16:51:53 ----D---- C:\Program Files\DAEMON Tools Pro
2008-12-22 12:34:57 ----D---- C:\data
2008-12-22 12:34:17 ----D---- C:\Program Files\finalbig040b
2008-12-21 13:16:56 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2008-12-19 16:09:59 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2008-12-19 14:15:11 ----D---- C:\Documents and Settings\pc\Application Data\Red Alert 3
2008-12-19 13:53:05 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-19 13:52:40 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-12-19 13:52:35 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-12-19 13:44:39 ----D---- C:\Program Files\Microsoft Games
2008-12-18 19:18:56 ----D---- C:\Program Files\SpeedBit Video Downloader
2008-12-18 19:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-18 16:41:04 ----A---- C:\WINDOWS\system32\GIF89.DLL
2008-12-18 16:41:03 ----A---- C:\WINDOWS\system32\WMAFile.dll
2008-12-18 16:41:03 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\SSubTmr6.dll
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\AudFile.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msxml4a.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\lame_enc.dll
2008-12-18 16:41:00 ----D---- C:\Program Files\Free Easy Burner
2008-12-18 14:41:23 ----D---- C:\Documents and Settings\pc\Application Data\Vidalia
2008-12-18 14:41:22 ----D---- C:\Program Files\Tor
2008-12-18 13:31:17 ----D---- C:\Documents and Settings\pc\Application Data\EmailNotifier
2008-12-18 13:31:17 ----D---- C:\Documents and Settings\All Users\Application Data\EmailNotifier
2008-12-18 13:01:24 ----A---- C:\WINDOWS\system32\SET23A.tmp
2008-12-18 12:56:25 ----A---- C:\WINDOWS\MegaManager.INI
2008-12-18 03:04:07 ----A---- C:\WINDOWS\wininit.ini
2008-12-17 22:59:18 ----D---- C:\Program Files\SpeedOptimizer
2008-12-17 22:52:44 ----D---- C:\Program Files\SpeedBit Video Accelerator
2008-12-17 22:45:06 ----D---- C:\Documents and Settings\pc\Application Data\Tor
2008-12-17 22:28:06 ----D---- C:\Program Files\Free IP Switcher
2008-12-17 21:10:34 ----D---- C:\Program Files\Xtremsplit
2008-12-17 21:09:33 ----D---- C:\Program Files\Virtual Dub
2008-12-17 21:08:50 ----D---- C:\Program Files\Hijackthis
2008-12-17 18:58:25 ----HD---- C:\WINDOWS\PIF
2008-12-17 14:36:39 ----D---- C:\Program Files\Virtua Tennis 3
2008-12-16 19:17:59 ----D---- C:\Program Files\joytokey_joytokey_v3.7.4_anglais_36656
2008-12-16 04:15:04 ----D---- C:\Documents and Settings\pc\Application Data\Ubisoft
2008-12-16 04:15:04 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-12-15 22:34:23 ----D---- C:\Program Files\King's Bounty The Legend
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\java.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-12 15:58:58 ----D---- C:\Program Files\DEvil Mac Cry 4
2008-12-12 14:24:06 ----D---- C:\Program Files\tmplus
2008-12-12 11:43:48 ----D---- C:\Program Files\Recuva
2008-12-12 02:52:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 02:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-12 02:50:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 02:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 02:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 01:30:39 ----D---- C:\Program Files\Pro Evolution Soccer 2009
2008-12-12 01:29:40 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-12 01:29:40 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-12 01:29:39 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-12 01:29:39 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-12 01:29:37 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-12 01:29:37 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-12 01:29:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-12 01:29:34 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-12 01:29:34 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-12 01:29:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-12 01:28:55 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-12 01:19:17 ----D---- C:\Program Files\NBA LIVE 08
2008-12-11 21:52:21 ----D---- C:\Program Files\7-Zip
2008-12-11 15:09:55 ----D---- C:\Program Files\Far_Cry_2-Razor1911
2008-12-11 13:09:20 ----A---- C:\WINDOWS\vncutil.exe
2008-12-11 13:09:15 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2008-12-11 13:09:15 ----A---- C:\WINDOWS\RtkAudioService.exe
2008-12-11 13:07:03 ----D---- C:\WINDOWS\NV15963024.TMP
2008-12-11 12:46:40 ----D---- C:\Program Files\EVEREST Home Edition
2008-12-11 11:07:44 ----D---- C:\Program Files\Hitman Blood Money Eidos
2008-12-11 01:18:13 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-10 17:01:39 ----D---- C:\Program Files\Assassins.Creed.Full-Rip.Skullptura
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-10 12:27:31 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-10 12:27:31 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-10 12:27:30 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-10 12:27:30 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-10 12:27:29 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-10 12:27:29 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-10 12:27:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-10 12:27:28 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-10 12:27:27 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-10 12:27:27 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-10 12:27:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-10 12:27:26 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-10 12:26:38 ----D---- C:\WINDOWS\Logs
2008-12-09 15:44:56 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-12-09 15:44:54 ----D---- C:\Documents and Settings\pc\Application Data\Azureus
2008-12-09 15:44:22 ----D---- C:\Program Files\Vuze
2008-12-08 18:58:22 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
2008-12-08 18:58:22 ----A---- C:\WINDOWS\system32\updatenf.dll
2008-12-08 18:58:22 ----A---- C:\WINDOWS\system32\api32.dll
2008-12-08 18:46:52 ----D---- C:\Documents and Settings\pc\Application Data\FrostWire
2008-12-08 18:46:23 ----D---- C:\Program Files\FrostWire
2008-12-05 11:40:28 ----D---- C:\Documents and Settings\pc\Application Data\Malwarebytes
2008-12-05 11:40:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-05 11:40:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-04 18:34:16 ----D---- C:\Program Files\Ootake pcengine
2008-12-03 20:05:23 ----D---- C:\Program Files\freedo_1_9_wip
2008-12-03 18:13:47 ----D---- C:\Program Files\kega_fusion_3.51_windows
2008-12-03 15:56:22 ----D---- C:\Program Files\nebula
2008-12-02 20:33:23 ----D---- C:\Program Files\MAME
2008-12-02 17:29:38 ----D---- C:\Program Files\zsnes_1.51_windows
2008-12-01 17:53:18 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-01 17:53:17 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-12-01 17:53:17 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-12-01 16:55:45 ----D---- C:\Program Files\CallOfDuty 5

======List of files/folders modified in the last 1 months======

2008-12-30 17:31:37 ----D---- C:\Program Files\Mozilla Firefox
2008-12-30 17:14:25 ----D---- C:\WINDOWS\Temp
2008-12-30 17:01:12 ----D---- C:\Program Files\Zoom Player
2008-12-30 16:32:54 ----D---- C:\WINDOWS\Prefetch
2008-12-30 16:14:47 ----D---- C:\Program Files
2008-12-30 13:11:22 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-30 04:47:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-30 01:08:33 ----D---- C:\WINDOWS
2008-12-30 01:01:26 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-29 13:58:16 ----D---- C:\WINDOWS\system32\drivers
2008-12-29 13:58:14 ----D---- C:\WINDOWS\system32
2008-12-29 13:55:44 ----A---- C:\WINDOWS\RtlRack.ini
2008-12-28 13:38:03 ----SD---- C:\WINDOWS\Tasks
2008-12-26 12:59:16 ----D---- C:\Documents and Settings\pc\Application Data\vlc
2008-12-25 16:56:28 ----D---- C:\Documents and Settings\pc\Application Data\OpenOffice.org2
2008-12-25 13:20:50 ----D---- C:\Program Files\Zvids
2008-12-24 17:25:16 ----D---- C:\Program Files\Fichiers communs
2008-12-23 18:27:25 ----D---- C:\WINDOWS\system32\DirectX
2008-12-23 18:26:29 ----HD---- C:\WINDOWS\inf
2008-12-23 11:00:54 ----D---- C:\WINDOWS\pss
2008-12-23 11:00:54 ----ASH---- C:\boot.ini
2008-12-23 11:00:54 ----A---- C:\WINDOWS\win.ini
2008-12-23 11:00:54 ----A---- C:\WINDOWS\system.ini
2008-12-22 14:07:01 ----D---- C:\Program Files\eMule
2008-12-21 17:29:48 ----SHD---- C:\WINDOWS\Installer
2008-12-19 18:00:45 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 16:10:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-19 15:33:17 ----D---- C:\Program Files\DivX
2008-12-19 15:31:00 ----D---- C:\Program Files\ClonyXXL_FR_v2015
2008-12-19 13:54:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-19 13:53:24 ----RSD---- C:\WINDOWS\assembly
2008-12-19 13:53:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 13:51:52 ----D---- C:\WINDOWS\WinSxS
2008-12-19 00:55:23 ----D---- C:\Program Files\Windows Live Safety Center
2008-12-18 19:17:51 ----D---- C:\Program Files\DAP
2008-12-18 19:08:52 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 22:41:26 ----D---- C:\Program Files\Woonoz
2008-12-17 22:41:26 ----D---- C:\Program Files\windows media player
2008-12-17 22:41:26 ----D---- C:\Program Files\Realtek
2008-12-17 22:41:16 ----D---- C:\Program Files\Internet Explorer
2008-12-17 22:41:15 ----D---- C:\Program Files\GameSpy Arcade
2008-12-17 22:41:11 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-17 22:41:07 ----D---- C:\Program Files\Cossacks - Back To War
2008-12-17 22:41:04 ----D---- C:\Program Files\ACE Mega CoDecS Pack
2008-12-17 11:19:58 ----D---- C:\Program Files\RegSeeker
2008-12-16 16:04:32 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-12-15 23:48:12 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-15 22:55:52 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-14 19:13:20 ----D---- C:\Program Files\Java
2008-12-13 10:06:02 ----D---- C:\WINDOWS\network diagnostic
2008-12-12 18:02:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 02:52:09 ----A---- C:\WINDOWS\imsins.BAK
2008-12-11 21:55:57 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-12-11 18:10:56 ----D---- C:\WINDOWS\Help
2008-12-11 18:10:54 ----D---- C:\WINDOWS\nview
2008-12-11 13:45:50 ----D---- C:\WINDOWS\system32\mui
2008-12-11 13:44:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-11 13:29:25 ----D---- C:\Program Files\Direct X
2008-12-11 13:27:18 ----D---- C:\Program Files\PCI_Install_5687_0725 (reseau)
2008-12-11 13:13:32 ----D---- C:\Program Files\AGEIA Technologies
2008-12-11 13:12:10 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-11 13:09:46 ----D---- C:\WINDOWS\system32\RTCOM
2008-12-11 13:07:59 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-11 11:31:55 ----D---- C:\Program Files\Max Payne
2008-12-11 01:18:24 ----D---- C:\WINDOWS\system32\spool
2008-12-10 12:27:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-02 10:13:16 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-21 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-21 25416]
R2 sbbotdi;sbbotdi; \??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-02 6209536]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-10-30 117120]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 ZD1211BU(BLUESTORK);Bluestork BS-W-USB Wifi 54g USB Module Driver(BLUESTORK); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-04-19 439808]
S3 alvc5eli;alvc5eli; C:\WINDOWS\system32\drivers\alvc5eli.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-08-25 40840]
S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 P1110VID;Creative WebCam NX; C:\WINDOWS\system32\DRIVERS\P1110VID.sys [2003-05-14 90357]
S3 PsSdk31;PsSdk31; \??\C:\WINDOWS\system32\Drivers\pssdk31.drv []
S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.drv []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-14 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-02 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-19 66872]
R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-12-17 292472]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

-----------------EOF-----------------

serial75
 Posté le 30/12/2008 à 17:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

et le rapport info :

info.txt logfile of random's system information tool 1.05 2008-12-30 16:14:55

======Uninstall list======

-->MsiExec /X{AFD5ED58-271A-4907-96C2-2745C83BB035}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluestork BS-W-USB Wifi 54g USB Module-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{581CE7EA-A30D-0000-1211-088635773309}\Setup.exe" -l0x9
Brother HL-2030-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D57B76-CF62-4717-B454-441E917C98C8}\SETUP.exe" -l0x40c -removeonly /uninst
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409
ConvertHelper 2.1-->"C:\Program Files\ConvertHelper\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cossacks - Back To War-->C:\WINDOWS\una2setup.exe
Creative PC-CAM Center Lite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
Creative WebCam Monitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"
DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
DirectVobSub (remove only)-->"C:\Program Files\DirectVobSub\uninstall.exe"
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\EVEREST Home Edition\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
ffdshow [rev 1685] [2007-12-06]-->"C:\Program Files\ffdshow\unins000.exe"
FLV to AVI/XviD/DivX Converter 3.7.20-->"C:\Program Files\PegasusApps\FLV to AVI Video Converter\unins000.exe"
Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
Free IP Switcher-->C:\PROGRA~1\FREEIP~1\UNWISE.EXE C:\PROGRA~1\FREEIP~1\INSTALL.LOG
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hitman Blood Money-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0x9 -removeonly
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Ma-Config.com-->MsiExec.exe /X{3A4EE7A4-356E-43B7-A4A3-9C55B22A05B3}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative WebCam NX (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative WebCam NX\Manuel d'utilisation de Creative WebCam NX\French\CTManual.isu"
Max Payne-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39930321-4C58-4B8B-BCBF-342698C9801D}\setup.exe" uninstall uninstall
MediaCoder 0.6.2-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
Ootake ver1.60-->"C:\Program Files\Ootake pcengine\unins000.exe"
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
OpenSource Flash Video Splitter (remove only)-->"C:\Program Files\OpenSource Flash Video Splitter\uninstall.exe"
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
Privoxy 3.0.6-->"C:\Program Files\Tor\Uninstall.exe"
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"
SpeedBit Video Accelerator-->C:\PROGRA~1\SPEEDB~1\UNWISE.EXE C:\PROGRA~1\SPEEDB~1\INSTALL.LOG
SpeedBit Video Downloader-->"C:\Program Files\SpeedBit Video Downloader\GRRemove.exe" temp
SpeedOptimizer-->C:\PROGRA~1\SPEEDO~1\UNWISE.EXE C:\PROGRA~1\SPEEDO~1\INSTALL.LOG
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPER © Version 2008.bld.32 (July 8, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Tor 0.2.0.32-->"C:\Program Files\Tor\Uninstall.exe"
UNLHA32.DLL-->C:\WINDOWS\DELREG.EXE -u -l-
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Vidalia 0.1.10-->"C:\Program Files\Tor\Uninstall.exe"
VideoLAN VLC media player 0.8.6i-->C:\Program Files\vlc\uninstall.exe
Virtua Tennis 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Zoom Player (remove only)-->"C:\Program Files\Zoom Player\uninstall.exe"

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 081229-0]

System event log

Computer Name: UNICORNI-6EC2D1
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service usnjsvc avec les arguments ""
pour démarrer le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}

Record Number: 8376
Source Name: DCOM
Time Written: 20081210182955.000000+060
Event Type: erreur
User: UNICORNI-6EC2D1\pc

Computer Name: UNICORNI-6EC2D1
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service usnjsvc avec les arguments ""
pour démarrer le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}

Record Number: 8375
Source Name: DCOM
Time Written: 20081210182945.000000+060
Event Type: erreur
User: UNICORNI-6EC2D1\pc

Computer Name: UNICORNI-6EC2D1
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service usnjsvc avec les arguments ""
pour démarrer le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}

Record Number: 8374
Source Name: DCOM
Time Written: 20081210182934.000000+060
Event Type: erreur
User: UNICORNI-6EC2D1\pc

Computer Name: UNICORNI-6EC2D1
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service usnjsvc avec les arguments ""
pour démarrer le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}

Record Number: 8373
Source Name: DCOM
Time Written: 20081210182924.000000+060
Event Type: erreur
User: UNICORNI-6EC2D1\pc

Computer Name: UNICORNI-6EC2D1
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 8372
Source Name: Tcpip
Time Written: 20081210182839.000000+060
Event Type: Avertissement
User:

Application event log

Computer Name: UNICORNI-6EC2D1
Event Code: 100
Message: wlmail (3536) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 3299
Source Name: ESENT
Time Written: 20081027152551.000000+060
Event Type: Informations
User:

Computer Name: UNICORNI-6EC2D1
Event Code: 101
Message: wlmail (3556) Le moteur de base de données est arrêté.

Record Number: 3298
Source Name: ESENT
Time Written: 20081027144755.000000+060
Event Type: Informations
User:

Computer Name: UNICORNI-6EC2D1
Event Code: 103
Message: wlmail (3556) WindowsLiveMail0: Le moteur de base de données a arrêté une instance (0).

Record Number: 3297
Source Name: ESENT
Time Written: 20081027144755.000000+060
Event Type: Informations
User:

Computer Name: UNICORNI-6EC2D1
Event Code: 102
Message: wlmail (3556) WindowsLiveMail0: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 3296
Source Name: ESENT
Time Written: 20081027144733.000000+060
Event Type: Informations
User:

Computer Name: UNICORNI-6EC2D1
Event Code: 100
Message: wlmail (3556) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 3295
Source Name: ESENT
Time Written: 20081027144733.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

philae
 Posté le 30/12/2008 à 21:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir

plusieurs infections

* fait un scan en suivant ce tuto

poste le rapport ici ensuite

et

  • Télécharge SDFix (créé par Andy Manchesta) et sauvegarde le sur ton Bureau.
    Si le lien ne fonctionne pas, essaie ceux-ci :
    http://download.bleepingcomputer.com/andymanchesta/SDFix.exe
    http://sdfix.net/SDFix.exe
  • Double-clique sur SDFix.exe et choisis Install.L'outil sera extrait à la racine du lecteur système (généralement le C:\)
  • Un message (en anglais) va s’ouvrir dans le Notepad, referme celui-ci.
  • N'y touche pas pour l'instant.
  • Imprime ceci.
  • Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
    • Redémarre ton ordinateur.
    • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (ou F5).
    • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    • Choisis ton compte.
  • Déroule la liste des instructions ci-dessous :
    • En mode sans échec, double-clique sur le fichier SDFix.exe et clique sur install,
    • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuie sur Y pour commencer le script.
      Il est possible que l'outil demande un nouveau redémarrage en mode Sans Échec en début de routine, si une infection particulière est détectée; valide et tapote la touche F8 au redémarrage pour accéder aux options de démarrage.
    • Il va supprimer les services de certains trojans, effectuera aussi quelques réparations du Registre et il te demandera d'appuyer sur une touche pour redémarrer.
    • Appuie sur une touche pour redémarrer le PC.
    • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished
    • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    • Enfin, ouvre le dossier de SDFix sur ton Bureau et copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
serial75
 Posté le 31/12/2008 à 12:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Slt philae

voici le rapport de sdfix :


SDFix: Version 1.240
Run by pc on 30/12/2008 at 22:38

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found


Removing Temp Files

ADS Check :


Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 12:23:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:b6,ff,1b,d3,75,f2,69,23,dc,6f,9d,1f,05,4a,02,e9,63,20,a4,5d,f7,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="C:\Program Files\DAEMON Tools Pro\"
"h0"=dword:00000002
"hdf12"=hex:f8,53,45,e1,02,8f,88,28,60,36,60,6b,b7,5d,66,cf,8c,73,0e,e0,5d,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,eb,c8,e4,d7,ba,90,1c,d6,a7,a9,36,d7,ed,8d,0f,aa,3d,..
"hdf12"=hex:b4,6f,76,6d,4f,cc,c0,ba,85,f8,40,25,00,1c,5a,0c,bd,1b,c0,ec,d4,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:6a,8f,7b,5d,96,08,72,c7,9f,f1,c4,c4,6d,12,5f,00,92,20,6d,cf,2b,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,2c,69,e5,d7,9d,cc,7f,df,0c,bd,01,42,f1,43,04,91,61,..
"hdf12"=hex:05,24,1a,68,e8,e0,f3,94,9d,bb,f4,d0,ad,e6,89,8b,8b,3d,4a,2f,67,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:07,74,69,59,2f,86,1f,2a,cc,c8,a8,0e,20,53,f4,af,82,a1,a6,54,42,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:6f,4b,37,60,72,fb,90,e3,10,02,af,c3,90,9b,85,b3,64,1e,be,29,d2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:ce,d9,2f,71,cd,95,5a,6a,38,0b,46,74,dd,40,47,b5,f5,1d,3b,49,45,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:93,9d,87,37,aa,1d,83,cf,09,87,5d,46,1b,23,5f,3e,db,13,7d,e5,17,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,09,fe,64,12,c7,f7,ad,45,a1,c4,0e,82,37,1c,8f,82,3f,..
"khjeh"=hex:d8,78,74,bd,b1,87,77,3a,94,02,5d,32,16,7b,a9,b1,00,ab,f1,2a,32,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:f0,8e,5f,d6,ae,40,2d,15,cc,cc,6d,f3,08,2d,aa,84,1a,89,c0,14,53,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:b6,ff,1b,d3,75,f2,69,23,dc,6f,9d,1f,05,4a,02,e9,63,20,a4,5d,f7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="C:\Program Files\DAEMON Tools Pro\"
"h0"=dword:00000002
"hdf12"=hex:f8,53,45,e1,02,8f,88,28,60,36,60,6b,b7,5d,66,cf,8c,73,0e,e0,5d,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,eb,c8,e4,d7,ba,90,1c,d6,a7,a9,36,d7,ed,8d,0f,aa,3d,..
"hdf12"=hex:b4,6f,76,6d,4f,cc,c0,ba,85,f8,40,25,00,1c,5a,0c,bd,1b,c0,ec,d4,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:6a,8f,7b,5d,96,08,72,c7,9f,f1,c4,c4,6d,12,5f,00,92,20,6d,cf,2b,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,2c,69,e5,d7,9d,cc,7f,df,0c,bd,01,42,f1,43,04,91,61,..
"hdf12"=hex:05,24,1a,68,e8,e0,f3,94,9d,bb,f4,d0,ad,e6,89,8b,8b,3d,4a,2f,67,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:07,74,69,59,2f,86,1f,2a,cc,c8,a8,0e,20,53,f4,af,82,a1,a6,54,42,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:6f,4b,37,60,72,fb,90,e3,10,02,af,c3,90,9b,85,b3,64,1e,be,29,d2,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Disabled:Wish Application"
"C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
"C:\\Program Files\\adslTV\\vlc.exe"="C:\\Program Files\\adslTV\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\VLC\\vlc.exe"="C:\\Program Files\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Documents and Settings\\pc\\Bureau\\A4Proxy\\A4Proxy.exe"="C:\\Documents and Settings\\pc\\Bureau\\A4Proxy\\A4Proxy.exe:*:Enabled:Anonymity 4 Proxy Application"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Pro Evolution Soccer 2009\\Pro Evolution Soccer 2009\\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\\PES 2009\\pes2009.exe"="C:\\Program Files\\Pro Evolution Soccer 2009\\Pro Evolution Soccer 2009\\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\\PES 2009\\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Disabled:maconfservice"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Wed 8 Oct 2008 24 ..SH. --- "C:\WINDOWS\S4A2C3A0F.tmp"
Mon 14 Apr 2008 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Sun 16 Mar 2008 216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Wed 24 Dec 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Wed 8 Oct 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"
Fri 26 Dec 2008 3,543 ...HR --- "C:\Documents and Settings\pc\Application Data\SecuROM\UserData\securom_v7_01.bak"

Finished!

serial75
 Posté le 31/12/2008 à 12:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

et celui de hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:52, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220183598109
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220198021609
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_4_0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 9101 bytes

philae
 Posté le 31/12/2008 à 15:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

je préfèrerais un rapport RSIT stp

serial75
 Posté le 31/12/2008 à 17:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

oups desolé et un rapport un !

Logfile of random's system information tool 1.05 (written by random/random)
Run by pc at 2008-12-31 17:08:01
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 58 GB (25%) free of 238 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:08:08, on 31/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220183598109
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220198021609
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_4_0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 8945 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1532298954-682003330-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1056498-D09A-41E4-864B-505EDD640D9E}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll [2008-12-18 2498056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll [2008-12-18 185944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll [2008-12-18 2498056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-02 13680640]
"nwiz"=nwiz.exe /install []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-14 136600]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-02 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2008-12-18 3114496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluestork BS-W-USB Utility.lnk]
C:\PROGRA~1\BLUEST~1\BS-W-USB\BS-W-USB.exe [2006-07-13 491520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
C:\PROGRA~1\Tor\Privoxy\privoxy.exe [2006-11-20 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pc^Menu Démarrer^Programmes^Démarrage^Enregistrement de .lnk]
I:\Support\EAregister.exe /remind /language=FRA /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\VLC\vlc.exe"="C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\pc\Bureau\A4Proxy\A4Proxy.exe"="C:\Documents and Settings\pc\Bureau\A4Proxy\A4Proxy.exe:*:Enabled:Anonymity 4 Proxy Application"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Pro Evolution Soccer 2009\Pro Evolution Soccer 2009\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe"="C:\Program Files\Pro Evolution Soccer 2009\Pro Evolution Soccer 2009\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Disabled:maconfservice"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-12-31 17:08:01 ----D---- C:\rsit
2008-12-30 22:35:53 ----D---- C:\WINDOWS\ERUNT
2008-12-30 22:27:23 ----D---- C:\SDFix
2008-12-30 22:26:36 ----A---- C:\Program Files\SDFix.exe
2008-12-30 16:14:47 ----D---- C:\Program Files\trend micro
2008-12-30 15:47:24 ----A---- C:\Program Files\RSIT.exe
2008-12-30 01:08:33 ----D---- C:\WINDOWS\CSC
2008-12-30 01:08:28 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-29 13:58:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-29 13:57:58 ----D---- C:\Program Files\Alwil Software
2008-12-26 12:59:14 ----D---- C:\Program Files\adslTV
2008-12-24 18:09:49 ----D---- C:\Program Files\PegasusApps
2008-12-24 17:44:51 ----A---- C:\WINDOWS\system32\devil.dll
2008-12-24 17:44:51 ----A---- C:\WINDOWS\system32\avisynth.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\x.264.exe
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\i420vfw.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2008-12-24 17:44:50 ----A---- C:\WINDOWS\MOTA113.exe
2008-12-24 17:44:49 ----D---- C:\Program Files\AviSynth 2.5
2008-12-24 17:44:49 ----A---- C:\WINDOWS\x2.64.exe
2008-12-24 17:44:49 ----A---- C:\WINDOWS\meta4.exe
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2008-12-24 17:44:18 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2008-12-24 17:43:56 ----D---- C:\Program Files\eRightSoft
2008-12-24 17:26:02 ----D---- C:\Documents and Settings\pc\Application Data\AVS4YOU
2008-12-24 17:25:53 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-12-24 17:25:16 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-12-24 17:25:12 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2008-12-24 16:56:47 ----D---- C:\Documents and Settings\pc\Application Data\Broad Intelligence
2008-12-24 16:33:49 ----D---- C:\Program Files\ConvertHelper
2008-12-24 16:23:23 ----D---- C:\Program Files\Audacity
2008-12-24 16:22:48 ----D---- C:\Documents and Settings\pc\Application Data\OpenCandy
2008-12-24 16:22:02 ----D---- C:\Program Files\MediaCoder
2008-12-24 13:36:22 ----D---- C:\Program Files\My Videos
2008-12-24 13:35:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apowersoft
2008-12-22 16:54:32 ----D---- C:\Documents and Settings\pc\Application Data\DAEMON Tools Pro
2008-12-22 16:53:17 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-12-22 16:52:16 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-12-22 16:51:53 ----D---- C:\Program Files\DAEMON Tools Pro
2008-12-22 12:34:57 ----D---- C:\data
2008-12-22 12:34:17 ----D---- C:\Program Files\finalbig040b
2008-12-21 13:16:56 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2008-12-19 16:09:59 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2008-12-19 14:15:11 ----D---- C:\Documents and Settings\pc\Application Data\Red Alert 3
2008-12-19 13:53:05 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-19 13:52:40 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-12-19 13:52:35 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-12-19 13:44:39 ----D---- C:\Program Files\Microsoft Games
2008-12-18 19:18:56 ----D---- C:\Program Files\SpeedBit Video Downloader
2008-12-18 19:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-18 16:41:04 ----A---- C:\WINDOWS\system32\GIF89.DLL
2008-12-18 16:41:03 ----A---- C:\WINDOWS\system32\WMAFile.dll
2008-12-18 16:41:03 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\SSubTmr6.dll
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-12-18 16:41:02 ----A---- C:\WINDOWS\system32\AudFile.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msxml4a.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-12-18 16:41:01 ----A---- C:\WINDOWS\system32\lame_enc.dll
2008-12-18 16:41:00 ----D---- C:\Program Files\Free Easy Burner
2008-12-18 14:41:23 ----D---- C:\Documents and Settings\pc\Application Data\Vidalia
2008-12-18 14:41:22 ----D---- C:\Program Files\Tor
2008-12-18 13:31:17 ----D---- C:\Documents and Settings\pc\Application Data\EmailNotifier
2008-12-18 13:31:17 ----D---- C:\Documents and Settings\All Users\Application Data\EmailNotifier
2008-12-18 13:01:24 ----A---- C:\WINDOWS\system32\SET23A.tmp
2008-12-18 12:56:25 ----A---- C:\WINDOWS\MegaManager.INI
2008-12-18 03:04:07 ----A---- C:\WINDOWS\wininit.ini
2008-12-17 22:59:18 ----D---- C:\Program Files\SpeedOptimizer
2008-12-17 22:52:44 ----D---- C:\Program Files\SpeedBit Video Accelerator
2008-12-17 22:45:06 ----D---- C:\Documents and Settings\pc\Application Data\Tor
2008-12-17 22:28:06 ----D---- C:\Program Files\Free IP Switcher
2008-12-17 21:10:34 ----D---- C:\Program Files\Xtremsplit
2008-12-17 21:09:33 ----D---- C:\Program Files\Virtual Dub
2008-12-17 21:08:50 ----D---- C:\Program Files\Hijackthis
2008-12-17 18:58:25 ----HD---- C:\WINDOWS\PIF
2008-12-17 14:36:39 ----D---- C:\Program Files\Virtua Tennis 3
2008-12-16 19:17:59 ----D---- C:\Program Files\joytokey_joytokey_v3.7.4_anglais_36656
2008-12-16 04:15:04 ----D---- C:\Documents and Settings\pc\Application Data\Ubisoft
2008-12-16 04:15:04 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-12-15 22:34:23 ----D---- C:\Program Files\King's Bounty The Legend
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\java.exe
2008-12-14 19:13:57 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-12 15:58:58 ----D---- C:\Program Files\DEvil Mac Cry 4
2008-12-12 14:24:06 ----D---- C:\Program Files\tmplus
2008-12-12 11:43:48 ----D---- C:\Program Files\Recuva
2008-12-12 02:52:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 02:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-12 02:50:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 02:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 02:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 01:30:39 ----D---- C:\Program Files\Pro Evolution Soccer 2009
2008-12-12 01:29:40 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-12 01:29:40 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-12 01:29:39 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-12 01:29:39 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-12 01:29:38 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-12 01:29:37 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-12 01:29:37 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-12 01:29:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-12 01:29:34 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-12 01:29:34 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-12 01:29:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-12 01:28:55 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-12 01:19:17 ----D---- C:\Program Files\NBA LIVE 08
2008-12-11 21:52:21 ----D---- C:\Program Files\7-Zip
2008-12-11 15:09:55 ----D---- C:\Program Files\Far_Cry_2-Razor1911
2008-12-11 13:09:20 ----A---- C:\WINDOWS\vncutil.exe
2008-12-11 13:09:15 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2008-12-11 13:09:15 ----A---- C:\WINDOWS\RtkAudioService.exe
2008-12-11 13:07:03 ----D---- C:\WINDOWS\NV15963024.TMP
2008-12-11 12:46:40 ----D---- C:\Program Files\EVEREST Home Edition
2008-12-11 11:07:44 ----D---- C:\Program Files\Hitman Blood Money Eidos
2008-12-11 01:18:13 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-10 17:01:39 ----D---- C:\Program Files\Assassins.Creed.Full-Rip.Skullptura
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-10 12:27:33 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-10 12:27:32 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-10 12:27:31 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-10 12:27:31 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-10 12:27:30 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-10 12:27:30 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-10 12:27:29 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-10 12:27:29 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-10 12:27:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-10 12:27:28 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-10 12:27:27 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-10 12:27:27 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-10 12:27:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-10 12:27:26 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-10 12:27:25 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-10 12:26:38 ----D---- C:\WINDOWS\Logs
2008-12-09 15:44:56 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-12-09 15:44:54 ----D---- C:\Documents and Settings\pc\Application Data\Azureus
2008-12-09 15:44:22 ----D---- C:\Program Files\Vuze
2008-12-08 18:58:22 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
2008-12-08 18:58:22 ----A---- C:\WINDOWS\system32\updatenf.dll
2008-12-08 18:58:22 ----A---- C:\WINDOWS\system32\api32.dll
2008-12-08 18:46:52 ----D---- C:\Documents and Settings\pc\Application Data\FrostWire
2008-12-08 18:46:23 ----D---- C:\Program Files\FrostWire
2008-12-05 11:40:28 ----D---- C:\Documents and Settings\pc\Application Data\Malwarebytes
2008-12-05 11:40:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-05 11:40:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-04 18:34:16 ----D---- C:\Program Files\Ootake pcengine
2008-12-03 20:05:23 ----D---- C:\Program Files\freedo_1_9_wip
2008-12-03 18:13:47 ----D---- C:\Program Files\kega_fusion_3.51_windows
2008-12-03 15:56:22 ----D---- C:\Program Files\nebula
2008-12-02 20:33:23 ----D---- C:\Program Files\MAME
2008-12-02 17:29:38 ----D---- C:\Program Files\zsnes_1.51_windows
2008-12-01 17:53:18 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-01 17:53:17 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-12-01 17:53:17 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-12-01 16:55:45 ----D---- C:\Program Files\CallOfDuty 5

======List of files/folders modified in the last 1 months======

2008-12-31 17:06:44 ----D---- C:\Program Files\Mozilla Firefox
2008-12-31 16:02:02 ----D---- C:\Program Files\Zoom Player
2008-12-31 16:01:11 ----D---- C:\Program Files\Zvids
2008-12-31 16:00:11 ----D---- C:\Program Files
2008-12-31 15:51:21 ----D---- C:\WINDOWS\Prefetch
2008-12-31 15:19:00 ----D---- C:\WINDOWS\Temp
2008-12-31 11:14:44 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-31 11:09:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-30 22:37:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-30 22:35:53 ----D---- C:\WINDOWS
2008-12-30 17:40:33 ----D---- C:\Documents and Settings\pc\Application Data\OpenOffice.org2
2008-12-30 01:01:26 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-29 13:58:16 ----D---- C:\WINDOWS\system32\drivers
2008-12-29 13:58:14 ----D---- C:\WINDOWS\system32
2008-12-29 13:55:44 ----A---- C:\WINDOWS\RtlRack.ini
2008-12-28 13:38:03 ----SD---- C:\WINDOWS\Tasks
2008-12-26 12:59:16 ----D---- C:\Documents and Settings\pc\Application Data\vlc
2008-12-24 17:25:16 ----D---- C:\Program Files\Fichiers communs
2008-12-23 18:27:25 ----D---- C:\WINDOWS\system32\DirectX
2008-12-23 18:26:29 ----HD---- C:\WINDOWS\inf
2008-12-23 11:00:54 ----D---- C:\WINDOWS\pss
2008-12-23 11:00:54 ----ASH---- C:\boot.ini
2008-12-23 11:00:54 ----A---- C:\WINDOWS\win.ini
2008-12-23 11:00:54 ----A---- C:\WINDOWS\system.ini
2008-12-22 14:07:01 ----D---- C:\Program Files\eMule
2008-12-21 17:29:48 ----SHD---- C:\WINDOWS\Installer
2008-12-19 18:00:45 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 16:10:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-19 15:33:17 ----D---- C:\Program Files\DivX
2008-12-19 15:31:00 ----D---- C:\Program Files\ClonyXXL_FR_v2015
2008-12-19 13:54:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-19 13:53:24 ----RSD---- C:\WINDOWS\assembly
2008-12-19 13:51:52 ----D---- C:\WINDOWS\WinSxS
2008-12-19 00:55:23 ----D---- C:\Program Files\Windows Live Safety Center
2008-12-18 19:17:51 ----D---- C:\Program Files\DAP
2008-12-18 19:08:52 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 22:41:26 ----D---- C:\Program Files\Woonoz
2008-12-17 22:41:26 ----D---- C:\Program Files\windows media player
2008-12-17 22:41:26 ----D---- C:\Program Files\Realtek
2008-12-17 22:41:16 ----D---- C:\Program Files\Internet Explorer
2008-12-17 22:41:15 ----D---- C:\Program Files\GameSpy Arcade
2008-12-17 22:41:11 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-17 22:41:07 ----D---- C:\Program Files\Cossacks - Back To War
2008-12-17 22:41:04 ----D---- C:\Program Files\ACE Mega CoDecS Pack
2008-12-17 11:19:58 ----D---- C:\Program Files\RegSeeker
2008-12-16 16:04:32 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-12-15 23:48:12 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-15 22:55:52 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-14 19:13:20 ----D---- C:\Program Files\Java
2008-12-13 10:06:02 ----D---- C:\WINDOWS\network diagnostic
2008-12-12 18:02:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 02:52:09 ----A---- C:\WINDOWS\imsins.BAK
2008-12-11 21:55:57 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-12-11 18:10:56 ----D---- C:\WINDOWS\Help
2008-12-11 18:10:54 ----D---- C:\WINDOWS\nview
2008-12-11 13:45:50 ----D---- C:\WINDOWS\system32\mui
2008-12-11 13:44:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-11 13:29:25 ----D---- C:\Program Files\Direct X
2008-12-11 13:27:18 ----D---- C:\Program Files\PCI_Install_5687_0725 (reseau)
2008-12-11 13:13:32 ----D---- C:\Program Files\AGEIA Technologies
2008-12-11 13:12:10 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-11 13:09:46 ----D---- C:\WINDOWS\system32\RTCOM
2008-12-11 13:07:59 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-11 11:31:55 ----D---- C:\Program Files\Max Payne
2008-12-11 01:18:24 ----D---- C:\WINDOWS\system32\spool
2008-12-10 12:27:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-02 23:11:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-02 10:13:16 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-21 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-21 25416]
R2 sbbotdi;sbbotdi; \??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-02 6209536]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-10-30 117120]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 ZD1211BU(BLUESTORK);Bluestork BS-W-USB Wifi 54g USB Module Driver(BLUESTORK); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-04-19 439808]
S3 arqaoz9y;arqaoz9y; C:\WINDOWS\system32\drivers\arqaoz9y.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-08-25 40840]
S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 P1110VID;Creative WebCam NX; C:\WINDOWS\system32\DRIVERS\P1110VID.sys [2003-05-14 90357]
S3 PsSdk31;PsSdk31; \??\C:\WINDOWS\system32\Drivers\pssdk31.drv []
S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.drv []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-14 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-02 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-19 66872]
R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-12-17 292472]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

-----------------EOF-----------------

philae
 Posté le 31/12/2008 à 18:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

* Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )

  • Double-clique sur ToolBar-SD afin de lancer l'installation
  • Double-clique dessus pour démarrer l'outil; choisis la langue.
  • Sous Vista, faire un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
  • Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
  • Patiente jusqu'à la fin de la recherche.
  • À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
  • Poste ce rapport, par copier/coller, dans ta prochaine réponse.
  • Le rapport se trouve également sous : C:\TB.txt

** Aide en images

et BON REVEILLON

serial75
 Posté le 02/01/2009 à 14:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Slt et bonnee annee 2009 !!!

Voici le rapport :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz )
BIOS : Default System BIOS
USER : pc ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090101-0] 4.8.1296 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:57 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 02/01/2009|14:12 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(pc) - {34274bf4-1d97-a289-e984-17e546307e4f} => adblock
(pc) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(pc) - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} => fireftp
(pc) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(pc) - {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} => chrome.manifest
(pc) - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} => greasemonkey


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.fr/"
"Search Bar"="http://www.google.fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.files-ftp.com/~unicorni/phpBB2/index.php"
"Default_Search_URL"="http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q="
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\pc\Application Data\Azureus\torrents\Age of Empires III Asian Dynasties V 1 0 4 WORKING 100 Crack mac Leopard_ST1999215.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Call of Duty 5 World at War Keygen.rar.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Crack_for_Kings_Bounty__Legend__1C__1_2.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Kings Bounty The Legend [PCDVD][English] crack keygen.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need_for_Speed_Undercover_Keygen_and_Crack_RELOADED.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need_for_Speed_Undercover_Keygen_Only_0x0008.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\RAZOR1911 [WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING.rar.torrent
C:\DOCUME~1\pc\Favoris\Games ¯ Flmsdown.Net Free Full Downloads - Warez Download - Rapidshare, Megaupload with Crack, Serial, Keygen, Xxx, Game, Movie.url
C:\DOCUME~1\pc\Mes documents\Azureus Downloads\C&C Red Alert 3 KeyGen - RELOADED.rar
C:\DOCUME~1\pc\Mes documents\Azureus Downloads\C&C Red Alert 3 KeyGen.exe
C:\DOCUME~1\pc\Recent\Age_of_Empires_Keygen-666787.lnk
C:\DOCUME~1\pc\Recent\Age_of_Empires_Keygen.lnk
C:\DOCUME~1\pc\Recent\Command.And.Conquer.Red.Alert.3.CRACK+SERIAL.lnk

1 - "C:\ToolBar SD\TB_1.txt" - 02/01/2009|14:13 - Option : [1]

-----------\\ Fin du rapport a 14:13:29,48

philae
 Posté le 02/01/2009 à 17:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

tu devrais supprimer ceci :

C:\DOCUME~1\pc\Application Data\Azureus\torrents\Age of Empires III Asian Dynasties V 1 0 4 WORKING 100 Crack mac Leopard_ST1999215.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Call of Duty 5 World at War Keygen.rar.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Crack_for_Kings_Bounty__Legend__1C__1_2.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Kings Bounty The Legend [PCDVD][English] crack keygen.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need_for_Speed_Undercover_Keygen_and_Crack_RELOADED.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\Need_for_Speed_Undercover_Keygen_Only_0x0008.torrent
C:\DOCUME~1\pc\Application Data\Azureus\torrents\RAZOR1911 [WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING.rar.torrent
C:\DOCUME~1\pc\Favoris\Games ¯ Flmsdown.Net Free Full Downloads - Warez Download - Rapidshare, Megaupload with Crack, Serial, Keygen, Xxx, Game, Movie.url
C:\DOCUME~1\pc\Mes documents\Azureus Downloads\C&C Red Alert 3 KeyGen - RELOADED.rar
C:\DOCUME~1\pc\Mes documents\Azureus Downloads\C&C Red Alert 3 KeyGen.exe
C:\DOCUME~1\pc\Recent\Age_of_Empires_Keygen-666787.lnk
C:\DOCUME~1\pc\Recent\Age_of_Empires_Keygen.lnk
C:\DOCUME~1\pc\Recent\Command.And.Conquer.Red.Alert.3.CRACK+SERIAL.lnk

* lance hijackthis "do a system scan only" puis coche ces lignes

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

* toutes applications fermées, clique sur FIX CHECKED

* via ajout et suppression de programmes, supprime

DAP

et supprime le dossier

C:\PROGRAMES FILES\DAP

* démarrer------------exécuter--------tu tapes services.msc-----ok

recherche ce service

Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc.

* double clique dessus-----------arrêter

la prise en compte sera faite au prochain démarrage. Ce service est totalement inutile pour le bon fonctionnement de JAVA

et


* Télécharger OTMoveIt3 de (OldTimer)
* Enregistrer le fichier sur le Bureau.

* Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la citation ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

instructions:

:files

C:\WINDOWS\system32\drivers\arqaoz9y.sys
C:\WINDOWS\system32\updatenf.dll

:commands
[emptytemp]
[reboot]

* Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
* Vérifier (dans le menu Format) que "Retour automatique à ligne" n'est pas actif (pas coché).
* Enregistrer le fichier sous le nom OTfichiers.txt
* Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: xxxx pseudo xxx
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



* Lance OTMoveIt3 (de OldTimer)
* Faire un double clic sur OTMoveIt3.exe pour lancer l'outil.
* Ouvrir le fichier OTfichiers.txt dans le Bloc-notes.
* En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

* Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"

* Cliquer sur le bouton MoveIt!:

Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes


Résultats
Envoyer en réponse:
*- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[Lecteur représente la partition depuis laquelle OTMoveIt3 a été lancé, généralement C:]

* fait un scan en ligne ici

Bitdefender

poste le rapport ensuite



serial75
 Posté le 05/01/2009 à 19:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

slt philae

le rapport ot

Error: Unable to interpret <instructions:> in the current context!
========== FILES ==========
File/Folder C:\WINDOWS\system32\drivers\arqaoz9y.sys not found.
File/Folder C:\WINDOWS\system32\updatenf.dll not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_33J9IRtOSlddnfesQeMG scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_YJ53evvMLdIWMePngDCo scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_YJ53evvMLdIWMePngDCo-journal scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6d8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01052009_180052

Files moved on Reboot...
File C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_33J9IRtOSlddnfesQeMG not found!
File C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_YJ53evvMLdIWMePngDCo not found!
File C:\DOCUME~1\pc\LOCALS~1\Temp\etilqs_YJ53evvMLdIWMePngDCo-journal not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_6d8.dat not found!
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\OfflineCache\index.sqlite moved successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Mozilla\Firefox\Profiles\yfo4bv4d.default\urlclassifier3.sqlite moved successfully.

le rapport bit

BitDefender Online Scanner

Rapport d'analyse généré à: Mon, Jan 05, 2009 - 18:56:02

Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;

Statistiques

Temps

00:42:09

Fichiers

162462

Directoires

7820

Secteurs de boot

0

Archives

2543

Paquets programmes

16926

Résultats

Virus identifiés

2

Fichiers infectés

4

Fichiers suspects

0

Avertissements

0

Désinfectés

0

Fichiers effacés

4

Info sur les moteurs

Définition virus

2404957

Version des moteurs

AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins

17

Archive des plugins

45

Unpack des plugins

7

E-mail plugins

6

Système plugins

4

Paramètres d'analyse

Première action

Désinfecté

Seconde Action

Supprimé

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analysées

exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions

Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui

Fichier analysé

Statut

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP148\A0036817.exe

Infecté par: Trojan.Agent.11348

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP148\A0036817.exe

Supprimé

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP197\A0043494.dll

Infecté par: Trojan.Generic.1246005

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP197\A0043494.dll

Supprimé

C:\WINDOWS\$NtUninstallKB950762-v3$\data.bin

Infecté par: Trojan.Agent.11348

C:\WINDOWS\$NtUninstallKB950762-v3$\data.bin

Supprimé

C:\_OTMoveIt\MovedFiles\01052009_175942\WINDOWS\system32\updatenf.dll

Infecté par: Trojan.Generic.1246005

C:\_OTMoveIt\MovedFiles\01052009_175942\WINDOWS\system32\updatenf.dll

Supprimé

philae
 Posté le 05/01/2009 à 21:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

as tu encore des problèmes ?

serial75
 Posté le 06/01/2009 à 14:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

SLT

J ai refait une analyse avec bitdefender qui m a trouve cette infection :

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP202\A0046121.dll

Infecté par: Trojan.Generic.1246005

C:\System Volume Information\_restore{56F59E3E-9A57-4224-AA52-83B169018C8F}\RP202\A0046121.dll

Supprimé

philae
 Posté le 06/01/2009 à 17:33 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

cela correspond à ta restauration système, ce n'est pas important, de toutes façons il faudra la désactiver pour repartir sur un point de restauration sain.

As tu encore des problèmes particuliers ou non ?

serial75
 Posté le 06/01/2009 à 21:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bsr bah ecoute non je te remercie beaucoup pour ton aide en tout cas, tes explications sont claires et rapides merci encore pour tout.

philae
 Posté le 06/01/2009 à 22:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re

ok, parfait donc, tu peux supprimer ce que l'on a utilisé de cette manière

* Télécharge ToolsCleaner (de A.Rothstein et Dj Quiou).
* Clique sur Recherche et laisse le scan se terminer.
* Tu peux si tu le souhaites te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* supprime ce qu'il te détecte

tu pourras mettre ton sujet en RESOLU. merci

Bonne fin de soirée

serial75
 Posté le 07/01/2009 à 15:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

ok merci pour tout

Publicité
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
Clé USB 3.2 Lexar 128 Go Type A et Type C à 18,71 €
18,71 € 26,99 € -31% @Amazon
Casque HyperX Cloud Alpha (PC, Xbox One, Xbox Serie X/S, PS4, PS5, Switch) à 48,49 €
48,49 € 70 € -31% @Amazon
Kit de 16 Go (2 x 8 Go) de mémoire DDR4 Corsair Vengeance LPX 3200 MHz à 58,99 €
58,99 € 69,99 € -16% @Amazon
TV 43 pouces Toshiba UHD 4K QLED Android TV à 289 €
289 € 349 € -17% @Leclerc
Ecran PC 27 pouces Lenovo D27-30 (FHD, 5 ms, 75 Hz) à 119 €
119,00 € 179,99 € -34% @Amazon
Lego 21058 Architecture La Grande Pyramide de Gizeh à 88,86 € livrée
88,86 € 139,99 € -37% @Amazon Allemagne
Clé USB 3.2 Kingston DataTraveler Exodia DTX 128 Go à 11,99 €
11,99 € 18 € -33% @Amazon
Souris sans fil Logitech M220 (boutons silencieux) à 14,99 €
14,99 € 22 € -32% @Amazon
Chargeur rapide USB-C Anker Nano II 65W à 35,14 €
35,14 € 49,99 € -30% @Amazon
Souris sans fil Inphic (2.4 GHz USB, 6 boutons, 1600 dpi) à 12,91 €
12,91 € 15,99 € -19% @Amazon

Sujets relatifs
virus??
ANTI VIRUS NOKIA
Suspicion de virus
Virus !!!!!
virus???
Virus clé usb
Trojan ou virus semblable.
Virus ?
Suspiscion Virus - rapports ZHPdiag & FRST
virus plubicitaire
Plus de sujets relatifs à system32updatenf.dll est ce un virus ?
 > Tous les forums > Forum Sécurité