Virus ou autre !
Navid_92
Messages postés
778
Statut
Membre
-
Navid_92 Messages postés 778 Statut Membre -
Navid_92 Messages postés 778 Statut Membre -
Bonjour,
Je vous explique mon Pc tourne mais lag des fois.
DEJA fait analyse MBAM, CCLEANER, AD-AWARE, CONBOFIX, SMITFRAUX, ToolBarSD
Pouvez vous m'indiquer si des lignes sont à fixer
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:26, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\TeamSpeak 3\TeamSpeak 3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Navid\Bureau\Navid.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Je vous explique mon Pc tourne mais lag des fois.
DEJA fait analyse MBAM, CCLEANER, AD-AWARE, CONBOFIX, SMITFRAUX, ToolBarSD
Pouvez vous m'indiquer si des lignes sont à fixer
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:26, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\TeamSpeak 3\TeamSpeak 3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Navid\Bureau\Navid.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
A voir également:
- Virus ou autre !
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
6 réponses
ComboFix 09-02-12.03 - Navid 2009-02-12 23:01:11.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.249 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navid\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Navid\Application Data\BITS
c:\documents and settings\Navid\Application Data\BITS\BITS.ini
c:\documents and settings\Navid\Application Data\BITS\DHTTable.dat
c:\documents and settings\Navid\Application Data\BITS\ProxyList.ini
c:\documents and settings\Navid\Application Data\BITS\UPnP.ini
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\windows\system32\AutoRun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-12 au 2009-02-12 ))))))))))))))))))))))))))))))))))))
.
2009-02-12 13:13 . 2009-02-12 13:13 <REP> d-------- C:\rsit
2009-02-12 07:17 . 2009-02-08 20:38 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-02-11 23:21 . 2009-02-11 23:21 <REP> d-------- c:\documents and settings\NetworkService\Bureau
2009-02-11 22:23 . 2009-02-12 22:56 <REP> d-------- C:\ToolBar SD
2009-02-11 17:28 . 2009-02-12 07:17 <REP> d-------- c:\windows\Patch Darluok
2009-02-10 21:32 . 2009-02-10 21:32 <REP> d-------- c:\program files\adslTV
2009-02-10 21:05 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-02-10 21:05 . 2007-05-31 19:30 266,088 --a------ c:\windows\system32\xactengine2_8.dll
2009-02-10 21:05 . 2007-05-31 19:29 18,280 --a------ c:\windows\system32\x3daudio1_2.dll
2009-02-10 21:01 . 2009-02-10 21:06 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2009-02-10 21:01 . 2009-02-10 21:06 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-02-10 21:01 . 2009-02-10 21:06 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 22,328 --a------ c:\documents and settings\Navid\Application Data\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 319 --a------ c:\windows\game.ini
2009-02-10 20:33 . 2009-02-10 20:33 <REP> d-------- c:\program files\Activision
2009-02-10 13:19 . 2009-02-10 13:19 <REP> d-------- c:\documents and settings\Navid\Application Data\Nvu
2009-02-10 13:16 . 2009-02-10 13:16 <REP> d-------- c:\program files\Nvu
2009-02-09 22:32 . 2009-02-09 22:32 <REP> d-------- c:\program files\Microsoft Works
2009-02-09 22:32 . 2000-10-26 22:48 392,192 -ra------ c:\windows\system32\ltkrn11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 285,184 -ra------ c:\windows\system32\lfcmp11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 262,656 -ra------ c:\windows\system32\ltdis11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 172,032 -ra------ c:\windows\system32\lfpng11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 127,488 -ra------ c:\windows\system32\ltimg11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 118,784 -ra------ c:\windows\system32\ltfil11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 59,392 -ra------ c:\windows\system32\lfwmf11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 36,864 -ra------ c:\windows\system32\lfbmp11n.dll
2009-02-09 22:26 . 2009-02-09 22:26 <REP> dr-h----- C:\MSOCache
2009-02-09 21:23 . 2009-02-09 21:23 <REP> d-------- c:\program files\WinHTTrack
2009-02-09 21:09 . 2009-02-09 21:09 <REP> d-------- C:\profiles
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- c:\temp\ext48948
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- C:\temp
2009-02-09 20:06 . 2009-02-10 00:25 <REP> d-------- c:\program files\Microsoft FrontPage Express
2009-02-09 20:06 . 2009-02-10 00:25 91 --a------ c:\windows\fpxpress.ini
2009-02-09 08:15 . 2009-02-09 08:15 <REP> d-------- c:\program files\VirginMega
2009-02-09 08:14 . 2009-02-09 08:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-06 23:43 . 2009-02-06 23:43 <REP> d-------- c:\documents and settings\Navid\Application Data\Media Player Classic
2009-02-06 23:29 . 2009-02-06 23:29 <REP> d-------- c:\program files\AviSynth 2.5
2009-02-06 23:28 . 2009-02-06 23:28 <REP> d-------- c:\program files\K-Lite Codec Pack
2009-02-06 23:28 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-02-06 23:28 . 2008-12-08 12:53 57,344 --a------ c:\windows\system32\ff_vfw.dll
2009-02-06 23:28 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-02-06 23:28 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-02-06 23:25 . 2009-02-06 23:25 <REP> d-------- c:\program files\eRightSoft
2009-02-04 20:53 . 2009-02-04 20:53 <REP> d-------- C:\HLServer
2009-02-03 23:41 . 2009-02-03 23:41 <REP> d-------- c:\program files\MSECache
2009-02-03 19:42 . 2009-02-03 19:43 <REP> d-------- c:\program files\mp3DirectCut
2009-02-03 18:28 . 2009-02-03 18:28 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-02-03 16:13 . 2009-02-12 12:59 <REP> d-------- c:\program files\MovieMaking by LANguille
2009-02-03 09:32 . 2009-02-03 09:32 <REP> d-------- c:\windows\system32\Futuremark
2009-02-03 09:23 . 2009-02-03 09:23 <REP> d-------- C:\865c6e4bf89fb0dd2888b01107c053
2009-02-03 09:22 . 2009-02-03 09:22 <REP> dr-h----- C:\AHCache
2009-02-02 23:33 . 2009-02-02 23:33 262,144 --a------ c:\windows\system32\wrap_oal.dll
2009-02-02 23:33 . 2009-02-02 23:33 86,016 --a------ c:\windows\system32\OpenAL32.dll
2009-02-02 23:22 . 2007-09-07 14:55 27,672 --a------ c:\windows\system32\drivers\Entech.sys
2009-02-02 23:22 . 2007-09-07 14:55 12,744 --a------ c:\windows\system32\drivers\Entech64.sys
2009-02-02 23:22 . 2007-09-07 14:55 6,173 --a------ c:\windows\system32\drivers\Entech.vxd
2009-02-02 23:22 . 2001-11-19 20:05 3,972 --a------ c:\windows\system32\drivers\PciBus.sys
2009-02-02 23:20 . 2009-02-02 23:20 <REP> d-------- c:\program files\Futuremark
2009-02-02 20:03 . 2009-02-03 12:58 <REP> d-------- c:\program files\ATITool
2009-02-02 01:19 . 2009-02-02 01:20 <REP> d-------- c:\documents and settings\Navid\Application Data\Microgaming
2009-02-02 01:18 . 2009-02-02 01:18 <REP> d-------- C:\Microgaming
2009-02-01 20:56 . 2009-02-03 13:43 <REP> d-------- c:\program files\compLexity Demo Player
2009-02-01 20:37 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d-------- c:\program files\Lavasoft
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-31 23:06 . 2009-02-03 09:21 <REP> d-------- c:\program files\Pvm
2009-01-31 20:59 . 2009-02-03 12:57 <REP> d-------- C:\Casino
2009-01-31 12:24 . 2009-02-03 09:09 <REP> d-------- c:\program files\Freeplayer
2009-01-31 12:06 . 2009-02-03 09:20 <REP> d-------- c:\program files\FpTest
2009-01-30 21:37 . 2009-01-30 21:37 <REP> d-------- c:\program files\Maïdo Production
2009-01-29 18:20 . 2009-02-03 09:20 <REP> d-------- c:\program files\WinHex
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\program files\ma-config.com
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2009-01-28 22:50 . 2009-01-28 22:50 <REP> d-------- c:\documents and settings\Navid\Application Data\Screaming Bee
2009-01-28 22:49 . 2009-02-03 09:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Screaming Bee
2009-01-26 20:17 . 2009-02-03 09:19 <REP> d-------- c:\program files\PhotoFiltre
2009-01-26 13:15 . 2009-02-03 09:13 <REP> d-------- c:\program files\Wakfu
2009-01-24 13:19 . 2009-02-03 09:14 <REP> d-------- c:\program files\No-IP
2009-01-24 13:02 . 2009-02-04 21:54 <REP> d-------- C:\HLDS
2009-01-24 13:00 . 2009-01-24 13:00 0 --a------ c:\documents and settings\Navid\hldsupdatetool.exe
2009-01-24 12:50 . 2009-02-03 09:18 <REP> d-------- C:\srcds
2009-01-23 23:55 . 2009-02-03 09:18 <REP> d-------- c:\documents and settings\Navid\Application Data\Logitech
2009-01-23 23:55 . 2008-09-26 09:52 10,384 --a------ c:\windows\system32\drivers\LBeepKE.sys
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-23 23:50 . 2008-11-07 16:37 301,656 --a------ c:\windows\system32\BtCoreIf.dll
2009-01-23 23:50 . 2008-11-07 16:38 170,512 --a------ c:\windows\system32\kemutb.dll
2009-01-23 23:50 . 2008-11-07 16:38 145,936 --a------ c:\windows\system32\KemUtil.dll
2009-01-23 23:50 . 2008-11-07 16:38 117,264 --a------ c:\windows\system32\KemWnd.dll
2009-01-23 23:50 . 2008-11-07 16:38 84,496 --a------ c:\windows\system32\KemXML.dll
2009-01-23 23:49 . 2009-02-03 09:17 <REP> d-------- c:\documents and settings\All Users\Application Data\Logitech
2009-01-22 21:26 . 2009-02-03 13:03 <REP> d-------- c:\program files\PowerStrip
2009-01-20 19:40 . 2009-01-20 19:40 1,946 --a------ C:\users.ini
2009-01-19 18:26 . 2009-01-19 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-18 22:10 . 2009-02-09 21:12 <REP> d-------- C:\Downloads
2009-01-16 20:39 . 2009-01-16 20:39 127,034 -r------- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-01-16 20:35 . 2009-02-03 09:17 <REP> d-------- c:\program files\Fichiers communs\Logishrd
2009-01-16 20:34 . 2009-01-16 20:38 <REP> d-------- c:\program files\Logitech
2009-01-16 20:34 . 2009-01-16 20:34 <REP> d-------- c:\documents and settings\All Users\Application Data\LogiShrd
2009-01-15 21:20 . 2006-06-27 14:24 31,744 --a------ c:\windows\system32\drivers\AmdTools.sys
2009-01-15 19:40 . 2009-01-15 19:40 <REP> d-------- c:\program files\Custom-Strike
2009-01-15 18:01 . 2009-02-12 22:47 <REP> d-------- c:\program files\Steam
2009-01-15 17:49 . 2009-01-15 17:49 <REP> d-------- c:\documents and settings\Navid\Application Data\Blender Foundation
2009-01-15 13:53 . 2009-02-03 09:18 <REP> d-------- c:\program files\FlashGet
2009-01-13 18:30 . 2009-01-13 18:30 37,440 --a------ c:\windows\system32\drivers\pssdklbf.drv
2009-01-13 18:30 . 2009-01-13 18:30 30,272 --a------ c:\windows\system32\drivers\pssdk31.drv
2009-01-13 17:00 . 2009-01-13 17:00 <REP> d-------- c:\documents and settings\Navid\Application Data\WNR
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 20:17 --------- d-----w c:\program files\eChanblard
2009-02-12 19:12 --------- d-----w c:\documents and settings\Navid\Application Data\HPAppData
2009-02-12 16:27 --------- d-----w c:\documents and settings\Navid\Application Data\mIRC
2009-02-12 16:26 --------- d-----w c:\program files\mIRC
2009-02-12 11:56 --------- d-----w c:\program files\Notepad++
2009-02-12 11:56 --------- d-----w c:\documents and settings\Navid\Application Data\Notepad++
2009-02-12 06:53 --------- d-----w c:\program files\CCleaner
2009-02-11 22:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-11 18:15 --------- d-----w c:\program files\Visio11
2009-02-11 18:11 --------- d-----w c:\program files\OFFICE11
2009-02-11 16:29 --------- d-----w c:\program files\World of Warcraft
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 20:00 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-10 18:57 --------- d-----w c:\documents and settings\Navid\Application Data\FileZilla
2009-02-10 16:42 --------- d-----w c:\documents and settings\Navid\Application Data\HLSW
2009-02-10 15:29 --------- d-----w c:\documents and settings\Navid\Application Data\teamspeak2
2009-02-10 00:08 --------- d-----w c:\program files\BitComet
2009-02-09 07:11 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-06 22:26 --------- d-----w c:\program files\DivX
2009-02-06 22:25 --------- d-----w c:\program files\MediaCoder
2009-02-05 19:25 --------- d-----w c:\program files\Dofus
2009-02-05 17:44 --------- d-----w c:\program files\Teamspeak2_RC2
2009-02-05 13:38 --------- d-----w c:\documents and settings\Navid\Application Data\dvdcss
2009-02-05 12:53 --------- d-----w c:\documents and settings\Navid\Application Data\Skype
2009-02-05 12:06 --------- d-----w c:\documents and settings\Navid\Application Data\skypePM
2009-02-03 15:59 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-03 12:02 --------- d-----w c:\program files\QuickMediaConverter
2009-02-03 11:58 --------- d-----w c:\program files\Stardock
2009-02-03 08:21 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-03 08:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-03 08:20 --------- d-----w c:\program files\HardwareDetection
2009-02-03 08:18 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-03 08:17 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-02-03 08:07 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-01-31 11:25 --------- d-----w c:\documents and settings\Navid\Application Data\vlc
2009-01-27 23:48 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-27 23:48 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-01-27 23:48 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-18 12:54 --------- d-s---w c:\program files\HLSW
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-11 21:40 --------- d-----w c:\documents and settings\Navid\Application Data\AVGTOOLBAR
2009-01-10 21:59 --------- d-----w c:\program files\Hewlett-Packard
2009-01-10 12:01 --------- d-----w c:\program files\FileZilla FTP Client
2009-01-09 11:46 --------- d-----w c:\program files\SlySoft
2009-01-07 17:38 --------- d-----w c:\program files\Half-Life Model Viewer
2009-01-06 19:43 --------- d-----w c:\program files\Sony
2009-01-06 19:42 --------- d-----w c:\documents and settings\Navid\Application Data\Hide IP NG
2009-01-06 19:41 --------- d-----w c:\program files\TheMOBIWeb
2009-01-06 19:41 --------- d-----w c:\program files\ElcomSoft
2009-01-06 19:41 --------- d-----w c:\program files\A4Proxy
2009-01-06 18:28 --------- d-----w c:\documents and settings\Navid\Application Data\Mumble
2009-01-06 18:27 --------- d-----w c:\documents and settings\Navid\Application Data\Ventrilo
2009-01-06 18:26 --------- d-----w c:\program files\Mumble
2009-01-06 18:25 --------- d-----w c:\program files\Ventrilo
2009-01-04 18:17 --------- d-----w c:\program files\THQ
2009-01-04 18:17 --------- d-----w c:\program files\Speed Gear 5
2009-01-04 18:17 --------- d-----w c:\program files\Space Taxi 2
2009-01-03 08:07 81,920 ----a-w c:\windows\system32\frapsvid.dll
2009-01-02 14:21 --------- d-----w c:\program files\AVG
2009-01-01 13:43 --------- d-----w c:\program files\Google
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\rkfree
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier
2008-12-30 10:29 1,037,824 ----a-w c:\windows\system32\dllcache\explorer.exe
2008-12-30 10:29 1,037,824 ----a-w c:\windows\explorer.exe
2008-12-29 23:31 --------- d-----w c:\program files\MessenPass
2008-12-28 16:43 --------- d-----w c:\documents and settings\Navid\Application Data\DeepBurner
2008-12-28 16:38 --------- d-----w c:\program files\Astonsoft
2008-12-28 11:31 --------- d-----w c:\program files\Alwil Software
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-17 18:41 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-17 18:36 --------- d-----w c:\documents and settings\Navid\Application Data\DivX
2008-12-16 18:42 --------- d-----w c:\program files\DLFreeTools
2008-12-14 20:19 --------- d-----w c:\program files\TSO
2008-12-14 20:19 --------- d-----w c:\program files\Trend Micro
2008-12-14 20:19 --------- d-----w c:\program files\Total Video Converter
2008-12-14 20:19 --------- d-----w c:\program files\TMPGEnc-2.524.63.181-Free
2008-12-14 20:19 --------- d-----w c:\program files\Sony Setup
2008-12-14 20:19 --------- d-----w c:\program files\Services en ligne
2008-12-14 20:19 --------- d-----w c:\program files\Red Kawa
2008-12-14 20:19 --------- d-----w c:\program files\RADVideo
2008-12-14 20:19 --------- d-----w c:\program files\Micro Application
2008-12-14 20:19 --------- d-----w c:\program files\deo
2008-12-14 20:19 --------- d-----w c:\program files\Combined Community Codec Pack
2008-12-14 20:17 --------- d-----w c:\program files\QuickTime
2008-12-14 20:17 --------- d-----w c:\program files\PowerQuest
2008-12-14 20:17 --------- d-----w c:\program files\Nuked-Klan
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-02 16:08 1,132,843 --sh--w c:\windows\Config\gimcac.bak1
2007-02-02 11:11 447,240 --sh--w c:\windows\Config\gimcac.bak2
2007-02-02 22:39 469,564 --sh--w c:\windows\Config\gimcac.ini2
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
2008-09-03 14:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2008-07-27 20:11 1606680 --a------ c:\program files\IsoBuster\tbIsoB.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"Google Update"="c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-25 133104]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-12-01 1406192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-02-08 509784]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Navid\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-11-17 385024]
Outil de notification Live Search.lnk - c:\documents and settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-02-03 143360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-18 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-23 809488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-28 00:48 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InstantTimeZone.lnk
backup=c:\windows\pss\InstantTimeZone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalStart.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PalStart.lnk
backup=c:\windows\pss\PalStart.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 10:45 63712 c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-12-01 16:33 1406192 c:\program files\CCleaner\CCleaner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps]
--a------ 2008-10-02 23:51 3309224 c:\fraps\fraps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-25 12:56 133104 c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 c:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 18:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-02-08 20:26 1410296 c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-27 13:12 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
--a------ 2007-03-23 16:13 1006080 c:\program files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 21:49 4662776 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Apple Mobile Device"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Steam\\SteamApps\\erfan_91\\counter-strike\\hl.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Gimp-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Mumble\\murmur.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\counter-strike\\cstrike_french\\hltv.exe"=
"c:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11875:TCP"= 11875:TCP:BitComet 11875 TCP
"11875:UDP"= 11875:UDP:BitComet 11875 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freebox
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Blizzard Downloader
"6999:TCP"= 6999:TCP:Blizzard Downloader
"1234:UDP"= 1234:UDP:freeplayer1
"8080:UDP"= 8080:UDP:freeplayer2
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-01 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 298264]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-23 10384]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2009-01-15 31744]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2006-06-28 892032]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-17 27904]
S3 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-10 14336]
S3 PortlUSB;PortlUSB;c:\windows\system32\drivers\YH-925.sys [2007-03-22 7552]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-01-13 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-01-13 37440]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [2006-10-07 408064]
S3 ZDBRGSYS;ZDBRGSYS NDIS Protocol Driver;c:\windows\system32\ZDBRGSYS.sys [2004-06-30 19200]
S4 Planificateur PC-BaX;Planificateur PC-BaX;c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE --> c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c68c10-7ef6-11db-9653-00155839c65c}]
\Shell\AutoRun\command - xfoolavp.com
\Shell\explore\Command - xfoolavp.com
\Shell\open\Command - xfoolavp.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63ccfb54-b640-11dc-98ed-00155839c65c}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7256fa15-d3da-11dc-9920-00155839c65c}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Contenu du dossier 'Tâches planifiées'
2009-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-08 20:37]
2009-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []
2009-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1798726482-2359549395-1807667182-1005.job
- c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-25 12:56]
2009-02-09 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
2009-02-12 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []
2009-02-12 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-FlashGet - c:\program files\FlashGet Network\FlashGet universal\flashget.exe
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\OFFICE11\EXCEL.EXE/3000
IE: Snip to my eSnips account - c:\program files\eSnips\res\SnipIt.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: localhost
TCP: {326DCACC-44CD-4EC8-B37C-9E1690ED69BB} = 212.27.40.240,212.27.40.241
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
FF - ProfilePath - c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 23:04:22
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"
[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0BA4FA4-ECE9-C0BB-C143-8F093903C067}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nahmacmfpjjdnkofbpbejigleccp"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,
61,61,64,69,6f,68,00,00
"mafmnkhfhhkbpnepjhdkcpgopj"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,61,
61,64,69,6f,68,00,f9
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-02-12 23:06:53
ComboFix-quarantined-files.txt 2009-02-12 22:06:50
Avant-CF: 26,253,332,480 octets libres
Après-CF: 26,224,275,456 octets libres
Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
522 --- E O F --- 2009-02-12 18:01:10
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.249 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navid\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Navid\Application Data\BITS
c:\documents and settings\Navid\Application Data\BITS\BITS.ini
c:\documents and settings\Navid\Application Data\BITS\DHTTable.dat
c:\documents and settings\Navid\Application Data\BITS\ProxyList.ini
c:\documents and settings\Navid\Application Data\BITS\UPnP.ini
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\windows\system32\AutoRun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-12 au 2009-02-12 ))))))))))))))))))))))))))))))))))))
.
2009-02-12 13:13 . 2009-02-12 13:13 <REP> d-------- C:\rsit
2009-02-12 07:17 . 2009-02-08 20:38 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-02-11 23:21 . 2009-02-11 23:21 <REP> d-------- c:\documents and settings\NetworkService\Bureau
2009-02-11 22:23 . 2009-02-12 22:56 <REP> d-------- C:\ToolBar SD
2009-02-11 17:28 . 2009-02-12 07:17 <REP> d-------- c:\windows\Patch Darluok
2009-02-10 21:32 . 2009-02-10 21:32 <REP> d-------- c:\program files\adslTV
2009-02-10 21:05 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-02-10 21:05 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-02-10 21:05 . 2007-05-31 19:30 266,088 --a------ c:\windows\system32\xactengine2_8.dll
2009-02-10 21:05 . 2007-05-31 19:29 18,280 --a------ c:\windows\system32\x3daudio1_2.dll
2009-02-10 21:01 . 2009-02-10 21:06 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2009-02-10 21:01 . 2009-02-10 21:06 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-02-10 21:01 . 2009-02-10 21:06 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 22,328 --a------ c:\documents and settings\Navid\Application Data\PnkBstrK.sys
2009-02-10 21:01 . 2009-02-10 21:01 319 --a------ c:\windows\game.ini
2009-02-10 20:33 . 2009-02-10 20:33 <REP> d-------- c:\program files\Activision
2009-02-10 13:19 . 2009-02-10 13:19 <REP> d-------- c:\documents and settings\Navid\Application Data\Nvu
2009-02-10 13:16 . 2009-02-10 13:16 <REP> d-------- c:\program files\Nvu
2009-02-09 22:32 . 2009-02-09 22:32 <REP> d-------- c:\program files\Microsoft Works
2009-02-09 22:32 . 2000-10-26 22:48 392,192 -ra------ c:\windows\system32\ltkrn11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 285,184 -ra------ c:\windows\system32\lfcmp11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 262,656 -ra------ c:\windows\system32\ltdis11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 172,032 -ra------ c:\windows\system32\lfpng11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 127,488 -ra------ c:\windows\system32\ltimg11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 118,784 -ra------ c:\windows\system32\ltfil11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 59,392 -ra------ c:\windows\system32\lfwmf11n.dll
2009-02-09 22:32 . 2000-10-26 22:48 36,864 -ra------ c:\windows\system32\lfbmp11n.dll
2009-02-09 22:26 . 2009-02-09 22:26 <REP> dr-h----- C:\MSOCache
2009-02-09 21:23 . 2009-02-09 21:23 <REP> d-------- c:\program files\WinHTTrack
2009-02-09 21:09 . 2009-02-09 21:09 <REP> d-------- C:\profiles
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- c:\temp\ext48948
2009-02-09 20:06 . 2009-02-09 20:06 <REP> d-------- C:\temp
2009-02-09 20:06 . 2009-02-10 00:25 <REP> d-------- c:\program files\Microsoft FrontPage Express
2009-02-09 20:06 . 2009-02-10 00:25 91 --a------ c:\windows\fpxpress.ini
2009-02-09 08:15 . 2009-02-09 08:15 <REP> d-------- c:\program files\VirginMega
2009-02-09 08:14 . 2009-02-09 08:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-06 23:43 . 2009-02-06 23:43 <REP> d-------- c:\documents and settings\Navid\Application Data\Media Player Classic
2009-02-06 23:29 . 2009-02-06 23:29 <REP> d-------- c:\program files\AviSynth 2.5
2009-02-06 23:28 . 2009-02-06 23:28 <REP> d-------- c:\program files\K-Lite Codec Pack
2009-02-06 23:28 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-02-06 23:28 . 2008-12-08 12:53 57,344 --a------ c:\windows\system32\ff_vfw.dll
2009-02-06 23:28 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-02-06 23:28 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-02-06 23:25 . 2009-02-06 23:25 <REP> d-------- c:\program files\eRightSoft
2009-02-04 20:53 . 2009-02-04 20:53 <REP> d-------- C:\HLServer
2009-02-03 23:41 . 2009-02-03 23:41 <REP> d-------- c:\program files\MSECache
2009-02-03 19:42 . 2009-02-03 19:43 <REP> d-------- c:\program files\mp3DirectCut
2009-02-03 18:28 . 2009-02-03 18:28 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-02-03 16:13 . 2009-02-12 12:59 <REP> d-------- c:\program files\MovieMaking by LANguille
2009-02-03 09:32 . 2009-02-03 09:32 <REP> d-------- c:\windows\system32\Futuremark
2009-02-03 09:23 . 2009-02-03 09:23 <REP> d-------- C:\865c6e4bf89fb0dd2888b01107c053
2009-02-03 09:22 . 2009-02-03 09:22 <REP> dr-h----- C:\AHCache
2009-02-02 23:33 . 2009-02-02 23:33 262,144 --a------ c:\windows\system32\wrap_oal.dll
2009-02-02 23:33 . 2009-02-02 23:33 86,016 --a------ c:\windows\system32\OpenAL32.dll
2009-02-02 23:22 . 2007-09-07 14:55 27,672 --a------ c:\windows\system32\drivers\Entech.sys
2009-02-02 23:22 . 2007-09-07 14:55 12,744 --a------ c:\windows\system32\drivers\Entech64.sys
2009-02-02 23:22 . 2007-09-07 14:55 6,173 --a------ c:\windows\system32\drivers\Entech.vxd
2009-02-02 23:22 . 2001-11-19 20:05 3,972 --a------ c:\windows\system32\drivers\PciBus.sys
2009-02-02 23:20 . 2009-02-02 23:20 <REP> d-------- c:\program files\Futuremark
2009-02-02 20:03 . 2009-02-03 12:58 <REP> d-------- c:\program files\ATITool
2009-02-02 01:19 . 2009-02-02 01:20 <REP> d-------- c:\documents and settings\Navid\Application Data\Microgaming
2009-02-02 01:18 . 2009-02-02 01:18 <REP> d-------- C:\Microgaming
2009-02-01 20:56 . 2009-02-03 13:43 <REP> d-------- c:\program files\compLexity Demo Player
2009-02-01 20:37 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d-------- c:\program files\Lavasoft
2009-02-01 20:33 . 2009-02-03 09:22 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-31 23:06 . 2009-02-03 09:21 <REP> d-------- c:\program files\Pvm
2009-01-31 20:59 . 2009-02-03 12:57 <REP> d-------- C:\Casino
2009-01-31 12:24 . 2009-02-03 09:09 <REP> d-------- c:\program files\Freeplayer
2009-01-31 12:06 . 2009-02-03 09:20 <REP> d-------- c:\program files\FpTest
2009-01-30 21:37 . 2009-01-30 21:37 <REP> d-------- c:\program files\Maïdo Production
2009-01-29 18:20 . 2009-02-03 09:20 <REP> d-------- c:\program files\WinHex
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\program files\ma-config.com
2009-01-29 14:03 . 2009-02-03 12:59 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2009-01-28 22:50 . 2009-01-28 22:50 <REP> d-------- c:\documents and settings\Navid\Application Data\Screaming Bee
2009-01-28 22:49 . 2009-02-03 09:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Screaming Bee
2009-01-26 20:17 . 2009-02-03 09:19 <REP> d-------- c:\program files\PhotoFiltre
2009-01-26 13:15 . 2009-02-03 09:13 <REP> d-------- c:\program files\Wakfu
2009-01-24 13:19 . 2009-02-03 09:14 <REP> d-------- c:\program files\No-IP
2009-01-24 13:02 . 2009-02-04 21:54 <REP> d-------- C:\HLDS
2009-01-24 13:00 . 2009-01-24 13:00 0 --a------ c:\documents and settings\Navid\hldsupdatetool.exe
2009-01-24 12:50 . 2009-02-03 09:18 <REP> d-------- C:\srcds
2009-01-23 23:55 . 2009-02-03 09:18 <REP> d-------- c:\documents and settings\Navid\Application Data\Logitech
2009-01-23 23:55 . 2008-09-26 09:52 10,384 --a------ c:\windows\system32\drivers\LBeepKE.sys
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-23 23:54 . 2009-01-23 23:54 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-23 23:50 . 2008-11-07 16:37 301,656 --a------ c:\windows\system32\BtCoreIf.dll
2009-01-23 23:50 . 2008-11-07 16:38 170,512 --a------ c:\windows\system32\kemutb.dll
2009-01-23 23:50 . 2008-11-07 16:38 145,936 --a------ c:\windows\system32\KemUtil.dll
2009-01-23 23:50 . 2008-11-07 16:38 117,264 --a------ c:\windows\system32\KemWnd.dll
2009-01-23 23:50 . 2008-11-07 16:38 84,496 --a------ c:\windows\system32\KemXML.dll
2009-01-23 23:49 . 2009-02-03 09:17 <REP> d-------- c:\documents and settings\All Users\Application Data\Logitech
2009-01-22 21:26 . 2009-02-03 13:03 <REP> d-------- c:\program files\PowerStrip
2009-01-20 19:40 . 2009-01-20 19:40 1,946 --a------ C:\users.ini
2009-01-19 18:26 . 2009-01-19 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-18 22:10 . 2009-02-09 21:12 <REP> d-------- C:\Downloads
2009-01-16 20:39 . 2009-01-16 20:39 127,034 -r------- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-16 20:37 . 2009-01-16 20:37 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-01-16 20:35 . 2009-02-03 09:17 <REP> d-------- c:\program files\Fichiers communs\Logishrd
2009-01-16 20:34 . 2009-01-16 20:38 <REP> d-------- c:\program files\Logitech
2009-01-16 20:34 . 2009-01-16 20:34 <REP> d-------- c:\documents and settings\All Users\Application Data\LogiShrd
2009-01-15 21:20 . 2006-06-27 14:24 31,744 --a------ c:\windows\system32\drivers\AmdTools.sys
2009-01-15 19:40 . 2009-01-15 19:40 <REP> d-------- c:\program files\Custom-Strike
2009-01-15 18:01 . 2009-02-12 22:47 <REP> d-------- c:\program files\Steam
2009-01-15 17:49 . 2009-01-15 17:49 <REP> d-------- c:\documents and settings\Navid\Application Data\Blender Foundation
2009-01-15 13:53 . 2009-02-03 09:18 <REP> d-------- c:\program files\FlashGet
2009-01-13 18:30 . 2009-01-13 18:30 37,440 --a------ c:\windows\system32\drivers\pssdklbf.drv
2009-01-13 18:30 . 2009-01-13 18:30 30,272 --a------ c:\windows\system32\drivers\pssdk31.drv
2009-01-13 17:00 . 2009-01-13 17:00 <REP> d-------- c:\documents and settings\Navid\Application Data\WNR
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 20:17 --------- d-----w c:\program files\eChanblard
2009-02-12 19:12 --------- d-----w c:\documents and settings\Navid\Application Data\HPAppData
2009-02-12 16:27 --------- d-----w c:\documents and settings\Navid\Application Data\mIRC
2009-02-12 16:26 --------- d-----w c:\program files\mIRC
2009-02-12 11:56 --------- d-----w c:\program files\Notepad++
2009-02-12 11:56 --------- d-----w c:\documents and settings\Navid\Application Data\Notepad++
2009-02-12 06:53 --------- d-----w c:\program files\CCleaner
2009-02-11 22:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-11 18:15 --------- d-----w c:\program files\Visio11
2009-02-11 18:11 --------- d-----w c:\program files\OFFICE11
2009-02-11 16:29 --------- d-----w c:\program files\World of Warcraft
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 20:00 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-10 18:57 --------- d-----w c:\documents and settings\Navid\Application Data\FileZilla
2009-02-10 16:42 --------- d-----w c:\documents and settings\Navid\Application Data\HLSW
2009-02-10 15:29 --------- d-----w c:\documents and settings\Navid\Application Data\teamspeak2
2009-02-10 00:08 --------- d-----w c:\program files\BitComet
2009-02-09 07:11 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-06 22:26 --------- d-----w c:\program files\DivX
2009-02-06 22:25 --------- d-----w c:\program files\MediaCoder
2009-02-05 19:25 --------- d-----w c:\program files\Dofus
2009-02-05 17:44 --------- d-----w c:\program files\Teamspeak2_RC2
2009-02-05 13:38 --------- d-----w c:\documents and settings\Navid\Application Data\dvdcss
2009-02-05 12:53 --------- d-----w c:\documents and settings\Navid\Application Data\Skype
2009-02-05 12:06 --------- d-----w c:\documents and settings\Navid\Application Data\skypePM
2009-02-03 15:59 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-03 12:02 --------- d-----w c:\program files\QuickMediaConverter
2009-02-03 11:58 --------- d-----w c:\program files\Stardock
2009-02-03 08:21 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-03 08:21 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-03 08:20 --------- d-----w c:\program files\HardwareDetection
2009-02-03 08:18 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-03 08:17 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-02-03 08:07 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-01-31 11:25 --------- d-----w c:\documents and settings\Navid\Application Data\vlc
2009-01-27 23:48 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-27 23:48 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-01-27 23:48 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-18 12:54 --------- d-s---w c:\program files\HLSW
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-11 21:40 --------- d-----w c:\documents and settings\Navid\Application Data\AVGTOOLBAR
2009-01-10 21:59 --------- d-----w c:\program files\Hewlett-Packard
2009-01-10 12:01 --------- d-----w c:\program files\FileZilla FTP Client
2009-01-09 11:46 --------- d-----w c:\program files\SlySoft
2009-01-07 17:38 --------- d-----w c:\program files\Half-Life Model Viewer
2009-01-06 19:43 --------- d-----w c:\program files\Sony
2009-01-06 19:42 --------- d-----w c:\documents and settings\Navid\Application Data\Hide IP NG
2009-01-06 19:41 --------- d-----w c:\program files\TheMOBIWeb
2009-01-06 19:41 --------- d-----w c:\program files\ElcomSoft
2009-01-06 19:41 --------- d-----w c:\program files\A4Proxy
2009-01-06 18:28 --------- d-----w c:\documents and settings\Navid\Application Data\Mumble
2009-01-06 18:27 --------- d-----w c:\documents and settings\Navid\Application Data\Ventrilo
2009-01-06 18:26 --------- d-----w c:\program files\Mumble
2009-01-06 18:25 --------- d-----w c:\program files\Ventrilo
2009-01-04 18:17 --------- d-----w c:\program files\THQ
2009-01-04 18:17 --------- d-----w c:\program files\Speed Gear 5
2009-01-04 18:17 --------- d-----w c:\program files\Space Taxi 2
2009-01-03 08:07 81,920 ----a-w c:\windows\system32\frapsvid.dll
2009-01-02 14:21 --------- d-----w c:\program files\AVG
2009-01-01 13:43 --------- d-----w c:\program files\Google
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\rkfree
2008-12-31 11:43 --------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier
2008-12-30 10:29 1,037,824 ----a-w c:\windows\system32\dllcache\explorer.exe
2008-12-30 10:29 1,037,824 ----a-w c:\windows\explorer.exe
2008-12-29 23:31 --------- d-----w c:\program files\MessenPass
2008-12-28 16:43 --------- d-----w c:\documents and settings\Navid\Application Data\DeepBurner
2008-12-28 16:38 --------- d-----w c:\program files\Astonsoft
2008-12-28 11:31 --------- d-----w c:\program files\Alwil Software
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-17 18:41 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-17 18:36 --------- d-----w c:\documents and settings\Navid\Application Data\DivX
2008-12-16 18:42 --------- d-----w c:\program files\DLFreeTools
2008-12-14 20:19 --------- d-----w c:\program files\TSO
2008-12-14 20:19 --------- d-----w c:\program files\Trend Micro
2008-12-14 20:19 --------- d-----w c:\program files\Total Video Converter
2008-12-14 20:19 --------- d-----w c:\program files\TMPGEnc-2.524.63.181-Free
2008-12-14 20:19 --------- d-----w c:\program files\Sony Setup
2008-12-14 20:19 --------- d-----w c:\program files\Services en ligne
2008-12-14 20:19 --------- d-----w c:\program files\Red Kawa
2008-12-14 20:19 --------- d-----w c:\program files\RADVideo
2008-12-14 20:19 --------- d-----w c:\program files\Micro Application
2008-12-14 20:19 --------- d-----w c:\program files\deo
2008-12-14 20:19 --------- d-----w c:\program files\Combined Community Codec Pack
2008-12-14 20:17 --------- d-----w c:\program files\QuickTime
2008-12-14 20:17 --------- d-----w c:\program files\PowerQuest
2008-12-14 20:17 --------- d-----w c:\program files\Nuked-Klan
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-02 16:08 1,132,843 --sh--w c:\windows\Config\gimcac.bak1
2007-02-02 11:11 447,240 --sh--w c:\windows\Config\gimcac.bak2
2007-02-02 22:39 469,564 --sh--w c:\windows\Config\gimcac.ini2
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-03-16 12:30 216,064 --sh--r c:\windows\system32\nbDX.dll
2008-09-03 14:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2008-07-27 20:11 1606680 --a------ c:\program files\IsoBuster\tbIsoB.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"Google Update"="c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-25 133104]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-12-01 1406192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-02-08 509784]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Navid\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-11-17 385024]
Outil de notification Live Search.lnk - c:\documents and settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-02-03 143360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-18 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-23 809488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-28 00:48 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InstantTimeZone.lnk
backup=c:\windows\pss\InstantTimeZone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalStart.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PalStart.lnk
backup=c:\windows\pss\PalStart.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-16 10:45 63712 c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a------ 2008-12-01 16:33 1406192 c:\program files\CCleaner\CCleaner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fraps]
--a------ 2008-10-02 23:51 3309224 c:\fraps\fraps.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-25 12:56 133104 c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 c:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 18:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-02-08 20:26 1410296 c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-27 13:12 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
--a------ 2007-03-23 16:13 1006080 c:\program files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 21:49 4662776 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"Apple Mobile Device"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Steam\\SteamApps\\erfan_91\\counter-strike\\hl.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Gimp-2.0\\lib\\gimp\\2.0\\plug-ins\\script-fu.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Mumble\\murmur.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hltv.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\erfan_91\\counter-strike\\cstrike_french\\hltv.exe"=
"c:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11875:TCP"= 11875:TCP:BitComet 11875 TCP
"11875:UDP"= 11875:UDP:BitComet 11875 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freebox
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"6881:TCP"= 6881:TCP:Blizzard Downloader
"6999:TCP"= 6999:TCP:Blizzard Downloader
"1234:UDP"= 1234:UDP:freeplayer1
"8080:UDP"= 8080:UDP:freeplayer2
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-01 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 298264]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-23 10384]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2009-01-15 31744]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2006-06-28 892032]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-17 27904]
S3 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-10 14336]
S3 PortlUSB;PortlUSB;c:\windows\system32\drivers\YH-925.sys [2007-03-22 7552]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-01-13 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-01-13 37440]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [2006-10-07 408064]
S3 ZDBRGSYS;ZDBRGSYS NDIS Protocol Driver;c:\windows\system32\ZDBRGSYS.sys [2004-06-30 19200]
S4 Planificateur PC-BaX;Planificateur PC-BaX;c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE --> c:\program files\Cristie\PC-BaX 4.30.1\_BSSVC.EXE [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c68c10-7ef6-11db-9653-00155839c65c}]
\Shell\AutoRun\command - xfoolavp.com
\Shell\explore\Command - xfoolavp.com
\Shell\open\Command - xfoolavp.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63ccfb54-b640-11dc-98ed-00155839c65c}]
\Shell\AutoRun\command - start.exe
\Shell\iledefrance\command - start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7256fa15-d3da-11dc-9920-00155839c65c}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Contenu du dossier 'Tâches planifiées'
2009-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-08 20:37]
2009-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []
2009-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1798726482-2359549395-1807667182-1005.job
- c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-25 12:56]
2009-02-09 c:\windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Navid.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
2009-02-12 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
2008-12-17 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []
2009-02-12 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-FlashGet - c:\program files\FlashGet Network\FlashGet universal\flashget.exe
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\OFFICE11\EXCEL.EXE/3000
IE: Snip to my eSnips account - c:\program files\eSnips\res\SnipIt.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: localhost
TCP: {326DCACC-44CD-4EC8-B37C-9E1690ED69BB} = 212.27.40.240,212.27.40.241
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
FF - ProfilePath - c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Navid\Application Data\Mozilla\Firefox\Profiles\vzc00xjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\Navid\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 23:04:22
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"
[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1798726482-2359549395-1807667182-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C0BA4FA4-ECE9-C0BB-C143-8F093903C067}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nahmacmfpjjdnkofbpbejigleccp"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,
61,61,64,69,6f,68,00,00
"mafmnkhfhhkbpnepjhdkcpgopj"=hex:6a,61,69,62,6b,70,70,65,66,67,70,67,68,68,61,
61,64,69,6f,68,00,f9
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-02-12 23:06:53
ComboFix-quarantined-files.txt 2009-02-12 22:06:50
Avant-CF: 26,253,332,480 octets libres
Après-CF: 26,224,275,456 octets libres
Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
522 --- E O F --- 2009-02-12 18:01:10
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1750
Windows 5.1.2600 Service Pack 3
12/02/2009 12:47:11
mbam-log-2009-02-12 (12-47-11).txt
Type de recherche: Examen complet
Eléments examinés: 568084
Temps écoulé: 8 heures(s), 7 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Version de la base de données: 1750
Windows 5.1.2600 Service Pack 3
12/02/2009 12:47:11
mbam-log-2009-02-12 (12-47-11).txt
Type de recherche: Examen complet
Eléments examinés: 568084
Temps écoulé: 8 heures(s), 7 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Logfile of random's system information tool 1.05 (written by random/random)
Run by Navid at 2009-02-12 13:13:31
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (20%) free of 116 GB
Total RAM: 1022 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:41, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\Navid\Bureau\RSIT.exe
C:\Documents and Settings\Navid\Bureau\Navid.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Run by Navid at 2009-02-12 13:13:31
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (20%) free of 116 GB
Total RAM: 1022 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:41, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\Navid\Bureau\RSIT.exe
C:\Documents and Settings\Navid\Bureau\Navid.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Navid\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Navid\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://studioladefense.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{326DCACC-44CD-4EC8-B37C-9E1690ED69BB}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Navid ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:24 Go)
D:\ (Local Disk) - FAT32 - Total:114 Go (Free:60 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 12/02/2009|22:54 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Navid) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 11/02/2009|22:25 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 12/02/2009|22:56 - Option : [1]
-----------\\ Fin du rapport a 22:56:12,15
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Navid ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:24 Go)
D:\ (Local Disk) - FAT32 - Total:114 Go (Free:60 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 12/02/2009|22:54 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Navid) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 11/02/2009|22:25 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 12/02/2009|22:56 - Option : [1]
-----------\\ Fin du rapport a 22:56:12,15
