Encore un problème de compte
Pier-Luc0170
Messages postés
12
Statut
Membre
-
Pier-Luc0170 Messages postés 12 Statut Membre -
Pier-Luc0170 Messages postés 12 Statut Membre -
Bonjour,
J'ai un problème avec mon ordinateur.Dernièrement il a effacé un compte au complet et certain programme comme dans outil système il ne reste plus rien.Je ne peux pas défragmenter rien, etc.J'ai fait plusieurs scan mes aucun problème na été rencontré.Je ne suis plus capable de créer de nouveau aussi.Il a toujours un message d'erreur quand j'ouvre mon compte d'utilisateur.Qu'oi faire je ne c'est pas?? Pouvez-vous m'aider merci.... a+
J'ai un problème avec mon ordinateur.Dernièrement il a effacé un compte au complet et certain programme comme dans outil système il ne reste plus rien.Je ne peux pas défragmenter rien, etc.J'ai fait plusieurs scan mes aucun problème na été rencontré.Je ne suis plus capable de créer de nouveau aussi.Il a toujours un message d'erreur quand j'ouvre mon compte d'utilisateur.Qu'oi faire je ne c'est pas?? Pouvez-vous m'aider merci.... a+
A voir également:
- Encore un problème de compte
- Créer un compte google - Guide
- Créer un compte gmail - Guide
- Créer un compte instagram sur google - Guide
- Installer windows 10 sans compte microsoft - Guide
- Créer un compte twitter - Guide
13 réponses
si tu veux pas te caser la tête cest de sauvegarder des dossiers important ( support externe exemple cle USD) est de réinstaller le système cest draconien
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ah je voi, dans ce cas la je te conseil de faire un scan avec hijackthis et de coller le raport dans le forum virus/securitè,
fait ce qui est dit sur le post 1 sur ce lien http://www.commentcamarche.net/forum/affich 12727251 mon ordi est infecte#1
et puis ouvre un nouveu topic dans le forum virus/securitè et colle le raport
et puis ouvre un nouveu topic dans le forum virus/securitè et colle le raport
tu clic la ou est ecrit en bleu (Random's System Information Tool (RSIT) et tu va telecharger ce logiciel et tu sui les etape expliquer dans ce poste a la letre et a la fin de scan de ton pc tu va avoir 2 log, tu les copie et tu les colle dans ton nouveau topic
si ta bien coller le raport attand qui te repond tu peu meme remonter le sujet en ajouton un message
jai copier ce rapport que voici est-ce que c'est bien lui :
Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-06-12 22:45:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 97 GB (75%) free of 129 GB
Total RAM: 511 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:12, on 2009-06-12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\RSIT.exe
C:\Program Files\trend micro\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKLM\..\Policies\Explorer\Run: [Lsass Service] C:\Documents and Settings\Claudine\Application Data\Microsoft\Windows\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'Default user')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\User\Local Settings\Temp\{A4967967-57FA-4D82-BC4E-79F608700EA5}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activeworlds.com/products/ActiveWorldsDownload.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: c00EFC9F - c00EFC9F.mat (file missing)
O20 - Winlogon Notify: sys32 - sys32.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
End of file - 10930 bytes
======Scheduled tasks folder======
C:\windows\tasks\NSSstub.job
C:\windows\tasks\User_Feed_Synchronization-{A3B6C5CD-9121-4FB0-BA97-B21975683544}.job
C:\windows\tasks\User_Feed_Synchronization-{CB7B928E-3409-43E8-8344-2D93B4D44B54}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2005-06-20 77824]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Lsass Service"=C:\Documents and Settings\Claudine\Application Data\Microsoft\Windows\lsass.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-13 15360]
"Start WingMan Profiler"=C:\Program Files\Logitech\Profiler\lwemon.exe [2005-04-18 73728]
"Gestionnaire Antidote.exe"=C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe [2008-12-02 542136]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2009-05-27 1573104]
C:\Documents and Settings\User\Menu Démarrer\Programmes\Démarrage
RollerCoaster Tycoon 3 Registration.lnk - C:\Documents and Settings\User\Local Settings\Temp\{A4967967-57FA-4D82-BC4E-79F608700EA5}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\c00EFC9F]
c00EFC9F.mat []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sys32]
sys32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\VirtualDJ\virtualdj.exe"="C:\Program Files\VirtualDJ\virtualdj.exe:*:Enabled:VirtualDJ"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\utorrent.exe"="C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe"="C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX10.516\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX10.516\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.969\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.969\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.719\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.719\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\Ludovic\Local Settings\Application Data\Chat Republic Games\Superstar Racing\ChatRepublicPlayer.exe"="C:\Documents and Settings\Ludovic\Local Settings\Application Data\Chat Republic Games\Superstar Racing\ChatRepublicPlayer.exe:*:Enabled:Chat Republic Games Player"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\VirtualDJ\virtualdj_trial.exe"="C:\Program Files\VirtualDJ\virtualdj_trial.exe:*:Enabled:VirtualDJ"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fbc63c7-b231-11dd-8bb4-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe
======List of files/folders created in the last 1 months======
2009-06-12 22:45:54 ----D---- C:\Program Files\trend micro
2009-06-12 22:45:49 ----D---- C:\rsit
2009-06-11 20:07:37 ----HDC---- C:\windows\$NtUninstallKB961501$
2009-06-11 20:07:29 ----HDC---- C:\windows\$NtUninstallKB969898$
2009-06-11 20:04:01 ----HDC---- C:\windows\$NtUninstallKB970238$
2009-06-11 20:03:00 ----HDC---- C:\windows\$NtUninstallKB968537$
2009-06-06 13:16:48 ----D---- C:\Program Files\CCleaner
2009-06-06 13:13:22 ----D---- C:\Documents and Settings\User\Application Data\Malwarebytes
2009-06-06 13:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-06 13:13:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-06 13:06:42 ----D---- C:\Program Files\Avira
2009-06-06 13:06:42 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-03 19:36:24 ----D---- C:\Program Files\Druide
2009-06-03 18:03:32 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-06-03 17:03:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-06-03 17:03:25 ----HD---- C:\BJPrinter
2009-06-03 17:03:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-30 19:08:48 ----D---- C:\windows\system32\SeaPort
2009-05-26 19:06:25 ----D---- C:\Documents and Settings\User\Application Data\Druide
2009-05-26 19:06:02 ----A---- C:\windows\Antidote.ini
2009-05-19 16:01:56 ----D---- C:\windows\RegisteredPackages
2009-05-19 16:01:35 ----A---- C:\windows\system32\psisdecd.dll
2009-05-19 16:01:29 ----A---- C:\windows\system32\dxdllreg.exe
2009-05-15 09:31:07 ----A---- C:\windows\system32\lame_enc.dll
======List of files/folders modified in the last 1 months======
2009-06-12 22:45:54 ----D---- C:\Program Files
2009-06-12 22:23:34 ----D---- C:\WINDOWS
2009-06-12 22:14:17 ----D---- C:\windows\Temp
2009-06-12 22:14:08 ----D---- C:\Documents and Settings
2009-06-12 22:13:23 ----D---- C:\windows\system32\CatRoot2
2009-06-12 22:04:23 ----SD---- C:\windows\Tasks
2009-06-12 22:01:15 ----D---- C:\Documents and Settings\User\Application Data\FrostWire
2009-06-12 21:59:26 ----D---- C:\Program Files\Incomplete
2009-06-12 21:59:26 ----D---- C:\Program Files\FrostWire
2009-06-12 21:40:00 ----N---- C:\windows\SchedLgU.Txt
2009-06-12 21:33:11 ----D---- C:\windows\Prefetch
2009-06-12 18:44:55 ----D---- C:\Program Files\Mozilla Firefox
2009-06-11 20:15:36 ----D---- C:\windows\Debug
2009-06-11 20:14:50 ----D---- C:\windows\system32
2009-06-11 20:10:39 ----HD---- C:\windows\inf
2009-06-11 20:10:34 ----RSHDC---- C:\windows\system32\dllcache
2009-06-11 20:10:33 ----D---- C:\Program Files\Internet Explorer
2009-06-11 20:10:23 ----HD---- C:\windows\$hf_mig$
2009-06-11 20:10:17 ----SHD---- C:\windows\Installer
2009-06-11 20:10:04 ----A---- C:\windows\win.ini
2009-06-10 17:06:46 ----D---- C:\Program Files\VirtualDJ
2009-06-08 20:36:26 ----D---- C:\windows\system32\drivers
2009-06-07 21:52:50 ----D---- C:\Program Files\RomStation
2009-06-06 21:24:35 ----A---- C:\windows\NeroDigital.ini
2009-06-06 18:10:51 ----D---- C:\Documents and Settings\User\Application Data\uTorrent
2009-06-06 13:06:20 ----D---- C:\windows\WinSxS
2009-06-06 13:06:17 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-06-03 20:22:57 ----D---- C:\windows\system32\NtmsData
2009-06-03 17:24:48 ----D---- C:\temp
2009-06-01 12:51:12 ----A---- C:\windows\system32\MRT.exe
2009-05-30 19:23:26 ----SHD---- C:\RECYCLER
2009-05-28 19:05:43 ----D---- C:\Program Files\Logitech
2009-05-28 19:05:43 ----D---- C:\Program Files\Fichiers communs\logishrd
2009-05-23 16:36:37 ----D---- C:\Program Files\TeamViewer
2009-05-23 16:34:24 ----D---- C:\Program Files\SpacialAudio
2009-05-21 16:40:35 ----RSD---- C:\windows\Fonts
2009-05-19 16:42:27 ----D---- C:\Program Files\Fichiers communs
2009-05-19 16:42:06 ----DC---- C:\windows\system32\DRVSTORE
2009-05-19 16:02:11 ----RSD---- C:\windows\assembly
2009-05-19 16:02:11 ----D---- C:\windows\system32\DirectX
2009-05-19 15:56:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-17 13:37:09 ----D---- C:\Documents and Settings\User\Application Data\mIRC
2009-05-15 09:31:06 ----D---- C:\Program Files\Free Audio Pack
2009-05-13 01:04:17 ----A---- C:\windows\system32\wininet.dll
2009-05-13 01:04:17 ----A---- C:\windows\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;Pilote de processeur AMD HwPState; C:\windows\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; C:\windows\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\windows\system32\DRIVERS\HSF_DP.sys [2003-08-26 1041152]
R3 HSFHWBS2;HSFHWBS2; C:\windows\system32\DRIVERS\HSFHWBS2.sys [2003-08-26 207616]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\windows\system32\drivers\LVUSBSta.sys [2008-02-05 41752]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\windows\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\windows\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\windows\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 pepifilter;Volume Adapter; C:\windows\system32\DRIVERS\lv302af.sys [2008-02-05 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\windows\system32\DRIVERS\LV302V32.SYS [2008-02-05 2570520]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\windows\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\windows\system32\DRIVERS\HSF_CNXT.sys [2003-08-26 675840]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\windows\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\windows\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; C:\windows\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 LVRS;Logitech RightSound Filter Driver; C:\windows\system32\DRIVERS\lvrs.sys [2008-02-05 628760]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\windows\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys []
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\windows\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\windows\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-10-07 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-20 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2006-07-23 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-06-12 22:45:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 97 GB (75%) free of 129 GB
Total RAM: 511 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:12, on 2009-06-12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\RSIT.exe
C:\Program Files\trend micro\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKLM\..\Policies\Explorer\Run: [Lsass Service] C:\Documents and Settings\Claudine\Application Data\Microsoft\Windows\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'Default user')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\User\Local Settings\Temp\{A4967967-57FA-4D82-BC4E-79F608700EA5}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activeworlds.com/products/ActiveWorldsDownload.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: c00EFC9F - c00EFC9F.mat (file missing)
O20 - Winlogon Notify: sys32 - sys32.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
End of file - 10930 bytes
======Scheduled tasks folder======
C:\windows\tasks\NSSstub.job
C:\windows\tasks\User_Feed_Synchronization-{A3B6C5CD-9121-4FB0-BA97-B21975683544}.job
C:\windows\tasks\User_Feed_Synchronization-{CB7B928E-3409-43E8-8344-2D93B4D44B54}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2005-06-20 77824]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Lsass Service"=C:\Documents and Settings\Claudine\Application Data\Microsoft\Windows\lsass.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-13 15360]
"Start WingMan Profiler"=C:\Program Files\Logitech\Profiler\lwemon.exe [2005-04-18 73728]
"Gestionnaire Antidote.exe"=C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe [2008-12-02 542136]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2009-05-27 1573104]
C:\Documents and Settings\User\Menu Démarrer\Programmes\Démarrage
RollerCoaster Tycoon 3 Registration.lnk - C:\Documents and Settings\User\Local Settings\Temp\{A4967967-57FA-4D82-BC4E-79F608700EA5}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\c00EFC9F]
c00EFC9F.mat []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sys32]
sys32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\VirtualDJ\virtualdj.exe"="C:\Program Files\VirtualDJ\virtualdj.exe:*:Enabled:VirtualDJ"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\utorrent.exe"="C:\Documents and Settings\User\Bureau\Dossier de Pier-Luc Saucier\Programme\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe"="C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX10.516\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX10.516\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.969\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.969\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.719\crack\virtualdj_trial.exe"="C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.719\crack\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Documents and Settings\Ludovic\Local Settings\Application Data\Chat Republic Games\Superstar Racing\ChatRepublicPlayer.exe"="C:\Documents and Settings\Ludovic\Local Settings\Application Data\Chat Republic Games\Superstar Racing\ChatRepublicPlayer.exe:*:Enabled:Chat Republic Games Player"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\VirtualDJ\virtualdj_trial.exe"="C:\Program Files\VirtualDJ\virtualdj_trial.exe:*:Enabled:VirtualDJ"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fbc63c7-b231-11dd-8bb4-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe
======List of files/folders created in the last 1 months======
2009-06-12 22:45:54 ----D---- C:\Program Files\trend micro
2009-06-12 22:45:49 ----D---- C:\rsit
2009-06-11 20:07:37 ----HDC---- C:\windows\$NtUninstallKB961501$
2009-06-11 20:07:29 ----HDC---- C:\windows\$NtUninstallKB969898$
2009-06-11 20:04:01 ----HDC---- C:\windows\$NtUninstallKB970238$
2009-06-11 20:03:00 ----HDC---- C:\windows\$NtUninstallKB968537$
2009-06-06 13:16:48 ----D---- C:\Program Files\CCleaner
2009-06-06 13:13:22 ----D---- C:\Documents and Settings\User\Application Data\Malwarebytes
2009-06-06 13:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-06 13:13:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-06 13:06:42 ----D---- C:\Program Files\Avira
2009-06-06 13:06:42 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-03 19:36:24 ----D---- C:\Program Files\Druide
2009-06-03 18:03:32 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-06-03 17:03:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-06-03 17:03:25 ----HD---- C:\BJPrinter
2009-06-03 17:03:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-30 19:08:48 ----D---- C:\windows\system32\SeaPort
2009-05-26 19:06:25 ----D---- C:\Documents and Settings\User\Application Data\Druide
2009-05-26 19:06:02 ----A---- C:\windows\Antidote.ini
2009-05-19 16:01:56 ----D---- C:\windows\RegisteredPackages
2009-05-19 16:01:35 ----A---- C:\windows\system32\psisdecd.dll
2009-05-19 16:01:29 ----A---- C:\windows\system32\dxdllreg.exe
2009-05-15 09:31:07 ----A---- C:\windows\system32\lame_enc.dll
======List of files/folders modified in the last 1 months======
2009-06-12 22:45:54 ----D---- C:\Program Files
2009-06-12 22:23:34 ----D---- C:\WINDOWS
2009-06-12 22:14:17 ----D---- C:\windows\Temp
2009-06-12 22:14:08 ----D---- C:\Documents and Settings
2009-06-12 22:13:23 ----D---- C:\windows\system32\CatRoot2
2009-06-12 22:04:23 ----SD---- C:\windows\Tasks
2009-06-12 22:01:15 ----D---- C:\Documents and Settings\User\Application Data\FrostWire
2009-06-12 21:59:26 ----D---- C:\Program Files\Incomplete
2009-06-12 21:59:26 ----D---- C:\Program Files\FrostWire
2009-06-12 21:40:00 ----N---- C:\windows\SchedLgU.Txt
2009-06-12 21:33:11 ----D---- C:\windows\Prefetch
2009-06-12 18:44:55 ----D---- C:\Program Files\Mozilla Firefox
2009-06-11 20:15:36 ----D---- C:\windows\Debug
2009-06-11 20:14:50 ----D---- C:\windows\system32
2009-06-11 20:10:39 ----HD---- C:\windows\inf
2009-06-11 20:10:34 ----RSHDC---- C:\windows\system32\dllcache
2009-06-11 20:10:33 ----D---- C:\Program Files\Internet Explorer
2009-06-11 20:10:23 ----HD---- C:\windows\$hf_mig$
2009-06-11 20:10:17 ----SHD---- C:\windows\Installer
2009-06-11 20:10:04 ----A---- C:\windows\win.ini
2009-06-10 17:06:46 ----D---- C:\Program Files\VirtualDJ
2009-06-08 20:36:26 ----D---- C:\windows\system32\drivers
2009-06-07 21:52:50 ----D---- C:\Program Files\RomStation
2009-06-06 21:24:35 ----A---- C:\windows\NeroDigital.ini
2009-06-06 18:10:51 ----D---- C:\Documents and Settings\User\Application Data\uTorrent
2009-06-06 13:06:20 ----D---- C:\windows\WinSxS
2009-06-06 13:06:17 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-06-03 20:22:57 ----D---- C:\windows\system32\NtmsData
2009-06-03 17:24:48 ----D---- C:\temp
2009-06-01 12:51:12 ----A---- C:\windows\system32\MRT.exe
2009-05-30 19:23:26 ----SHD---- C:\RECYCLER
2009-05-28 19:05:43 ----D---- C:\Program Files\Logitech
2009-05-28 19:05:43 ----D---- C:\Program Files\Fichiers communs\logishrd
2009-05-23 16:36:37 ----D---- C:\Program Files\TeamViewer
2009-05-23 16:34:24 ----D---- C:\Program Files\SpacialAudio
2009-05-21 16:40:35 ----RSD---- C:\windows\Fonts
2009-05-19 16:42:27 ----D---- C:\Program Files\Fichiers communs
2009-05-19 16:42:06 ----DC---- C:\windows\system32\DRVSTORE
2009-05-19 16:02:11 ----RSD---- C:\windows\assembly
2009-05-19 16:02:11 ----D---- C:\windows\system32\DirectX
2009-05-19 15:56:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-17 13:37:09 ----D---- C:\Documents and Settings\User\Application Data\mIRC
2009-05-15 09:31:06 ----D---- C:\Program Files\Free Audio Pack
2009-05-13 01:04:17 ----A---- C:\windows\system32\wininet.dll
2009-05-13 01:04:17 ----A---- C:\windows\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;Pilote de processeur AMD HwPState; C:\windows\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; C:\windows\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\windows\system32\DRIVERS\HSF_DP.sys [2003-08-26 1041152]
R3 HSFHWBS2;HSFHWBS2; C:\windows\system32\DRIVERS\HSFHWBS2.sys [2003-08-26 207616]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\windows\system32\drivers\LVUSBSta.sys [2008-02-05 41752]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\windows\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\windows\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\windows\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 pepifilter;Volume Adapter; C:\windows\system32\DRIVERS\lv302af.sys [2008-02-05 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\windows\system32\DRIVERS\LV302V32.SYS [2008-02-05 2570520]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\windows\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\windows\system32\DRIVERS\HSF_CNXT.sys [2003-08-26 675840]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\windows\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\windows\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; C:\windows\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 LVRS;Logitech RightSound Filter Driver; C:\windows\system32\DRIVERS\lvrs.sys [2008-02-05 628760]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\windows\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys []
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\windows\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\windows\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-10-07 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-20 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2006-07-23 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
