Bonjour, J' ai de sérieux problèmes dont je n' arrive pas à me débarrasser: Un scan en ligne m' a permis de découvrir pas moins de 746 menaces sur mon pc: spywares, virus, rootkits,trojan ,la totale!...Impossible de m' en débarrasser à moins de payer 50 euros pour un nouvel antivirus en ligne... La menace est pourtant réelle: -impossible de mettre mon antivirus d' origine à jour, leurs services ne répondent pas selon un message d' erreur. Je les ai contacté par mail, j' attends... -Windows Update m' envoie le message d' erreur suivant: "WindowsUpdate_80244019" "WindowsUpdate_dt000". Impossible de savoir à quoi cela correspond:" le lien semble corrompu",quand je cherche sur le net -Mon compte MySpace est piraté, d' après mes tous mes navigateurs web... -Internet Explorer m' envoie des pubs à intervalles réguliers, sans que je l' ai ouvert. J' en oublie surement...Comment faire sans tout formater/réinstaller? Toute aide sera vivement appréciée.

je te donne du boulot pour ce soir lol , je repasse te voir demain :) Rassure toi on a passé le stade du formatage, y'en aura pas :) par contre y'a encore du boulot pour virer tout ca, on va utiliser plusieurs logiciels, ne sois pas surpris : suis bien tout ca et dans l'ordre : 1 Télécharge SmitfraudFix (de S!Ri) : Enregistre-le sur le Bureau clic droit en tant qu'administrateur sur SmitfraudFix.exe et choisis l'option 5 puis Entrée Un rapport sera généré, poste-le dans ta prochaine réponse stp. Tutoriel illustré 2 Relance le programme Smitfraud, Cette fois choisit l’option 1, répond oui a tous ; Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum 3 Télécharge Toolbar-S&D (Team IDN) sur ton Bureau. * Lance l'installation du programme en exécutant le fichier téléchargé. sous vista : clic doit en tant qu'administrateur *maintenant sur le raccourci de Toolbar-S&D. * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée. * Tape sur "2" puis valide en appuyant sur "Entrée". ! Ne ferme pas la fenêtre lors de la suppression ! Un rapport sera généré, poste son contenu ici. NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches. Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..." Tape explorer puis valide. Ce qu'il faut savoir sur les toolbars (barres d'outils) 4 * Telecharge et installe UsbFix de C_XX , Chiquitine29 & Chimay8 http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe * Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir * Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur" . * Choisi l'option 1 ( Recherche ) * Laisse travailler l'outil. * Ensuite post le rapport UsbFix.txt qui apparaîtra. * Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt ) ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) * Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. euhhh je te donnerai la suite apres tout ca, lol^^ bonne soiree enfin bon courage ps, quand tu dis tu navigues peu , en terme de comportement a risque, j'entendais aussi par la le p2p^^

Ultra Surinfecté !!!

Réponse 21 / 69

Utilisateur anonyme

ok

ca explique pourquoi Drweb n'a rien trouvé sur tes 700.. infections, c'est bidon, fais combofix s'il te plait comme je t'ai dis au dessus et poste le rapport, si je ne reponds pas ce soir, je reviens demain mais je ne t'oublies pas donc merci de rester jusqu'au bout toi aussi :)

Réponse 22 / 69

gorgutz Messages postés 260 Statut Membre 12

Voilà, j' espère que t' es encore là?

ComboFix 09-06-20.02 - PERSO 20/06/2009 22:22.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3582.2560 [GMT 2:00]
Lancé depuis: c:\users\PERSO\Desktop\C-Fix.exe
AV: Antivirus BitDefender *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Pare-feu BitDefender *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender AntiSpam *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\IEToolbar
c:\program files\runit
c:\windows\calvi3568.exe
c:\windows\cvmq56434.exe
c:\windows\ffeg7057.exe
c:\windows\hfqcn57815.exe
c:\windows\jtfr68026.exe
c:\windows\lmln1271.exe
c:\windows\polus5121.exe
c:\windows\pxwis3245.exe
c:\windows\uaax7573.exe
c:\program files\IEToolbar\Bullseye Tool Bar\basis.xml
c:\program files\IEToolbar\Bullseye Tool Bar\date2.html
c:\program files\IEToolbar\Bullseye Tool Bar\icons.bmp
c:\program files\IEToolbar\Bullseye Tool Bar\info.txt
c:\program files\IEToolbar\Bullseye Tool Bar\lw.crc
c:\program files\IEToolbar\Bullseye Tool Bar\lw.dll
c:\program files\IEToolbar\Bullseye Tool Bar\lwpopper.html
c:\program files\IEToolbar\Bullseye Tool Bar\popper3.html
c:\program files\IEToolbar\Bullseye Tool Bar\popup1.html
c:\program files\IEToolbar\Bullseye Tool Bar\popup2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbhelper.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\basis.xml
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\date2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\icons.bmp
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\info.txt
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.crc
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lwpopper.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popper3.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popup1.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popup2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\tbhelper.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\uninstall.exe
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\version.txt
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\your_logo.png
c:\program files\IEToolbar\Bullseye Tool Bar\uninstall.exe
c:\program files\IEToolbar\Bullseye Tool Bar\version.txt
c:\program files\IEToolbar\Bullseye Tool Bar\your_logo.png
c:\program files\runit\config.txt
c:\program files\runit\runit_32.exe
c:\program files\runit\runitu_32.exe
c:\windows\10252z9rm512.cpl
c:\windows\109v592z5.bin
c:\windows\11548not-a-viz9s5b.dll
c:\windows\116559rojz80.dll
c:\windows\11952trz92de.bin
c:\windows\11964w5rm15z.ocx
c:\windows\11z63sp57e89.exe
c:\windows\11zfvi922395.bin
c:\windows\1223295rm1zd.ocx
c:\windows\12566hacktozl980.bin
c:\windows\126zbackd59r2157.ocx
c:\windows\12845worz3659.ocx
c:\windows\12909hack5ool2z8.ocx
c:\windows\12992tr5z1f6.bin
c:\windows\13858not-9-vizus1c2.dll
c:\windows\1409zhi5f3272.bin
c:\windows\14273spz5bot9cf.cpl
c:\windows\14675haczt5ol193.ocx
c:\windows\1486395y3z2.ocx
c:\windows\15294sp5661z.dll
c:\windows\1547zhacktoo593c.dll
c:\windows\154et9reat17089z.ocx
c:\windows\15520zpy2459.exe
c:\windows\155709o5-z-virus790.dll
c:\windows\15578spambzt949.dll
c:\windows\1559downloader59z2.bin
c:\windows\157815otz9-virus6cf.cpl
c:\windows\15z205py2dd9.cpl
c:\windows\15z65tr9jc9.exe
c:\windows\15zcthrea915549.cpl
c:\windows\16198not-a-vi5us68dz.dll
c:\windows\16279notza-vir59db.dll
c:\windows\1667v5r2779z.exe
c:\windows\166975ot9a-vzrus33a.ocx
c:\windows\166z495rm221.cpl
c:\windows\1692s5eaz399.cpl
c:\windows\16998not-azvirus375.bin
c:\windows\16aet5i9z3043.cpl
c:\windows\17332spa5bot499z.cpl
c:\windows\1782ha5ktooz96f.exe
c:\windows\17z64sp5691.bin
c:\windows\18115zo9-a-vir5s71e.ocx
c:\windows\18457hackt9zl789.cpl
c:\windows\18459sp95z1.bin
c:\windows\18530v9rus52z.cpl
c:\windows\1869ztro55f3.cpl
c:\windows\18935pa9zot4fc.ocx
c:\windows\18z91w5rm756.cpl
c:\windows\19019worz7b65.exe
c:\windows\193385pye9z.bin
c:\windows\19453zirus4a5.dll
c:\windows\19530tzoj505.cpl
c:\windows\195h9ck5zol361.bin
c:\windows\195z5hackt5ol336.ocx
c:\windows\195z85irus169.exe
c:\windows\19971hac5tool1z8.dll
c:\windows\199zvir855.cpl
c:\windows\19z15virus25b.cpl
c:\windows\1a415pzr9e103.ocx
c:\windows\1b54downloade91227z.bin
c:\windows\1d96thie590z.ocx
c:\windows\1dbdz9ywa5e2924.ocx
c:\windows\1e5downloadzr6049.ocx
c:\windows\1f49szarse3562.dll
c:\windows\1f8z9pa5se2018.cpl
c:\windows\1z099wor51b0.dll
c:\windows\1z485iru9673.ocx
c:\windows\1z5dvir22699.ocx
c:\windows\1z699spambot51f.dll
c:\windows\1za5vir9410.dll
c:\windows\2089hacktool15z.ocx
c:\windows\20955spy95z5.dll
c:\windows\2099ddw5re2195z.cpl
c:\windows\21432n5t-a9virus3z.dll
c:\windows\21955hacktzol15b9.cpl
c:\windows\21afzownlo95er894.cpl
c:\windows\22535not-a-zirus2339.ocx
c:\windows\22879not-a-vz5us4b3.cpl
c:\windows\22964not-a-v5zus708.bin
c:\windows\23451sz5339.dll
c:\windows\23902not5a-virus4cz.dll
c:\windows\23959szy4db5.bin
c:\windows\25444hacztoo9124.dll
c:\windows\254839irus1z4.cpl
c:\windows\254dad5zare1190.ocx
c:\windows\25529troj58az.cpl
c:\windows\25765zoj29a.dll
c:\windows\259z59roj7f.exe
c:\windows\25bc5ir16z69.exe
c:\windows\261z3wo9m251.ocx
c:\windows\2650stz9l230.dll
c:\windows\26950s5azbot9f2.cpl
c:\windows\2713z59cktool602.dll
c:\windows\27368h95ktool1z2.exe
c:\windows\275499azktool5b0.bin
c:\windows\27578h5ck9ooz7b5.dll
c:\windows\27902hacktool775z.bin
c:\windows\27z45w9r51e1.bin
c:\windows\2860559ambotz30.dll
c:\windows\287zs9y1b5.cpl
c:\windows\28999virusz95.cpl
c:\windows\2899virus507z.cpl
c:\windows\28b89hie52058z.ocx
c:\windows\293z0troj589.bin
c:\windows\2958t9oj5z0.exe
c:\windows\2974s5ambz9273.dll
c:\windows\29785not-azvirus58a.bin
c:\windows\29795zpy49b5.ocx
c:\windows\29c1downloade54z9.ocx
c:\windows\2aa9zackdoor995.exe
c:\windows\2b98szyware953.bin
c:\windows\2cc4t9ie517z1.exe
c:\windows\2d35ackd9orz022.cpl
c:\windows\2f31thre5z17549.dll
c:\windows\2fz9sparse1755.exe
c:\windows\2z22stea91957.bin
c:\windows\2z659not-a-v5rus5e9.dll
c:\windows\2z754troj9f2.bin
c:\windows\2ze4s5eal9296.cpl
c:\windows\3018995y2z5.exe
c:\windows\305z7troj659.ocx
c:\windows\31064spamb5z499.dll
c:\windows\310f5parse13z9.ocx
c:\windows\319a95zware2582.bin
c:\windows\31z46spambo945.cpl
c:\windows\320945iru9zca.bin
c:\windows\32440zot-a9virus5c65.bin
c:\windows\32519nzt-a-virus5b1.cpl
c:\windows\3255virz1349.bin
c:\windows\32769worm25z.ocx
c:\windows\3488hackz5o93a2.cpl
c:\windows\3594sparse596z.exe
c:\windows\3815not-a-9izus47b5.cpl
c:\windows\38bc5tea915z3.dll
c:\windows\39103not-a-vi5usz9f.bin
c:\windows\3925spyware5z6.dll
c:\windows\39435ir544z.bin
c:\windows\394bdo9nloa5ez770.cpl
c:\windows\3995s9arze462.cpl
c:\windows\3a75threat965z4.bin
c:\windows\3a9downloader511z.bin
c:\windows\3b15sparze21659.exe
c:\windows\3b9a5hreat295z8.dll
c:\windows\3f29sp5zar93173.bin
c:\windows\3z54v9ru55f5.ocx
c:\windows\3z578w9rm5d5.cpl
c:\windows\3zbed5w9loader1911.cpl
c:\windows\40d5z5dw9re286.ocx
c:\windows\4159v9r83z.bin
c:\windows\4178zt5al3964.dll
c:\windows\4275not-5-v9rus2z8.dll
c:\windows\42caspywa5e9z19.exe
c:\windows\43ffthre9t5z93.ocx
c:\windows\448ca95warez663.bin
c:\windows\455steaz9230.cpl
c:\windows\455zthreat99384.cpl
c:\windows\45edth5ez9994.dll
c:\windows\45fz5dw9re1293.ocx
c:\windows\4629szywa5e1695.exe
c:\windows\4813thre9z5409.ocx
c:\windows\49a1s5arse1493z.bin
c:\windows\49e8a95ware14z.exe
c:\windows\4a91ba5kdzor2386.ocx
c:\windows\4b22t5zef9657.dll
c:\windows\4ed5zownl9ader2813.bin
c:\windows\4ef25p9ware15z5.dll
c:\windows\4z58b5ckdoor1940.dll
c:\windows\4z59sparse2829.bin
c:\windows\4zd85py9are1155.dll
c:\windows\50252haz9tool527.ocx
c:\windows\5059addware1z10.cpl
c:\windows\51092zpambot389.cpl
c:\windows\51396zot-a-virus1a79.exe
c:\windows\515ez9eal851.ocx
c:\windows\5212s5arze2590.dll
c:\windows\5262s9ywarz3243.cpl
c:\windows\535zs95al2574.dll
c:\windows\53979spz1a9.dll
c:\windows\539zthrea522515.bin
c:\windows\53b9bazkdoor2285.bin
c:\windows\53bcbzck5oor2193.bin
c:\windows\543dbaczd95r1386.exe
c:\windows\5485tr5j1zf9.dll
c:\windows\5556threa95839z.bin
c:\windows\55628zorm59b.bin
c:\windows\5594stzal812.cpl
c:\windows\55z9sparse2933.exe
c:\windows\5625t9rzat1919.ocx
c:\windows\566bbackdoor97z3.exe
c:\windows\56caszyware259.dll
c:\windows\56e9viz1494.exe
c:\windows\570z9spy22d9.cpl
c:\windows\577b9teal2655z.ocx
c:\windows\579e5iz515.exe
c:\windows\57z6spam5ot259.ocx
c:\windows\59011not-a-vizus59c.ocx
c:\windows\590z5ddwa9e3118.exe
c:\windows\5926zddw5re286.exe
c:\windows\593z8worm44c.exe
c:\windows\5941nzt-5-virus64.dll
c:\windows\59679z5m65c.dll
c:\windows\59699acktool47bz.cpl
c:\windows\5988not-a5virus9zc.dll
c:\windows\59910h9zktool61a.ocx
c:\windows\59b99zief17585.bin
c:\windows\59e4stea54z59.bin
c:\windows\5a97zir9532.cpl
c:\windows\5b7z9ackdoor27795.ocx
c:\windows\5c22dow5loade91286z.cpl
c:\windows\5c42tzreat29925.ocx
c:\windows\5d0aazdware2293.exe
c:\windows\5d6espzware10609.bin
c:\windows\5d945aczdoor2718.exe
c:\windows\5e94spyzare942.cpl
c:\windows\5f3zspyware16599.bin
c:\windows\5f48thiz5994.bin
c:\windows\5f99v5rz45.exe
c:\windows\5fc1s9zrs51457.exe
c:\windows\5z128t9oj12c.bin
c:\windows\5z876troj593.bin
c:\windows\6059sparse398z.cpl
c:\windows\6091threa519062z.cpl
c:\windows\6129d5wnloader2z96.dll
c:\windows\615spyzare589.dll
c:\windows\6230tzief159.bin
c:\windows\63zbspyw9re29475.bin
c:\windows\6456w5zm494.ocx
c:\windows\6491thi5z1713.cpl
c:\windows\64d9do5nlozder903.dll
c:\windows\6555spazbo9567.bin
c:\windows\6563worm997z.bin
c:\windows\659dspywzre510.cpl
c:\windows\65c2spa9sez6665.ocx
c:\windows\65ebbazkdoor2999.dll
c:\windows\66d75pyw9re116z.exe
c:\windows\66zathreat29156.dll
c:\windows\6912stzal453.ocx
c:\windows\6995ste9l717z.bin
c:\windows\69ec5ownlozder2889.cpl
c:\windows\6a3edo5nloadez2919.cpl
c:\windows\6a94back5oor28z2.bin
c:\windows\6a94spa5ze1623.exe
c:\windows\6bb9i5z571.exe
c:\windows\6cf9ste5l63z9.bin
c:\windows\6d09a9dwzre925.ocx
c:\windows\6dbbzhief17975.exe
c:\windows\6edfdownload5r9z89.ocx
c:\windows\6z92spy5375.bin
c:\windows\6zc85ownloader2159.cpl
c:\windows\6ze69ackdoo53159.cpl
c:\windows\6zf19ddwa5e1654.bin
c:\windows\7389no9-z-virus5b2.dll
c:\windows\739dthr5at2z620.cpl
c:\windows\73cbs9ezl1285.dll
c:\windows\73d85o9nloadez2145.cpl
c:\windows\75189py185z.bin
c:\windows\7582nzt-a-5irus295.exe
c:\windows\7590zhief3078.bin
c:\windows\759bsparse94z6.ocx
c:\windows\75c0b9czdoor2596.bin
c:\windows\76bfadzware27959.bin
c:\windows\7757sp94z5.cpl
c:\windows\77f1sparse51z29.dll
c:\windows\782edownlo9der11z35.bin
c:\windows\7876bzc9d5or2350.exe
c:\windows\790edzwnload5r2955.ocx
c:\windows\7979bac5doorz845.dll
c:\windows\79db59eal982z.ocx
c:\windows\79e9stealz95.ocx
c:\windows\79f1spyware1z57.exe
c:\windows\7ac8steal59z5.dll
c:\windows\7az1thre5t2960.bin
c:\windows\7c5zspar9e1392.dll
c:\windows\7ccfsp5waz9735.dll
c:\windows\7d25ste9l99z.dll
c:\windows\7d689ownload5rz022.exe
c:\windows\7e79thi9f2z945.dll
c:\windows\7f54spywarz595.cpl
c:\windows\7f8czddwa9e5137.ocx
c:\windows\7z52vir32599.dll
c:\windows\8055zirus2509.exe
c:\windows\8186s9zm5ot518.ocx
c:\windows\8233s5ambo93z6.bin
c:\windows\83z85py49c.dll
c:\windows\8509hacktoolz45.exe
c:\windows\8591hackt59z2ee.cpl
c:\windows\86125rojzf09.exe
c:\windows\8890viru5z649.ocx
c:\windows\898zhac5tool968.exe
c:\windows\90059zcktoo5e4.dll
c:\windows\9018spy70z5.cpl
c:\windows\907635py52z.ocx
c:\windows\913not-5-vzrus755.exe
c:\windows\91zbsparse1855.bin
c:\windows\9255zpamb9t31b5.bin
c:\windows\9256zpa9bot362.dll
c:\windows\935665zy591.bin
c:\windows\93ddoznlo5der2210.bin
c:\windows\94078worm50z.exe
c:\windows\9449nz9-a-vi5us724.ocx
c:\windows\94881wozm25c5.bin
c:\windows\955ezteal634.exe
c:\windows\95618trojc8z.dll
c:\windows\962375orz296.ocx
c:\windows\962z1spy3a65.bin
c:\windows\9753spy5z6.ocx
c:\windows\97763viru541z.dll
c:\windows\97777virzs5b5.bin
c:\windows\9830z5t-a-v9rus26a.ocx
c:\windows\986135pz395.exe
c:\windows\98fabackz5or33.exe
c:\windows\98z5download5r2436.dll
c:\windows\99591szambot5a0.dll
c:\windows\9979ziru54db.bin
c:\windows\99bezhreat13520.cpl
c:\windows\9a3zthreat286995.cpl
c:\windows\9az3spyw5re2740.exe
c:\windows\9c4ddow5loader4z8.cpl
c:\windows\9f5th5efz868.bin
c:\windows\9z215spambot53e.ocx
c:\windows\9z30tr5j6b.dll
c:\windows\9z7eth5eat21586.dll
c:\windows\a05vz9268.bin
c:\windows\a2dzh9eat208545.ocx
c:\windows\a79downlzad5r388.exe
c:\windows\adb5pars9304z.ocx
c:\windows\b22z5r2951.bin
c:\windows\bf69h5eat2632z.cpl
c:\windows\c85thr95t18030z.cpl
c:\windows\cd09tzal23775.dll
c:\windows\eabthrzat97295.ocx
c:\windows\f76add5a9z622.ocx
c:\windows\fc9spa5s913z6.cpl
c:\windows\system32\10529wz5m97b.dll
c:\windows\system32\1095zpyware1069.ocx
c:\windows\system32\1099zspy3d45.exe
c:\windows\system32\11080h9ckz5ol4c5.bin
c:\windows\system32\1109zno9-a-virus45f.cpl
c:\windows\system32\111fthrzat9258.bin
c:\windows\system32\1201not5a-v9ruz1c5.dll
c:\windows\system32\12130not-azvirus559.cpl
c:\windows\system32\12398t5o971ez.exe
c:\windows\system32\12z20hack9ool456.cpl
c:\windows\system32\13097zr5j2f9.bin
c:\windows\system32\13245hack9ool734z.dll
c:\windows\system32\13470s5am9otz49.exe
c:\windows\system32\13510z9rus42a.exe
c:\windows\system32\1397vzrus725.exe
c:\windows\system32\14085trzj9eb.ocx
c:\windows\system32\1423z59rus53d.cpl
c:\windows\system32\1432ad5w9re2z41.cpl
c:\windows\system32\143349ot5a-zirus115.ocx
c:\windows\system32\1495zsp915c.bin
c:\windows\system32\15017worm93bz.dll
c:\windows\system32\15262spazbo95f2.cpl
c:\windows\system32\15309pambzt795.bin
c:\windows\system32\15399tr9j6z1.dll
c:\windows\system32\15432h9ckto5l44z.ocx
c:\windows\system32\1563hackt9zl4de.ocx
c:\windows\system32\15699spy2z9.dll
c:\windows\system32\1572zsp5493.bin
c:\windows\system32\158599zy30f.cpl
c:\windows\system32\1595zh9ef536.dll
c:\windows\system32\15aespyzar92725.ocx
c:\windows\system32\15azspa9se817.exe
c:\windows\system32\15z149py7b4.bin
c:\windows\system32\1631t9re5t5320z.exe
c:\windows\system32\16579spzmbot5f6.bin
c:\windows\system32\16925zorm747.bin
c:\windows\system32\17399hack9ooz335.bin
c:\windows\system32\17549hack9ool54z.exe
c:\windows\system32\17599spzmbot183.bin
c:\windows\system32\17993ha9ktool33z5.bin
c:\windows\system32\1851worm9a5z.dll
c:\windows\system32\18719pars5z536.ocx
c:\windows\system32\18809zr5j410.ocx
c:\windows\system32\18dcs9a5se2z69.cpl
c:\windows\system32\19175hzck5oo974d.bin
c:\windows\system32\1919worm50bz.dll
c:\windows\system32\19316zorm659.ocx
c:\windows\system32\1939bazkdoo53161.dll
c:\windows\system32\19550troz6e7.bin
c:\windows\system32\19645not-z-virus5a95.ocx
c:\windows\system32\1974haczt5ol693.exe
c:\windows\system32\19858v9zus3c9.cpl
c:\windows\system32\1b5a9hizf1895.bin
c:\windows\system32\1b6edownloader9505z.bin
c:\windows\system32\1ec9az5wa9e2919.bin
c:\windows\system32\1f6ds9ar5e193z.exe
c:\windows\system32\1z1329ot-a-vi5us70e.bin
c:\windows\system32\1z221wor5499.exe
c:\windows\system32\1z5vir15139.bin
c:\windows\system32\1z759o5md9.bin
c:\windows\system32\1z882tro9555.exe
c:\windows\system32\205535pz9bot578.dll
c:\windows\system32\207z9s596c0.bin
c:\windows\system32\215279acktool2f5z.ocx
c:\windows\system32\21958spz2b9.dll
c:\windows\system32\2195zparse2293.cpl
c:\windows\system32\21z85irus5989.exe
c:\windows\system32\2219download9z3507.dll
c:\windows\system32\221zworm7985.bin
c:\windows\system32\22252hack95oz6d7.ocx
c:\windows\system32\22521not-a-v9zus474.bin
c:\windows\system32\22839wz9m145.ocx
c:\windows\system32\22904spy325z.dll
c:\windows\system32\22d3th5ef9533z.cpl
c:\windows\system32\23002worm195z.ocx
c:\windows\system32\23813not-a-5irus9z8.dll
c:\windows\system32\23z54wor590d.dll
c:\windows\system32\23z99hief95.dll
c:\windows\system32\240875roj9efz.dll
c:\windows\system32\2414downl5ad9rz153.exe
c:\windows\system32\244zt59eat25949.ocx
c:\windows\system32\24633zo9-a-vi5us5fa.dll
c:\windows\system32\252z09roj515.cpl
c:\windows\system32\2543viz9095.cpl
c:\windows\system32\2545s9ywaze5012.ocx
c:\windows\system32\25531sp96c5z.cpl
c:\windows\system32\2558vi9us5bz.exe
c:\windows\system32\25645zot-a-vir9s305.ocx
c:\windows\system32\25848nzt-5-9irusfa.exe
c:\windows\system32\25f3spyware916z.cpl
c:\windows\system32\25z579py3f4.cpl
c:\windows\system32\26463not5a-zirus901.bin
c:\windows\system32\26884n5z-a-virus519.cpl
c:\windows\system32\2695thizf589.dll
c:\windows\system32\269695zt-a-virus6a69.ocx
c:\windows\system32\26bathzef24589.exe
c:\windows\system32\2752zt9oj65e5.ocx
c:\windows\system32\2754vir5z92.ocx
c:\windows\system32\2792n5t-9-viruscbz.cpl
c:\windows\system32\28273hazkt9o54b2.ocx
c:\windows\system32\285569zambot6b2.dll
c:\windows\system32\28953hackt5oz46f.cpl
c:\windows\system32\2910spzware23025.cpl
c:\windows\system32\29164not-a-zirus579.cpl
c:\windows\system32\2917zha5ktool671.cpl
c:\windows\system32\291cthz5f2827.ocx
c:\windows\system32\2941s5eal99z.bin
c:\windows\system32\29590troj6f5z.ocx
c:\windows\system32\29593z9y2d5.bin
c:\windows\system32\2979steal2z35.bin
c:\windows\system32\29999troz5f0.dll
c:\windows\system32\299bsp5z9re9.ocx
c:\windows\system32\2a4czparse52979.dll
c:\windows\system32\2a5b9tz5l3051.cpl
c:\windows\system32\2af4zpyware5479.ocx
c:\windows\system32\2c9zdownl9ader28695.dll
c:\windows\system32\2cf5back5oor509z.bin
c:\windows\system32\2d91szyware5128.ocx
c:\windows\system32\2e965ackdoor68z.bin
c:\windows\system32\2z256troj928.exe
c:\windows\system32\2z59thief2692.cpl
c:\windows\system32\30578sp9mbotz2d.bin
c:\windows\system32\30657v9rzs22d.dll
c:\windows\system32\30957troz761.exe
c:\windows\system32\31568zi9us1d2.ocx
c:\windows\system32\3175z9irus490.ocx
c:\windows\system32\3205viru92z5.dll
c:\windows\system32\3323vzr591.bin
c:\windows\system32\3495spa5se2z349.bin
c:\windows\system32\35019ir54z.ocx
c:\windows\system32\3584z9y79d.exe
c:\windows\system32\37815parze1019.dll
c:\windows\system32\38849i5uz4dc.cpl
c:\windows\system32\39bedownloader56z2.dll
c:\windows\system32\39ezthre5t997.bin
c:\windows\system32\3a9ath5ef264z.bin
c:\windows\system32\3ac7z5ywa9e859.ocx
c:\windows\system32\3b095hr9at260z0.ocx
c:\windows\system32\3bbfbzckd9or5551.bin
c:\windows\system32\3c5athrea9z1501.dll
c:\windows\system32\3d0ebac5dozr9523.bin
c:\windows\system32\3d4czp5ware975.exe
c:\windows\system32\3d59threat1z386.exe
c:\windows\system32\3d5adoznloader1993.ocx
c:\windows\system32\3ezfste9l594.exe
c:\windows\system32\3ff95pzrse1956.dll
c:\windows\system32\3z88dow9loa5er2892.bin
c:\windows\system32\409zwo5mef9.cpl
c:\windows\system32\4191spamboz598.cpl
c:\windows\system32\41a7spyw9re54z3.bin
c:\windows\system32\4363z9526e.dll
c:\windows\system32\43fd9wn5oadzr33.bin
c:\windows\system32\44z5threa913211.bin
c:\windows\system32\4532ba5kdooz22399.ocx
c:\windows\system32\456cthrzat10209.exe
c:\windows\system32\4573vi9z72.bin
c:\windows\system32\457thrzat35905.cpl
c:\windows\system32\47025ot-9-virzs352.bin
c:\windows\system32\4889sparse2z59.cpl
c:\windows\system32\4934spywarez535.exe
c:\windows\system32\4955tro545z.bin
c:\windows\system32\496baz59oor3233.ocx
c:\windows\system32\4975t9reat5741z.exe
c:\windows\system32\499zwo9m5a7.ocx
c:\windows\system32\4b3fa5dwa9z176.exe
c:\windows\system32\4b9astezl2655.ocx
c:\windows\system32\4bdspar951054z.exe
c:\windows\system32\4c99ste5lz029.exe
c:\windows\system32\4d5f9hi5fz145.bin
c:\windows\system32\4dz4backd59r2639.bin
c:\windows\system32\4dz9threat307055.ocx
c:\windows\system32\4e74sp9waz53142.ocx
c:\windows\system32\4f0fspy5zre3929.dll
c:\windows\system32\4fz5downloade988.bin
c:\windows\system32\4z45thre9t13435.ocx
c:\windows\system32\4z57add5a9e1569.bin
c:\windows\system32\4z95threat2775.exe
c:\windows\system32\5092zo5m789.dll
c:\windows\system32\5094viz5s70a.exe
c:\windows\system32\5133spzrse24539.dll
c:\windows\system32\5165spz9bot70a.cpl
c:\windows\system32\5185addwarez259.bin
c:\windows\system32\51b6viz14935.dll
c:\windows\system32\51cz9hief1695.ocx
c:\windows\system32\51ebsparse959z.dll
c:\windows\system32\525c9ownloader2z92.exe
c:\windows\system32\527do9nlo5der731z.bin
c:\windows\system32\530z1worm1a9.ocx
c:\windows\system32\53209virus31z.dll
c:\windows\system32\53529spy1ze.cpl
c:\windows\system32\535cdownloaderz0965.dll
c:\windows\system32\536addwaz93165.cpl
c:\windows\system32\5379backdooz1530.ocx
c:\windows\system32\5435szyware9355.ocx
c:\windows\system32\5449thiefz7555.cpl
c:\windows\system32\54656wzrm94.ocx
c:\windows\system32\54995iz930.ocx
c:\windows\system32\5508zp9567.exe
c:\windows\system32\550zaddware1095.cpl
c:\windows\system32\5514ztroj399.ocx
c:\windows\system32\55640vir9s326z.cpl
c:\windows\system32\5575s5ywar9498z.dll
c:\windows\system32\55955z9rm55f.dll
c:\windows\system32\55966virus12z.cpl
c:\windows\system32\55f59hiez1353.bin
c:\windows\system32\55z19pa5se2592.dll
c:\windows\system32\55z52spy297.exe
c:\windows\system32\563z9tro93d4.ocx
c:\windows\system32\5791vzr558.ocx
c:\windows\system32\579pyzare2071.bin
c:\windows\system32\5819tro9415z.dll
c:\windows\system32\5825trz56119.bin
c:\windows\system32\58b5addza9e3105.ocx
c:\windows\system32\58dbdownloaz9r1805.dll
c:\windows\system32\591dth9ef2z465.bin
c:\windows\system32\592zthi9f233.bin
c:\windows\system32\5950spyz639.dll
c:\windows\system32\595dvz9161.cpl
c:\windows\system32\5962spa5sz1010.bin
c:\windows\system32\596worz2955.cpl
c:\windows\system32\5988wor957z.cpl
c:\windows\system32\59b05hrea93z581.bin
c:\windows\system32\59ccsteaz1859.ocx
c:\windows\system32\59ddaddwaze9614.ocx
c:\windows\system32\5ae4z9r2396.exe
c:\windows\system32\5b11z9r13435.cpl
c:\windows\system32\5b9ebackdzor26125.ocx
c:\windows\system32\5bf7tzief57069.exe
c:\windows\system32\5c6edoznl5ader9200.ocx
c:\windows\system32\5ca39ddware2393z.exe
c:\windows\system32\5cc6vir19z7.dll
c:\windows\system32\5ce7add9arz505.cpl
c:\windows\system32\5d75zi51599.ocx
c:\windows\system32\5d9esparze23949.dll
c:\windows\system32\5dc4spazse9557.bin
c:\windows\system32\5dzb9ddware3209.dll
c:\windows\system32\5e68sparsz9149.dll
c:\windows\system32\5ec3thi9f4z7.ocx
c:\windows\system32\5ed1zi5934.ocx
c:\windows\system32\5f59adz5are1238.cpl
c:\windows\system32\5f91azdware2625.cpl
c:\windows\system32\5f9a9ddwzre3257.bin
c:\windows\system32\5feasp5rs946z.exe
c:\windows\system32\5z58sp5rse2989.exe
c:\windows\system32\5z60do5nloade9427.ocx
c:\windows\system32\5z72addware2959.dll
c:\windows\system32\5z849spam9ot1de.exe
c:\windows\system32\5z89w5rm7b9.ocx
c:\windows\system32\5z972worm59c.cpl
c:\windows\system32\5zadownloade9654.cpl
c:\windows\system32\5zf8add5are1319.cpl
c:\windows\system32\602f5hzeat4290.exe
c:\windows\system32\6159hi5fz08.ocx
c:\windows\system32\6219th9za58596.bin
c:\windows\system32\6335thre9tz9885.dll
c:\windows\system32\6496spz5se2552.dll
c:\windows\system32\649ftzr5at8879.dll
c:\windows\system32\6539steal99z.cpl
c:\windows\system32\657dsz9ware1896.dll
c:\windows\system32\6590hacktool3zf.bin
c:\windows\system32\68zbspyw9re2454.bin
c:\windows\system32\6901s5y6z4.dll
c:\windows\system32\6958z5t-a9virus4dd.exe
c:\windows\system32\6995spywar57z1.bin
c:\windows\system32\6fz7s59al1134.dll
c:\windows\system32\6z17thief2595.ocx
c:\windows\system32\6z26downloader9275.cpl
c:\windows\system32\6zd9vi52579.exe
c:\windows\system32\7059trzj9305.dll
c:\windows\system32\709z59yware1099.exe
c:\windows\system32\727cdow5load9r3179z.ocx
c:\windows\system32\72dzspyw5re1997.exe
c:\windows\system32\72f5adz5ar92323.bin
c:\windows\system32\7398tz5ef1896.cpl
c:\windows\system32\7399spar5e3z299.dll
c:\windows\system32\739bzc5door2114.bin
c:\windows\system32\74355hreat3z895.cpl
c:\windows\system32\7491d9wnload5r3174z.dll
c:\windows\system32\74ecd9wnloazer1529.ocx
c:\windows\system32\75285ir149z.dll
c:\windows\system32\752cth5eat1967z.bin
c:\windows\system32\75baspy9are88z.ocx
c:\windows\system32\7623hacktzol159.dll
c:\windows\system32\7690vz51959.ocx
c:\windows\system32\7896back5oor28z99.dll
c:\windows\system32\78bzddwar52891.dll
c:\windows\system32\7925zorm21e.cpl
c:\windows\system32\793znot-a9vir5s58.cpl
c:\windows\system32\7956dowzloader529.dll
c:\windows\system32\79c3s5ezl1409.cpl
c:\windows\system32\79f8steal5z93.ocx
c:\windows\system32\7a1cspz9se2635.ocx
c:\windows\system32\7a45b59kdoor21z0.dll
c:\windows\system32\7ac4t5zef5509.cpl
c:\windows\system32\7b3b9zy5are3043.ocx
c:\windows\system32\7b71s59al195z.exe
c:\windows\system32\7b9dsz5al569.cpl
c:\windows\system32\7be3a95warz5.bin
c:\windows\system32\7c3c5hzef6159.cpl
c:\windows\system32\7c3dow9loader23z85.ocx
c:\windows\system32\7d059ddwa5e12z4.bin
c:\windows\system32\7d65ad9wa5ez75.dll
c:\windows\system32\7e59t9ief30z1.ocx
c:\windows\system32\7e895hiez2568.bin
c:\windows\system32\7f05downloa9er1819z.ocx
c:\windows\system32\7fd29hreatz3150.ocx
c:\windows\system32\7ff8t5reat7709z.ocx
c:\windows\system32\7z09vir502.dll
c:\windows\system32\7z2195r795.cpl
c:\windows\system32\80z9spa9bo5585.ocx
c:\windows\system32\839159y49fz.cpl
c:\windows\system32\8550zp55d9.ocx
c:\windows\system32\8614hzcktoo51a49.cpl
c:\windows\system32\878vir5s9fbz.cpl
c:\windows\system32\8845not-a-v9ruz612.cpl
c:\windows\system32\8929roj5aez.ocx
c:\windows\system32\8950not-a-zirus2d6.cpl
c:\windows\system32\8951wozm19c.ocx
c:\windows\system32\89725pambo91z2.bin
c:\windows\system32\897zo5nloader2398.dll
c:\windows\system32\9007zot-a-viru58a9.bin
c:\windows\system32\9031zspy53f.bin
c:\windows\system32\90spyz965.ocx
c:\windows\system32\925z95py6b.exe
c:\windows\system32\9307trojz595.exe
c:\windows\system32\9365spambot5zc.dll
c:\windows\system32\9391spz2005.dll
c:\windows\system32\93ezackdoor6205.exe
c:\windows\system32\94197wo5m4zd.exe
c:\windows\system32\9549spamzo543b.bin
c:\windows\system32\9579troj9za.ocx
c:\windows\system32\95afdownloaderz603.ocx
c:\windows\system32\9611szam5ot4c1.cpl
c:\windows\system32\975zdownloader155.bin
c:\windows\system32\979zspy495.exe
c:\windows\system32\98e5tzreat7941.cpl
c:\windows\system32\9958sparse3z05.dll
c:\windows\system32\9a0dste5l5z9.ocx
c:\windows\system32\9a5zback5oor1452.exe
c:\windows\system32\9afs9ywz5e280.ocx
c:\windows\system32\9b99v5rz92.cpl
c:\windows\system32\9bd9downloazer2583.ocx
c:\windows\system32\9cebtzie51364.ocx
c:\windows\system32\9d11dowzlo5der728.dll
c:\windows\system32\9f70sparze2052.exe
c:\windows\system32\9f91ad5ware2011z.exe
c:\windows\system32\9zbeste5l2989.ocx
c:\windows\system32\a9czpars5314.dll
c:\windows\system32\bfb9tzal17835.dll
c:\windows\system32\c14d9wnloader5z5.cpl
c:\windows\system32\deaviz15795.dll
c:\windows\system32\drivers\gxvxcserv.sys
c:\windows\system32\drivers\MSIVXrxicqwionmenpxrssnqtxeeowntpbkpr.sys
c:\windows\system32\dz3backdoor59109.exe
c:\windows\system32\e90bazkdoo51474.bin
c:\windows\system32\f95zhreat454.bin
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXitvrsihbpotxkpqmeqixyvxojovtgevb.dll
c:\windows\system32\MSIVXvsgfpqxwdydrmqtticbmrfypbbrtmcpv.dll
c:\windows\system32\z0125teal29869.bin
c:\windows\system32\z092troj5e9.cpl
c:\windows\system32\z1195p9rse1921.ocx
c:\windows\system32\z1499wor53cd.dll
c:\windows\system32\z1835h5cktoolc09.bin
c:\windows\system32\z1bspywa9e175.ocx
c:\windows\system32\z2591wo5915.dll
c:\windows\system32\z3985s5y519.dll
c:\windows\system32\z5378worm905.cpl
c:\windows\system32\z555thr9at31909.dll
c:\windows\system32\z566hack9ool128.bin
c:\windows\system32\z5966sp9506.ocx
c:\windows\system32\z639virus755.cpl
c:\windows\system32\z6525virus955.bin
c:\windows\system32\z9093vi59s685.ocx
c:\windows\system32\z9495ir1172.dll
c:\windows\system32\z959w5r9659.cpl
c:\windows\system32\z9cs5eal965.cpl
c:\windows\system32\z9d7addware5553.ocx
c:\windows\system32\za5et59eat109.bin
c:\windows\system32\zfe25ddware2609.exe
c:\windows\z05addware2921.exe
c:\windows\z1448w59m561.cpl
c:\windows\z1sp5mbot498.ocx
c:\windows\z2afs9yware2522.bin
c:\windows\z4164wor595f.cpl
c:\windows\z4536w9rm1f5.cpl
c:\windows\z4754not-a-9ir5s325.cpl
c:\windows\z5540spy3c9.ocx
c:\windows\z5561virus69f.exe
c:\windows\z58929pambot7085.bin
c:\windows\z5894h5cktool3b7.cpl
c:\windows\z636backdo593228.exe
c:\windows\z6540troj192.cpl
c:\windows\z6f9steal2957.exe
c:\windows\z851thr9at249395.exe
c:\windows\z879hack9oo5618.cpl
c:\windows\z8fcth5eat97815.dll
c:\windows\z9148worm3259.cpl
c:\windows\z9691vi5us6fe.exe
c:\windows\z999thief3125.ocx

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_iprip

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-20 au 2009-06-20 ))))))))))))))))))))))))))))))))))))
.

2009-07-04 19:57 . 2009-07-04 19:57 13593 ----a-w- c:\windows\system32\709059zus2.bin
2009-06-20 20:28 . 2009-06-20 20:30 -------- d-----w- c:\users\PERSO\AppData\Local\temp
2009-06-20 16:27 . 2009-06-20 16:28 -------- d-----w- c:\users\PERSO\DoctorWeb
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- c:\program files\trend micro
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- C:\rsit
2009-06-20 13:42 . 2009-06-20 13:42 -------- d-----w- c:\program files\WinBlueSoft Software
2009-06-20 11:44 . 2009-06-20 11:44 -------- d-----w- c:\users\PERSO\Pavark
2009-06-19 23:59 . 2009-06-20 15:38 -------- d-----w- c:\program files\Sophos
2009-06-19 09:13 . 2009-06-19 09:13 -------- d-----w- c:\windows\PCHEALTH
2009-06-18 12:44 . 2009-06-19 09:42 -------- d-----w- c:\users\PERSO\Songs Reason
2009-06-17 20:29 . 2009-06-17 20:29 -------- d-----w- c:\program files\Propellerhead
2009-06-17 19:55 . 2009-03-31 12:47 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-06-17 19:55 . 2009-03-31 12:47 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-06-17 18:54 . 2009-06-17 20:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\Propellerhead Software
2009-06-17 18:54 . 2009-06-17 18:54 -------- d-----w- c:\programdata\Propellerhead Software
2009-06-17 18:47 . 2009-06-17 18:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-06-17 18:43 . 2009-06-17 18:43 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-17 18:42 . 2009-06-17 20:29 -------- d-----w- c:\users\PERSO\AppData\Roaming\DAEMON Tools Lite
2009-06-17 18:19 . 1996-07-18 11:06 297472 ----a-w- c:\windows\uninst.exe
2009-06-17 00:56 . 2009-06-17 00:56 16546800 ----a-w- c:\users\PERSO\AppData\Roaming\Uniblue\DriverScanner\LatestUpdate.exe
2009-06-17 00:55 . 2009-06-17 00:55 -------- dc-h--w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}
2009-06-17 00:55 . 2008-10-10 11:17 2652186 -c--a-w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}\DriverScanner_Setup.exe
2009-06-16 23:10 . 2009-06-16 23:10 -------- d-----w- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-06-14 20:25 . 2009-06-14 20:25 -------- d-----w- c:\programdata\Creative Labs
2009-06-14 20:21 . 2009-06-14 20:21 -------- d-----w- c:\program files\Common Files\Creative Labs Shared
2009-06-13 20:54 . 2009-06-13 20:54 -------- d-----w- c:\users\PERSO\AppData\Local\Nero
2009-06-13 20:41 . 2009-06-13 20:41 -------- d-----w- c:\users\PERSO\AppData\Roaming\Nero
2009-06-13 20:37 . 2009-06-13 20:40 -------- d-----w- c:\program files\Common Files\Nero
2009-06-13 20:37 . 2009-06-13 20:37 -------- d-----w- c:\programdata\Nero
2009-06-12 23:05 . 2009-06-12 23:05 -------- d-----w- c:\program files\G-Sonique
2009-06-11 08:51 . 2009-06-11 08:51 -------- dc-h--w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}
2009-06-11 08:51 . 2009-05-20 08:58 2841948 -c--a-w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}\PowerSuite2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}
2009-06-11 08:50 . 2009-05-04 14:27 2835559 -c--a-w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}\speedupmypc2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}
2009-06-11 08:50 . 2008-10-13 07:53 2567606 -c--a-w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}\Uniblue RegistryBooster.exe
2009-06-10 00:57 . 2009-06-12 10:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\vlc
2009-06-09 23:55 . 2009-06-09 23:55 -------- d-----w- c:\program files\DivoCodec
2009-06-09 21:19 . 2009-06-09 22:21 -------- d-----w- c:\users\PERSO\AppData\Roaming\LimeWire
2009-06-09 21:19 . 2009-06-09 21:19 -------- d-----w- c:\program files\360Share Pro
2009-06-03 11:14 . 2009-06-03 11:14 -------- d-----w- c:\program files\THQ
2009-06-02 22:18 . 2009-06-04 22:20 -------- d-----w- c:\program files\Pcsx2
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\AA2DeployClient
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\programdata\AA2DeployClient
2009-06-01 12:15 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\Deployment
2009-06-01 12:08 . 2009-06-17 00:57 -------- d-----w- c:\programdata\DriverScanner
2009-06-01 12:08 . 2009-06-11 09:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\Uniblue
2009-06-01 12:08 . 2009-06-11 08:52 -------- d-----w- c:\program files\Uniblue
2009-06-01 11:24 . 2009-06-18 08:48 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitTorrent
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\eu-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\ca-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\vi-VN
2009-05-27 07:09 . 2009-05-27 07:09 -------- d-----w- c:\windows\system32\EventProviders
2009-05-27 07:09 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-05-27 07:09 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-05-27 07:09 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-05-27 07:09 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-05-27 07:09 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-05-27 07:09 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-05-27 07:09 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\programdata\America's Army Deploy Client
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\program files\America's Army Deploy Client
2009-05-23 19:18 . 2009-05-23 19:18 10684866 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azump\mplayer.exe
2009-05-23 19:18 . 2009-05-23 19:18 4141117 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\mediainfo.exe
2009-05-23 19:18 . 2009-05-23 19:18 6516755 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\ffmpeg.exe
2009-05-22 03:30 . 2009-05-22 03:30 -------- d-----w- c:\programdata\WindowsSearch

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 20:28 . 2009-03-22 03:05 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-20 19:20 . 2008-01-21 07:23 740102 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-20 19:20 . 2008-01-21 07:23 150198 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-20 19:00 . 2009-04-27 16:49 -------- d-----w- c:\users\PERSO\AppData\Roaming\Azureus
2009-06-20 03:15 . 2009-01-10 13:44 -------- d-----w- c:\users\PERSO\AppData\Roaming\dvdcss
2009-06-19 17:27 . 2009-05-20 10:53 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-19 16:52 . 2009-01-10 13:31 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-18 08:57 . 2009-01-09 16:45 1 ----a-w- c:\users\PERSO\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-17 19:47 . 2009-02-01 17:10 -------- d-----w- c:\program files\Ableton
2009-06-17 17:51 . 2009-02-01 17:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ableton
2009-06-14 20:26 . 2009-01-10 13:03 -------- d-----w- c:\program files\Creative
2009-06-14 20:25 . 2009-01-10 15:44 -------- d-----w- c:\programdata\Creative
2009-06-14 20:22 . 2009-01-09 16:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 01:27 . 2009-04-13 13:33 -------- d-----w- c:\users\PERSO\AppData\Roaming\Skype
2009-06-13 21:47 . 2009-03-25 13:37 -------- d-----w- c:\program files\Google
2009-06-13 20:37 . 2009-01-09 17:05 -------- d-----w- c:\program files\Nero
2009-06-12 20:49 . 2009-05-09 16:31 -------- d-----w- c:\program files\Steam
2009-06-11 08:59 . 2009-03-23 20:53 -------- d-----w- c:\users\PERSO\AppData\Roaming\uTorrent
2009-06-02 20:01 . 2009-03-23 21:02 -------- d-----w- c:\program files\BitTorrent
2009-06-02 19:27 . 2009-04-27 16:49 -------- d-----w- c:\program files\Vuze
2009-06-01 12:22 . 2009-03-25 10:35 189392 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-01 12:18 . 2009-03-25 10:35 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-05-27 14:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-27 14:54 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-05-25 15:26 . 2009-05-05 20:31 304160 ----a-w- C:\PA207.DAT
2009-05-24 17:34 . 2009-03-24 21:19 -------- d-----w- c:\program files\America's Army Server Manager
2009-05-24 17:33 . 2009-03-24 21:18 -------- d-----w- c:\program files\America's Army
2009-05-24 12:07 . 2009-05-09 16:31 -------- d-----w- c:\program files\Common Files\Steam
2009-05-20 20:43 . 2009-01-09 17:02 -------- d-----w- c:\programdata\NVIDIA
2009-05-17 17:54 . 2009-05-17 17:54 52776 ----a-w- c:\users\PERSO\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Modèles
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Menu Démarrer
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Favoris
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Bureau
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\program files\Fichiers communs
2009-05-17 17:42 . 2009-05-17 17:42 21668 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-17 17:38 . 2009-04-02 00:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\SystemRequirementsLab
2009-05-17 17:38 . 2009-03-25 08:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\MySpace
2009-05-17 17:38 . 2009-01-09 16:45 -------- d-----w- c:\users\PERSO\AppData\Roaming\OpenOffice.org
2009-05-17 17:38 . 2009-01-16 19:18 -------- d-----w- c:\users\PERSO\AppData\Roaming\MP-Manager
2009-05-17 17:38 . 2009-01-16 19:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\MPMAN
2009-05-17 17:38 . 2009-01-09 16:52 -------- d-----w- c:\users\PERSO\AppData\Roaming\InstallShield
2009-05-17 17:38 . 2009-05-17 14:22 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitDefender
2009-05-17 17:38 . 2009-03-24 21:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\DriverCure
2009-05-17 17:38 . 2009-01-10 13:34 -------- d-----w- c:\users\PERSO\AppData\Roaming\Creative
2009-05-17 17:38 . 2009-04-06 20:43 -------- d-----w- c:\users\PERSO\AppData\Roaming\Apple Computer
2009-05-17 17:38 . 2009-01-09 17:07 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ahead
2009-05-17 17:31 . 2009-03-29 15:41 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-17 17:28 . 2009-05-17 17:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-09 05:50 . 2009-06-10 00:38 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 00:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-01 19:01 . 2009-05-01 19:01 15884 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess.dll
2009-05-01 19:01 . 2009-05-01 19:01 102400 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.14.3-x86.dll
2009-04-26 20:45 . 2009-03-25 08:36 -------- d-----w- c:\program files\MySpace
2009-04-23 12:15 . 2009-06-10 00:38 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:14 . 2009-06-10 00:38 623616 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-21 11:39 . 2009-06-10 00:38 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-04-11 06:33 . 2009-05-27 07:08 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-05-27 07:08 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-05-27 07:08 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-05-27 07:08 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-05-27 07:08 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-05-27 07:08 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-05-27 07:08 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-05-27 07:08 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-05-27 07:08 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-05-27 07:08 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 04:57 . 2009-05-27 07:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-05-27 07:08 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-05-27 07:08 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-05-27 07:08 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-05-27 07:08 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-05-27 07:08 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-05-27 07:08 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-05-27 07:08 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-05-27 07:08 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-05-27 07:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-05-27 07:08 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-05-27 07:08 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-05-27 07:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-05-27 07:08 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-05-27 07:08 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-05-27 07:08 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-05-27 07:08 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-05-27 07:08 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-05-27 07:08 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-05-27 07:08 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-05-27 07:08 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-05-27 07:08 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-03-05 16:08 . 2009-05-17 14:24 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2008-01-21 02:35 . 2008-01-21 02:35 168960 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmplayer.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 16:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-07-10 07:23 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-13 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-03-19 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-02-23 69632]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-25 16990208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SecurDisc"="c:\program files\Nero\Nero8\InCD\NBHGui.exe" [2008-07-10 2049320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^PERSO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):6d,3a,94,d6,db,de,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{62043F56-9769-4CB3-9904-46DDC8E8C207}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= TCP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"TCP Query User{E123E05D-A986-4165-AACC-D6573D159445}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= UDP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"UDP Query User{95825578-D630-44CA-A4F3-52E02C5FA711}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= TCP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"TCP Query User{43F15413-4E91-46DD-9BC8-C1E5F2108D7A}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= UDP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"UDP Query User{DC949683-CDEA-41E2-A0CE-C35E3B497363}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{664AF19B-0FE6-4FB4-A0D5-B6773FBAB280}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"{9873280A-B46A-4B3F-BB90-A6E653E1697A}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{CF625FAF-B41D-43A8-9308-1BB4F648512A}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EABDAB33-5B2D-43CA-B3C0-D43A6460AA5F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"UDP Query User{661BDC92-B998-46EF-9A0E-9D337ED40EBD}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"TCP Query User{82799CA4-4346-4696-B458-EC5770392217}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"{E668A50D-200E-4496-B47C-C1256BB92E6B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"UDP Query User{416AED8F-E2D3-4F3E-9DD1-1F1E9B375729}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{1D08B44A-8061-46C6-90BE-5A942C0CA713}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"{198C91BC-3C09-4EFA-8093-CFAF54C71C55}"= Disabled:TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{F13FFF80-397E-4425-8D01-C54387C503B1}"= Disabled:UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{B337DBDD-DC16-4DB1-95F2-541F81DB68F2}"= c:\program files\MySpace\IM\MySpaceIM.exe:MySpaceIM
"UDP Query User{032E7B4F-9DF6-489C-B9B7-EF3516799C46}c:\\users\\perso\\program files\\dna\\btdna.exe"= TCP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"TCP Query User{876D182E-70EF-4D08-A6C9-67604C815E4B}c:\\users\\perso\\program files\\dna\\btdna.exe"= UDP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"UDP Query User{D924E207-F4FB-4CEB-8A3A-BA7DFD18709E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{CB954CBA-FB8E-4625-B734-E7852C64D3E8}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{9A2C52DE-86F7-4C01-B1B9-55F5AD21235B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{CE2C0EDE-E278-4ABE-901C-9CDD17BBBA51}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"TCP Query User{A880DB37-3711-4B99-93B3-4196896CFEDF}c:\\program files\\america's army deploy client\\aadeployclient.exe"= UDP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{9DD0D3D6-1FDB-449E-9E41-4113C6554FC9}c:\\program files\\america's army deploy client\\aadeployclient.exe"= TCP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"TCP Query User{6E6AF77F-1725-482A-A1C6-B0CFED34EDC7}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{6FD19C95-1C99-4A0B-AC0E-85D6AF00A901}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"{7F1FF9E5-AF2C-43C5-9D37-5AC9A71F9B3B}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In)
"{09763EB7-5AF2-4E7C-8265-0A921584411A}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In)
"TCP Query User{B6D4425F-BD1D-4B61-8852-A11299019D52}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{906BEEDB-B74E-45FA-BE04-77766B5422E5}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{3BCA4250-3846-4656-AF04-08DE6743CBAE}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{695EED36-D15B-4939-82FE-E7F21B08787C}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{64304686-A2E5-498B-BE10-C8D2E6E60107}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"UDP Query User{C91C1C71-435A-493C-945F-5C9A47860A8F}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"{4483DEC1-1BBE-4862-8341-ABFB536E2BAE}"= Disabled:UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{7AB8F5C6-0990-42B2-9459-E1D3BD23298E}"= Disabled:TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{3A47CA1E-C6DA-4927-A6C6-D2006D9C1472}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:UDP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"UDP Query User{8A108734-8CEC-4CDD-BF13-14DEA1F506B1}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:TCP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/07/2008 09:23 53032]
R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [18/09/2008 12:09 111112]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\System32\drivers\viahduaa.sys [17/05/2009 20:19 906240]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [20/01/2009 19:16 172032]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [14/06/2009 22:21 79360]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29/03/2009 17:42 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 ksaud;Creative USB Audio Driver;c:\windows\System32\drivers\ksaud.sys [17/05/2009 20:19 802176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [17/05/2009 20:19 507136]
S3 SBUSBAV;Sound Blaster Audigy 2 ZS Video Editor Video Device;c:\windows\System32\drivers\sbusbav.sys [17/05/2009 20:18 101888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
rsmsvcs REG_MULTI_SZ ntmssvc
bdx REG_MULTI_SZ scan
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-15 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2009-03-13 13:37]

2009-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2350328726-818139621-3553498986-1000.job
- c:\users\PERSO\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-23 20:47]

2009-06-20 c:\windows\Tasks\User_Feed_Synchronization-{419DFB9A-D684-428A-AA2A-429C17D471AA}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]

2009-06-20 c:\windows\Tasks\User_Feed_Synchronization-{CFF2EE30-FAE0-472E-B713-63D3C384CF13}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{D97FC677-694D-4A75-AC89-A5B85C2BCFED} - c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.dll

.
------- Examen supplémentaire -------
.
uStart Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fzx%3D1a10x3w67eko%26shva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2
FF - ProfilePath - c:\users\PERSO\AppData\Roaming\Mozilla\Firefox\Profiles\p2qm4nz7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=101764&l=dis
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\PERSO\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-20 22:30
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\Curr

Réponse 23 / 69

Utilisateur anonyme

il manque un bout de rapport a la fin tu peux le mettre stp

Réponse 24 / 69

gorgutz Messages postés 260 Statut Membre 12

ComboFix 09-06-20.02 - PERSO 20/06/2009 22:22.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3582.2560 [GMT 2:00]
Lancé depuis: c:\users\PERSO\Desktop\C-Fix.exe
AV: Antivirus BitDefender *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Pare-feu BitDefender *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender AntiSpam *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\IEToolbar
c:\program files\runit
c:\windows\calvi3568.exe
c:\windows\cvmq56434.exe
c:\windows\ffeg7057.exe
c:\windows\hfqcn57815.exe
c:\windows\jtfr68026.exe
c:\windows\lmln1271.exe
c:\windows\polus5121.exe
c:\windows\pxwis3245.exe
c:\windows\uaax7573.exe
c:\program files\IEToolbar\Bullseye Tool Bar\basis.xml
c:\program files\IEToolbar\Bullseye Tool Bar\date2.html
c:\program files\IEToolbar\Bullseye Tool Bar\icons.bmp
c:\program files\IEToolbar\Bullseye Tool Bar\info.txt
c:\program files\IEToolbar\Bullseye Tool Bar\lw.crc
c:\program files\IEToolbar\Bullseye Tool Bar\lw.dll
c:\program files\IEToolbar\Bullseye Tool Bar\lwpopper.html
c:\program files\IEToolbar\Bullseye Tool Bar\popper3.html
c:\program files\IEToolbar\Bullseye Tool Bar\popup1.html
c:\program files\IEToolbar\Bullseye Tool Bar\popup2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbhelper.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\basis.xml
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\date2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\icons.bmp
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\info.txt
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.crc
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lwpopper.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popper3.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popup1.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\popup2.html
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\tbhelper.dll
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\uninstall.exe
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\version.txt
c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\your_logo.png
c:\program files\IEToolbar\Bullseye Tool Bar\uninstall.exe
c:\program files\IEToolbar\Bullseye Tool Bar\version.txt
c:\program files\IEToolbar\Bullseye Tool Bar\your_logo.png
c:\program files\runit\config.txt
c:\program files\runit\runit_32.exe
c:\program files\runit\runitu_32.exe
c:\windows\10252z9rm512.cpl
c:\windows\109v592z5.bin
c:\windows\11548not-a-viz9s5b.dll
c:\windows\116559rojz80.dll
c:\windows\11952trz92de.bin
c:\windows\11964w5rm15z.ocx
c:\windows\11z63sp57e89.exe
c:\windows\11zfvi922395.bin
c:\windows\1223295rm1zd.ocx
c:\windows\12566hacktozl980.bin
c:\windows\126zbackd59r2157.ocx
c:\windows\12845worz3659.ocx
c:\windows\12909hack5ool2z8.ocx
c:\windows\12992tr5z1f6.bin
c:\windows\13858not-9-vizus1c2.dll
c:\windows\1409zhi5f3272.bin
c:\windows\14273spz5bot9cf.cpl
c:\windows\14675haczt5ol193.ocx
c:\windows\1486395y3z2.ocx
c:\windows\15294sp5661z.dll
c:\windows\1547zhacktoo593c.dll
c:\windows\154et9reat17089z.ocx
c:\windows\15520zpy2459.exe
c:\windows\155709o5-z-virus790.dll
c:\windows\15578spambzt949.dll
c:\windows\1559downloader59z2.bin
c:\windows\157815otz9-virus6cf.cpl
c:\windows\15z205py2dd9.cpl
c:\windows\15z65tr9jc9.exe
c:\windows\15zcthrea915549.cpl
c:\windows\16198not-a-vi5us68dz.dll
c:\windows\16279notza-vir59db.dll
c:\windows\1667v5r2779z.exe
c:\windows\166975ot9a-vzrus33a.ocx
c:\windows\166z495rm221.cpl
c:\windows\1692s5eaz399.cpl
c:\windows\16998not-azvirus375.bin
c:\windows\16aet5i9z3043.cpl
c:\windows\17332spa5bot499z.cpl
c:\windows\1782ha5ktooz96f.exe
c:\windows\17z64sp5691.bin
c:\windows\18115zo9-a-vir5s71e.ocx
c:\windows\18457hackt9zl789.cpl
c:\windows\18459sp95z1.bin
c:\windows\18530v9rus52z.cpl
c:\windows\1869ztro55f3.cpl
c:\windows\18935pa9zot4fc.ocx
c:\windows\18z91w5rm756.cpl
c:\windows\19019worz7b65.exe
c:\windows\193385pye9z.bin
c:\windows\19453zirus4a5.dll
c:\windows\19530tzoj505.cpl
c:\windows\195h9ck5zol361.bin
c:\windows\195z5hackt5ol336.ocx
c:\windows\195z85irus169.exe
c:\windows\19971hac5tool1z8.dll
c:\windows\199zvir855.cpl
c:\windows\19z15virus25b.cpl
c:\windows\1a415pzr9e103.ocx
c:\windows\1b54downloade91227z.bin
c:\windows\1d96thie590z.ocx
c:\windows\1dbdz9ywa5e2924.ocx
c:\windows\1e5downloadzr6049.ocx
c:\windows\1f49szarse3562.dll
c:\windows\1f8z9pa5se2018.cpl
c:\windows\1z099wor51b0.dll
c:\windows\1z485iru9673.ocx
c:\windows\1z5dvir22699.ocx
c:\windows\1z699spambot51f.dll
c:\windows\1za5vir9410.dll
c:\windows\2089hacktool15z.ocx
c:\windows\20955spy95z5.dll
c:\windows\2099ddw5re2195z.cpl
c:\windows\21432n5t-a9virus3z.dll
c:\windows\21955hacktzol15b9.cpl
c:\windows\21afzownlo95er894.cpl
c:\windows\22535not-a-zirus2339.ocx
c:\windows\22879not-a-vz5us4b3.cpl
c:\windows\22964not-a-v5zus708.bin
c:\windows\23451sz5339.dll
c:\windows\23902not5a-virus4cz.dll
c:\windows\23959szy4db5.bin
c:\windows\25444hacztoo9124.dll
c:\windows\254839irus1z4.cpl
c:\windows\254dad5zare1190.ocx
c:\windows\25529troj58az.cpl
c:\windows\25765zoj29a.dll
c:\windows\259z59roj7f.exe
c:\windows\25bc5ir16z69.exe
c:\windows\261z3wo9m251.ocx
c:\windows\2650stz9l230.dll
c:\windows\26950s5azbot9f2.cpl
c:\windows\2713z59cktool602.dll
c:\windows\27368h95ktool1z2.exe
c:\windows\275499azktool5b0.bin
c:\windows\27578h5ck9ooz7b5.dll
c:\windows\27902hacktool775z.bin
c:\windows\27z45w9r51e1.bin
c:\windows\2860559ambotz30.dll
c:\windows\287zs9y1b5.cpl
c:\windows\28999virusz95.cpl
c:\windows\2899virus507z.cpl
c:\windows\28b89hie52058z.ocx
c:\windows\293z0troj589.bin
c:\windows\2958t9oj5z0.exe
c:\windows\2974s5ambz9273.dll
c:\windows\29785not-azvirus58a.bin
c:\windows\29795zpy49b5.ocx
c:\windows\29c1downloade54z9.ocx
c:\windows\2aa9zackdoor995.exe
c:\windows\2b98szyware953.bin
c:\windows\2cc4t9ie517z1.exe
c:\windows\2d35ackd9orz022.cpl
c:\windows\2f31thre5z17549.dll
c:\windows\2fz9sparse1755.exe
c:\windows\2z22stea91957.bin
c:\windows\2z659not-a-v5rus5e9.dll
c:\windows\2z754troj9f2.bin
c:\windows\2ze4s5eal9296.cpl
c:\windows\3018995y2z5.exe
c:\windows\305z7troj659.ocx
c:\windows\31064spamb5z499.dll
c:\windows\310f5parse13z9.ocx
c:\windows\319a95zware2582.bin
c:\windows\31z46spambo945.cpl
c:\windows\320945iru9zca.bin
c:\windows\32440zot-a9virus5c65.bin
c:\windows\32519nzt-a-virus5b1.cpl
c:\windows\3255virz1349.bin
c:\windows\32769worm25z.ocx
c:\windows\3488hackz5o93a2.cpl
c:\windows\3594sparse596z.exe
c:\windows\3815not-a-9izus47b5.cpl
c:\windows\38bc5tea915z3.dll
c:\windows\39103not-a-vi5usz9f.bin
c:\windows\3925spyware5z6.dll
c:\windows\39435ir544z.bin
c:\windows\394bdo9nloa5ez770.cpl
c:\windows\3995s9arze462.cpl
c:\windows\3a75threat965z4.bin
c:\windows\3a9downloader511z.bin
c:\windows\3b15sparze21659.exe
c:\windows\3b9a5hreat295z8.dll
c:\windows\3f29sp5zar93173.bin
c:\windows\3z54v9ru55f5.ocx
c:\windows\3z578w9rm5d5.cpl
c:\windows\3zbed5w9loader1911.cpl
c:\windows\40d5z5dw9re286.ocx
c:\windows\4159v9r83z.bin
c:\windows\4178zt5al3964.dll
c:\windows\4275not-5-v9rus2z8.dll
c:\windows\42caspywa5e9z19.exe
c:\windows\43ffthre9t5z93.ocx
c:\windows\448ca95warez663.bin
c:\windows\455steaz9230.cpl
c:\windows\455zthreat99384.cpl
c:\windows\45edth5ez9994.dll
c:\windows\45fz5dw9re1293.ocx
c:\windows\4629szywa5e1695.exe
c:\windows\4813thre9z5409.ocx
c:\windows\49a1s5arse1493z.bin
c:\windows\49e8a95ware14z.exe
c:\windows\4a91ba5kdzor2386.ocx
c:\windows\4b22t5zef9657.dll
c:\windows\4ed5zownl9ader2813.bin
c:\windows\4ef25p9ware15z5.dll
c:\windows\4z58b5ckdoor1940.dll
c:\windows\4z59sparse2829.bin
c:\windows\4zd85py9are1155.dll
c:\windows\50252haz9tool527.ocx
c:\windows\5059addware1z10.cpl
c:\windows\51092zpambot389.cpl
c:\windows\51396zot-a-virus1a79.exe
c:\windows\515ez9eal851.ocx
c:\windows\5212s5arze2590.dll
c:\windows\5262s9ywarz3243.cpl
c:\windows\535zs95al2574.dll
c:\windows\53979spz1a9.dll
c:\windows\539zthrea522515.bin
c:\windows\53b9bazkdoor2285.bin
c:\windows\53bcbzck5oor2193.bin
c:\windows\543dbaczd95r1386.exe
c:\windows\5485tr5j1zf9.dll
c:\windows\5556threa95839z.bin
c:\windows\55628zorm59b.bin
c:\windows\5594stzal812.cpl
c:\windows\55z9sparse2933.exe
c:\windows\5625t9rzat1919.ocx
c:\windows\566bbackdoor97z3.exe
c:\windows\56caszyware259.dll
c:\windows\56e9viz1494.exe
c:\windows\570z9spy22d9.cpl
c:\windows\577b9teal2655z.ocx
c:\windows\579e5iz515.exe
c:\windows\57z6spam5ot259.ocx
c:\windows\59011not-a-vizus59c.ocx
c:\windows\590z5ddwa9e3118.exe
c:\windows\5926zddw5re286.exe
c:\windows\593z8worm44c.exe
c:\windows\5941nzt-5-virus64.dll
c:\windows\59679z5m65c.dll
c:\windows\59699acktool47bz.cpl
c:\windows\5988not-a5virus9zc.dll
c:\windows\59910h9zktool61a.ocx
c:\windows\59b99zief17585.bin
c:\windows\59e4stea54z59.bin
c:\windows\5a97zir9532.cpl
c:\windows\5b7z9ackdoor27795.ocx
c:\windows\5c22dow5loade91286z.cpl
c:\windows\5c42tzreat29925.ocx
c:\windows\5d0aazdware2293.exe
c:\windows\5d6espzware10609.bin
c:\windows\5d945aczdoor2718.exe
c:\windows\5e94spyzare942.cpl
c:\windows\5f3zspyware16599.bin
c:\windows\5f48thiz5994.bin
c:\windows\5f99v5rz45.exe
c:\windows\5fc1s9zrs51457.exe
c:\windows\5z128t9oj12c.bin
c:\windows\5z876troj593.bin
c:\windows\6059sparse398z.cpl
c:\windows\6091threa519062z.cpl
c:\windows\6129d5wnloader2z96.dll
c:\windows\615spyzare589.dll
c:\windows\6230tzief159.bin
c:\windows\63zbspyw9re29475.bin
c:\windows\6456w5zm494.ocx
c:\windows\6491thi5z1713.cpl
c:\windows\64d9do5nlozder903.dll
c:\windows\6555spazbo9567.bin
c:\windows\6563worm997z.bin
c:\windows\659dspywzre510.cpl
c:\windows\65c2spa9sez6665.ocx
c:\windows\65ebbazkdoor2999.dll
c:\windows\66d75pyw9re116z.exe
c:\windows\66zathreat29156.dll
c:\windows\6912stzal453.ocx
c:\windows\6995ste9l717z.bin
c:\windows\69ec5ownlozder2889.cpl
c:\windows\6a3edo5nloadez2919.cpl
c:\windows\6a94back5oor28z2.bin
c:\windows\6a94spa5ze1623.exe
c:\windows\6bb9i5z571.exe
c:\windows\6cf9ste5l63z9.bin
c:\windows\6d09a9dwzre925.ocx
c:\windows\6dbbzhief17975.exe
c:\windows\6edfdownload5r9z89.ocx
c:\windows\6z92spy5375.bin
c:\windows\6zc85ownloader2159.cpl
c:\windows\6ze69ackdoo53159.cpl
c:\windows\6zf19ddwa5e1654.bin
c:\windows\7389no9-z-virus5b2.dll
c:\windows\739dthr5at2z620.cpl
c:\windows\73cbs9ezl1285.dll
c:\windows\73d85o9nloadez2145.cpl
c:\windows\75189py185z.bin
c:\windows\7582nzt-a-5irus295.exe
c:\windows\7590zhief3078.bin
c:\windows\759bsparse94z6.ocx
c:\windows\75c0b9czdoor2596.bin
c:\windows\76bfadzware27959.bin
c:\windows\7757sp94z5.cpl
c:\windows\77f1sparse51z29.dll
c:\windows\782edownlo9der11z35.bin
c:\windows\7876bzc9d5or2350.exe
c:\windows\790edzwnload5r2955.ocx
c:\windows\7979bac5doorz845.dll
c:\windows\79db59eal982z.ocx
c:\windows\79e9stealz95.ocx
c:\windows\79f1spyware1z57.exe
c:\windows\7ac8steal59z5.dll
c:\windows\7az1thre5t2960.bin
c:\windows\7c5zspar9e1392.dll
c:\windows\7ccfsp5waz9735.dll
c:\windows\7d25ste9l99z.dll
c:\windows\7d689ownload5rz022.exe
c:\windows\7e79thi9f2z945.dll
c:\windows\7f54spywarz595.cpl
c:\windows\7f8czddwa9e5137.ocx
c:\windows\7z52vir32599.dll
c:\windows\8055zirus2509.exe
c:\windows\8186s9zm5ot518.ocx
c:\windows\8233s5ambo93z6.bin
c:\windows\83z85py49c.dll
c:\windows\8509hacktoolz45.exe
c:\windows\8591hackt59z2ee.cpl
c:\windows\86125rojzf09.exe
c:\windows\8890viru5z649.ocx
c:\windows\898zhac5tool968.exe
c:\windows\90059zcktoo5e4.dll
c:\windows\9018spy70z5.cpl
c:\windows\907635py52z.ocx
c:\windows\913not-5-vzrus755.exe
c:\windows\91zbsparse1855.bin
c:\windows\9255zpamb9t31b5.bin
c:\windows\9256zpa9bot362.dll
c:\windows\935665zy591.bin
c:\windows\93ddoznlo5der2210.bin
c:\windows\94078worm50z.exe
c:\windows\9449nz9-a-vi5us724.ocx
c:\windows\94881wozm25c5.bin
c:\windows\955ezteal634.exe
c:\windows\95618trojc8z.dll
c:\windows\962375orz296.ocx
c:\windows\962z1spy3a65.bin
c:\windows\9753spy5z6.ocx
c:\windows\97763viru541z.dll
c:\windows\97777virzs5b5.bin
c:\windows\9830z5t-a-v9rus26a.ocx
c:\windows\986135pz395.exe
c:\windows\98fabackz5or33.exe
c:\windows\98z5download5r2436.dll
c:\windows\99591szambot5a0.dll
c:\windows\9979ziru54db.bin
c:\windows\99bezhreat13520.cpl
c:\windows\9a3zthreat286995.cpl
c:\windows\9az3spyw5re2740.exe
c:\windows\9c4ddow5loader4z8.cpl
c:\windows\9f5th5efz868.bin
c:\windows\9z215spambot53e.ocx
c:\windows\9z30tr5j6b.dll
c:\windows\9z7eth5eat21586.dll
c:\windows\a05vz9268.bin
c:\windows\a2dzh9eat208545.ocx
c:\windows\a79downlzad5r388.exe
c:\windows\adb5pars9304z.ocx
c:\windows\b22z5r2951.bin
c:\windows\bf69h5eat2632z.cpl
c:\windows\c85thr95t18030z.cpl
c:\windows\cd09tzal23775.dll
c:\windows\eabthrzat97295.ocx
c:\windows\f76add5a9z622.ocx
c:\windows\fc9spa5s913z6.cpl
c:\windows\system32\10529wz5m97b.dll
c:\windows\system32\1095zpyware1069.ocx
c:\windows\system32\1099zspy3d45.exe
c:\windows\system32\11080h9ckz5ol4c5.bin
c:\windows\system32\1109zno9-a-virus45f.cpl
c:\windows\system32\111fthrzat9258.bin
c:\windows\system32\1201not5a-v9ruz1c5.dll
c:\windows\system32\12130not-azvirus559.cpl
c:\windows\system32\12398t5o971ez.exe
c:\windows\system32\12z20hack9ool456.cpl
c:\windows\system32\13097zr5j2f9.bin
c:\windows\system32\13245hack9ool734z.dll
c:\windows\system32\13470s5am9otz49.exe
c:\windows\system32\13510z9rus42a.exe
c:\windows\system32\1397vzrus725.exe
c:\windows\system32\14085trzj9eb.ocx
c:\windows\system32\1423z59rus53d.cpl
c:\windows\system32\1432ad5w9re2z41.cpl
c:\windows\system32\143349ot5a-zirus115.ocx
c:\windows\system32\1495zsp915c.bin
c:\windows\system32\15017worm93bz.dll
c:\windows\system32\15262spazbo95f2.cpl
c:\windows\system32\15309pambzt795.bin
c:\windows\system32\15399tr9j6z1.dll
c:\windows\system32\15432h9ckto5l44z.ocx
c:\windows\system32\1563hackt9zl4de.ocx
c:\windows\system32\15699spy2z9.dll
c:\windows\system32\1572zsp5493.bin
c:\windows\system32\158599zy30f.cpl
c:\windows\system32\1595zh9ef536.dll
c:\windows\system32\15aespyzar92725.ocx
c:\windows\system32\15azspa9se817.exe
c:\windows\system32\15z149py7b4.bin
c:\windows\system32\1631t9re5t5320z.exe
c:\windows\system32\16579spzmbot5f6.bin
c:\windows\system32\16925zorm747.bin
c:\windows\system32\17399hack9ooz335.bin
c:\windows\system32\17549hack9ool54z.exe
c:\windows\system32\17599spzmbot183.bin
c:\windows\system32\17993ha9ktool33z5.bin
c:\windows\system32\1851worm9a5z.dll
c:\windows\system32\18719pars5z536.ocx
c:\windows\system32\18809zr5j410.ocx
c:\windows\system32\18dcs9a5se2z69.cpl
c:\windows\system32\19175hzck5oo974d.bin
c:\windows\system32\1919worm50bz.dll
c:\windows\system32\19316zorm659.ocx
c:\windows\system32\1939bazkdoo53161.dll
c:\windows\system32\19550troz6e7.bin
c:\windows\system32\19645not-z-virus5a95.ocx
c:\windows\system32\1974haczt5ol693.exe
c:\windows\system32\19858v9zus3c9.cpl
c:\windows\system32\1b5a9hizf1895.bin
c:\windows\system32\1b6edownloader9505z.bin
c:\windows\system32\1ec9az5wa9e2919.bin
c:\windows\system32\1f6ds9ar5e193z.exe
c:\windows\system32\1z1329ot-a-vi5us70e.bin
c:\windows\system32\1z221wor5499.exe
c:\windows\system32\1z5vir15139.bin
c:\windows\system32\1z759o5md9.bin
c:\windows\system32\1z882tro9555.exe
c:\windows\system32\205535pz9bot578.dll
c:\windows\system32\207z9s596c0.bin
c:\windows\system32\215279acktool2f5z.ocx
c:\windows\system32\21958spz2b9.dll
c:\windows\system32\2195zparse2293.cpl
c:\windows\system32\21z85irus5989.exe
c:\windows\system32\2219download9z3507.dll
c:\windows\system32\221zworm7985.bin
c:\windows\system32\22252hack95oz6d7.ocx
c:\windows\system32\22521not-a-v9zus474.bin
c:\windows\system32\22839wz9m145.ocx
c:\windows\system32\22904spy325z.dll
c:\windows\system32\22d3th5ef9533z.cpl
c:\windows\system32\23002worm195z.ocx
c:\windows\system32\23813not-a-5irus9z8.dll
c:\windows\system32\23z54wor590d.dll
c:\windows\system32\23z99hief95.dll
c:\windows\system32\240875roj9efz.dll
c:\windows\system32\2414downl5ad9rz153.exe
c:\windows\system32\244zt59eat25949.ocx
c:\windows\system32\24633zo9-a-vi5us5fa.dll
c:\windows\system32\252z09roj515.cpl
c:\windows\system32\2543viz9095.cpl
c:\windows\system32\2545s9ywaze5012.ocx
c:\windows\system32\25531sp96c5z.cpl
c:\windows\system32\2558vi9us5bz.exe
c:\windows\system32\25645zot-a-vir9s305.ocx
c:\windows\system32\25848nzt-5-9irusfa.exe
c:\windows\system32\25f3spyware916z.cpl
c:\windows\system32\25z579py3f4.cpl
c:\windows\system32\26463not5a-zirus901.bin
c:\windows\system32\26884n5z-a-virus519.cpl
c:\windows\system32\2695thizf589.dll
c:\windows\system32\269695zt-a-virus6a69.ocx
c:\windows\system32\26bathzef24589.exe
c:\windows\system32\2752zt9oj65e5.ocx
c:\windows\system32\2754vir5z92.ocx
c:\windows\system32\2792n5t-9-viruscbz.cpl
c:\windows\system32\28273hazkt9o54b2.ocx
c:\windows\system32\285569zambot6b2.dll
c:\windows\system32\28953hackt5oz46f.cpl
c:\windows\system32\2910spzware23025.cpl
c:\windows\system32\29164not-a-zirus579.cpl
c:\windows\system32\2917zha5ktool671.cpl
c:\windows\system32\291cthz5f2827.ocx
c:\windows\system32\2941s5eal99z.bin
c:\windows\system32\29590troj6f5z.ocx
c:\windows\system32\29593z9y2d5.bin
c:\windows\system32\2979steal2z35.bin
c:\windows\system32\29999troz5f0.dll
c:\windows\system32\299bsp5z9re9.ocx
c:\windows\system32\2a4czparse52979.dll
c:\windows\system32\2a5b9tz5l3051.cpl
c:\windows\system32\2af4zpyware5479.ocx
c:\windows\system32\2c9zdownl9ader28695.dll
c:\windows\system32\2cf5back5oor509z.bin
c:\windows\system32\2d91szyware5128.ocx
c:\windows\system32\2e965ackdoor68z.bin
c:\windows\system32\2z256troj928.exe
c:\windows\system32\2z59thief2692.cpl
c:\windows\system32\30578sp9mbotz2d.bin
c:\windows\system32\30657v9rzs22d.dll
c:\windows\system32\30957troz761.exe
c:\windows\system32\31568zi9us1d2.ocx
c:\windows\system32\3175z9irus490.ocx
c:\windows\system32\3205viru92z5.dll
c:\windows\system32\3323vzr591.bin
c:\windows\system32\3495spa5se2z349.bin
c:\windows\system32\35019ir54z.ocx
c:\windows\system32\3584z9y79d.exe
c:\windows\system32\37815parze1019.dll
c:\windows\system32\38849i5uz4dc.cpl
c:\windows\system32\39bedownloader56z2.dll
c:\windows\system32\39ezthre5t997.bin
c:\windows\system32\3a9ath5ef264z.bin
c:\windows\system32\3ac7z5ywa9e859.ocx
c:\windows\system32\3b095hr9at260z0.ocx
c:\windows\system32\3bbfbzckd9or5551.bin
c:\windows\system32\3c5athrea9z1501.dll
c:\windows\system32\3d0ebac5dozr9523.bin
c:\windows\system32\3d4czp5ware975.exe
c:\windows\system32\3d59threat1z386.exe
c:\windows\system32\3d5adoznloader1993.ocx
c:\windows\system32\3ezfste9l594.exe
c:\windows\system32\3ff95pzrse1956.dll
c:\windows\system32\3z88dow9loa5er2892.bin
c:\windows\system32\409zwo5mef9.cpl
c:\windows\system32\4191spamboz598.cpl
c:\windows\system32\41a7spyw9re54z3.bin
c:\windows\system32\4363z9526e.dll
c:\windows\system32\43fd9wn5oadzr33.bin
c:\windows\system32\44z5threa913211.bin
c:\windows\system32\4532ba5kdooz22399.ocx
c:\windows\system32\456cthrzat10209.exe
c:\windows\system32\4573vi9z72.bin
c:\windows\system32\457thrzat35905.cpl
c:\windows\system32\47025ot-9-virzs352.bin
c:\windows\system32\4889sparse2z59.cpl
c:\windows\system32\4934spywarez535.exe
c:\windows\system32\4955tro545z.bin
c:\windows\system32\496baz59oor3233.ocx
c:\windows\system32\4975t9reat5741z.exe
c:\windows\system32\499zwo9m5a7.ocx
c:\windows\system32\4b3fa5dwa9z176.exe
c:\windows\system32\4b9astezl2655.ocx
c:\windows\system32\4bdspar951054z.exe
c:\windows\system32\4c99ste5lz029.exe
c:\windows\system32\4d5f9hi5fz145.bin
c:\windows\system32\4dz4backd59r2639.bin
c:\windows\system32\4dz9threat307055.ocx
c:\windows\system32\4e74sp9waz53142.ocx
c:\windows\system32\4f0fspy5zre3929.dll
c:\windows\system32\4fz5downloade988.bin
c:\windows\system32\4z45thre9t13435.ocx
c:\windows\system32\4z57add5a9e1569.bin
c:\windows\system32\4z95threat2775.exe
c:\windows\system32\5092zo5m789.dll
c:\windows\system32\5094viz5s70a.exe
c:\windows\system32\5133spzrse24539.dll
c:\windows\system32\5165spz9bot70a.cpl
c:\windows\system32\5185addwarez259.bin
c:\windows\system32\51b6viz14935.dll
c:\windows\system32\51cz9hief1695.ocx
c:\windows\system32\51ebsparse959z.dll
c:\windows\system32\525c9ownloader2z92.exe
c:\windows\system32\527do9nlo5der731z.bin
c:\windows\system32\530z1worm1a9.ocx
c:\windows\system32\53209virus31z.dll
c:\windows\system32\53529spy1ze.cpl
c:\windows\system32\535cdownloaderz0965.dll
c:\windows\system32\536addwaz93165.cpl
c:\windows\system32\5379backdooz1530.ocx
c:\windows\system32\5435szyware9355.ocx
c:\windows\system32\5449thiefz7555.cpl
c:\windows\system32\54656wzrm94.ocx
c:\windows\system32\54995iz930.ocx
c:\windows\system32\5508zp9567.exe
c:\windows\system32\550zaddware1095.cpl
c:\windows\system32\5514ztroj399.ocx
c:\windows\system32\55640vir9s326z.cpl
c:\windows\system32\5575s5ywar9498z.dll
c:\windows\system32\55955z9rm55f.dll
c:\windows\system32\55966virus12z.cpl
c:\windows\system32\55f59hiez1353.bin
c:\windows\system32\55z19pa5se2592.dll
c:\windows\system32\55z52spy297.exe
c:\windows\system32\563z9tro93d4.ocx
c:\windows\system32\5791vzr558.ocx
c:\windows\system32\579pyzare2071.bin
c:\windows\system32\5819tro9415z.dll
c:\windows\system32\5825trz56119.bin
c:\windows\system32\58b5addza9e3105.ocx
c:\windows\system32\58dbdownloaz9r1805.dll
c:\windows\system32\591dth9ef2z465.bin
c:\windows\system32\592zthi9f233.bin
c:\windows\system32\5950spyz639.dll
c:\windows\system32\595dvz9161.cpl
c:\windows\system32\5962spa5sz1010.bin
c:\windows\system32\596worz2955.cpl
c:\windows\system32\5988wor957z.cpl
c:\windows\system32\59b05hrea93z581.bin
c:\windows\system32\59ccsteaz1859.ocx
c:\windows\system32\59ddaddwaze9614.ocx
c:\windows\system32\5ae4z9r2396.exe
c:\windows\system32\5b11z9r13435.cpl
c:\windows\system32\5b9ebackdzor26125.ocx
c:\windows\system32\5bf7tzief57069.exe
c:\windows\system32\5c6edoznl5ader9200.ocx
c:\windows\system32\5ca39ddware2393z.exe
c:\windows\system32\5cc6vir19z7.dll
c:\windows\system32\5ce7add9arz505.cpl
c:\windows\system32\5d75zi51599.ocx
c:\windows\system32\5d9esparze23949.dll
c:\windows\system32\5dc4spazse9557.bin
c:\windows\system32\5dzb9ddware3209.dll
c:\windows\system32\5e68sparsz9149.dll
c:\windows\system32\5ec3thi9f4z7.ocx
c:\windows\system32\5ed1zi5934.ocx
c:\windows\system32\5f59adz5are1238.cpl
c:\windows\system32\5f91azdware2625.cpl
c:\windows\system32\5f9a9ddwzre3257.bin
c:\windows\system32\5feasp5rs946z.exe
c:\windows\system32\5z58sp5rse2989.exe
c:\windows\system32\5z60do5nloade9427.ocx
c:\windows\system32\5z72addware2959.dll
c:\windows\system32\5z849spam9ot1de.exe
c:\windows\system32\5z89w5rm7b9.ocx
c:\windows\system32\5z972worm59c.cpl
c:\windows\system32\5zadownloade9654.cpl
c:\windows\system32\5zf8add5are1319.cpl
c:\windows\system32\602f5hzeat4290.exe
c:\windows\system32\6159hi5fz08.ocx
c:\windows\system32\6219th9za58596.bin
c:\windows\system32\6335thre9tz9885.dll
c:\windows\system32\6496spz5se2552.dll
c:\windows\system32\649ftzr5at8879.dll
c:\windows\system32\6539steal99z.cpl
c:\windows\system32\657dsz9ware1896.dll
c:\windows\system32\6590hacktool3zf.bin
c:\windows\system32\68zbspyw9re2454.bin
c:\windows\system32\6901s5y6z4.dll
c:\windows\system32\6958z5t-a9virus4dd.exe
c:\windows\system32\6995spywar57z1.bin
c:\windows\system32\6fz7s59al1134.dll
c:\windows\system32\6z17thief2595.ocx
c:\windows\system32\6z26downloader9275.cpl
c:\windows\system32\6zd9vi52579.exe
c:\windows\system32\7059trzj9305.dll
c:\windows\system32\709z59yware1099.exe
c:\windows\system32\727cdow5load9r3179z.ocx
c:\windows\system32\72dzspyw5re1997.exe
c:\windows\system32\72f5adz5ar92323.bin
c:\windows\system32\7398tz5ef1896.cpl
c:\windows\system32\7399spar5e3z299.dll
c:\windows\system32\739bzc5door2114.bin
c:\windows\system32\74355hreat3z895.cpl
c:\windows\system32\7491d9wnload5r3174z.dll
c:\windows\system32\74ecd9wnloazer1529.ocx
c:\windows\system32\75285ir149z.dll
c:\windows\system32\752cth5eat1967z.bin
c:\windows\system32\75baspy9are88z.ocx
c:\windows\system32\7623hacktzol159.dll
c:\windows\system32\7690vz51959.ocx
c:\windows\system32\7896back5oor28z99.dll
c:\windows\system32\78bzddwar52891.dll
c:\windows\system32\7925zorm21e.cpl
c:\windows\system32\793znot-a9vir5s58.cpl
c:\windows\system32\7956dowzloader529.dll
c:\windows\system32\79c3s5ezl1409.cpl
c:\windows\system32\79f8steal5z93.ocx
c:\windows\system32\7a1cspz9se2635.ocx
c:\windows\system32\7a45b59kdoor21z0.dll
c:\windows\system32\7ac4t5zef5509.cpl
c:\windows\system32\7b3b9zy5are3043.ocx
c:\windows\system32\7b71s59al195z.exe
c:\windows\system32\7b9dsz5al569.cpl
c:\windows\system32\7be3a95warz5.bin
c:\windows\system32\7c3c5hzef6159.cpl
c:\windows\system32\7c3dow9loader23z85.ocx
c:\windows\system32\7d059ddwa5e12z4.bin
c:\windows\system32\7d65ad9wa5ez75.dll
c:\windows\system32\7e59t9ief30z1.ocx
c:\windows\system32\7e895hiez2568.bin
c:\windows\system32\7f05downloa9er1819z.ocx
c:\windows\system32\7fd29hreatz3150.ocx
c:\windows\system32\7ff8t5reat7709z.ocx
c:\windows\system32\7z09vir502.dll
c:\windows\system32\7z2195r795.cpl
c:\windows\system32\80z9spa9bo5585.ocx
c:\windows\system32\839159y49fz.cpl
c:\windows\system32\8550zp55d9.ocx
c:\windows\system32\8614hzcktoo51a49.cpl
c:\windows\system32\878vir5s9fbz.cpl
c:\windows\system32\8845not-a-v9ruz612.cpl
c:\windows\system32\8929roj5aez.ocx
c:\windows\system32\8950not-a-zirus2d6.cpl
c:\windows\system32\8951wozm19c.ocx
c:\windows\system32\89725pambo91z2.bin
c:\windows\system32\897zo5nloader2398.dll
c:\windows\system32\9007zot-a-viru58a9.bin
c:\windows\system32\9031zspy53f.bin
c:\windows\system32\90spyz965.ocx
c:\windows\system32\925z95py6b.exe
c:\windows\system32\9307trojz595.exe
c:\windows\system32\9365spambot5zc.dll
c:\windows\system32\9391spz2005.dll
c:\windows\system32\93ezackdoor6205.exe
c:\windows\system32\94197wo5m4zd.exe
c:\windows\system32\9549spamzo543b.bin
c:\windows\system32\9579troj9za.ocx
c:\windows\system32\95afdownloaderz603.ocx
c:\windows\system32\9611szam5ot4c1.cpl
c:\windows\system32\975zdownloader155.bin
c:\windows\system32\979zspy495.exe
c:\windows\system32\98e5tzreat7941.cpl
c:\windows\system32\9958sparse3z05.dll
c:\windows\system32\9a0dste5l5z9.ocx
c:\windows\system32\9a5zback5oor1452.exe
c:\windows\system32\9afs9ywz5e280.ocx
c:\windows\system32\9b99v5rz92.cpl
c:\windows\system32\9bd9downloazer2583.ocx
c:\windows\system32\9cebtzie51364.ocx
c:\windows\system32\9d11dowzlo5der728.dll
c:\windows\system32\9f70sparze2052.exe
c:\windows\system32\9f91ad5ware2011z.exe
c:\windows\system32\9zbeste5l2989.ocx
c:\windows\system32\a9czpars5314.dll
c:\windows\system32\bfb9tzal17835.dll
c:\windows\system32\c14d9wnloader5z5.cpl
c:\windows\system32\deaviz15795.dll
c:\windows\system32\drivers\gxvxcserv.sys
c:\windows\system32\drivers\MSIVXrxicqwionmenpxrssnqtxeeowntpbkpr.sys
c:\windows\system32\dz3backdoor59109.exe
c:\windows\system32\e90bazkdoo51474.bin
c:\windows\system32\f95zhreat454.bin
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXitvrsihbpotxkpqmeqixyvxojovtgevb.dll
c:\windows\system32\MSIVXvsgfpqxwdydrmqtticbmrfypbbrtmcpv.dll
c:\windows\system32\z0125teal29869.bin
c:\windows\system32\z092troj5e9.cpl
c:\windows\system32\z1195p9rse1921.ocx
c:\windows\system32\z1499wor53cd.dll
c:\windows\system32\z1835h5cktoolc09.bin
c:\windows\system32\z1bspywa9e175.ocx
c:\windows\system32\z2591wo5915.dll
c:\windows\system32\z3985s5y519.dll
c:\windows\system32\z5378worm905.cpl
c:\windows\system32\z555thr9at31909.dll
c:\windows\system32\z566hack9ool128.bin
c:\windows\system32\z5966sp9506.ocx
c:\windows\system32\z639virus755.cpl
c:\windows\system32\z6525virus955.bin
c:\windows\system32\z9093vi59s685.ocx
c:\windows\system32\z9495ir1172.dll
c:\windows\system32\z959w5r9659.cpl
c:\windows\system32\z9cs5eal965.cpl
c:\windows\system32\z9d7addware5553.ocx
c:\windows\system32\za5et59eat109.bin
c:\windows\system32\zfe25ddware2609.exe
c:\windows\z05addware2921.exe
c:\windows\z1448w59m561.cpl
c:\windows\z1sp5mbot498.ocx
c:\windows\z2afs9yware2522.bin
c:\windows\z4164wor595f.cpl
c:\windows\z4536w9rm1f5.cpl
c:\windows\z4754not-a-9ir5s325.cpl
c:\windows\z5540spy3c9.ocx
c:\windows\z5561virus69f.exe
c:\windows\z58929pambot7085.bin
c:\windows\z5894h5cktool3b7.cpl
c:\windows\z636backdo593228.exe
c:\windows\z6540troj192.cpl
c:\windows\z6f9steal2957.exe
c:\windows\z851thr9at249395.exe
c:\windows\z879hack9oo5618.cpl
c:\windows\z8fcth5eat97815.dll
c:\windows\z9148worm3259.cpl
c:\windows\z9691vi5us6fe.exe
c:\windows\z999thief3125.ocx

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_iprip

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-20 au 2009-06-20 ))))))))))))))))))))))))))))))))))))
.

2009-07-04 19:57 . 2009-07-04 19:57 13593 ----a-w- c:\windows\system32\709059zus2.bin
2009-06-20 20:28 . 2009-06-20 20:30 -------- d-----w- c:\users\PERSO\AppData\Local\temp
2009-06-20 16:27 . 2009-06-20 16:28 -------- d-----w- c:\users\PERSO\DoctorWeb
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- c:\program files\trend micro
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- C:\rsit
2009-06-20 13:42 . 2009-06-20 13:42 -------- d-----w- c:\program files\WinBlueSoft Software
2009-06-20 11:44 . 2009-06-20 11:44 -------- d-----w- c:\users\PERSO\Pavark
2009-06-19 23:59 . 2009-06-20 15:38 -------- d-----w- c:\program files\Sophos
2009-06-19 09:13 . 2009-06-19 09:13 -------- d-----w- c:\windows\PCHEALTH
2009-06-18 12:44 . 2009-06-19 09:42 -------- d-----w- c:\users\PERSO\Songs Reason
2009-06-17 20:29 . 2009-06-17 20:29 -------- d-----w- c:\program files\Propellerhead
2009-06-17 19:55 . 2009-03-31 12:47 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-06-17 19:55 . 2009-03-31 12:47 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-06-17 18:54 . 2009-06-17 20:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\Propellerhead Software
2009-06-17 18:54 . 2009-06-17 18:54 -------- d-----w- c:\programdata\Propellerhead Software
2009-06-17 18:47 . 2009-06-17 18:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-06-17 18:43 . 2009-06-17 18:43 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-17 18:42 . 2009-06-17 20:29 -------- d-----w- c:\users\PERSO\AppData\Roaming\DAEMON Tools Lite
2009-06-17 18:19 . 1996-07-18 11:06 297472 ----a-w- c:\windows\uninst.exe
2009-06-17 00:56 . 2009-06-17 00:56 16546800 ----a-w- c:\users\PERSO\AppData\Roaming\Uniblue\DriverScanner\LatestUpdate.exe
2009-06-17 00:55 . 2009-06-17 00:55 -------- dc-h--w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}
2009-06-17 00:55 . 2008-10-10 11:17 2652186 -c--a-w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}\DriverScanner_Setup.exe
2009-06-16 23:10 . 2009-06-16 23:10 -------- d-----w- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-06-14 20:25 . 2009-06-14 20:25 -------- d-----w- c:\programdata\Creative Labs
2009-06-14 20:21 . 2009-06-14 20:21 -------- d-----w- c:\program files\Common Files\Creative Labs Shared
2009-06-13 20:54 . 2009-06-13 20:54 -------- d-----w- c:\users\PERSO\AppData\Local\Nero
2009-06-13 20:41 . 2009-06-13 20:41 -------- d-----w- c:\users\PERSO\AppData\Roaming\Nero
2009-06-13 20:37 . 2009-06-13 20:40 -------- d-----w- c:\program files\Common Files\Nero
2009-06-13 20:37 . 2009-06-13 20:37 -------- d-----w- c:\programdata\Nero
2009-06-12 23:05 . 2009-06-12 23:05 -------- d-----w- c:\program files\G-Sonique
2009-06-11 08:51 . 2009-06-11 08:51 -------- dc-h--w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}
2009-06-11 08:51 . 2009-05-20 08:58 2841948 -c--a-w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}\PowerSuite2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}
2009-06-11 08:50 . 2009-05-04 14:27 2835559 -c--a-w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}\speedupmypc2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}
2009-06-11 08:50 . 2008-10-13 07:53 2567606 -c--a-w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}\Uniblue RegistryBooster.exe
2009-06-10 00:57 . 2009-06-12 10:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\vlc
2009-06-09 23:55 . 2009-06-09 23:55 -------- d-----w- c:\program files\DivoCodec
2009-06-09 21:19 . 2009-06-09 22:21 -------- d-----w- c:\users\PERSO\AppData\Roaming\LimeWire
2009-06-09 21:19 . 2009-06-09 21:19 -------- d-----w- c:\program files\360Share Pro
2009-06-03 11:14 . 2009-06-03 11:14 -------- d-----w- c:\program files\THQ
2009-06-02 22:18 . 2009-06-04 22:20 -------- d-----w- c:\program files\Pcsx2
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\AA2DeployClient
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\programdata\AA2DeployClient
2009-06-01 12:15 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\Deployment
2009-06-01 12:08 . 2009-06-17 00:57 -------- d-----w- c:\programdata\DriverScanner
2009-06-01 12:08 . 2009-06-11 09:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\Uniblue
2009-06-01 12:08 . 2009-06-11 08:52 -------- d-----w- c:\program files\Uniblue
2009-06-01 11:24 . 2009-06-18 08:48 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitTorrent
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\eu-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\ca-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\vi-VN
2009-05-27 07:09 . 2009-05-27 07:09 -------- d-----w- c:\windows\system32\EventProviders
2009-05-27 07:09 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-05-27 07:09 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-05-27 07:09 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-05-27 07:09 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-05-27 07:09 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-05-27 07:09 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-05-27 07:09 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\programdata\America's Army Deploy Client
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\program files\America's Army Deploy Client
2009-05-23 19:18 . 2009-05-23 19:18 10684866 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azump\mplayer.exe
2009-05-23 19:18 . 2009-05-23 19:18 4141117 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\mediainfo.exe
2009-05-23 19:18 . 2009-05-23 19:18 6516755 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\ffmpeg.exe
2009-05-22 03:30 . 2009-05-22 03:30 -------- d-----w- c:\programdata\WindowsSearch

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 20:28 . 2009-03-22 03:05 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-20 19:20 . 2008-01-21 07:23 740102 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-20 19:20 . 2008-01-21 07:23 150198 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-20 19:00 . 2009-04-27 16:49 -------- d-----w- c:\users\PERSO\AppData\Roaming\Azureus
2009-06-20 03:15 . 2009-01-10 13:44 -------- d-----w- c:\users\PERSO\AppData\Roaming\dvdcss
2009-06-19 17:27 . 2009-05-20 10:53 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-19 16:52 . 2009-01-10 13:31 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-18 08:57 . 2009-01-09 16:45 1 ----a-w- c:\users\PERSO\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-17 19:47 . 2009-02-01 17:10 -------- d-----w- c:\program files\Ableton
2009-06-17 17:51 . 2009-02-01 17:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ableton
2009-06-14 20:26 . 2009-01-10 13:03 -------- d-----w- c:\program files\Creative
2009-06-14 20:25 . 2009-01-10 15:44 -------- d-----w- c:\programdata\Creative
2009-06-14 20:22 . 2009-01-09 16:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 01:27 . 2009-04-13 13:33 -------- d-----w- c:\users\PERSO\AppData\Roaming\Skype
2009-06-13 21:47 . 2009-03-25 13:37 -------- d-----w- c:\program files\Google
2009-06-13 20:37 . 2009-01-09 17:05 -------- d-----w- c:\program files\Nero
2009-06-12 20:49 . 2009-05-09 16:31 -------- d-----w- c:\program files\Steam
2009-06-11 08:59 . 2009-03-23 20:53 -------- d-----w- c:\users\PERSO\AppData\Roaming\uTorrent
2009-06-02 20:01 . 2009-03-23 21:02 -------- d-----w- c:\program files\BitTorrent
2009-06-02 19:27 . 2009-04-27 16:49 -------- d-----w- c:\program files\Vuze
2009-06-01 12:22 . 2009-03-25 10:35 189392 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-01 12:18 . 2009-03-25 10:35 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-05-27 14:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-27 14:54 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-05-25 15:26 . 2009-05-05 20:31 304160 ----a-w- C:\PA207.DAT
2009-05-24 17:34 . 2009-03-24 21:19 -------- d-----w- c:\program files\America's Army Server Manager
2009-05-24 17:33 . 2009-03-24 21:18 -------- d-----w- c:\program files\America's Army
2009-05-24 12:07 . 2009-05-09 16:31 -------- d-----w- c:\program files\Common Files\Steam
2009-05-20 20:43 . 2009-01-09 17:02 -------- d-----w- c:\programdata\NVIDIA
2009-05-17 17:54 . 2009-05-17 17:54 52776 ----a-w- c:\users\PERSO\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Modèles
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Menu Démarrer
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Favoris
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Bureau
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\program files\Fichiers communs
2009-05-17 17:42 . 2009-05-17 17:42 21668 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-17 17:38 . 2009-04-02 00:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\SystemRequirementsLab
2009-05-17 17:38 . 2009-03-25 08:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\MySpace
2009-05-17 17:38 . 2009-01-09 16:45 -------- d-----w- c:\users\PERSO\AppData\Roaming\OpenOffice.org
2009-05-17 17:38 . 2009-01-16 19:18 -------- d-----w- c:\users\PERSO\AppData\Roaming\MP-Manager
2009-05-17 17:38 . 2009-01-16 19:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\MPMAN
2009-05-17 17:38 . 2009-01-09 16:52 -------- d-----w- c:\users\PERSO\AppData\Roaming\InstallShield
2009-05-17 17:38 . 2009-05-17 14:22 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitDefender
2009-05-17 17:38 . 2009-03-24 21:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\DriverCure
2009-05-17 17:38 . 2009-01-10 13:34 -------- d-----w- c:\users\PERSO\AppData\Roaming\Creative
2009-05-17 17:38 . 2009-04-06 20:43 -------- d-----w- c:\users\PERSO\AppData\Roaming\Apple Computer
2009-05-17 17:38 . 2009-01-09 17:07 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ahead
2009-05-17 17:31 . 2009-03-29 15:41 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-17 17:28 . 2009-05-17 17:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-09 05:50 . 2009-06-10 00:38 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 00:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-01 19:01 . 2009-05-01 19:01 15884 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess.dll
2009-05-01 19:01 . 2009-05-01 19:01 102400 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.14.3-x86.dll
2009-04-26 20:45 . 2009-03-25 08:36 -------- d-----w- c:\program files\MySpace
2009-04-23 12:15 . 2009-06-10 00:38 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:14 . 2009-06-10 00:38 623616 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-21 11:39 . 2009-06-10 00:38 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-04-11 06:33 . 2009-05-27 07:08 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-05-27 07:08 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-05-27 07:08 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-05-27 07:08 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-05-27 07:08 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-05-27 07:08 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-05-27 07:08 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-05-27 07:08 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-05-27 07:08 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-05-27 07:08 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 04:57 . 2009-05-27 07:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-05-27 07:08 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-05-27 07:08 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-05-27 07:08 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-05-27 07:08 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-05-27 07:08 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-05-27 07:08 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-05-27 07:08 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-05-27 07:08 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-05-27 07:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-05-27 07:08 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-05-27 07:08 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-05-27 07:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-05-27 07:08 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-05-27 07:08 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-05-27 07:08 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-05-27 07:08 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-05-27 07:08 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-05-27 07:08 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-05-27 07:08 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-05-27 07:08 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-05-27 07:08 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-03-05 16:08 . 2009-05-17 14:24 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2008-01-21 02:35 . 2008-01-21 02:35 168960 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmplayer.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 16:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-07-10 07:23 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-13 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-03-19 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-02-23 69632]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-25 16990208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SecurDisc"="c:\program files\Nero\Nero8\InCD\NBHGui.exe" [2008-07-10 2049320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^PERSO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):6d,3a,94,d6,db,de,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{62043F56-9769-4CB3-9904-46DDC8E8C207}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= TCP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"TCP Query User{E123E05D-A986-4165-AACC-D6573D159445}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= UDP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"UDP Query User{95825578-D630-44CA-A4F3-52E02C5FA711}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= TCP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"TCP Query User{43F15413-4E91-46DD-9BC8-C1E5F2108D7A}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= UDP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"UDP Query User{DC949683-CDEA-41E2-A0CE-C35E3B497363}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{664AF19B-0FE6-4FB4-A0D5-B6773FBAB280}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"{9873280A-B46A-4B3F-BB90-A6E653E1697A}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{CF625FAF-B41D-43A8-9308-1BB4F648512A}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EABDAB33-5B2D-43CA-B3C0-D43A6460AA5F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"UDP Query User{661BDC92-B998-46EF-9A0E-9D337ED40EBD}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"TCP Query User{82799CA4-4346-4696-B458-EC5770392217}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"{E668A50D-200E-4496-B47C-C1256BB92E6B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"UDP Query User{416AED8F-E2D3-4F3E-9DD1-1F1E9B375729}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{1D08B44A-8061-46C6-90BE-5A942C0CA713}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"{198C91BC-3C09-4EFA-8093-CFAF54C71C55}"= Disabled:TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{F13FFF80-397E-4425-8D01-C54387C503B1}"= Disabled:UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{B337DBDD-DC16-4DB1-95F2-541F81DB68F2}"= c:\program files\MySpace\IM\MySpaceIM.exe:MySpaceIM
"UDP Query User{032E7B4F-9DF6-489C-B9B7-EF3516799C46}c:\\users\\perso\\program files\\dna\\btdna.exe"= TCP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"TCP Query User{876D182E-70EF-4D08-A6C9-67604C815E4B}c:\\users\\perso\\program files\\dna\\btdna.exe"= UDP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"UDP Query User{D924E207-F4FB-4CEB-8A3A-BA7DFD18709E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{CB954CBA-FB8E-4625-B734-E7852C64D3E8}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{9A2C52DE-86F7-4C01-B1B9-55F5AD21235B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{CE2C0EDE-E278-4ABE-901C-9CDD17BBBA51}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"TCP Query User{A880DB37-3711-4B99-93B3-4196896CFEDF}c:\\program files\\america's army deploy client\\aadeployclient.exe"= UDP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{9DD0D3D6-1FDB-449E-9E41-4113C6554FC9}c:\\program files\\america's army deploy client\\aadeployclient.exe"= TCP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"TCP Query User{6E6AF77F-1725-482A-A1C6-B0CFED34EDC7}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{6FD19C95-1C99-4A0B-AC0E-85D6AF00A901}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"{7F1FF9E5-AF2C-43C5-9D37-5AC9A71F9B3B}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In)
"{09763EB7-5AF2-4E7C-8265-0A921584411A}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In)
"TCP Query User{B6D4425F-BD1D-4B61-8852-A11299019D52}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{906BEEDB-B74E-45FA-BE04-77766B5422E5}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{3BCA4250-3846-4656-AF04-08DE6743CBAE}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{695EED36-D15B-4939-82FE-E7F21B08787C}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{64304686-A2E5-498B-BE10-C8D2E6E60107}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"UDP Query User{C91C1C71-435A-493C-945F-5C9A47860A8F}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"{4483DEC1-1BBE-4862-8341-ABFB536E2BAE}"= Disabled:UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{7AB8F5C6-0990-42B2-9459-E1D3BD23298E}"= Disabled:TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{3A47CA1E-C6DA-4927-A6C6-D2006D9C1472}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:UDP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"UDP Query User{8A108734-8CEC-4CDD-BF13-14DEA1F506B1}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:TCP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/07/2008 09:23 53032]
R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [18/09/2008 12:09 111112]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\System32\drivers\viahduaa.sys [17/05/2009 20:19 906240]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [20/01/2009 19:16 172032]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [14/06/2009 22:21 79360]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29/03/2009 17:42 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 ksaud;Creative USB Audio Driver;c:\windows\System32\drivers\ksaud.sys [17/05/2009 20:19 802176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [17/05/2009 20:19 507136]
S3 SBUSBAV;Sound Blaster Audigy 2 ZS Video Editor Video Device;c:\windows\System32\drivers\sbusbav.sys [17/05/2009 20:18 101888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
rsmsvcs REG_MULTI_SZ ntmssvc
bdx REG_MULTI_SZ scan
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-15 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2009-03-13 13:37]

2009-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2350328726-818139621-3553498986-1000.job
- c:\users\PERSO\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-23 20:47]

2009-06-20 c:\windows\Tasks\User_Feed_Synchronization-{419DFB9A-D684-428A-AA2A-429C17D471AA}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]

2009-06-20 c:\windows\Tasks\User_Feed_Synchronization-{CFF2EE30-FAE0-472E-B713-63D3C384CF13}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{D97FC677-694D-4A75-AC89-A5B85C2BCFED} - c:\program files\IEToolbar\Bullseye Tool Bar\tbu01973\lw.dll

.
------- Examen supplémentaire -------
.
uStart Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fzx%3D1a10x3w67eko%26shva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2
FF - ProfilePath - c:\users\PERSO\AppData\Roaming\Mozilla\Firefox\Profiles\p2qm4nz7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=101764&l=dis
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\PERSO\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-20 22:30
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\

Réponse 25 / 69

gorgutz Messages postés 260 Statut Membre 12

zut! je copie/colle, prévisualise, confirme et rebelotte! Attends je cherche l' emplacement exact, je l' isole et l' envoie... désolé!

Réponse 26 / 69

gorgutz Messages postés 260 Statut Membre 12

--catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-20 22:30
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(3672)
c:\program files\Nero\Nero8\InCD\NBHShx.dll
c:\program files\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\BitDefender\BitDefender 2009\vsserv.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CISVC.EXE
c:\program files\Nero\Nero8\InCD\InCDsrv.exe
c:\windows\System32\PnkBstrA.exe
c:\windows\System32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\TCPSVCS.EXE
c:\windows\System32\WUDFHost.exe
c:\windows\System32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Heure de fin: 2009-06-20 22:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-20 20:33

Avant-CF: 196 693 729 280 octets libres
Après-CF: 196 513 734 656 octets libres

1137 --- E O F --- 2009-06-16 08:22

Pas de pain, pas de gain!

Réponse 27 / 69

Utilisateur anonyme

nos messages se sont croisés, je t'ai donné de quoi t'occuper jusqu'a mon retour demain :)

a+

Réponse 28 / 69

hitman-zone Messages postés 399 Statut Membre 31

Salut

quel est le site que tu as visité pour effectuer un free scan ?
et quel anti-virus utilises-tu ?

Réponse 29 / 69

gorgutz Messages postés 260 Statut Membre 12

Je suis passé par Windows Live One Care, pour un premier scan. J ai été redirigé vers WinBlueSoft par un pop up... J' utilise Bit Defender Antivirus...C' était cadeau avec l' ordi...

Réponse 30 / 69

hitman-zone Messages postés 399 Statut Membre 31

rechercher sur google "kaspersky online free scan"

pour l'anti virus "bitdefender" si la liscence de ce dernier est proche à s'expirer remet l'horloge du windows en arriere ex : 30/5/2008

et vous avez une liscence d'un an ca marche sur bitdefender 2009 anti-virus

gorgutz Messages postés 260 Statut Membre 12

J' ai une licence de deux ans pour 2 ordis, et c' est récent donc ça va...merci pour le coup de l' horloge, mais ça ne risque pas de perturber certains programmes???
Pourquoi Kaspersky mieux que les autre, à ton avis?

hitman-zone Messages postés 399 Statut Membre 31 > gorgutz Messages postés 260 Statut Membre

kaspersky est un anti-virus qui m'a aider il y a plusieur années moi j'utilise kaspersky anti-virus 2010 il peut detecter le virus meme si tu as debuter un telechargement il le detecte par reseau

Réponse 31 / 69

gorgutz Messages postés 260 Statut Membre 12

SmitFraudFix v2.422

Scan done at 0:09:18,19, 21/06/2009
Run from C:\Users\PERSO\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6002] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» DNS Before Fix

Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

»»»»»»»»»»»»»»»»»»»»»»»» DNS After Fix

Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

Réponse 32 / 69

gorgutz Messages postés 260 Statut Membre 12

SmitFraudFix v2.422

Scan done at 0:13:40,27, 21/06/2009
Run from C:\Users\PERSO\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6002] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Explorer.exe
C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Windows\system32\cmd.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\PERSO

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\PERSO\AppData\Local\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\PERSO\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\PERSO\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, following keys are not inevitably infected!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
DNS Server Search Order: 89.2.0.1
DNS Server Search Order: 89.2.0.2

HKLM\SYSTEM\CCS\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A}: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=89.2.0.1 89.2.0.2

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

Réponse 33 / 69

hitman-zone Messages postés 399 Statut Membre 31

bon travail les gars

Réponse 34 / 69

gorgutz Messages postés 260 Statut Membre 12

J' ai exécuté ToolBarSD,mais la fenêtre se ferme automatiquement, et je ne trouve aucun rapport...

anthony5151 Messages postés 10927 Statut Contributeur sécurité 790

Passe à la suite directement, tu as un rootkit qui bloque certaines outils de désinfection.

Réponse 35 / 69

gorgutz Messages postés 260 Statut Membre 12

Pour usb fix, je verrai demain matin... si je n' ai pas assez de ports USB dispos, je genererai plusieurs rapports de scans . La mauvaise nouvelle, c' est que ma copine a un portable, et je lui passe pas mal de fichiers. J' imagine qu'il faudra recommencer tout le tralala, usb fix ne scannant que les périphériques amovibles?

Réponse 36 / 69

gorgutz Messages postés 260 Statut Membre 12

@anthony:
je n' avais pas fais gaffe à ta signature...J' ai le droit à une pause café?je suis épuisé...:)

Réponse 37 / 69

gorgutz Messages postés 260 Statut Membre 12

Bon, dormi,mangé douché,frais dispo!
On en était à UsbFix: je l' ai installé sur mon bureau, exécuté en tant qu' administrateur, lancé le scan, et là il me dit qu' il va bientôt démarrer...ça fait 3 fois 1/2 heure...même en désinstallant/réinstallant... Une idée?

Réponse 38 / 69

gorgutz Messages postés 260 Statut Membre 12

J' attends toujours qu' il veuille bien démarrer...Y' a quelqu'un?

Réponse 39 / 69

Utilisateur anonyme

slt

je suis au taf et je repasse ce soir, a mon avis ton rootkit te bloque les outils

essies ceci en esperant qu'il fonctionne sinon on fera autrement :

Télécharge Malwarebytes’ Anti-Malware

- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- clic droit en tant qu'admin sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- clic droit en tant qu'admin sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller

a ce soir

merci anthony pour ton intervention :))
usbfix etait en effet pour verifier ;)

Réponse 40 / 69

gorgutz Messages postés 260 Statut Membre 12

Ok... Ça s' est mis à ramer grave: disparition du bureau, ctrl +alt+ suppr inefficace, obligé de redémarrer...
Là, il réinstalle tous mes périphériques, donc je relance Usbfix, à tout hasard, des fois que...
SURPRISE!
Voici le rapport:

ing\TrustedInstaller.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## [ Registre Startup ]

HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fzx%3D1a10x3w67eko%26shva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2"
HKCU_Main: "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr"
HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:02,b4,1c,d3,17,e9,c9,01
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""

HKLM_Run: BDAgent="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
HKLM_Run: BitDefender Antiphishing Helper="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
HKLM_Run: HDAudDeck=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: NvMediaCenter=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM_Run: Monitor=C:\Windows\PixArt\PAC207\Monitor.exe
HKLM_Run: SecurDisc=C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: Creative SB Monitoring Utility=RunDll32 sbavmon.dll,SBAVMonitor
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

HKLM_expl: "NoDriveAutoRun"=dword:3fffffff
HKLM_expl: "NoDriveTypeAutoRun"=dword:000000ff

################## [ Fichiers # Dossiers infectieux ]

Présent ! L:\recycler\S-4-5-98-100021733-100004767-100023061-9993.com

################## [ Registre # Clés Run infectieuses ]

################## [ Registre # Mountpoints2 ]

################## [ ! Fin du rapport # UsbFix V3.032 ! ]

Ultra Surinfecté !!!

69 réponses

Votre réponse

Discussions similaires

Newsletters