Virus et Malware , mise au point
takerdu94
-
pedrodu69 Messages postés 279 Statut Membre -
pedrodu69 Messages postés 279 Statut Membre -
Bonjour,
Depuis la semaine dernière , Antivir me détecte tout les jours ( et plusieurs fois pas jours ) ce malware : HEUR/HTML.Malware . ça arrive aussi quand ma soeur va sur le pc . ( je pense à un faux positif mais pas sur )
Aujourd'hui , voici ce que j'ai reçu d'Antivir :
Dans le fichier 'C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\muul0zof.default\Cache\D8DC39A3d01'
un virus ou un programme indésirable 'HTML/Infected.WebPage.Gen' [virus] a été détecté.
Action exécutée : Supprimer le fichier
Je remercie toute âme charitable qui voudra bien m'aider . Je précise que j'ai fait un Ccleaner
Merci d'avance , Je vous poste un RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by Propriétaire at 2009-07-07 15:13:24
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 64 GB (21%) free of 305 GB
Total RAM: 3071 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:30, on 07/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Documents and Settings\Propriétaire\Bureau\telechargement\RSIT.exe
C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 6755 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Steam\SteamApps\popo94\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\garrysmod\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\garrysmod\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe"="C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Fichiers communs\PocketSoft\RTPatch\AutoRTP\artpschd.exe"="C:\Program Files\Fichiers communs\PocketSoft\RTPatch\AutoRTP\artpschd.exe:*:Enabled:artpschd"
"C:\Program Files\Ground Control II\gcii.exe"="C:\Program Files\Ground Control II\gcii.exe:*:Enabled:Ground Control II"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"C:\Program Files\Steam\SteamApps\popo94\day of defeat source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Bohemia Interactive\ArmA\arma.exe"="C:\Program Files\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Sierra\FEAR\FEAR.exe"="C:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR"
"C:\Program Files\Sierra\FEAR\fpupdate.exe"="C:\Program Files\Sierra\FEAR\fpupdate.exe:*:Enabled:fpupdate"
"C:\Program Files\Steam\SteamApps\popo94\team fortress 2\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:*:Enabled:World in Conflict"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:*:Enabled:World in Conflict - En ligne uniquement"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:*:Enabled:World in Conflict - Serveur dédié"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Steam\SteamApps\popo94\insurgency\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\insurgency\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\zombie panic! source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\zombie panic! source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\synergy\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\diprip warm up\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\diprip warm up\hl2.exe:*:Enabled:hl2"
"C:\Program Files\THQ\Company of Heroes\RelicCOH.exe"="C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes"
"C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Bâtisseurs d'Empire"
"C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\mm.exe"="C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\mm.exe:*:Enabled:mm"
"C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\runme.exe"="C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\runme.exe:*:Enabled:Dark Messiah Might and Magic Multi-Player"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:Peggle Extreme"
"C:\Program Files\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe"="C:\Program Files\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe:*:Enabled:LOCK ON"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
"C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:*:Enabled:Battlefield 2142"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe"="C:\Program Files\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe:*:Enabled:Max Payne 2: The Fall of Max Payne"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe"="C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe:*:Enabled:removeit"
"C:\Program Files\Steam\SteamApps\popo94\source sdk base\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe"="C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Downloader"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\bdf9dffe5259449a960f840b5c7af5f6\RelicDownloader.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\bdf9dffe5259449a960f840b5c7af5f6\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Program Files\Kalypso\Sins of a Solar Empire\Sins of a Solar Empire.exe"="C:\Program Files\Kalypso\Sins of a Solar Empire\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"C:\Program Files\Codemasters\DiRT\DiRT.exe"="C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe"="C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
"C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe"="C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:*:Enabled:Lost Via Domus Game"
"C:\Program Files\Ubisoft\Lost Via Domus\gu.exe"="C:\Program Files\Ubisoft\Lost Via Domus\gu.exe:*:Enabled:Lost Via Domus Updater"
"C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe"="C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe:*:Enabled:Lost Via Domus Requirements Tool"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-06 15:58:59 ----D---- C:\Program Files\QuickTime
2009-07-06 15:58:57 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-07-06 15:58:37 ----SHD---- C:\Config.Msi
2009-07-02 19:50:09 ----D---- C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2009-06-26 22:20:45 ----D---- C:\Program Files\Avira
2009-06-26 22:20:45 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-26 17:04:26 ----D---- C:\Program Files\Codemasters
2009-06-26 16:22:34 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-06-26 16:22:34 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-06-26 16:22:32 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-23 19:22:02 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-06-23 19:21:49 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-06-13 19:55:32 ----D---- C:\Documents and Settings\All Users\Application Data\Ironclad Games
2009-06-13 19:27:25 ----HD---- C:\WINDOWS\msdownld.tmp
2009-06-13 19:27:05 ----D---- C:\WINDOWS\ie8updates
2009-06-13 19:26:17 ----D---- C:\WINDOWS\WBEM
2009-06-13 19:25:26 ----HDC---- C:\WINDOWS\ie8
2009-06-13 19:16:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Stardock
2009-06-13 19:16:03 ----D---- C:\Program Files\Stardock
2009-06-13 19:16:03 ----D---- C:\Documents and Settings\All Users\Application Data\Stardock
2009-06-13 19:15:54 ----HDC---- C:\Documents and Settings\All Users\Application Data\{AD1633B8-8F63-40E6-8A96-9AF47AC850E1}
2009-06-11 23:36:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 23:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-11 23:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 23:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 23:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\keystone.exe
2009-06-10 08:29:32 ----A---- C:\WINDOWS\system32\nview.dll
2009-06-10 08:29:30 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2009-06-10 08:29:30 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsth.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssk.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrspl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrshu.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsel.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrscs.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-06-10 08:29:16 ----A---- C:\WINDOWS\system32\nvwssr.dll
2009-06-10 08:29:12 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-06-10 08:29:08 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2009-06-10 08:29:06 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-06-10 08:29:02 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2009-06-10 08:29:02 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2009-06-10 08:28:58 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-06-10 08:28:56 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2009-06-10 08:28:52 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-06-10 08:28:48 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-06-08 22:39:06 ----D---- C:\Program Files\Adobe
2009-06-08 22:09:46 ----A---- C:\UsbFix.txt
======List of files/folders modified in the last 1 months======
2009-07-07 15:13:30 ----D---- C:\WINDOWS\Prefetch
2009-07-07 15:05:47 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Skype
2009-07-07 15:02:43 ----D---- C:\Program Files\Mozilla Firefox
2009-07-07 14:28:20 ----D---- C:\WINDOWS
2009-07-07 13:15:04 ----D---- C:\Program Files\Steam
2009-07-07 12:59:05 ----D---- C:\WINDOWS\system32
2009-07-07 12:59:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-07 12:55:16 ----D---- C:\WINDOWS\Temp
2009-07-07 12:55:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-07 11:15:58 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-07-06 20:54:58 ----D---- C:\Documents and Settings\Propriétaire\Application Data\skypePM
2009-07-06 15:59:32 ----SHD---- C:\WINDOWS\Installer
2009-07-06 15:58:59 ----RD---- C:\Program Files
2009-07-06 10:51:04 ----HD---- C:\WINDOWS\inf
2009-07-06 10:51:04 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-05 22:26:52 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2009-07-05 14:19:39 ----D---- C:\WINDOWS\system32\drivers
2009-07-02 19:50:07 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-07-02 19:49:36 ----D---- C:\WINDOWS\system32\DirectX
2009-07-02 19:49:20 ----RSD---- C:\WINDOWS\assembly
2009-07-02 19:43:06 ----D---- C:\Program Files\Ubisoft
2009-07-02 19:43:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-01 11:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-07-01 11:18:08 ----D---- C:\Program Files\Bohemia Interactive
2009-06-29 15:42:27 ----D---- C:\Program Files\CCleaner
2009-06-26 22:19:37 ----D---- C:\WINDOWS\WinSxS
2009-06-23 19:23:46 ----D---- C:\WINDOWS\Help
2009-06-23 19:22:58 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-23 19:22:31 ----D---- C:\Program Files\AGEIA Technologies
2009-06-23 19:22:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-23 19:21:30 ----D---- C:\NVIDIA
2009-06-21 19:53:24 ----D---- C:\Documents and Settings
2009-06-20 09:29:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-14 18:42:53 ----D---- C:\WINDOWS\Debug
2009-06-13 19:28:57 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-13 19:28:56 ----D---- C:\Program Files\Internet Explorer
2009-06-13 19:27:09 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-13 19:26:19 ----D---- C:\WINDOWS\system32\config
2009-06-13 19:26:08 ----D---- C:\WINDOWS\Media
2009-06-13 19:16:19 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-06-08 22:39:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-08 22:39:27 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-06-08 22:20:08 ----D---- C:\UsbFix
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-22 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-01-06 279712]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-01-06 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-18 66872]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
Depuis la semaine dernière , Antivir me détecte tout les jours ( et plusieurs fois pas jours ) ce malware : HEUR/HTML.Malware . ça arrive aussi quand ma soeur va sur le pc . ( je pense à un faux positif mais pas sur )
Aujourd'hui , voici ce que j'ai reçu d'Antivir :
Dans le fichier 'C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\muul0zof.default\Cache\D8DC39A3d01'
un virus ou un programme indésirable 'HTML/Infected.WebPage.Gen' [virus] a été détecté.
Action exécutée : Supprimer le fichier
Je remercie toute âme charitable qui voudra bien m'aider . Je précise que j'ai fait un Ccleaner
Merci d'avance , Je vous poste un RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by Propriétaire at 2009-07-07 15:13:24
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 64 GB (21%) free of 305 GB
Total RAM: 3071 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:30, on 07/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Documents and Settings\Propriétaire\Bureau\telechargement\RSIT.exe
C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
--
End of file - 6755 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Steam\SteamApps\popo94\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\garrysmod\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\garrysmod\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe"="C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Fichiers communs\PocketSoft\RTPatch\AutoRTP\artpschd.exe"="C:\Program Files\Fichiers communs\PocketSoft\RTPatch\AutoRTP\artpschd.exe:*:Enabled:artpschd"
"C:\Program Files\Ground Control II\gcii.exe"="C:\Program Files\Ground Control II\gcii.exe:*:Enabled:Ground Control II"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"C:\Program Files\Steam\SteamApps\popo94\day of defeat source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Bohemia Interactive\ArmA\arma.exe"="C:\Program Files\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Sierra\FEAR\FEAR.exe"="C:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR"
"C:\Program Files\Sierra\FEAR\fpupdate.exe"="C:\Program Files\Sierra\FEAR\fpupdate.exe:*:Enabled:fpupdate"
"C:\Program Files\Steam\SteamApps\popo94\team fortress 2\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic.exe:*:Enabled:World in Conflict"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_online.exe:*:Enabled:World in Conflict - En ligne uniquement"
"C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe"="C:\Program Files\Sierra Entertainment\World in Conflict\wic_ds.exe:*:Enabled:World in Conflict - Serveur dédié"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Steam\SteamApps\popo94\insurgency\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\insurgency\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\zombie panic! source\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\zombie panic! source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\synergy\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\popo94\diprip warm up\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\diprip warm up\hl2.exe:*:Enabled:hl2"
"C:\Program Files\THQ\Company of Heroes\RelicCOH.exe"="C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes"
"C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe"="C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Bâtisseurs d'Empire"
"C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\mm.exe"="C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\mm.exe:*:Enabled:mm"
"C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\runme.exe"="C:\Program Files\Steam\SteamApps\popo94\dark messiah might and magic multi-player\runme.exe:*:Enabled:Dark Messiah Might and Magic Multi-Player"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:Peggle Extreme"
"C:\Program Files\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe"="C:\Program Files\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe:*:Enabled:LOCK ON"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire"
"C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:*:Enabled:Battlefield 2142"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe"="C:\Program Files\Steam\SteamApps\common\max payne 2 the fall of max payne\maxpayne2.exe:*:Enabled:Max Payne 2: The Fall of Max Payne"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe"="C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe:*:Enabled:removeit"
"C:\Program Files\Steam\SteamApps\popo94\source sdk base\hl2.exe"="C:\Program Files\Steam\SteamApps\popo94\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe"="C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Downloader"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\bdf9dffe5259449a960f840b5c7af5f6\RelicDownloader.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\bdf9dffe5259449a960f840b5c7af5f6\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Program Files\Kalypso\Sins of a Solar Empire\Sins of a Solar Empire.exe"="C:\Program Files\Kalypso\Sins of a Solar Empire\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"C:\Program Files\Codemasters\DiRT\DiRT.exe"="C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe"="C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
"C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe"="C:\Program Files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:*:Enabled:Lost Via Domus Game"
"C:\Program Files\Ubisoft\Lost Via Domus\gu.exe"="C:\Program Files\Ubisoft\Lost Via Domus\gu.exe:*:Enabled:Lost Via Domus Updater"
"C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe"="C:\Program Files\Ubisoft\Lost Via Domus\detection\Launcher.exe:*:Enabled:Lost Via Domus Requirements Tool"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-06 15:58:59 ----D---- C:\Program Files\QuickTime
2009-07-06 15:58:57 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-07-06 15:58:37 ----SHD---- C:\Config.Msi
2009-07-02 19:50:09 ----D---- C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2009-06-26 22:20:45 ----D---- C:\Program Files\Avira
2009-06-26 22:20:45 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-26 17:04:26 ----D---- C:\Program Files\Codemasters
2009-06-26 16:22:34 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-06-26 16:22:34 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-06-26 16:22:33 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-06-26 16:22:32 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-06-23 19:22:02 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-06-23 19:21:49 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-06-13 19:55:32 ----D---- C:\Documents and Settings\All Users\Application Data\Ironclad Games
2009-06-13 19:27:25 ----HD---- C:\WINDOWS\msdownld.tmp
2009-06-13 19:27:05 ----D---- C:\WINDOWS\ie8updates
2009-06-13 19:26:17 ----D---- C:\WINDOWS\WBEM
2009-06-13 19:25:26 ----HDC---- C:\WINDOWS\ie8
2009-06-13 19:16:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Stardock
2009-06-13 19:16:03 ----D---- C:\Program Files\Stardock
2009-06-13 19:16:03 ----D---- C:\Documents and Settings\All Users\Application Data\Stardock
2009-06-13 19:15:54 ----HDC---- C:\Documents and Settings\All Users\Application Data\{AD1633B8-8F63-40E6-8A96-9AF47AC850E1}
2009-06-11 23:36:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 23:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-11 23:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 23:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 23:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2009-06-10 08:29:36 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-06-10 08:29:34 ----A---- C:\WINDOWS\system32\keystone.exe
2009-06-10 08:29:32 ----A---- C:\WINDOWS\system32\nview.dll
2009-06-10 08:29:30 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2009-06-10 08:29:30 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsth.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrssk.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrspl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrshu.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsel.dll
2009-06-10 08:29:22 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrscs.dll
2009-06-10 08:29:20 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-06-10 08:29:16 ----A---- C:\WINDOWS\system32\nvwssr.dll
2009-06-10 08:29:12 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-06-10 08:29:08 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2009-06-10 08:29:06 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-06-10 08:29:02 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2009-06-10 08:29:02 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-06-10 08:29:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2009-06-10 08:28:58 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-06-10 08:28:56 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2009-06-10 08:28:52 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-06-10 08:28:50 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-06-10 08:28:48 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-06-08 22:39:06 ----D---- C:\Program Files\Adobe
2009-06-08 22:09:46 ----A---- C:\UsbFix.txt
======List of files/folders modified in the last 1 months======
2009-07-07 15:13:30 ----D---- C:\WINDOWS\Prefetch
2009-07-07 15:05:47 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Skype
2009-07-07 15:02:43 ----D---- C:\Program Files\Mozilla Firefox
2009-07-07 14:28:20 ----D---- C:\WINDOWS
2009-07-07 13:15:04 ----D---- C:\Program Files\Steam
2009-07-07 12:59:05 ----D---- C:\WINDOWS\system32
2009-07-07 12:59:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-07 12:55:16 ----D---- C:\WINDOWS\Temp
2009-07-07 12:55:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-07 11:15:58 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-07-06 20:54:58 ----D---- C:\Documents and Settings\Propriétaire\Application Data\skypePM
2009-07-06 15:59:32 ----SHD---- C:\WINDOWS\Installer
2009-07-06 15:58:59 ----RD---- C:\Program Files
2009-07-06 10:51:04 ----HD---- C:\WINDOWS\inf
2009-07-06 10:51:04 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-05 22:26:52 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2009-07-05 14:19:39 ----D---- C:\WINDOWS\system32\drivers
2009-07-02 19:50:07 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-07-02 19:49:36 ----D---- C:\WINDOWS\system32\DirectX
2009-07-02 19:49:20 ----RSD---- C:\WINDOWS\assembly
2009-07-02 19:43:06 ----D---- C:\Program Files\Ubisoft
2009-07-02 19:43:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-01 11:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-07-01 11:18:08 ----D---- C:\Program Files\Bohemia Interactive
2009-06-29 15:42:27 ----D---- C:\Program Files\CCleaner
2009-06-26 22:19:37 ----D---- C:\WINDOWS\WinSxS
2009-06-23 19:23:46 ----D---- C:\WINDOWS\Help
2009-06-23 19:22:58 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-23 19:22:31 ----D---- C:\Program Files\AGEIA Technologies
2009-06-23 19:22:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-23 19:21:30 ----D---- C:\NVIDIA
2009-06-21 19:53:24 ----D---- C:\Documents and Settings
2009-06-20 09:29:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-14 18:42:53 ----D---- C:\WINDOWS\Debug
2009-06-13 19:28:57 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-13 19:28:56 ----D---- C:\Program Files\Internet Explorer
2009-06-13 19:27:09 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-13 19:26:19 ----D---- C:\WINDOWS\system32\config
2009-06-13 19:26:08 ----D---- C:\WINDOWS\Media
2009-06-13 19:16:19 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-10 18:33:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-06-08 22:39:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-08 22:39:27 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-06-08 22:20:08 ----D---- C:\UsbFix
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-22 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-01-06 279712]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-01-06 25888]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-18 66872]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.5
A voir également:
- Virus et Malware , mise au point
- Malwarebytes anti-malware - Télécharger - Antivirus & Antimalwares
- Point de suite word - Guide
- Mise en forme conditionnelle excel - Guide
- Mise a jour chrome - Accueil - Applications & Logiciels
- Virus mcafee - Accueil - Piratage
4 réponses
Bonjour ,
Avec Hijackthis , tu fais " do a scan only " et tu séléctionne :
"O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab"
Puis tu fais Fix checked
Avec Hijackthis , tu fais " do a scan only " et tu séléctionne :
"O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab"
Puis tu fais Fix checked
Bonjour,
En attendant qu'un helper ( spécialiste en sécurité et désinfection ) vienne à ton aide,essaie ceci
Télécharge MalwareByte anti malware ici: http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s(...) c'est un logiciel gratuit ,faire mise à jour et ensuite recherche examen complet et supprime ce qu'il te trouve
Et ce logiciel très efficace en essaie ici : Tuneup http://www.tuneup.fr/products/tuneup-utilities/ et le lancer . logiciel extra et regroupant un tas d'analyse une fois installé ,tu auras deux icônes de raccourcis sur ton bureau,
Le premier Tuneup maintenance en un clic tu le lance et répare tout ce qui est en rouge sur les résultat d'analyse,
Sur le deuxième icône de raccourcis Tuneup utilities 2008 là tu choisis tout ce que tu désire faire sur ton pc analyse ,rangement ,défragmntation disque dur ,base de régistre etc ... etc ... ce logiciel a lui tout seul regroupe un tas de choses ,tres simple à utiliser il est vraiment extra tu me diras ce que tu en penses ,
Tu peut également avant de faire Tuneup qui est a faire en dernier car ce n'est pas un logiciel de désinfection,mais il te permet de trier ,ranger ,défragmenter etc. etc. disque dur base de régistre et plein d'autre chose>.
Faire ceci https://www.superantispyware.com/
Tiens nous au courant stp
Bonne chance et bon dimanche
En attendant qu'un helper ( spécialiste en sécurité et désinfection ) vienne à ton aide,essaie ceci
Télécharge MalwareByte anti malware ici: http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s(...) c'est un logiciel gratuit ,faire mise à jour et ensuite recherche examen complet et supprime ce qu'il te trouve
Et ce logiciel très efficace en essaie ici : Tuneup http://www.tuneup.fr/products/tuneup-utilities/ et le lancer . logiciel extra et regroupant un tas d'analyse une fois installé ,tu auras deux icônes de raccourcis sur ton bureau,
Le premier Tuneup maintenance en un clic tu le lance et répare tout ce qui est en rouge sur les résultat d'analyse,
Sur le deuxième icône de raccourcis Tuneup utilities 2008 là tu choisis tout ce que tu désire faire sur ton pc analyse ,rangement ,défragmntation disque dur ,base de régistre etc ... etc ... ce logiciel a lui tout seul regroupe un tas de choses ,tres simple à utiliser il est vraiment extra tu me diras ce que tu en penses ,
Tu peut également avant de faire Tuneup qui est a faire en dernier car ce n'est pas un logiciel de désinfection,mais il te permet de trier ,ranger ,défragmenter etc. etc. disque dur base de régistre et plein d'autre chose>.
Faire ceci https://www.superantispyware.com/
Tiens nous au courant stp
Bonne chance et bon dimanche
