Virus!!!
VecteurK
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Bonjour,
Je crois que je suis infecté par un virus. j'ai trouvé un site avec quelque demarche et il me disait d'envoyer un rapport RIST. Donc j'aimerais un peu d'aide SVP
Logfile of random's system information tool 1.06 (written by random/random)
Run by utilisateur at 2009-09-26 16:31:53
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 126 GB (66%) free of 191 GB
Total RAM: 503 MB (24% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\wrSpySweeperFullSweep.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-09-22 1219072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-09-22 1219072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 73728]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-05 2550272]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2004-07-02 57344]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-08-20 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-08-20 118784]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-06 196608]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-09 5418864]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-07-22 1181064]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-09-26 2171904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-13 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-09-15 1998576]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-09-26 3055616]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Mymy\Mes documents\LimeWire\LimeWire.exe"="C:\Documents and Settings\Mymy\Mes documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - open - C:\Sympat\Comm\Program\Netscape.exe "%1"
======List of files/folders created in the last 1 months======
2009-09-26 16:31:54 ----D---- C:\Program Files\trend micro
2009-09-26 16:31:53 ----D---- C:\rsit
2009-09-26 08:41:25 ----D---- C:\Program Files\Crawler
2009-09-26 08:41:22 ----D---- C:\Documents and Settings\utilisateur\Application Data\Spyware Terminator
2009-09-26 08:41:15 ----D---- C:\Program Files\Spyware Terminator
2009-09-26 08:41:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-09-26 08:28:52 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-09-26 08:28:47 ----D---- C:\Program Files\Spyware Doctor
2009-09-26 08:28:47 ----D---- C:\Documents and Settings\utilisateur\Application Data\PC Tools
2009-09-26 08:28:47 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-09-26 06:28:12 ----A---- C:\Bug.txt
2009-09-26 06:28:05 ----A---- C:\WINDOWS\system32\cmd.execf
2009-09-26 06:27:35 ----D---- C:\32788R22FWJFW
2009-09-26 06:27:14 ----A---- C:\WINDOWS\system32\CF21428.exe
2009-09-26 06:19:26 ----D---- C:\Qoobox
2009-09-26 05:53:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-09-26 05:53:32 ----D---- C:\Program Files\SUPERAntiSpyware
2009-09-26 05:53:32 ----D---- C:\Documents and Settings\utilisateur\Application Data\SUPERAntiSpyware.com
2009-09-26 05:53:01 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-09-26 04:08:57 ----A---- C:\WINDOWS\system32\KDSInterface.txt
2009-09-26 02:58:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-26 02:43:17 ----D---- C:\WINDOWS\pss
2009-09-26 01:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-09-26 01:04:29 ----D---- C:\Program Files\STOPzilla!
2009-09-26 01:04:27 ----D---- C:\Program Files\Fichiers communs\iS3
2009-09-26 01:04:26 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-09-26 00:31:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-26 00:31:30 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 15:16:23 ----D---- C:\Program Files\Daniusoft
2009-09-25 15:14:25 ----D---- C:\Program Files\WinZip
2009-09-25 15:09:38 ----D---- C:\Documents and Settings\All Users\Application Data\WinZipSE
2009-09-25 15:05:23 ----D---- C:\Documents and Settings\utilisateur\Application Data\BitTorrent
2009-09-25 15:05:14 ----D---- C:\Program Files\BitTorrent
2009-09-25 04:44:19 ----D---- C:\Converted
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-09-25 03:52:33 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-09-25 03:52:33 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-09-25 03:52:31 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-09-25 03:52:30 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-09-25 03:52:30 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2009-09-25 03:52:29 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-09-25 03:41:14 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-09-25 03:41:13 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-09-25 03:41:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-09-25 03:41:12 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-09-25 03:41:11 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-09-25 03:41:10 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-09-25 03:41:09 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-09-25 03:41:08 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-09-25 03:41:08 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-09-25 03:41:07 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-09-25 03:41:06 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-09-25 03:41:06 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-09-25 03:41:05 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-09-25 03:41:04 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-09-25 02:54:42 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-09-25 02:54:42 ----N---- C:\WINDOWS\system32\pxin
Bonjour,
Je crois que je suis infecté par un virus. j'ai trouvé un site avec quelque demarche et il me disait d'envoyer un rapport RIST. Donc j'aimerais un peu d'aide SVP
Logfile of random's system information tool 1.06 (written by random/random)
Run by utilisateur at 2009-09-26 16:31:53
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 126 GB (66%) free of 191 GB
Total RAM: 503 MB (24% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\wrSpySweeperFullSweep.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-09-22 1219072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-09-22 1219072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 73728]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-05 2550272]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2004-07-02 57344]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-08-20 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-08-20 118784]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-06 196608]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-09 5418864]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-07-22 1181064]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-09-26 2171904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-13 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-09-15 1998576]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-09-26 3055616]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Mymy\Mes documents\LimeWire\LimeWire.exe"="C:\Documents and Settings\Mymy\Mes documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - open - C:\Sympat\Comm\Program\Netscape.exe "%1"
======List of files/folders created in the last 1 months======
2009-09-26 16:31:54 ----D---- C:\Program Files\trend micro
2009-09-26 16:31:53 ----D---- C:\rsit
2009-09-26 08:41:25 ----D---- C:\Program Files\Crawler
2009-09-26 08:41:22 ----D---- C:\Documents and Settings\utilisateur\Application Data\Spyware Terminator
2009-09-26 08:41:15 ----D---- C:\Program Files\Spyware Terminator
2009-09-26 08:41:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-09-26 08:28:52 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-09-26 08:28:47 ----D---- C:\Program Files\Spyware Doctor
2009-09-26 08:28:47 ----D---- C:\Documents and Settings\utilisateur\Application Data\PC Tools
2009-09-26 08:28:47 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-09-26 06:28:12 ----A---- C:\Bug.txt
2009-09-26 06:28:05 ----A---- C:\WINDOWS\system32\cmd.execf
2009-09-26 06:27:35 ----D---- C:\32788R22FWJFW
2009-09-26 06:27:14 ----A---- C:\WINDOWS\system32\CF21428.exe
2009-09-26 06:19:26 ----D---- C:\Qoobox
2009-09-26 05:53:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-09-26 05:53:32 ----D---- C:\Program Files\SUPERAntiSpyware
2009-09-26 05:53:32 ----D---- C:\Documents and Settings\utilisateur\Application Data\SUPERAntiSpyware.com
2009-09-26 05:53:01 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-09-26 04:08:57 ----A---- C:\WINDOWS\system32\KDSInterface.txt
2009-09-26 02:58:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-09-26 02:43:17 ----D---- C:\WINDOWS\pss
2009-09-26 01:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-09-26 01:04:29 ----D---- C:\Program Files\STOPzilla!
2009-09-26 01:04:27 ----D---- C:\Program Files\Fichiers communs\iS3
2009-09-26 01:04:26 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-09-26 00:31:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-26 00:31:30 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 15:16:23 ----D---- C:\Program Files\Daniusoft
2009-09-25 15:14:25 ----D---- C:\Program Files\WinZip
2009-09-25 15:09:38 ----D---- C:\Documents and Settings\All Users\Application Data\WinZipSE
2009-09-25 15:05:23 ----D---- C:\Documents and Settings\utilisateur\Application Data\BitTorrent
2009-09-25 15:05:14 ----D---- C:\Program Files\BitTorrent
2009-09-25 04:44:19 ----D---- C:\Converted
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-09-25 03:52:34 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-09-25 03:52:33 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-09-25 03:52:33 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-09-25 03:52:32 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-09-25 03:52:31 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-09-25 03:52:30 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-09-25 03:52:30 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2009-09-25 03:52:29 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-09-25 03:41:14 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-09-25 03:41:13 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-09-25 03:41:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-09-25 03:41:12 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-09-25 03:41:11 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-09-25 03:41:10 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-09-25 03:41:09 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-09-25 03:41:08 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-09-25 03:41:08 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-09-25 03:41:07 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-09-25 03:41:06 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-09-25 03:41:06 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-09-25 03:41:05 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-09-25 03:41:04 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-09-25 02:54:42 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-09-25 02:54:42 ----N---- C:\WINDOWS\system32\pxin
A voir également:
- Virus!!!
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
