Faire planter Internet explorer 8
Résolu/Fermé
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
-
26 nov. 2009 à 20:15
Utilisateur anonyme - 26 nov. 2009 à 21:34
Utilisateur anonyme - 26 nov. 2009 à 21:34
A voir également:
- Faire planter Internet explorer 8
- Internet explorer 8 - Télécharger - Navigateurs
- Clé windows 8 - Guide
- Internet explorer 11 - Télécharger - Navigateurs
- Ouvrir internet explorer - Guide
- Internet explorer 9 - Télécharger - Navigateurs
8 réponses
Utilisateur anonyme
26 nov. 2009 à 20:18
26 nov. 2009 à 20:18
Bonsoir
Il ne faut absolument pas supprimer IE il sert pour mise à jour de windows;donc fait ceci stp merci.
1- Télécharge et installe le logiciel HijackThis :
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installation : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l’installation, le programme se lance automatiquement : ferme le en cliquant sur la croix rouge.
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
(Ne lance pas ce prg pour l'instant et fais la suite ... )
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer.
Clic droit sous VISTA (exécuter en tant que…)
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).
Poste le contenu de " log.txt " (c'est celui qui apparaît à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit
@+
Il ne faut absolument pas supprimer IE il sert pour mise à jour de windows;donc fait ceci stp merci.
1- Télécharge et installe le logiciel HijackThis :
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installation : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l’installation, le programme se lance automatiquement : ferme le en cliquant sur la croix rouge.
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
(Ne lance pas ce prg pour l'instant et fais la suite ... )
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer.
Clic droit sous VISTA (exécuter en tant que…)
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).
Poste le contenu de " log.txt " (c'est celui qui apparaît à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit
@+
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 20:22
26 nov. 2009 à 20:22
Ok merci pour l'information mais une idée de comment faire pour planter IE ?
Car pour le moment je n'ai pas d'autre solution pour attendre...
Car pour le moment je n'ai pas d'autre solution pour attendre...
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 20:31
26 nov. 2009 à 20:31
J'ai déjà fait la manipulation avec Rsit voilà le résultat :
Logfile of random's system information tool 1.06 (written by random/random)
Run by stephane at 2009-11-19 18:34:48
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 3
System drive C: has 40 GB (9%) free of 466 GB
Total RAM: 3326 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:01, on 19/11/2009
Platform: Windows Vista SP3 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Users\stephane\Documents\task.exe
C:\Users\stephane\Documents\Live Microsoft Update.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\explorer.exe
C:\Windows\system32\conime.exe
C:\Users\stephane\Desktop\ced\viral\RSIT.exe
C:\Program Files\trend micro\stephane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Task Menu] C:\Users\stephane\Documents\task.exe
O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\stephane\Documents\Live Microsoft Update.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: PES2010_widget4256769472.lnk = stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}: NameServer = 213.36.80.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1ca11d294080fbb) (gupdate1ca11d294080fbb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by stephane at 2009-11-19 18:34:48
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 3
System drive C: has 40 GB (9%) free of 466 GB
Total RAM: 3326 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:01, on 19/11/2009
Platform: Windows Vista SP3 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Users\stephane\Documents\task.exe
C:\Users\stephane\Documents\Live Microsoft Update.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\explorer.exe
C:\Windows\system32\conime.exe
C:\Users\stephane\Desktop\ced\viral\RSIT.exe
C:\Program Files\trend micro\stephane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Task Menu] C:\Users\stephane\Documents\task.exe
O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\stephane\Documents\Live Microsoft Update.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: PES2010_widget4256769472.lnk = stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}: NameServer = 213.36.80.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1ca11d294080fbb) (gupdate1ca11d294080fbb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Re
Voila tu es infecté par une infection transmise par support amovible et tu as également une barre d'outils(toolbar) néfaste.
Donc commençons:
1)=> Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
* Va dans démarrer puis panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.
2)Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3 ou celui ci
http://eric71.geekstogo.com/tools/ToolBarSD.exe
Lors du scan coupe ta connexion internet.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
3) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharge et install UsbFix de C_XX
Ici : : http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Clic droit "Exécuter en tant qu'administrateur" sur le raccourci UsbFix présent sur ton bureau.
# Choisi l option 1 (Recherche)
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Poste les rapports au fur et à mesure;merci
@+
Voila tu es infecté par une infection transmise par support amovible et tu as également une barre d'outils(toolbar) néfaste.
Donc commençons:
1)=> Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
* Va dans démarrer puis panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.
2)Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3 ou celui ci
http://eric71.geekstogo.com/tools/ToolBarSD.exe
Lors du scan coupe ta connexion internet.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
3) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharge et install UsbFix de C_XX
Ici : : http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Clic droit "Exécuter en tant qu'administrateur" sur le raccourci UsbFix présent sur ton bureau.
# Choisi l option 1 (Recherche)
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Poste les rapports au fur et à mesure;merci
@+
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 20:51
26 nov. 2009 à 20:51
Ceci à déjà été fait j'ai fait la recherche et la suppression je poste le résultat :
Pour la recherche
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C
Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F
Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF
Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81
Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F
Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6
Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C
Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100
Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681
Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5
Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2.DLL
Date (created): 11/08/2008 09:12:14
Date (last access): 04/10/2008 13:50:12
Date (last write): 11/08/2008 09:12:14
Filesize: 656696
Attributes: archive
MD5: F5508AC38274799624B53798F8BA7EE6
CRC32: AB441D08
Version: 1.2.8.7
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 19/11/2009 14:25:08
Date (last access): 19/11/2009 14:25:08
Date (last write): 26/01/2009 15:31:02
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 14:51:00
Date (last access): 20/03/2008 10:33:06
Date (last write): 24/08/2007 14:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 20/03/2008 10:32:50
Date (last access): 04/10/2008 13:45:10
Date (last write): 04/10/2008 13:45:10
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 24/08/2007 07:01:22
Date (last access): 06/11/2009 17:06:52
Date (last write): 24/08/2007 07:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 16:11:04
Date (last access): 05/03/2009 13:59:18
Date (last write): 17/02/2009 16:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2009 04:18:20
Date (last write): 11/10/2009 04:17:30
Filesize: 41760
Attributes: archive
MD5: C9EDE29F223A27873E187D9FB6045EA6
CRC32: 5951C3E0
Version: 6.0.170.4
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_17.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2009 02:14:36
Date (last access): 11/10/2073 04:18:30
Date (last write): 11/10/2009 04:17:30
Filesize: 136992
Attributes: archive
MD5: 3D58770680F268A23A8CE1F14B49AA2F
CRC32: 6091A816
Version: 6.0.170.4
--- Process list ---
PID: 3704 (1100) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 01DD1004181FD46ECDC3628228EB269D
PID: 3744 (3696) C:\Windows\Explorer.EXE
size: 2926592
MD5: D07D4C3038F3578FFCE1C0237F2A1253
PID: 3948 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
size: 151552
MD5: 1F171553F1138DC0062A71A7D275055A
PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149352
MD5: 2F237AAB91497AAA03AF48EAE68758FC
PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 5752 (3588) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 26464
MD5: ADC11749E6698FC30C603DFCCC4F98F2
PID: 3544 (5336) C:\Windows\system32\conime.exe
size: 69120
MD5: 6080A176D09435FC8E6E800996656E18
PID: 2652 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
size: 1457064
MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
size: 299520
MD5: A8986E339A9215B9410484814224531E
PID: 3524 (4972) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
size: 636080
MD5: 2C5168C856455CC43C4B4E1CC1920001
PID: 4724 (3524) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4680 (4724) C:\Windows\system32\findstr.exe
size: 60928
MD5: 186954438DE3DDBF0B46F895B7936DE3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 64000
PID: 564 ( 552) csrss.exe
size: 6144
PID: 624 ( 552) wininit.exe
size: 96768
PID: 636 ( 616) csrss.exe
size: 6144
PID: 672 ( 624) services.exe
size: 279552
PID: 684 ( 624) lsass.exe
size: 9728
PID: 696 ( 624) lsm.exe
size: 229888
PID: 796 ( 616) winlogon.exe
size: 314368
PID: 880 ( 672) svchost.exe
size: 21504
PID: 944 ( 672) nvvsvc.exe
size: 211488
PID: 972 ( 672) svchost.exe
size: 21504
PID: 1032 ( 672) svchost.exe
size: 21504
PID: 1064 ( 672) svchost.exe
size: 21504
PID: 1100 ( 672) svchost.exe
size: 21504
PID: 1112 ( 672) svchost.exe
size: 21504
PID: 1192 (1064) audiodg.exe
size: 88576
PID: 1220 ( 672) SLsvc.exe
size: 3408896
PID: 1256 ( 672) svchost.exe
size: 21504
PID: 1392 ( 672) svchost.exe
size: 21504
PID: 1584 ( 944) nvvsvc.exe
size: 211488
PID: 1684 ( 672) aswUpdSv.exe
PID: 1700 ( 672) ashServ.exe
PID: 2008 ( 672) spoolsv.exe
size: 127488
PID: 2032 ( 672) CCSVCHST.EXE
PID: 496 ( 672) svchost.exe
size: 21504
PID: 2368 ( 672) HPBtnSrv.exe
PID: 2500 ( 672) svchost.exe
size: 21504
PID: 2528 ( 672) IAANTmon.exe
PID: 2564 ( 672) LSSrvc.exe
PID: 2620 ( 672) svchost.exe
size: 21504
PID: 2780 ( 672) svchost.exe
size: 21504
PID: 2792 ( 672) svchost.exe
size: 21504
PID: 2816 ( 672) svchost.exe
size: 21504
PID: 2852 ( 672) svchost.exe
size: 21504
PID: 2880 ( 672) SearchIndexer.exe
size: 441344
PID: 3164 ( 672) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3372 (1100) WUDFHost.exe
size: 142336
PID: 3816 (1112) taskeng.exe
size: 169984
PID: 6028 ( 672) ashMaiSv.exe
PID: 3480 ( 672) ashWebSv.exe
PID: 5620 ( 672) wmpnetwk.exe
PID: 5824 ( 672) AluSchedulerSvc.exe
PID: 5280 ( 672) HPHC_Service.exe
PID: 5368 ( 672) PresentationFontCache.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 6: Fournisseur de services RSVP TCPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: Fournisseur de services RSVP TCP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 8: Fournisseur de services RSVP UDPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 9: Fournisseur de services RSVP UDP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP
Namespace Provider 5: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Pour la recherche
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C
Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F
Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF
Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81
Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F
Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6
Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C
Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100
Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681
Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5
Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2.DLL
Date (created): 11/08/2008 09:12:14
Date (last access): 04/10/2008 13:50:12
Date (last write): 11/08/2008 09:12:14
Filesize: 656696
Attributes: archive
MD5: F5508AC38274799624B53798F8BA7EE6
CRC32: AB441D08
Version: 1.2.8.7
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 19/11/2009 14:25:08
Date (last access): 19/11/2009 14:25:08
Date (last write): 26/01/2009 15:31:02
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 14:51:00
Date (last access): 20/03/2008 10:33:06
Date (last write): 24/08/2007 14:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 20/03/2008 10:32:50
Date (last access): 04/10/2008 13:45:10
Date (last write): 04/10/2008 13:45:10
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 24/08/2007 07:01:22
Date (last access): 06/11/2009 17:06:52
Date (last write): 24/08/2007 07:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 16:11:04
Date (last access): 05/03/2009 13:59:18
Date (last write): 17/02/2009 16:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2009 04:18:20
Date (last write): 11/10/2009 04:17:30
Filesize: 41760
Attributes: archive
MD5: C9EDE29F223A27873E187D9FB6045EA6
CRC32: 5951C3E0
Version: 6.0.170.4
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_17.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2009 02:14:36
Date (last access): 11/10/2073 04:18:30
Date (last write): 11/10/2009 04:17:30
Filesize: 136992
Attributes: archive
MD5: 3D58770680F268A23A8CE1F14B49AA2F
CRC32: 6091A816
Version: 6.0.170.4
--- Process list ---
PID: 3704 (1100) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 01DD1004181FD46ECDC3628228EB269D
PID: 3744 (3696) C:\Windows\Explorer.EXE
size: 2926592
MD5: D07D4C3038F3578FFCE1C0237F2A1253
PID: 3948 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
size: 151552
MD5: 1F171553F1138DC0062A71A7D275055A
PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149352
MD5: 2F237AAB91497AAA03AF48EAE68758FC
PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 5752 (3588) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 26464
MD5: ADC11749E6698FC30C603DFCCC4F98F2
PID: 3544 (5336) C:\Windows\system32\conime.exe
size: 69120
MD5: 6080A176D09435FC8E6E800996656E18
PID: 2652 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
size: 1457064
MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
size: 299520
MD5: A8986E339A9215B9410484814224531E
PID: 3524 (4972) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
size: 636080
MD5: 2C5168C856455CC43C4B4E1CC1920001
PID: 4724 (3524) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4680 (4724) C:\Windows\system32\findstr.exe
size: 60928
MD5: 186954438DE3DDBF0B46F895B7936DE3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 64000
PID: 564 ( 552) csrss.exe
size: 6144
PID: 624 ( 552) wininit.exe
size: 96768
PID: 636 ( 616) csrss.exe
size: 6144
PID: 672 ( 624) services.exe
size: 279552
PID: 684 ( 624) lsass.exe
size: 9728
PID: 696 ( 624) lsm.exe
size: 229888
PID: 796 ( 616) winlogon.exe
size: 314368
PID: 880 ( 672) svchost.exe
size: 21504
PID: 944 ( 672) nvvsvc.exe
size: 211488
PID: 972 ( 672) svchost.exe
size: 21504
PID: 1032 ( 672) svchost.exe
size: 21504
PID: 1064 ( 672) svchost.exe
size: 21504
PID: 1100 ( 672) svchost.exe
size: 21504
PID: 1112 ( 672) svchost.exe
size: 21504
PID: 1192 (1064) audiodg.exe
size: 88576
PID: 1220 ( 672) SLsvc.exe
size: 3408896
PID: 1256 ( 672) svchost.exe
size: 21504
PID: 1392 ( 672) svchost.exe
size: 21504
PID: 1584 ( 944) nvvsvc.exe
size: 211488
PID: 1684 ( 672) aswUpdSv.exe
PID: 1700 ( 672) ashServ.exe
PID: 2008 ( 672) spoolsv.exe
size: 127488
PID: 2032 ( 672) CCSVCHST.EXE
PID: 496 ( 672) svchost.exe
size: 21504
PID: 2368 ( 672) HPBtnSrv.exe
PID: 2500 ( 672) svchost.exe
size: 21504
PID: 2528 ( 672) IAANTmon.exe
PID: 2564 ( 672) LSSrvc.exe
PID: 2620 ( 672) svchost.exe
size: 21504
PID: 2780 ( 672) svchost.exe
size: 21504
PID: 2792 ( 672) svchost.exe
size: 21504
PID: 2816 ( 672) svchost.exe
size: 21504
PID: 2852 ( 672) svchost.exe
size: 21504
PID: 2880 ( 672) SearchIndexer.exe
size: 441344
PID: 3164 ( 672) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3372 (1100) WUDFHost.exe
size: 142336
PID: 3816 (1112) taskeng.exe
size: 169984
PID: 6028 ( 672) ashMaiSv.exe
PID: 3480 ( 672) ashWebSv.exe
PID: 5620 ( 672) wmpnetwk.exe
PID: 5824 ( 672) AluSchedulerSvc.exe
PID: 5280 ( 672) HPHC_Service.exe
PID: 5368 ( 672) PresentationFontCache.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 6: Fournisseur de services RSVP TCPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: Fournisseur de services RSVP TCP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 8: Fournisseur de services RSVP UDPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 9: Fournisseur de services RSVP UDP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP
Namespace Provider 5: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 20:51
26 nov. 2009 à 20:51
Pour la suppression :
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C
Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F
Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF
Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81
Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F
Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6
Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C
Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100
Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681
Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5
Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2.DLL
Date (created): 11/08/2008 09:12:14
Date (last access): 04/10/2008 13:50:12
Date (last write): 11/08/2008 09:12:14
Filesize: 656696
Attributes: archive
MD5: F5508AC38274799624B53798F8BA7EE6
CRC32: AB441D08
Version: 1.2.8.7
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 19/11/2009 14:25:08
Date (last access): 19/11/2009 14:25:08
Date (last write): 26/01/2009 15:31:02
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 14:51:00
Date (last access): 20/03/2008 10:33:06
Date (last write): 24/08/2007 14:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 20/03/2008 10:32:50
Date (last access): 04/10/2008 13:45:10
Date (last write): 04/10/2008 13:45:10
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 24/08/2007 07:01:22
Date (last access): 06/11/2009 17:06:52
Date (last write): 24/08/2007 07:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 16:11:04
Date (last access): 05/03/2009 13:59:18
Date (last write): 17/02/2009 16:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2009 04:18:20
Date (last write): 11/10/2009 04:17:30
Filesize: 41760
Attributes: archive
MD5: C9EDE29F223A27873E187D9FB6045EA6
CRC32: 5951C3E0
Version: 6.0.170.4
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_17.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2009 02:14:36
Date (last access): 11/10/2073 04:18:30
Date (last write): 11/10/2009 04:17:30
Filesize: 136992
Attributes: archive
MD5: 3D58770680F268A23A8CE1F14B49AA2F
CRC32: 6091A816
Version: 6.0.170.4
--- Process list ---
PID: 3704 (1100) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 01DD1004181FD46ECDC3628228EB269D
PID: 3744 (3696) C:\Windows\Explorer.EXE
size: 2926592
MD5: D07D4C3038F3578FFCE1C0237F2A1253
PID: 3948 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
size: 151552
MD5: 1F171553F1138DC0062A71A7D275055A
PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149352
MD5: 2F237AAB91497AAA03AF48EAE68758FC
PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 5752 (3588) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 26464
MD5: ADC11749E6698FC30C603DFCCC4F98F2
PID: 3544 (5336) C:\Windows\system32\conime.exe
size: 69120
MD5: 6080A176D09435FC8E6E800996656E18
PID: 2652 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
size: 1457064
MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
size: 299520
MD5: A8986E339A9215B9410484814224531E
PID: 3524 (4972) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
size: 636080
MD5: 2C5168C856455CC43C4B4E1CC1920001
PID: 4724 (3524) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4680 (4724) C:\Windows\system32\findstr.exe
size: 60928
MD5: 186954438DE3DDBF0B46F895B7936DE3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 64000
PID: 564 ( 552) csrss.exe
size: 6144
PID: 624 ( 552) wininit.exe
size: 96768
PID: 636 ( 616) csrss.exe
size: 6144
PID: 672 ( 624) services.exe
size: 279552
PID: 684 ( 624) lsass.exe
size: 9728
PID: 696 ( 624) lsm.exe
size: 229888
PID: 796 ( 616) winlogon.exe
size: 314368
PID: 880 ( 672) svchost.exe
size: 21504
PID: 944 ( 672) nvvsvc.exe
size: 211488
PID: 972 ( 672) svchost.exe
size: 21504
PID: 1032 ( 672) svchost.exe
size: 21504
PID: 1064 ( 672) svchost.exe
size: 21504
PID: 1100 ( 672) svchost.exe
size: 21504
PID: 1112 ( 672) svchost.exe
size: 21504
PID: 1192 (1064) audiodg.exe
size: 88576
PID: 1220 ( 672) SLsvc.exe
size: 3408896
PID: 1256 ( 672) svchost.exe
size: 21504
PID: 1392 ( 672) svchost.exe
size: 21504
PID: 1584 ( 944) nvvsvc.exe
size: 211488
PID: 1684 ( 672) aswUpdSv.exe
PID: 1700 ( 672) ashServ.exe
PID: 2008 ( 672) spoolsv.exe
size: 127488
PID: 2032 ( 672) CCSVCHST.EXE
PID: 496 ( 672) svchost.exe
size: 21504
PID: 2368 ( 672) HPBtnSrv.exe
PID: 2500 ( 672) svchost.exe
size: 21504
PID: 2528 ( 672) IAANTmon.exe
PID: 2564 ( 672) LSSrvc.exe
PID: 2620 ( 672) svchost.exe
size: 21504
PID: 2780 ( 672) svchost.exe
size: 21504
PID: 2792 ( 672) svchost.exe
size: 21504
PID: 2816 ( 672) svchost.exe
size: 21504
PID: 2852 ( 672) svchost.exe
size: 21504
PID: 2880 ( 672) SearchIndexer.exe
size: 441344
PID: 3164 ( 672) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3372 (1100) WUDFHost.exe
size: 142336
PID: 3816 (1112) taskeng.exe
size: 169984
PID: 6028 ( 672) ashMaiSv.exe
PID: 3480 ( 672) ashWebSv.exe
PID: 5620 ( 672) wmpnetwk.exe
PID: 5824 ( 672) AluSchedulerSvc.exe
PID: 5280 ( 672) HPHC_Service.exe
PID: 5368 ( 672) PresentationFontCache.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 6: Fournisseur de services RSVP TCPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: Fournisseur de services RSVP TCP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 8: Fournisseur de services RSVP UDPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 9: Fournisseur de services RSVP UDP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP
Namespace Provider 5: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)
--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C
Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F
Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF
Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81
Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F
Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6
Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C
Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100
Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681
Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5
Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2.DLL
Date (created): 11/08/2008 09:12:14
Date (last access): 04/10/2008 13:50:12
Date (last write): 11/08/2008 09:12:14
Filesize: 656696
Attributes: archive
MD5: F5508AC38274799624B53798F8BA7EE6
CRC32: AB441D08
Version: 1.2.8.7
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 19/11/2009 14:25:08
Date (last access): 19/11/2009 14:25:08
Date (last write): 26/01/2009 15:31:02
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14
{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 14:51:00
Date (last access): 20/03/2008 10:33:06
Date (last write): 24/08/2007 14:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 20/03/2008 10:32:50
Date (last access): 04/10/2008 13:45:10
Date (last write): 04/10/2008 13:45:10
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 24/08/2007 07:01:22
Date (last access): 06/11/2009 17:06:52
Date (last write): 24/08/2007 07:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 16:11:04
Date (last access): 05/03/2009 13:59:18
Date (last write): 17/02/2009 16:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6
{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2009 04:18:20
Date (last write): 11/10/2009 04:17:30
Filesize: 41760
Attributes: archive
MD5: C9EDE29F223A27873E187D9FB6045EA6
CRC32: 5951C3E0
Version: 6.0.170.4
--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_17.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2009 02:14:36
Date (last access): 11/10/2073 04:18:30
Date (last write): 11/10/2009 04:17:30
Filesize: 136992
Attributes: archive
MD5: 3D58770680F268A23A8CE1F14B49AA2F
CRC32: 6091A816
Version: 6.0.170.4
--- Process list ---
PID: 3704 (1100) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 01DD1004181FD46ECDC3628228EB269D
PID: 3744 (3696) C:\Windows\Explorer.EXE
size: 2926592
MD5: D07D4C3038F3578FFCE1C0237F2A1253
PID: 3948 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
size: 151552
MD5: 1F171553F1138DC0062A71A7D275055A
PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149352
MD5: 2F237AAB91497AAA03AF48EAE68758FC
PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 5752 (3588) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 26464
MD5: ADC11749E6698FC30C603DFCCC4F98F2
PID: 3544 (5336) C:\Windows\system32\conime.exe
size: 69120
MD5: 6080A176D09435FC8E6E800996656E18
PID: 2652 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
size: 1457064
MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
size: 299520
MD5: A8986E339A9215B9410484814224531E
PID: 3524 (4972) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
size: 636080
MD5: 2C5168C856455CC43C4B4E1CC1920001
PID: 4724 (3524) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4680 (4724) C:\Windows\system32\findstr.exe
size: 60928
MD5: 186954438DE3DDBF0B46F895B7936DE3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 64000
PID: 564 ( 552) csrss.exe
size: 6144
PID: 624 ( 552) wininit.exe
size: 96768
PID: 636 ( 616) csrss.exe
size: 6144
PID: 672 ( 624) services.exe
size: 279552
PID: 684 ( 624) lsass.exe
size: 9728
PID: 696 ( 624) lsm.exe
size: 229888
PID: 796 ( 616) winlogon.exe
size: 314368
PID: 880 ( 672) svchost.exe
size: 21504
PID: 944 ( 672) nvvsvc.exe
size: 211488
PID: 972 ( 672) svchost.exe
size: 21504
PID: 1032 ( 672) svchost.exe
size: 21504
PID: 1064 ( 672) svchost.exe
size: 21504
PID: 1100 ( 672) svchost.exe
size: 21504
PID: 1112 ( 672) svchost.exe
size: 21504
PID: 1192 (1064) audiodg.exe
size: 88576
PID: 1220 ( 672) SLsvc.exe
size: 3408896
PID: 1256 ( 672) svchost.exe
size: 21504
PID: 1392 ( 672) svchost.exe
size: 21504
PID: 1584 ( 944) nvvsvc.exe
size: 211488
PID: 1684 ( 672) aswUpdSv.exe
PID: 1700 ( 672) ashServ.exe
PID: 2008 ( 672) spoolsv.exe
size: 127488
PID: 2032 ( 672) CCSVCHST.EXE
PID: 496 ( 672) svchost.exe
size: 21504
PID: 2368 ( 672) HPBtnSrv.exe
PID: 2500 ( 672) svchost.exe
size: 21504
PID: 2528 ( 672) IAANTmon.exe
PID: 2564 ( 672) LSSrvc.exe
PID: 2620 ( 672) svchost.exe
size: 21504
PID: 2780 ( 672) svchost.exe
size: 21504
PID: 2792 ( 672) svchost.exe
size: 21504
PID: 2816 ( 672) svchost.exe
size: 21504
PID: 2852 ( 672) svchost.exe
size: 21504
PID: 2880 ( 672) SearchIndexer.exe
size: 441344
PID: 3164 ( 672) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3372 (1100) WUDFHost.exe
size: 142336
PID: 3816 (1112) taskeng.exe
size: 169984
PID: 6028 ( 672) ashMaiSv.exe
PID: 3480 ( 672) ashWebSv.exe
PID: 5620 ( 672) wmpnetwk.exe
PID: 5824 ( 672) AluSchedulerSvc.exe
PID: 5280 ( 672) HPHC_Service.exe
PID: 5368 ( 672) PresentationFontCache.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 6: Fournisseur de services RSVP TCPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: Fournisseur de services RSVP TCP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 8: Fournisseur de services RSVP UDPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 9: Fournisseur de services RSVP UDP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:
Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:
Namespace Provider 4: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP
Namespace Provider 5: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 21:02
26 nov. 2009 à 21:02
Voici le rapport fait à l'aide de usbfix :
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:53:57 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,67 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3856
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3020
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Program Files\Mozilla Firefox\firefox.exe 4308
C:\Windows\system32\SearchProtocolHost.exe 3312
C:\Windows\system32\SearchFilterHost.exe 3496
C:\Windows\system32\wbem\wmiprvse.exe 5248
################## | Fichiers # Dossiers infectieux |
C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}
shell\Auto\command =cmd /C launch.bat
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
HKCU\..\..\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}
shell\AutoRun\command =F:\Autorun.exe
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
################## | ! Fin du rapport # UsbFix V6.058 ! |
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:53:57 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,67 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3856
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3020
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Program Files\Mozilla Firefox\firefox.exe 4308
C:\Windows\system32\SearchProtocolHost.exe 3312
C:\Windows\system32\SearchFilterHost.exe 3496
C:\Windows\system32\wbem\wmiprvse.exe 5248
################## | Fichiers # Dossiers infectieux |
C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}
shell\Auto\command =cmd /C launch.bat
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
HKCU\..\..\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}
shell\AutoRun\command =F:\Autorun.exe
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
################## | ! Fin du rapport # UsbFix V6.058 ! |
Re
1)Ceci peux te poser également des soucis d'infections:
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
2) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Clic droit"exécuter en temps qu'administrateur" sur le raccourci UsbFix présent sur ton bureau
# choisi l option 2 (Suppression)
# Ton bureau disparaîtra et le pc redémarrera.
# Au redémarrage, UsbFix scannera ton pc, laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
@+
1)Ceci peux te poser également des soucis d'infections:
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
2) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Clic droit"exécuter en temps qu'administrateur" sur le raccourci UsbFix présent sur ton bureau
# choisi l option 2 (Suppression)
# Ton bureau disparaîtra et le pc redémarrera.
# Au redémarrage, UsbFix scannera ton pc, laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:UsbFix.txt )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
@+
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 21:21
26 nov. 2009 à 21:21
Voici le rapport dois-je l'envoyer au site? ou n'est-ce pas préférable?
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:13:08 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Windows\system32\SearchProtocolHost.exe 3504
C:\Windows\system32\SearchFilterHost.exe 1488
C:\Windows\system32\wbem\wmiprvse.exe 5800
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[20/03/2008 10:20|--a------|74] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
[20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
[10/12/2008 19:30|-rahs----|0] C:\IO.SYS
[10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[12/10/2008 17:07|--a------|574] C:\RHDSetup.log
[26/11/2009 17:14|--a------|1688] C:\TB.txt
[08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
[26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
[22/06/2007 16:44|---hs----|438328] D:\boo.mgr
[02/11/2006 00:53|---hs----|438840] D:\bootmgr
[19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
[20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
[04/10/2008 13:32|---hs----|428] D:\pcdr.ini
[19/06/2007 15:22|---hs----|181616] D:\Protect.ed
[20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
[26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
[15/03/2009 13:02|--a------|3051] K:\lapin.txt
[10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
[10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
[25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# K:\autorun.inf -> Dossier créé par UsbFix.
# M:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
Merci pour ton aide précieuse.
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:13:08 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Windows\system32\SearchProtocolHost.exe 3504
C:\Windows\system32\SearchFilterHost.exe 1488
C:\Windows\system32\wbem\wmiprvse.exe 5800
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[20/03/2008 10:20|--a------|74] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
[20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
[10/12/2008 19:30|-rahs----|0] C:\IO.SYS
[10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[12/10/2008 17:07|--a------|574] C:\RHDSetup.log
[26/11/2009 17:14|--a------|1688] C:\TB.txt
[08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
[26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
[22/06/2007 16:44|---hs----|438328] D:\boo.mgr
[02/11/2006 00:53|---hs----|438840] D:\bootmgr
[19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
[20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
[04/10/2008 13:32|---hs----|428] D:\pcdr.ini
[19/06/2007 15:22|---hs----|181616] D:\Protect.ed
[20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
[26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
[15/03/2009 13:02|--a------|3051] K:\lapin.txt
[10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
[10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
[25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# K:\autorun.inf -> Dossier créé par UsbFix.
# M:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
Merci pour ton aide précieuse.
silverius
Messages postés
229
Date d'inscription
jeudi 19 novembre 2009
Statut
Membre
Dernière intervention
1 février 2024
47
26 nov. 2009 à 21:22
26 nov. 2009 à 21:22
Voici le rapport dois-je l'envoyer au site? ou n'est-ce pas préférable?
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:13:08 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Windows\system32\SearchProtocolHost.exe 3504
C:\Windows\system32\SearchFilterHost.exe 1488
C:\Windows\system32\wbem\wmiprvse.exe 5800
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[20/03/2008 10:20|--a------|74] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
[20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
[10/12/2008 19:30|-rahs----|0] C:\IO.SYS
[10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[12/10/2008 17:07|--a------|574] C:\RHDSetup.log
[26/11/2009 17:14|--a------|1688] C:\TB.txt
[08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
[26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
[22/06/2007 16:44|---hs----|438328] D:\boo.mgr
[02/11/2006 00:53|---hs----|438840] D:\bootmgr
[19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
[20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
[04/10/2008 13:32|---hs----|428] D:\pcdr.ini
[19/06/2007 15:22|---hs----|181616] D:\Protect.ed
[20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
[26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
[15/03/2009 13:02|--a------|3051] K:\lapin.txt
[10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
[10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
[25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# K:\autorun.inf -> Dossier créé par UsbFix.
# M:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
Merci pour ton aide précieuse.
############################## | UsbFix V6.058 |
User : stephane (Administrateurs) # GAIAII
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:13:08 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
Internet Explorer 7.0.6002.18005
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
L:\ -> Disque amovible
M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS
############################## | Processus actifs |
C:\Windows\System32\smss.exe 484
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\csrss.exe 620
C:\Windows\system32\wininit.exe 628
C:\Windows\system32\services.exe 668
C:\Windows\system32\lsass.exe 684
C:\Windows\system32\lsm.exe 692
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 880
C:\Windows\system32\nvvsvc.exe 944
C:\Windows\system32\svchost.exe 972
C:\Windows\System32\svchost.exe 1040
C:\Windows\System32\svchost.exe 1116
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1156
C:\Windows\system32\SLsvc.exe 1316
C:\Windows\system32\svchost.exe 1352
C:\Windows\system32\nvvsvc.exe 1476
C:\Windows\system32\svchost.exe 1512
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
C:\Windows\System32\spoolsv.exe 260
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
C:\Windows\system32\svchost.exe 872
C:\Windows\system32\taskeng.exe 2332
c:\hp\HPEZBTN\HPBtnSrv.exe 2500
C:\Windows\system32\svchost.exe 2600
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
C:\Windows\System32\svchost.exe 2692
C:\Windows\System32\svchost.exe 2736
C:\Windows\system32\svchost.exe 2748
C:\Windows\system32\svchost.exe 2776
C:\Windows\System32\svchost.exe 2832
C:\Windows\system32\SearchIndexer.exe 2872
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
C:\Windows\system32\WUDFHost.exe 3260
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
C:\Windows\system32\taskeng.exe 4752
C:\Windows\system32\Dwm.exe 3692
C:\Windows\Explorer.EXE 2348
C:\Program Files\Windows Defender\MSASCui.exe 5024
C:\Windows\RtHDVCpl.exe 4940
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
C:\Program Files\Java\jre6\bin\jusched.exe 5500
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
C:\Program Files\Windows Sidebar\sidebar.exe 5716
C:\Windows\ehome\ehtray.exe 5708
C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
C:\Users\stephane\Documents\task.exe 3816
C:\Windows\ehome\ehmsas.exe 3484
C:\Program Files\Windows Media Player\wmpnetwk.exe 336
C:\Windows\system32\schtasks.exe 1060
C:\hp\kbd\kbd.exe 1752
C:\Windows\system32\conime.exe 4020
C:\Windows\System32\mobsync.exe 5576
C:\Windows\system32\taskeng.exe 4772
C:\Program Files\iPod\bin\iPodService.exe 5464
C:\Program Files\iTunes\iTunesHelper.exe 4776
C:\Program Files\Internet Explorer\IEUser.exe 3404
C:\Program Files\Internet Explorer\iexplore.exe 1652
C:\Windows\system32\SearchProtocolHost.exe 3504
C:\Windows\system32\SearchFilterHost.exe 1488
C:\Windows\system32\wbem\wmiprvse.exe 5800
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\Windows\System32\autorun.inf
################## | Registre # Clés infectieuses |
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[20/03/2008 10:20|--a------|74] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
[20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
[10/12/2008 19:30|-rahs----|0] C:\IO.SYS
[10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[12/10/2008 17:07|--a------|574] C:\RHDSetup.log
[26/11/2009 17:14|--a------|1688] C:\TB.txt
[08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
[26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
[22/06/2007 16:44|---hs----|438328] D:\boo.mgr
[02/11/2006 00:53|---hs----|438840] D:\bootmgr
[19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
[20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
[04/10/2008 13:32|---hs----|428] D:\pcdr.ini
[19/06/2007 15:22|---hs----|181616] D:\Protect.ed
[20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
[26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
[15/03/2009 13:02|--a------|3051] K:\lapin.txt
[10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
[10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
[25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# K:\autorun.inf -> Dossier créé par UsbFix.
# M:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f
"E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191
"M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf
"M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd
"M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f
"C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
-> Contain : OfflineActivation.exe
"E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
-> Contain : DeleteSecuromReg.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : rld-sim3.exe
"C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
-> contain : TS3.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : GTAIV.exe
"E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
-> contain : LaunchGTAIV.exe
"E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
-> contain : Jericho.exe
"M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
-> contain : FalloutLauncher.exe
Merci pour ton aide précieuse.