Trojan ou virus je ne ses pas aider moi svp
kizzle
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j explique tout les problème que je rencontre je commence. beaucoup de page de recherche ouvre sur mon ordinateur pour rien des fois mon clavier ne fonctionne plus des fois sa l'écrie dans les endroit de chat ou n importe quel place que sa peux ecrire des exemple: ajsdfadfiafnienfsefinaisfn a infinie et sa n'arrête presque jamais. quand je joue a des jeux ma page redescends et je reviens a mon bureau quelque fois aussi sa me sort de ma session d ordinateur et quand j essaie di retourner les lettre a infinie fais son travail et je ne peux plus rien faire quand je rentre dans mon ordinateur j'ai des message d alerte comme quoi il me manque des fichier ou des dossier important blabla je ne suis plus capable aider moi quelqu'un . voici mon log de hijack
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - *{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: (no name) - {F2DA03D0-73C2-6E17-A69F-B28F5F2EA431} - C:\WINDOWS\whbzseev.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [itccyckA] C:\WINDOWS\itccyckA.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Enregistrement de all-in-one Epson.lnk = D:\EREG\EpsonReg.EXE
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\wvavusd.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate1c9efc02850e80) (gupdate1c9efc02850e80) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
j explique tout les problème que je rencontre je commence. beaucoup de page de recherche ouvre sur mon ordinateur pour rien des fois mon clavier ne fonctionne plus des fois sa l'écrie dans les endroit de chat ou n importe quel place que sa peux ecrire des exemple: ajsdfadfiafnienfsefinaisfn a infinie et sa n'arrête presque jamais. quand je joue a des jeux ma page redescends et je reviens a mon bureau quelque fois aussi sa me sort de ma session d ordinateur et quand j essaie di retourner les lettre a infinie fais son travail et je ne peux plus rien faire quand je rentre dans mon ordinateur j'ai des message d alerte comme quoi il me manque des fichier ou des dossier important blabla je ne suis plus capable aider moi quelqu'un . voici mon log de hijack
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - *{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: (no name) - {F2DA03D0-73C2-6E17-A69F-B28F5F2EA431} - C:\WINDOWS\whbzseev.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [itccyckA] C:\WINDOWS\itccyckA.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Enregistrement de all-in-one Epson.lnk = D:\EREG\EpsonReg.EXE
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\wvavusd.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate1c9efc02850e80) (gupdate1c9efc02850e80) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
A voir également:
- Trojan cockroach
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
- Virus trojan al11 ✓ - Forum Virus
20 réponses
salllut attention suis bien tout a la lettre :
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur
_______________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
======================================================
▶ On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
▶ copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur
_______________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
======================================================
▶ On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
▶ copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
ComboFix 10-02-08.06 - karl 2010-02-08 23:25:10.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.2047.1598 [GMT -5:00]
Lancé depuis: c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Temporary Internet Files\Ssk.log
c:\documents and settings\karl\Local Settings\Temporary Internet Files\search.html
C:\install.exe
c:\program files\eqadvice
c:\program files\eqadvice\hf.txt
c:\program files\eqadvice\sf.txt
c:\program files\eqadvice\Uninstall.exe
c:\program files\whInstall
c:\program files\whInstall\license.txt
c:\program files\whInstall\readme.txt
c:\program files\whInstall\whAgent.ini
c:\recycler\S-1-5-21-1220945662-813497703-854245398-1003
C:\secure32.html
C:\test.txt
c:\windows\S2FybA
c:\windows\S2FybA\mZIVvE.vbs
c:\windows\system32\828687878882
c:\windows\system32\828687878882\444849494A44
c:\windows\system32\828687878882\45494A4A4B45
c:\windows\system32\828687878882\474B4C4C4D47
c:\windows\system32\828687878882\646869696A64
c:\windows\system32\828687878882\65696A6A6B65
c:\windows\system32\828687878882\D3D7D8D8D9D3
c:\windows\system32\828687878882\D9DDDEDEDFD9
c:\windows\system32\828687878882\F9FDFEFEFFF9
c:\windows\system32\service
c:\windows\system32\SIntf16.dll
c:\windows\system32\sstray.exe
c:\windows\system32\tmp3.tmp
c:\windows\uninst2.htm
c:\windows\unist1.htm
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Legacy_WINDOWS_OVERLAY_COMPONENTS
-------\Service_cmdService
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-09 au 2010-02-09 ))))))))))))))))))))))))))))))))))))
.
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-02-09 02:24 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-08 21:22 . 2010-02-08 21:22 -------- d-----w- c:\program files\TrendMicro
2010-02-08 04:12 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-08 03:57 . 2010-02-08 03:57 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Roblox
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxDownloads
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxVersions
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Leadertech
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- C:\EPSONREG
2010-01-14 16:26 . 2004-02-27 10:01 79654 ----a-w- c:\windows\system32\E_FLM9AA.DLL
2010-01-14 16:26 . 2003-05-21 06:27 64000 ----a-w- c:\windows\system32\E_FBCB9AA.DLL
2010-01-14 16:26 . 2000-06-07 05:01 34304 ----a-w- c:\windows\system32\E_FBCH9AA.DLL
2010-01-14 16:26 . 2010-01-14 16:26 -------- d-----w- c:\windows\EPSON CardMonitor Essential
2010-01-14 16:26 . 2003-07-02 06:00 131072 ----a-w- c:\windows\system32\Epcmlib.dll
2010-01-14 16:25 . 2010-01-14 16:25 -------- d-----w- c:\windows\EPSON PhotoStarter Essential
2010-01-14 16:25 . 2010-01-14 16:28 -------- d-----w- c:\program files\epson
2010-01-14 16:25 . 2003-08-06 05:00 29184 ----a-w- c:\windows\system32\escwiadn.dll
2010-01-14 16:25 . 2003-07-01 05:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-01-14 16:25 . 2003-07-01 05:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2010-01-12 19:19 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 08:59 . 2010-02-03 23:36 87160 ----a-w- c:\documents and settings\LocalService.AUTORITE NT\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-10 21:49 . 2010-02-09 04:36 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Deployment
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 04:35 . 2007-05-31 03:25 -------- d-----w- c:\program files\Steam
2010-02-09 04:16 . 2010-02-09 02:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 02:25 . 2010-02-09 02:25 5115824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Malwarebytes
2010-02-08 21:22 . 2010-02-08 21:22 388096 ----a-r- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-08 21:19 . 2006-04-14 18:15 -------- d-----w- c:\program files\Warcraft III
2010-02-08 03:56 . 2009-07-19 02:25 -------- d-----w- c:\program files\Lavasoft
2010-02-08 03:56 . 2009-06-29 03:36 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-02-08 03:51 . 2006-03-29 22:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 22:27 . 2005-11-12 00:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-07 22:27 . 2008-10-10 15:44 -------- d-----w- c:\program files\Garena
2010-02-07 21:04 . 2005-12-13 03:03 -------- d-----w- c:\program files\LimeWire
2010-02-07 21:03 . 2006-07-31 17:57 -------- d-----w- c:\program files\Sony
2010-02-07 21:02 . 2005-11-13 20:03 -------- d-----w- c:\program files\Starcraft
2010-02-05 22:34 . 2009-01-07 07:25 -------- d-----w- c:\program files\BitComet
2010-02-04 23:25 . 2006-07-21 05:06 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-02 23:43 . 2006-03-05 08:32 -------- d-----w- c:\program files\World of Warcraft
2010-01-31 03:13 . 2008-10-06 01:48 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-26 04:01 . 2006-04-14 18:21 91647 ----a-w- c:\windows\War3Unin.dat
2010-01-22 08:18 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 19:58 . 2009-12-21 23:04 79488 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-16 02:33 . 2008-10-06 01:48 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-10 06:31 . 2010-01-10 06:31 86576 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2010-01-10 06:31 . 2010-01-10 06:31 132672 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2010-01-10 06:31 . 2010-01-10 06:31 392728 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2010-01-07 21:07 . 2010-02-09 02:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-03 23:59 . 2010-01-03 23:59 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D2A6A317-7450-472F-8C72-17783BD2E5E3}
2010-01-03 23:59 . 2010-01-03 23:59 -------- d-----w- c:\program files\Viewer
2010-01-03 23:49 . 2010-01-03 23:49 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\FUJIFILM
2009-12-24 21:31 . 2006-06-27 19:19 1331584 ----a-w- c:\program files\Tenacious D - Dear Penis.mp3
2009-12-24 00:46 . 2006-12-30 19:05 2934647 ----a-w- c:\program files\Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
2009-12-24 00:46 . 2006-12-30 19:05 5283840 ----a-w- c:\program files\Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
2009-12-24 00:45 . 2006-08-03 00:50 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Apple Computer
2009-12-23 20:55 . 2006-12-30 19:03 5839654 ----a-w- c:\program files\G-Unit - Lay You Down.mp3
2009-12-22 19:05 . 2001-09-28 17:00 84526 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-22 19:05 . 2001-09-28 17:00 510324 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-22 02:33 . 2009-03-19 16:57 -------- d-----w- c:\program files\Windows Live
2009-12-22 02:33 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-22 02:32 . 2009-12-22 02:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-22 02:30 . 2009-12-22 02:30 -------- d-----w- c:\program files\Microsoft
2009-12-21 19:07 . 2004-08-04 04:54 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-07 14:10 . 2010-02-08 03:57 2953352 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2009-11-21 15:58 . 2004-08-04 04:54 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2008-11-24 03:31 . 2008-11-24 03:31 7168 --sha-w- c:\program files\Thumbs.db
2007-11-20 05:30 . 2007-11-20 05:26 4442072 ----a-w- c:\program files\Timberland and One Republic - Apologize.mp3
2007-09-02 16:40 . 2007-09-02 16:29 39839888 ----a-w- c:\program files\Elvis Presley - Video - My Way.avi
2007-09-02 16:36 . 2007-09-02 16:30 33219256 ----a-w- c:\program files\ Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
2007-09-02 16:05 . 2007-09-02 16:00 40135480 ----a-w- c:\program files\Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
2007-09-02 16:00 . 2007-09-02 16:00 1167481 ----a-w- c:\program files\lisa marie presley with elvis.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\hound doggy elvis presly.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\presley elvis loving you.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\pretty women elvis presley.mov
2007-09-02 15:27 . 2007-09-02 15:12 2713025 ----a-w- c:\program files\Greace - John Travolta Grease - I Got Chills.mp3
2007-09-02 15:24 . 2007-09-02 15:20 5603706 ----a-w- c:\program files\Mandy Moore - Only Hope - A Walk to Remember(3).mp3
2007-09-02 15:23 . 2007-09-02 15:10 3475375 ----a-w- c:\program files\Grease Soundtrack - Summer Love.mp3
2007-09-02 15:21 . 2007-09-02 15:19 3514496 ----a-w- c:\program files\Kelly Clarkson - Because Of You.mp3
2007-09-02 15:18 . 2007-09-02 15:12 2097152 ----a-w- c:\program files\T-2729580-Greace - You're The One That I Want.mp3
2007-09-02 15:13 . 2007-09-02 15:13 3142112 ----a-w- c:\program files\Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
2007-09-02 15:12 . 2007-09-02 15:12 1595940 ----a-w- c:\program files\Greese - Look At Me, I'm Sandra Dee.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2725888 ----a-w- c:\program files\Grease Soundtrack - You're The One That I Want.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2521088 ----a-w- c:\program files\Grease - John Travolta - Sandy.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2873887 ----a-w- c:\program files\Grease soundtrack - We go together.mp3
2007-09-02 15:12 . 2007-09-02 15:12 3111706 ----a-w- c:\program files\Greese Soundtrack - Greased Lightning.mp3
2007-09-02 15:12 . 2007-09-02 15:11 3471151 ----a-w- c:\program files\greace - grease soundtrack - tell me more.mp3
2007-09-02 14:44 . 2007-09-02 14:30 5057862 ----a-w- c:\program files\Annie Villeneuve - Un Ange Qui Passe.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487814 ----a-w- c:\program files\Celine Dion - Im Your Lady.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487524 ----a-w- c:\program files\Celine Dion - The Power Of Love.mp3
2007-09-02 14:42 . 2007-09-02 14:30 4429157 ----a-w- c:\program files\Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
2007-09-02 14:38 . 2007-09-02 14:31 4639050 ----a-w- c:\program files\Celine Dion & Barbara Streisand - Tell Him.mp3
2007-09-02 14:35 . 2007-09-02 14:30 4624801 ----a-w- c:\program files\Rihana - Unfaithfull.mp3
2007-09-02 14:34 . 2007-09-02 14:31 5033984 ----a-w- c:\program files\Celine Dion - I'm Alive.mp3
2007-09-02 14:31 . 2007-09-02 14:29 3066115 ----a-w- c:\program files\From Justin To Kelly Soundtrack - Timeless.mp3
2007-08-29 05:07 . 2007-08-29 05:07 4042964 ----a-w- c:\program files\Shop boyz- Party Like A Rockstarb.mp3
2007-08-27 23:54 . 2007-08-27 23:54 3463168 ----a-w- c:\program files\Linkin Park - In The End.mp3
2007-08-26 01:04 . 2007-08-26 01:04 3772163 ----a-w- c:\program files\Plain White T's - Hey There Delilah.mp3
2007-08-24 03:07 . 2007-08-24 03:04 4409472 ----a-w- c:\program files\Rahzell - Four Elements.mp3
2007-08-24 03:05 . 2007-08-24 03:04 6248448 ----a-w- c:\program files\Rahzell - Heavy Beat Boxing.mp3
2007-08-24 03:05 . 2007-08-24 03:04 4011496 ----a-w- c:\program files\Rahzell - The Human Beatbox.mp3
2007-08-24 03:05 . 2007-08-24 03:04 2152907 ----a-w- c:\program files\Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
2007-08-24 03:05 . 2007-08-24 03:04 3993600 ----a-w- c:\program files\Razelle - The Art Of Beatboxing.mp3
2007-08-24 03:04 . 2007-08-24 03:04 2014644 ----a-w- c:\program files\Rahzel - Mortal Kombat.mp3
2007-07-14 17:24 . 2007-07-14 17:20 6968609 ----a-w- c:\program files\Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
2007-07-14 17:20 . 2007-07-14 17:20 5184566 ----a-w- c:\program files\Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
2007-07-14 15:14 . 2007-07-14 15:13 5560434 ----a-w- c:\program files\System of A Down - Lost In Hollywood.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4027156 ----a-w- c:\program files\System of a Down - Lonely Day.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4872192 ----a-w- c:\program files\System of a Down - The Prison Song.mp3
2007-07-14 15:14 . 2007-07-14 15:13 5056330 ----a-w- c:\program files\System Of The Down - Chop Suey.mp3
2007-07-14 15:13 . 2007-07-14 15:13 4552832 ----a-w- c:\program files\System Of A Down - Hypnotize .mp3
2007-06-20 04:14 . 2007-06-20 04:13 3733716 ----a-w- c:\program files\Gritz - My Life Be Like.mp3
2007-06-20 04:14 . 2007-06-20 04:13 6028006 ----a-w- c:\program files\10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
2007-06-20 04:13 . 2007-06-20 04:13 6027878 ----a-w- c:\program files\Gym Class Heroes- Cupids Choke hold.mp3
2007-05-25 15:40 . 2007-05-25 15:40 6289796 ----a-w- c:\program files\Desert_Wind-Misirlou-13.wma
2007-05-25 15:40 . 2007-05-25 15:33 5620946 ----a-w- c:\program files\Wolfmother - Woman.mp3
2007-05-25 15:39 . 2007-05-25 15:39 3591272 ----a-w- c:\program files\Dick Dale - Misirlou (Pulp Fiction Theme).mp3
2007-05-25 15:37 . 2007-05-25 15:36 5142569 ----a-w- c:\program files\Kansas - Carry On My Wayward Son.mp3
2007-05-25 15:34 . 2007-05-25 15:33 9723904 ----a-w- c:\program files\Lynard Skynard - Free Bird.mp3
2007-05-25 15:15 . 2007-05-25 15:15 5949555 ----a-w- c:\program files\Justin Timberlake - Summer Love.mp3
2007-05-25 15:11 . 2007-05-25 15:09 4817543 ----a-w- c:\program files\David Guetta vs The Egg - Love Don't Let Me Go.mp3
2007-05-25 15:10 . 2007-05-25 15:09 4618240 ----a-w- c:\program files\David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
2007-05-25 03:35 . 2007-05-25 03:26 3176372 ----a-w- c:\program files\David Guetta - Love Is Gone.mp3
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-01-10 06:41 2166296 ----a-w- c:\program files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SetDefaultMIDI"="MIDIDef.exe" [2005-04-22 73728]
"Steam"="c:\program files\steam\steam.exe" [2009-10-24 1217808]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2006-03-21 20480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"nwiz"="nwiz.exe" [2009-02-18 1657376]
"P17Helper"="SPIRun.dll" [2006-07-03 10752]
"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-03-25 45056]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-05-07 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-24 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"P17RunE"="P17RunE.dll" [2007-04-09 14848]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-21 2043160]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-26 14370816]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]
c:\documents and settings\karl.AUCUNE-1D235B0F\Menu D‚marrer\Programmes\D‚marrage\
CurseClientStartup.ccip [2010-1-10 0]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 13:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 04:34 24576 ----a-w- c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SATARaid.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SATARaid.lnk
backup=c:\windows\pss\SATARaid.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSDVCRAgent]
2002-05-30 20:56 1043968 ----a-w- c:\program files\ASUS\ASUS Digital VCR\Schedule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 07:00 28672 ----a-w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2006-03-21 06:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-12-11 09:50 20992 ------w- c:\windows\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2005-06-08 20:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 21:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 21:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 23:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
2006-03-08 14:45 190024 ----a-w- c:\program files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-02-18 19:44 13680640 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-02-18 19:44 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 14:53 1217808 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-04-13 08:48 36975 ----a-w- c:\program files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
2002-07-02 09:56 24576 ----a-w- c:\windows\system32\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\day of defeat\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Warcraft III\\pickup.listchecker.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\insaniquarium deluxe\\InsaniquariumDeluxe.exe"=
"c:\\Games\\DotA Allstars\\DotA Allstars.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\karl.AUCUNE-1D235B0F\\Local Settings\\Apps\\2.0\\B2NYP7OP.EX1\\L33H515C.EE1\\curs..tion_eee711038731a406_0004.0000_1430d97334050788\\CurseClient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:UDP"= 6112:UDP:WD3-HOST-UDP
"25166:TCP"= 25166:TCP:BitComet 25166 TCP
"25166:UDP"= 25166:UDP:BitComet 25166 UDP
"13549:TCP"= 13549:TCP:BitComet 13549 TCP
"13549:UDP"= 13549:UDP:BitComet 13549 UDP
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-02-07 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-02-05 717296]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-28 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-28 297752]
S2 gupdate1c9efc02850e80;Service Google Update (gupdate1c9efc02850e80);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-12-29 10880]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp --> c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-08 38224]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 saruen;saruen;\??\c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys --> c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
.
Contenu du dossier 'Tâches planifiées'
2010-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://search.imgag.com/?appid=kwtb&component=UnifiedToolbarFF&c=GNKWO50020&sbs=1&sc=&f=web&vernum=3.2&uid=&did={65bf9ef0-5d4f-11de-b402-0013d4a55fcc}&q=
FF - component: c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-*{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
BHO-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
BHO-{F2DA03D0-73C2-6E17-A69F-B28F5F2EA431} - c:\windows\whbzseev.dll
WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
HKLM-Run-itccyckA - c:\windows\itccyckA.exe
Notify-ShellCompatibility - c:\windows\system32\wvavusd.dll
SafeBoot-Lavasoft Ad-Aware Service
MSConfigStartUp-5F636464655F66 - 6C707171726C.exe
MSConfigStartUp-CU1 - c:\program files\Common Files\VCClient\VCClient.exe
MSConfigStartUp-CU2 - c:\program files\Common Files\VCClient\VCMain.exe
MSConfigStartUp-EQAdvice - c:\program files\EQAdvice\EQAdvice.exe
MSConfigStartUp-errorhandler - c:\windows\errorhandler.exe
MSConfigStartUp-itccyckA - c:\windows\itccyckA.exe
MSConfigStartUp-KAVPersonal50 - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe
MSConfigStartUp-keyboard - c:\windows\keyboard6.exe
MSConfigStartUp-mousepad - c:\windows\mousepad6.exe
MSConfigStartUp-ms058899-6171 - c:\windows\ms058899-6171.exe
MSConfigStartUp-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe
MSConfigStartUp-nForce Tray Options - sstray.exe
MSConfigStartUp-SequelizerUpdate - c:\program files\Sequelizer\sequelizerupdate.lnk
MSConfigStartUp-SurfSideKick 3 - c:\program files\SurfSideKick 3\Ssk.exe
MSConfigStartUp-sys0161718899- - c:\windows\sys0161718899-.exe
MSConfigStartUp-sys09-61718899 - c:\windows\sys09-61718899.exe
AddRemove-igLoader - c:\program files\igLoader\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 23:35
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spfi.sys >>UNKNOWN [0x8AAB7938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,57,fc,9f,fb,c0,dc,c2,d6,a1,78,54,81,b3,8f,09,28,89,58,cd,d6,1e,af,
4d,86,3a,17,1c,e4,a1,44,fe,df,8e,28,a7,57,3a,82,d8,90,b2,7c,b6,f8,bb,bd,d9,\
"??"=hex:ac,73,76,d6,2b,c0,79,53,60,58,47,6a,de,d9,14,4b
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\License information*]
"datasecu"=hex:cd,23,95,b4,91,93,23,15,f7,5e,ef,5b,ba,b7,29,e5,4d,57,32,c1,fd,
ea,50,3f,d4,fc,c7,34,ce,dd,cf,b3,94,6e,3f,0e,ae,93,23,75,54,4d,11,8d,75,7c,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
- - - - - - - > 'Explorer.EXE'(3176)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
c:\windows\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.dll
c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\IadHide4.dll
.
Heure de fin: 2010-02-08 23:45:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-02-09 04:45
Avant-CF: 10 848 903 168 octets libres
Après-CF: 14 136 659 968 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
Current=4 Default=4 Failed=3 LastKnownGood=2 Sets=1,2,3,4
- - End Of File - - 46AD97D62BBB992181DCB08129D78A12
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.2047.1598 [GMT -5:00]
Lancé depuis: c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Temporary Internet Files\Ssk.log
c:\documents and settings\karl\Local Settings\Temporary Internet Files\search.html
C:\install.exe
c:\program files\eqadvice
c:\program files\eqadvice\hf.txt
c:\program files\eqadvice\sf.txt
c:\program files\eqadvice\Uninstall.exe
c:\program files\whInstall
c:\program files\whInstall\license.txt
c:\program files\whInstall\readme.txt
c:\program files\whInstall\whAgent.ini
c:\recycler\S-1-5-21-1220945662-813497703-854245398-1003
C:\secure32.html
C:\test.txt
c:\windows\S2FybA
c:\windows\S2FybA\mZIVvE.vbs
c:\windows\system32\828687878882
c:\windows\system32\828687878882\444849494A44
c:\windows\system32\828687878882\45494A4A4B45
c:\windows\system32\828687878882\474B4C4C4D47
c:\windows\system32\828687878882\646869696A64
c:\windows\system32\828687878882\65696A6A6B65
c:\windows\system32\828687878882\D3D7D8D8D9D3
c:\windows\system32\828687878882\D9DDDEDEDFD9
c:\windows\system32\828687878882\F9FDFEFEFFF9
c:\windows\system32\service
c:\windows\system32\SIntf16.dll
c:\windows\system32\sstray.exe
c:\windows\system32\tmp3.tmp
c:\windows\uninst2.htm
c:\windows\unist1.htm
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Legacy_WINDOWS_OVERLAY_COMPONENTS
-------\Service_cmdService
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-09 au 2010-02-09 ))))))))))))))))))))))))))))))))))))
.
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-02-09 02:24 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-08 21:22 . 2010-02-08 21:22 -------- d-----w- c:\program files\TrendMicro
2010-02-08 04:12 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-08 03:57 . 2010-02-08 03:57 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Roblox
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxDownloads
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxVersions
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Leadertech
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- C:\EPSONREG
2010-01-14 16:26 . 2004-02-27 10:01 79654 ----a-w- c:\windows\system32\E_FLM9AA.DLL
2010-01-14 16:26 . 2003-05-21 06:27 64000 ----a-w- c:\windows\system32\E_FBCB9AA.DLL
2010-01-14 16:26 . 2000-06-07 05:01 34304 ----a-w- c:\windows\system32\E_FBCH9AA.DLL
2010-01-14 16:26 . 2010-01-14 16:26 -------- d-----w- c:\windows\EPSON CardMonitor Essential
2010-01-14 16:26 . 2003-07-02 06:00 131072 ----a-w- c:\windows\system32\Epcmlib.dll
2010-01-14 16:25 . 2010-01-14 16:25 -------- d-----w- c:\windows\EPSON PhotoStarter Essential
2010-01-14 16:25 . 2010-01-14 16:28 -------- d-----w- c:\program files\epson
2010-01-14 16:25 . 2003-08-06 05:00 29184 ----a-w- c:\windows\system32\escwiadn.dll
2010-01-14 16:25 . 2003-07-01 05:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-01-14 16:25 . 2003-07-01 05:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2010-01-12 19:19 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 08:59 . 2010-02-03 23:36 87160 ----a-w- c:\documents and settings\LocalService.AUTORITE NT\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-10 21:49 . 2010-02-09 04:36 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Deployment
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 04:35 . 2007-05-31 03:25 -------- d-----w- c:\program files\Steam
2010-02-09 04:16 . 2010-02-09 02:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 02:25 . 2010-02-09 02:25 5115824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Malwarebytes
2010-02-08 21:22 . 2010-02-08 21:22 388096 ----a-r- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-08 21:19 . 2006-04-14 18:15 -------- d-----w- c:\program files\Warcraft III
2010-02-08 03:56 . 2009-07-19 02:25 -------- d-----w- c:\program files\Lavasoft
2010-02-08 03:56 . 2009-06-29 03:36 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-02-08 03:51 . 2006-03-29 22:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 22:27 . 2005-11-12 00:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-07 22:27 . 2008-10-10 15:44 -------- d-----w- c:\program files\Garena
2010-02-07 21:04 . 2005-12-13 03:03 -------- d-----w- c:\program files\LimeWire
2010-02-07 21:03 . 2006-07-31 17:57 -------- d-----w- c:\program files\Sony
2010-02-07 21:02 . 2005-11-13 20:03 -------- d-----w- c:\program files\Starcraft
2010-02-05 22:34 . 2009-01-07 07:25 -------- d-----w- c:\program files\BitComet
2010-02-04 23:25 . 2006-07-21 05:06 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-02 23:43 . 2006-03-05 08:32 -------- d-----w- c:\program files\World of Warcraft
2010-01-31 03:13 . 2008-10-06 01:48 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-26 04:01 . 2006-04-14 18:21 91647 ----a-w- c:\windows\War3Unin.dat
2010-01-22 08:18 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 19:58 . 2009-12-21 23:04 79488 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-16 02:33 . 2008-10-06 01:48 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-10 06:31 . 2010-01-10 06:31 86576 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2010-01-10 06:31 . 2010-01-10 06:31 132672 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2010-01-10 06:31 . 2010-01-10 06:31 392728 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2010-01-07 21:07 . 2010-02-09 02:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-03 23:59 . 2010-01-03 23:59 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D2A6A317-7450-472F-8C72-17783BD2E5E3}
2010-01-03 23:59 . 2010-01-03 23:59 -------- d-----w- c:\program files\Viewer
2010-01-03 23:49 . 2010-01-03 23:49 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\FUJIFILM
2009-12-24 21:31 . 2006-06-27 19:19 1331584 ----a-w- c:\program files\Tenacious D - Dear Penis.mp3
2009-12-24 00:46 . 2006-12-30 19:05 2934647 ----a-w- c:\program files\Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
2009-12-24 00:46 . 2006-12-30 19:05 5283840 ----a-w- c:\program files\Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
2009-12-24 00:45 . 2006-08-03 00:50 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Apple Computer
2009-12-23 20:55 . 2006-12-30 19:03 5839654 ----a-w- c:\program files\G-Unit - Lay You Down.mp3
2009-12-22 19:05 . 2001-09-28 17:00 84526 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-22 19:05 . 2001-09-28 17:00 510324 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-22 02:33 . 2009-03-19 16:57 -------- d-----w- c:\program files\Windows Live
2009-12-22 02:33 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-22 02:32 . 2009-12-22 02:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-22 02:30 . 2009-12-22 02:30 -------- d-----w- c:\program files\Microsoft
2009-12-21 19:07 . 2004-08-04 04:54 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-07 14:10 . 2010-02-08 03:57 2953352 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2009-11-21 15:58 . 2004-08-04 04:54 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2008-11-24 03:31 . 2008-11-24 03:31 7168 --sha-w- c:\program files\Thumbs.db
2007-11-20 05:30 . 2007-11-20 05:26 4442072 ----a-w- c:\program files\Timberland and One Republic - Apologize.mp3
2007-09-02 16:40 . 2007-09-02 16:29 39839888 ----a-w- c:\program files\Elvis Presley - Video - My Way.avi
2007-09-02 16:36 . 2007-09-02 16:30 33219256 ----a-w- c:\program files\ Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
2007-09-02 16:05 . 2007-09-02 16:00 40135480 ----a-w- c:\program files\Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
2007-09-02 16:00 . 2007-09-02 16:00 1167481 ----a-w- c:\program files\lisa marie presley with elvis.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\hound doggy elvis presly.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\presley elvis loving you.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\pretty women elvis presley.mov
2007-09-02 15:27 . 2007-09-02 15:12 2713025 ----a-w- c:\program files\Greace - John Travolta Grease - I Got Chills.mp3
2007-09-02 15:24 . 2007-09-02 15:20 5603706 ----a-w- c:\program files\Mandy Moore - Only Hope - A Walk to Remember(3).mp3
2007-09-02 15:23 . 2007-09-02 15:10 3475375 ----a-w- c:\program files\Grease Soundtrack - Summer Love.mp3
2007-09-02 15:21 . 2007-09-02 15:19 3514496 ----a-w- c:\program files\Kelly Clarkson - Because Of You.mp3
2007-09-02 15:18 . 2007-09-02 15:12 2097152 ----a-w- c:\program files\T-2729580-Greace - You're The One That I Want.mp3
2007-09-02 15:13 . 2007-09-02 15:13 3142112 ----a-w- c:\program files\Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
2007-09-02 15:12 . 2007-09-02 15:12 1595940 ----a-w- c:\program files\Greese - Look At Me, I'm Sandra Dee.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2725888 ----a-w- c:\program files\Grease Soundtrack - You're The One That I Want.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2521088 ----a-w- c:\program files\Grease - John Travolta - Sandy.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2873887 ----a-w- c:\program files\Grease soundtrack - We go together.mp3
2007-09-02 15:12 . 2007-09-02 15:12 3111706 ----a-w- c:\program files\Greese Soundtrack - Greased Lightning.mp3
2007-09-02 15:12 . 2007-09-02 15:11 3471151 ----a-w- c:\program files\greace - grease soundtrack - tell me more.mp3
2007-09-02 14:44 . 2007-09-02 14:30 5057862 ----a-w- c:\program files\Annie Villeneuve - Un Ange Qui Passe.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487814 ----a-w- c:\program files\Celine Dion - Im Your Lady.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487524 ----a-w- c:\program files\Celine Dion - The Power Of Love.mp3
2007-09-02 14:42 . 2007-09-02 14:30 4429157 ----a-w- c:\program files\Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
2007-09-02 14:38 . 2007-09-02 14:31 4639050 ----a-w- c:\program files\Celine Dion & Barbara Streisand - Tell Him.mp3
2007-09-02 14:35 . 2007-09-02 14:30 4624801 ----a-w- c:\program files\Rihana - Unfaithfull.mp3
2007-09-02 14:34 . 2007-09-02 14:31 5033984 ----a-w- c:\program files\Celine Dion - I'm Alive.mp3
2007-09-02 14:31 . 2007-09-02 14:29 3066115 ----a-w- c:\program files\From Justin To Kelly Soundtrack - Timeless.mp3
2007-08-29 05:07 . 2007-08-29 05:07 4042964 ----a-w- c:\program files\Shop boyz- Party Like A Rockstarb.mp3
2007-08-27 23:54 . 2007-08-27 23:54 3463168 ----a-w- c:\program files\Linkin Park - In The End.mp3
2007-08-26 01:04 . 2007-08-26 01:04 3772163 ----a-w- c:\program files\Plain White T's - Hey There Delilah.mp3
2007-08-24 03:07 . 2007-08-24 03:04 4409472 ----a-w- c:\program files\Rahzell - Four Elements.mp3
2007-08-24 03:05 . 2007-08-24 03:04 6248448 ----a-w- c:\program files\Rahzell - Heavy Beat Boxing.mp3
2007-08-24 03:05 . 2007-08-24 03:04 4011496 ----a-w- c:\program files\Rahzell - The Human Beatbox.mp3
2007-08-24 03:05 . 2007-08-24 03:04 2152907 ----a-w- c:\program files\Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
2007-08-24 03:05 . 2007-08-24 03:04 3993600 ----a-w- c:\program files\Razelle - The Art Of Beatboxing.mp3
2007-08-24 03:04 . 2007-08-24 03:04 2014644 ----a-w- c:\program files\Rahzel - Mortal Kombat.mp3
2007-07-14 17:24 . 2007-07-14 17:20 6968609 ----a-w- c:\program files\Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
2007-07-14 17:20 . 2007-07-14 17:20 5184566 ----a-w- c:\program files\Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
2007-07-14 15:14 . 2007-07-14 15:13 5560434 ----a-w- c:\program files\System of A Down - Lost In Hollywood.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4027156 ----a-w- c:\program files\System of a Down - Lonely Day.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4872192 ----a-w- c:\program files\System of a Down - The Prison Song.mp3
2007-07-14 15:14 . 2007-07-14 15:13 5056330 ----a-w- c:\program files\System Of The Down - Chop Suey.mp3
2007-07-14 15:13 . 2007-07-14 15:13 4552832 ----a-w- c:\program files\System Of A Down - Hypnotize .mp3
2007-06-20 04:14 . 2007-06-20 04:13 3733716 ----a-w- c:\program files\Gritz - My Life Be Like.mp3
2007-06-20 04:14 . 2007-06-20 04:13 6028006 ----a-w- c:\program files\10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
2007-06-20 04:13 . 2007-06-20 04:13 6027878 ----a-w- c:\program files\Gym Class Heroes- Cupids Choke hold.mp3
2007-05-25 15:40 . 2007-05-25 15:40 6289796 ----a-w- c:\program files\Desert_Wind-Misirlou-13.wma
2007-05-25 15:40 . 2007-05-25 15:33 5620946 ----a-w- c:\program files\Wolfmother - Woman.mp3
2007-05-25 15:39 . 2007-05-25 15:39 3591272 ----a-w- c:\program files\Dick Dale - Misirlou (Pulp Fiction Theme).mp3
2007-05-25 15:37 . 2007-05-25 15:36 5142569 ----a-w- c:\program files\Kansas - Carry On My Wayward Son.mp3
2007-05-25 15:34 . 2007-05-25 15:33 9723904 ----a-w- c:\program files\Lynard Skynard - Free Bird.mp3
2007-05-25 15:15 . 2007-05-25 15:15 5949555 ----a-w- c:\program files\Justin Timberlake - Summer Love.mp3
2007-05-25 15:11 . 2007-05-25 15:09 4817543 ----a-w- c:\program files\David Guetta vs The Egg - Love Don't Let Me Go.mp3
2007-05-25 15:10 . 2007-05-25 15:09 4618240 ----a-w- c:\program files\David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
2007-05-25 03:35 . 2007-05-25 03:26 3176372 ----a-w- c:\program files\David Guetta - Love Is Gone.mp3
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-01-10 06:41 2166296 ----a-w- c:\program files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SetDefaultMIDI"="MIDIDef.exe" [2005-04-22 73728]
"Steam"="c:\program files\steam\steam.exe" [2009-10-24 1217808]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2006-03-21 20480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"nwiz"="nwiz.exe" [2009-02-18 1657376]
"P17Helper"="SPIRun.dll" [2006-07-03 10752]
"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-03-25 45056]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-05-07 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-24 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"P17RunE"="P17RunE.dll" [2007-04-09 14848]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-21 2043160]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-26 14370816]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]
c:\documents and settings\karl.AUCUNE-1D235B0F\Menu D‚marrer\Programmes\D‚marrage\
CurseClientStartup.ccip [2010-1-10 0]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 13:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 04:34 24576 ----a-w- c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SATARaid.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SATARaid.lnk
backup=c:\windows\pss\SATARaid.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSDVCRAgent]
2002-05-30 20:56 1043968 ----a-w- c:\program files\ASUS\ASUS Digital VCR\Schedule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 07:00 28672 ----a-w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2006-03-21 06:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-12-11 09:50 20992 ------w- c:\windows\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2005-06-08 20:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 21:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 21:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 23:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
2006-03-08 14:45 190024 ----a-w- c:\program files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-02-18 19:44 13680640 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-02-18 19:44 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 14:53 1217808 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-04-13 08:48 36975 ----a-w- c:\program files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
2002-07-02 09:56 24576 ----a-w- c:\windows\system32\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\day of defeat\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Warcraft III\\pickup.listchecker.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\insaniquarium deluxe\\InsaniquariumDeluxe.exe"=
"c:\\Games\\DotA Allstars\\DotA Allstars.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\karl.AUCUNE-1D235B0F\\Local Settings\\Apps\\2.0\\B2NYP7OP.EX1\\L33H515C.EE1\\curs..tion_eee711038731a406_0004.0000_1430d97334050788\\CurseClient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:UDP"= 6112:UDP:WD3-HOST-UDP
"25166:TCP"= 25166:TCP:BitComet 25166 TCP
"25166:UDP"= 25166:UDP:BitComet 25166 UDP
"13549:TCP"= 13549:TCP:BitComet 13549 TCP
"13549:UDP"= 13549:UDP:BitComet 13549 UDP
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-02-07 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-02-05 717296]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-28 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-28 297752]
S2 gupdate1c9efc02850e80;Service Google Update (gupdate1c9efc02850e80);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-12-29 10880]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp --> c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-08 38224]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 saruen;saruen;\??\c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys --> c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
.
Contenu du dossier 'Tâches planifiées'
2010-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://search.imgag.com/?appid=kwtb&component=UnifiedToolbarFF&c=GNKWO50020&sbs=1&sc=&f=web&vernum=3.2&uid=&did={65bf9ef0-5d4f-11de-b402-0013d4a55fcc}&q=
FF - component: c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-*{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
BHO-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
BHO-{F2DA03D0-73C2-6E17-A69F-B28F5F2EA431} - c:\windows\whbzseev.dll
WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
HKLM-Run-itccyckA - c:\windows\itccyckA.exe
Notify-ShellCompatibility - c:\windows\system32\wvavusd.dll
SafeBoot-Lavasoft Ad-Aware Service
MSConfigStartUp-5F636464655F66 - 6C707171726C.exe
MSConfigStartUp-CU1 - c:\program files\Common Files\VCClient\VCClient.exe
MSConfigStartUp-CU2 - c:\program files\Common Files\VCClient\VCMain.exe
MSConfigStartUp-EQAdvice - c:\program files\EQAdvice\EQAdvice.exe
MSConfigStartUp-errorhandler - c:\windows\errorhandler.exe
MSConfigStartUp-itccyckA - c:\windows\itccyckA.exe
MSConfigStartUp-KAVPersonal50 - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe
MSConfigStartUp-keyboard - c:\windows\keyboard6.exe
MSConfigStartUp-mousepad - c:\windows\mousepad6.exe
MSConfigStartUp-ms058899-6171 - c:\windows\ms058899-6171.exe
MSConfigStartUp-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe
MSConfigStartUp-nForce Tray Options - sstray.exe
MSConfigStartUp-SequelizerUpdate - c:\program files\Sequelizer\sequelizerupdate.lnk
MSConfigStartUp-SurfSideKick 3 - c:\program files\SurfSideKick 3\Ssk.exe
MSConfigStartUp-sys0161718899- - c:\windows\sys0161718899-.exe
MSConfigStartUp-sys09-61718899 - c:\windows\sys09-61718899.exe
AddRemove-igLoader - c:\program files\igLoader\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 23:35
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spfi.sys >>UNKNOWN [0x8AAB7938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,57,fc,9f,fb,c0,dc,c2,d6,a1,78,54,81,b3,8f,09,28,89,58,cd,d6,1e,af,
4d,86,3a,17,1c,e4,a1,44,fe,df,8e,28,a7,57,3a,82,d8,90,b2,7c,b6,f8,bb,bd,d9,\
"??"=hex:ac,73,76,d6,2b,c0,79,53,60,58,47,6a,de,d9,14,4b
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\License information*]
"datasecu"=hex:cd,23,95,b4,91,93,23,15,f7,5e,ef,5b,ba,b7,29,e5,4d,57,32,c1,fd,
ea,50,3f,d4,fc,c7,34,ce,dd,cf,b3,94,6e,3f,0e,ae,93,23,75,54,4d,11,8d,75,7c,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
- - - - - - - > 'Explorer.EXE'(3176)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
c:\windows\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.dll
c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\IadHide4.dll
.
Heure de fin: 2010-02-08 23:45:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-02-09 04:45
Avant-CF: 10 848 903 168 octets libres
Après-CF: 14 136 659 968 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
Current=4 Default=4 Failed=3 LastKnownGood=2 Sets=1,2,3,4
- - End Of File - - 46AD97D62BBB992181DCB08129D78A12
peux-tu relancer combofix en mode sans echec et poster le rapport ?
Comment aller en Mode sans échec :
▶ Redémarres ton ordi
▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
▶ Tu verras un écran avec options de démarrage apparaître
▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
▶ Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
Comment aller en Mode sans échec :
▶ Redémarres ton ordi
▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
▶ Tu verras un écran avec options de démarrage apparaître
▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
▶ Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
ComboFix 10-02-08.06 - karl 2010-02-09 0:14.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.2047.1600 [GMT -5:00]
Lancé depuis: c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-09 au 2010-02-09 ))))))))))))))))))))))))))))))))))))
.
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-02-09 02:24 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-08 21:22 . 2010-02-08 21:22 388096 ----a-r- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-08 21:22 . 2010-02-08 21:22 -------- d-----w- c:\program files\TrendMicro
2010-02-08 04:12 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-08 03:57 . 2010-02-08 03:57 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-02-08 03:57 . 2009-12-07 14:10 2953352 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Roblox
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxDownloads
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxVersions
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Leadertech
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- C:\EPSONREG
2010-01-14 16:26 . 2004-02-27 10:01 79654 ----a-w- c:\windows\system32\E_FLM9AA.DLL
2010-01-14 16:26 . 2003-05-21 06:27 64000 ----a-w- c:\windows\system32\E_FBCB9AA.DLL
2010-01-14 16:26 . 2000-06-07 05:01 34304 ----a-w- c:\windows\system32\E_FBCH9AA.DLL
2010-01-14 16:26 . 2010-01-14 16:26 -------- d-----w- c:\windows\EPSON CardMonitor Essential
2010-01-14 16:26 . 2003-07-02 06:00 131072 ----a-w- c:\windows\system32\Epcmlib.dll
2010-01-14 16:25 . 2010-01-14 16:25 -------- d-----w- c:\windows\EPSON PhotoStarter Essential
2010-01-14 16:25 . 2010-01-14 16:28 -------- d-----w- c:\program files\epson
2010-01-14 16:25 . 2003-08-06 05:00 29184 ----a-w- c:\windows\system32\escwiadn.dll
2010-01-14 16:25 . 2003-07-01 05:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-01-14 16:25 . 2003-07-01 05:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2010-01-12 19:19 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 08:59 . 2010-02-03 23:36 87160 ----a-w- c:\documents and settings\LocalService.AUTORITE NT\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-10 21:49 . 2010-02-09 04:36 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Deployment
2010-01-10 06:31 . 2010-01-10 06:31 86576 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2010-01-10 06:31 . 2010-01-10 06:31 132672 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2010-01-10 06:31 . 2010-01-10 06:31 392728 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 04:35 . 2007-05-31 03:25 -------- d-----w- c:\program files\Steam
2010-02-09 04:16 . 2010-02-09 02:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 02:25 . 2010-02-09 02:25 5115824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Malwarebytes
2010-02-08 21:19 . 2006-04-14 18:15 -------- d-----w- c:\program files\Warcraft III
2010-02-08 03:56 . 2009-07-19 02:25 -------- d-----w- c:\program files\Lavasoft
2010-02-08 03:56 . 2009-06-29 03:36 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-02-08 03:51 . 2006-03-29 22:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 22:27 . 2005-11-12 00:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-07 22:27 . 2008-10-10 15:44 -------- d-----w- c:\program files\Garena
2010-02-07 21:04 . 2005-12-13 03:03 -------- d-----w- c:\program files\LimeWire
2010-02-07 21:03 . 2006-07-31 17:57 -------- d-----w- c:\program files\Sony
2010-02-07 21:02 . 2005-11-13 20:03 -------- d-----w- c:\program files\Starcraft
2010-02-05 22:34 . 2009-01-07 07:25 -------- d-----w- c:\program files\BitComet
2010-02-04 23:25 . 2006-07-21 05:06 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-02 23:43 . 2006-03-05 08:32 -------- d-----w- c:\program files\World of Warcraft
2010-01-31 03:13 . 2008-10-06 01:48 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-26 04:01 . 2006-04-14 18:21 91647 ----a-w- c:\windows\War3Unin.dat
2010-01-22 08:18 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 19:58 . 2009-12-21 23:04 79488 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-16 02:33 . 2008-10-06 01:48 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-07 21:07 . 2010-02-09 02:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-03 23:59 . 2010-01-03 23:59 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D2A6A317-7450-472F-8C72-17783BD2E5E3}
2010-01-03 23:59 . 2010-01-03 23:59 -------- d-----w- c:\program files\Viewer
2010-01-03 23:49 . 2010-01-03 23:49 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\FUJIFILM
2009-12-24 21:31 . 2006-06-27 19:19 1331584 ----a-w- c:\program files\Tenacious D - Dear Penis.mp3
2009-12-24 00:46 . 2006-12-30 19:05 2934647 ----a-w- c:\program files\Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
2009-12-24 00:46 . 2006-12-30 19:05 5283840 ----a-w- c:\program files\Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
2009-12-24 00:45 . 2006-08-03 00:50 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Apple Computer
2009-12-23 20:55 . 2006-12-30 19:03 5839654 ----a-w- c:\program files\G-Unit - Lay You Down.mp3
2009-12-22 19:05 . 2001-09-28 17:00 84526 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-22 19:05 . 2001-09-28 17:00 510324 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-22 02:33 . 2009-03-19 16:57 -------- d-----w- c:\program files\Windows Live
2009-12-22 02:33 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-22 02:32 . 2009-12-22 02:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-22 02:30 . 2009-12-22 02:30 -------- d-----w- c:\program files\Microsoft
2009-12-21 19:07 . 2004-08-04 04:54 916480 ------w- c:\windows\system32\wininet.dll
2009-11-21 15:58 . 2004-08-04 04:54 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2008-11-24 03:31 . 2008-11-24 03:31 7168 --sha-w- c:\program files\Thumbs.db
2007-11-20 05:30 . 2007-11-20 05:26 4442072 ----a-w- c:\program files\Timberland and One Republic - Apologize.mp3
2007-09-02 16:40 . 2007-09-02 16:29 39839888 ----a-w- c:\program files\Elvis Presley - Video - My Way.avi
2007-09-02 16:36 . 2007-09-02 16:30 33219256 ----a-w- c:\program files\ Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
2007-09-02 16:05 . 2007-09-02 16:00 40135480 ----a-w- c:\program files\Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
2007-09-02 16:00 . 2007-09-02 16:00 1167481 ----a-w- c:\program files\lisa marie presley with elvis.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\hound doggy elvis presly.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\presley elvis loving you.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\pretty women elvis presley.mov
2007-09-02 15:27 . 2007-09-02 15:12 2713025 ----a-w- c:\program files\Greace - John Travolta Grease - I Got Chills.mp3
2007-09-02 15:24 . 2007-09-02 15:20 5603706 ----a-w- c:\program files\Mandy Moore - Only Hope - A Walk to Remember(3).mp3
2007-09-02 15:23 . 2007-09-02 15:10 3475375 ----a-w- c:\program files\Grease Soundtrack - Summer Love.mp3
2007-09-02 15:21 . 2007-09-02 15:19 3514496 ----a-w- c:\program files\Kelly Clarkson - Because Of You.mp3
2007-09-02 15:18 . 2007-09-02 15:12 2097152 ----a-w- c:\program files\T-2729580-Greace - You're The One That I Want.mp3
2007-09-02 15:13 . 2007-09-02 15:13 3142112 ----a-w- c:\program files\Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
2007-09-02 15:12 . 2007-09-02 15:12 1595940 ----a-w- c:\program files\Greese - Look At Me, I'm Sandra Dee.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2725888 ----a-w- c:\program files\Grease Soundtrack - You're The One That I Want.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2521088 ----a-w- c:\program files\Grease - John Travolta - Sandy.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2873887 ----a-w- c:\program files\Grease soundtrack - We go together.mp3
2007-09-02 15:12 . 2007-09-02 15:12 3111706 ----a-w- c:\program files\Greese Soundtrack - Greased Lightning.mp3
2007-09-02 15:12 . 2007-09-02 15:11 3471151 ----a-w- c:\program files\greace - grease soundtrack - tell me more.mp3
2007-09-02 14:44 . 2007-09-02 14:30 5057862 ----a-w- c:\program files\Annie Villeneuve - Un Ange Qui Passe.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487814 ----a-w- c:\program files\Celine Dion - Im Your Lady.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487524 ----a-w- c:\program files\Celine Dion - The Power Of Love.mp3
2007-09-02 14:42 . 2007-09-02 14:30 4429157 ----a-w- c:\program files\Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
2007-09-02 14:38 . 2007-09-02 14:31 4639050 ----a-w- c:\program files\Celine Dion & Barbara Streisand - Tell Him.mp3
2007-09-02 14:35 . 2007-09-02 14:30 4624801 ----a-w- c:\program files\Rihana - Unfaithfull.mp3
2007-09-02 14:34 . 2007-09-02 14:31 5033984 ----a-w- c:\program files\Celine Dion - I'm Alive.mp3
2007-09-02 14:31 . 2007-09-02 14:29 3066115 ----a-w- c:\program files\From Justin To Kelly Soundtrack - Timeless.mp3
2007-08-29 05:07 . 2007-08-29 05:07 4042964 ----a-w- c:\program files\Shop boyz- Party Like A Rockstarb.mp3
2007-08-27 23:54 . 2007-08-27 23:54 3463168 ----a-w- c:\program files\Linkin Park - In The End.mp3
2007-08-26 01:04 . 2007-08-26 01:04 3772163 ----a-w- c:\program files\Plain White T's - Hey There Delilah.mp3
2007-08-24 03:07 . 2007-08-24 03:04 4409472 ----a-w- c:\program files\Rahzell - Four Elements.mp3
2007-08-24 03:05 . 2007-08-24 03:04 6248448 ----a-w- c:\program files\Rahzell - Heavy Beat Boxing.mp3
2007-08-24 03:05 . 2007-08-24 03:04 4011496 ----a-w- c:\program files\Rahzell - The Human Beatbox.mp3
2007-08-24 03:05 . 2007-08-24 03:04 2152907 ----a-w- c:\program files\Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
2007-08-24 03:05 . 2007-08-24 03:04 3993600 ----a-w- c:\program files\Razelle - The Art Of Beatboxing.mp3
2007-08-24 03:04 . 2007-08-24 03:04 2014644 ----a-w- c:\program files\Rahzel - Mortal Kombat.mp3
2007-07-14 17:24 . 2007-07-14 17:20 6968609 ----a-w- c:\program files\Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
2007-07-14 17:20 . 2007-07-14 17:20 5184566 ----a-w- c:\program files\Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
2007-07-14 15:14 . 2007-07-14 15:13 5560434 ----a-w- c:\program files\System of A Down - Lost In Hollywood.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4027156 ----a-w- c:\program files\System of a Down - Lonely Day.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4872192 ----a-w- c:\program files\System of a Down - The Prison Song.mp3
2007-07-14 15:14 . 2007-07-14 15:13 5056330 ----a-w- c:\program files\System Of The Down - Chop Suey.mp3
2007-07-14 15:13 . 2007-07-14 15:13 4552832 ----a-w- c:\program files\System Of A Down - Hypnotize .mp3
2007-06-20 04:14 . 2007-06-20 04:13 3733716 ----a-w- c:\program files\Gritz - My Life Be Like.mp3
2007-06-20 04:14 . 2007-06-20 04:13 6028006 ----a-w- c:\program files\10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
2007-06-20 04:13 . 2007-06-20 04:13 6027878 ----a-w- c:\program files\Gym Class Heroes- Cupids Choke hold.mp3
2007-05-25 15:40 . 2007-05-25 15:40 6289796 ----a-w- c:\program files\Desert_Wind-Misirlou-13.wma
2007-05-25 15:40 . 2007-05-25 15:33 5620946 ----a-w- c:\program files\Wolfmother - Woman.mp3
2007-05-25 15:39 . 2007-05-25 15:39 3591272 ----a-w- c:\program files\Dick Dale - Misirlou (Pulp Fiction Theme).mp3
2007-05-25 15:37 . 2007-05-25 15:36 5142569 ----a-w- c:\program files\Kansas - Carry On My Wayward Son.mp3
2007-05-25 15:34 . 2007-05-25 15:33 9723904 ----a-w- c:\program files\Lynard Skynard - Free Bird.mp3
2007-05-25 15:15 . 2007-05-25 15:15 5949555 ----a-w- c:\program files\Justin Timberlake - Summer Love.mp3
2007-05-25 15:11 . 2007-05-25 15:09 4817543 ----a-w- c:\program files\David Guetta vs The Egg - Love Don't Let Me Go.mp3
2007-05-25 15:10 . 2007-05-25 15:09 4618240 ----a-w- c:\program files\David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
2007-05-25 03:35 . 2007-05-25 03:26 3176372 ----a-w- c:\program files\David Guetta - Love Is Gone.mp3
2007-05-25 03:28 . 2007-05-25 03:26 6750439 ----a-w- c:\program files\David Guetta - Fuck me I'm Famous (Martin Solveig Mix).mp3
2007-05-25 03:28 . 2007-05-25 03:26 6406686 ----a-w- c:\program files\David Guetta - In Love With Myself.mp3
2007-05-25 03:27 . 2007-05-25 03:26 5234068 ----a-w- c:\program files\David Guetta - The World Is Mine.mp3
2007-05-25 03:26 . 2007-05-25 03:25 7008758 ----a-w- c:\program files\David Guetta - love don't let me go.mp3
2007-04-07 21:17 . 2007-04-07 20:41 6318605 ----a-w- c:\program files\Lord of the Rings - The Two Towers - Main Theme - Requiem for a Dream.mp3
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-01-10 06:41 2166296 ----a-w- c:\program files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SetDefaultMIDI"="MIDIDef.exe" [2005-04-22 73728]
"Steam"="c:\program files\steam\steam.exe" [2009-10-24 1217808]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2006-03-21 20480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"nwiz"="nwiz.exe" [2009-02-18 1657376]
"P17Helper"="SPIRun.dll" [2006-07-03 10752]
"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-03-25 45056]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-05-07 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-24 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"P17RunE"="P17RunE.dll" [2007-04-09 14848]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-21 2043160]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-26 14370816]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]
c:\documents and settings\karl.AUCUNE-1D235B0F\Menu D‚marrer\Programmes\D‚marrage\
CurseClientStartup.ccip [2010-1-10 0]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 13:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 04:34 24576 ----a-w- c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SATARaid.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SATARaid.lnk
backup=c:\windows\pss\SATARaid.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSDVCRAgent]
2002-05-30 20:56 1043968 ----a-w- c:\program files\ASUS\ASUS Digital VCR\Schedule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 07:00 28672 ----a-w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2006-03-21 06:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-12-11 09:50 20992 ------w- c:\windows\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2005-06-08 20:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 21:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 21:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 23:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
2006-03-08 14:45 190024 ----a-w- c:\program files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-02-18 19:44 13680640 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-02-18 19:44 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 14:53 1217808 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-04-13 08:48 36975 ----a-w- c:\program files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
2002-07-02 09:56 24576 ----a-w- c:\windows\system32\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\day of defeat\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Warcraft III\\pickup.listchecker.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\insaniquarium deluxe\\InsaniquariumDeluxe.exe"=
"c:\\Games\\DotA Allstars\\DotA Allstars.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\karl.AUCUNE-1D235B0F\\Local Settings\\Apps\\2.0\\B2NYP7OP.EX1\\L33H515C.EE1\\curs..tion_eee711038731a406_0004.0000_1430d97334050788\\CurseClient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:UDP"= 6112:UDP:WD3-HOST-UDP
"25166:TCP"= 25166:TCP:BitComet 25166 TCP
"25166:UDP"= 25166:UDP:BitComet 25166 UDP
"13549:TCP"= 13549:TCP:BitComet 13549 TCP
"13549:UDP"= 13549:UDP:BitComet 13549 UDP
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-02-07 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-28 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-28 297752]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-02-05 717296]
S2 gupdate1c9efc02850e80;Service Google Update (gupdate1c9efc02850e80);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-12-29 10880]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp --> c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-08 38224]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 saruen;saruen;\??\c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys --> c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
.
Contenu du dossier 'Tâches planifiées'
2010-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://search.imgag.com/?appid=kwtb&component=UnifiedToolbarFF&c=GNKWO50020&sbs=1&sc=&f=web&vernum=3.2&uid=&did={65bf9ef0-5d4f-11de-b402-0013d4a55fcc}&q=
FF - component: c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 00:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,57,fc,9f,fb,c0,dc,c2,d6,a1,78,54,81,b3,8f,09,28,89,58,cd,d6,1e,af,
4d,86,3a,17,1c,e4,a1,44,fe,df,8e,28,a7,57,3a,82,d8,90,b2,7c,b6,f8,bb,bd,d9,\
"??"=hex:ac,73,76,d6,2b,c0,79,53,60,58,47,6a,de,d9,14,4b
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\License information*]
"datasecu"=hex:cd,23,95,b4,91,93,23,15,f7,5e,ef,5b,ba,b7,29,e5,4d,57,32,c1,fd,
ea,50,3f,d4,fc,c7,34,ce,dd,cf,b3,94,6e,3f,0e,ae,93,23,75,54,4d,11,8d,75,7c,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
.
Heure de fin: 2010-02-09 00:26:26
ComboFix-quarantined-files.txt 2010-02-09 05:26
ComboFix2.txt 2010-02-09 04:45
Avant-CF: 14 149 390 336 octets libres
Après-CF: 14 098 538 496 octets libres
Current=4 Default=4 Failed=3 LastKnownGood=2 Sets=1,2,3,4
- - End Of File - - C88A2DA702B9F1ABE1E2AF5308A169A7
je ne sais pas si je les fais correctement jai redemare mon ordi jai fait mode sans echec et jai parti le combofix dans le mode sans échec après tout cela a redemare par lui même et est redevenue dans le mode normal et ses sa que sa ma donner
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.2047.1600 [GMT -5:00]
Lancé depuis: c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-01-09 au 2010-02-09 ))))))))))))))))))))))))))))))))))))
.
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-02-09 02:24 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-08 21:22 . 2010-02-08 21:22 388096 ----a-r- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-08 21:22 . 2010-02-08 21:22 -------- d-----w- c:\program files\TrendMicro
2010-02-08 04:12 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-08 03:57 . 2010-02-08 03:57 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-02-08 03:57 . 2009-12-07 14:10 2953352 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Roblox
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxDownloads
2010-01-31 19:22 . 2010-01-31 19:22 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\RobloxVersions
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Leadertech
2010-01-14 16:38 . 2010-01-14 16:38 -------- d-----w- C:\EPSONREG
2010-01-14 16:26 . 2004-02-27 10:01 79654 ----a-w- c:\windows\system32\E_FLM9AA.DLL
2010-01-14 16:26 . 2003-05-21 06:27 64000 ----a-w- c:\windows\system32\E_FBCB9AA.DLL
2010-01-14 16:26 . 2000-06-07 05:01 34304 ----a-w- c:\windows\system32\E_FBCH9AA.DLL
2010-01-14 16:26 . 2010-01-14 16:26 -------- d-----w- c:\windows\EPSON CardMonitor Essential
2010-01-14 16:26 . 2003-07-02 06:00 131072 ----a-w- c:\windows\system32\Epcmlib.dll
2010-01-14 16:25 . 2010-01-14 16:25 -------- d-----w- c:\windows\EPSON PhotoStarter Essential
2010-01-14 16:25 . 2010-01-14 16:28 -------- d-----w- c:\program files\epson
2010-01-14 16:25 . 2003-08-06 05:00 29184 ----a-w- c:\windows\system32\escwiadn.dll
2010-01-14 16:25 . 2003-07-01 05:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-01-14 16:25 . 2003-07-01 05:00 22528 ----a-w- c:\windows\system32\esccmd.dll
2010-01-12 19:19 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 08:59 . 2010-02-03 23:36 87160 ----a-w- c:\documents and settings\LocalService.AUTORITE NT\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-10 21:49 . 2010-02-09 04:36 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Deployment
2010-01-10 06:31 . 2010-01-10 06:31 86576 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2010-01-10 06:31 . 2010-01-10 06:31 132672 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2010-01-10 06:31 . 2010-01-10 06:31 392728 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 04:35 . 2007-05-31 03:25 -------- d-----w- c:\program files\Steam
2010-02-09 04:16 . 2010-02-09 02:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 02:25 . 2010-02-09 02:25 5115824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-09 02:24 . 2010-02-09 02:24 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Malwarebytes
2010-02-08 21:19 . 2006-04-14 18:15 -------- d-----w- c:\program files\Warcraft III
2010-02-08 03:56 . 2009-07-19 02:25 -------- d-----w- c:\program files\Lavasoft
2010-02-08 03:56 . 2009-06-29 03:36 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-02-08 03:51 . 2006-03-29 22:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 22:27 . 2005-11-12 00:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-07 22:27 . 2008-10-10 15:44 -------- d-----w- c:\program files\Garena
2010-02-07 21:04 . 2005-12-13 03:03 -------- d-----w- c:\program files\LimeWire
2010-02-07 21:03 . 2006-07-31 17:57 -------- d-----w- c:\program files\Sony
2010-02-07 21:02 . 2005-11-13 20:03 -------- d-----w- c:\program files\Starcraft
2010-02-05 22:34 . 2009-01-07 07:25 -------- d-----w- c:\program files\BitComet
2010-02-04 23:25 . 2006-07-21 05:06 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-02 23:43 . 2006-03-05 08:32 -------- d-----w- c:\program files\World of Warcraft
2010-01-31 03:13 . 2008-10-06 01:48 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-26 04:01 . 2006-04-14 18:21 91647 ----a-w- c:\windows\War3Unin.dat
2010-01-22 08:18 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 19:58 . 2009-12-21 23:04 79488 ----a-w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-16 02:33 . 2008-10-06 01:48 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-07 21:07 . 2010-02-09 02:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-03 23:59 . 2010-01-03 23:59 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{D2A6A317-7450-472F-8C72-17783BD2E5E3}
2010-01-03 23:59 . 2010-01-03 23:59 -------- d-----w- c:\program files\Viewer
2010-01-03 23:49 . 2010-01-03 23:49 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\FUJIFILM
2009-12-24 21:31 . 2006-06-27 19:19 1331584 ----a-w- c:\program files\Tenacious D - Dear Penis.mp3
2009-12-24 00:46 . 2006-12-30 19:05 2934647 ----a-w- c:\program files\Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
2009-12-24 00:46 . 2006-12-30 19:05 5283840 ----a-w- c:\program files\Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
2009-12-24 00:45 . 2006-08-03 00:50 -------- d-----w- c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Apple Computer
2009-12-23 20:55 . 2006-12-30 19:03 5839654 ----a-w- c:\program files\G-Unit - Lay You Down.mp3
2009-12-22 19:05 . 2001-09-28 17:00 84526 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-22 19:05 . 2001-09-28 17:00 510324 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-22 02:33 . 2009-03-19 16:57 -------- d-----w- c:\program files\Windows Live
2009-12-22 02:33 . 2009-12-22 02:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-22 02:32 . 2009-12-22 02:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-22 02:30 . 2009-12-22 02:30 -------- d-----w- c:\program files\Microsoft
2009-12-21 19:07 . 2004-08-04 04:54 916480 ------w- c:\windows\system32\wininet.dll
2009-11-21 15:58 . 2004-08-04 04:54 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2008-11-24 03:31 . 2008-11-24 03:31 7168 --sha-w- c:\program files\Thumbs.db
2007-11-20 05:30 . 2007-11-20 05:26 4442072 ----a-w- c:\program files\Timberland and One Republic - Apologize.mp3
2007-09-02 16:40 . 2007-09-02 16:29 39839888 ----a-w- c:\program files\Elvis Presley - Video - My Way.avi
2007-09-02 16:36 . 2007-09-02 16:30 33219256 ----a-w- c:\program files\ Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
2007-09-02 16:05 . 2007-09-02 16:00 40135480 ----a-w- c:\program files\Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
2007-09-02 16:00 . 2007-09-02 16:00 1167481 ----a-w- c:\program files\lisa marie presley with elvis.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\hound doggy elvis presly.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\presley elvis loving you.mov
2007-09-02 15:59 . 2007-09-02 15:59 1167481 ----a-w- c:\program files\pretty women elvis presley.mov
2007-09-02 15:27 . 2007-09-02 15:12 2713025 ----a-w- c:\program files\Greace - John Travolta Grease - I Got Chills.mp3
2007-09-02 15:24 . 2007-09-02 15:20 5603706 ----a-w- c:\program files\Mandy Moore - Only Hope - A Walk to Remember(3).mp3
2007-09-02 15:23 . 2007-09-02 15:10 3475375 ----a-w- c:\program files\Grease Soundtrack - Summer Love.mp3
2007-09-02 15:21 . 2007-09-02 15:19 3514496 ----a-w- c:\program files\Kelly Clarkson - Because Of You.mp3
2007-09-02 15:18 . 2007-09-02 15:12 2097152 ----a-w- c:\program files\T-2729580-Greace - You're The One That I Want.mp3
2007-09-02 15:13 . 2007-09-02 15:13 3142112 ----a-w- c:\program files\Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
2007-09-02 15:12 . 2007-09-02 15:12 1595940 ----a-w- c:\program files\Greese - Look At Me, I'm Sandra Dee.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2725888 ----a-w- c:\program files\Grease Soundtrack - You're The One That I Want.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2521088 ----a-w- c:\program files\Grease - John Travolta - Sandy.mp3
2007-09-02 15:12 . 2007-09-02 15:11 2873887 ----a-w- c:\program files\Grease soundtrack - We go together.mp3
2007-09-02 15:12 . 2007-09-02 15:12 3111706 ----a-w- c:\program files\Greese Soundtrack - Greased Lightning.mp3
2007-09-02 15:12 . 2007-09-02 15:11 3471151 ----a-w- c:\program files\greace - grease soundtrack - tell me more.mp3
2007-09-02 14:44 . 2007-09-02 14:30 5057862 ----a-w- c:\program files\Annie Villeneuve - Un Ange Qui Passe.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487814 ----a-w- c:\program files\Celine Dion - Im Your Lady.mp3
2007-09-02 14:43 . 2007-09-02 14:36 5487524 ----a-w- c:\program files\Celine Dion - The Power Of Love.mp3
2007-09-02 14:42 . 2007-09-02 14:30 4429157 ----a-w- c:\program files\Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
2007-09-02 14:38 . 2007-09-02 14:31 4639050 ----a-w- c:\program files\Celine Dion & Barbara Streisand - Tell Him.mp3
2007-09-02 14:35 . 2007-09-02 14:30 4624801 ----a-w- c:\program files\Rihana - Unfaithfull.mp3
2007-09-02 14:34 . 2007-09-02 14:31 5033984 ----a-w- c:\program files\Celine Dion - I'm Alive.mp3
2007-09-02 14:31 . 2007-09-02 14:29 3066115 ----a-w- c:\program files\From Justin To Kelly Soundtrack - Timeless.mp3
2007-08-29 05:07 . 2007-08-29 05:07 4042964 ----a-w- c:\program files\Shop boyz- Party Like A Rockstarb.mp3
2007-08-27 23:54 . 2007-08-27 23:54 3463168 ----a-w- c:\program files\Linkin Park - In The End.mp3
2007-08-26 01:04 . 2007-08-26 01:04 3772163 ----a-w- c:\program files\Plain White T's - Hey There Delilah.mp3
2007-08-24 03:07 . 2007-08-24 03:04 4409472 ----a-w- c:\program files\Rahzell - Four Elements.mp3
2007-08-24 03:05 . 2007-08-24 03:04 6248448 ----a-w- c:\program files\Rahzell - Heavy Beat Boxing.mp3
2007-08-24 03:05 . 2007-08-24 03:04 4011496 ----a-w- c:\program files\Rahzell - The Human Beatbox.mp3
2007-08-24 03:05 . 2007-08-24 03:04 2152907 ----a-w- c:\program files\Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
2007-08-24 03:05 . 2007-08-24 03:04 3993600 ----a-w- c:\program files\Razelle - The Art Of Beatboxing.mp3
2007-08-24 03:04 . 2007-08-24 03:04 2014644 ----a-w- c:\program files\Rahzel - Mortal Kombat.mp3
2007-07-14 17:24 . 2007-07-14 17:20 6968609 ----a-w- c:\program files\Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
2007-07-14 17:20 . 2007-07-14 17:20 5184566 ----a-w- c:\program files\Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
2007-07-14 15:14 . 2007-07-14 15:13 5560434 ----a-w- c:\program files\System of A Down - Lost In Hollywood.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4027156 ----a-w- c:\program files\System of a Down - Lonely Day.mp3
2007-07-14 15:14 . 2007-07-14 15:13 4872192 ----a-w- c:\program files\System of a Down - The Prison Song.mp3
2007-07-14 15:14 . 2007-07-14 15:13 5056330 ----a-w- c:\program files\System Of The Down - Chop Suey.mp3
2007-07-14 15:13 . 2007-07-14 15:13 4552832 ----a-w- c:\program files\System Of A Down - Hypnotize .mp3
2007-06-20 04:14 . 2007-06-20 04:13 3733716 ----a-w- c:\program files\Gritz - My Life Be Like.mp3
2007-06-20 04:14 . 2007-06-20 04:13 6028006 ----a-w- c:\program files\10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
2007-06-20 04:13 . 2007-06-20 04:13 6027878 ----a-w- c:\program files\Gym Class Heroes- Cupids Choke hold.mp3
2007-05-25 15:40 . 2007-05-25 15:40 6289796 ----a-w- c:\program files\Desert_Wind-Misirlou-13.wma
2007-05-25 15:40 . 2007-05-25 15:33 5620946 ----a-w- c:\program files\Wolfmother - Woman.mp3
2007-05-25 15:39 . 2007-05-25 15:39 3591272 ----a-w- c:\program files\Dick Dale - Misirlou (Pulp Fiction Theme).mp3
2007-05-25 15:37 . 2007-05-25 15:36 5142569 ----a-w- c:\program files\Kansas - Carry On My Wayward Son.mp3
2007-05-25 15:34 . 2007-05-25 15:33 9723904 ----a-w- c:\program files\Lynard Skynard - Free Bird.mp3
2007-05-25 15:15 . 2007-05-25 15:15 5949555 ----a-w- c:\program files\Justin Timberlake - Summer Love.mp3
2007-05-25 15:11 . 2007-05-25 15:09 4817543 ----a-w- c:\program files\David Guetta vs The Egg - Love Don't Let Me Go.mp3
2007-05-25 15:10 . 2007-05-25 15:09 4618240 ----a-w- c:\program files\David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
2007-05-25 03:35 . 2007-05-25 03:26 3176372 ----a-w- c:\program files\David Guetta - Love Is Gone.mp3
2007-05-25 03:28 . 2007-05-25 03:26 6750439 ----a-w- c:\program files\David Guetta - Fuck me I'm Famous (Martin Solveig Mix).mp3
2007-05-25 03:28 . 2007-05-25 03:26 6406686 ----a-w- c:\program files\David Guetta - In Love With Myself.mp3
2007-05-25 03:27 . 2007-05-25 03:26 5234068 ----a-w- c:\program files\David Guetta - The World Is Mine.mp3
2007-05-25 03:26 . 2007-05-25 03:25 7008758 ----a-w- c:\program files\David Guetta - love don't let me go.mp3
2007-04-07 21:17 . 2007-04-07 20:41 6318605 ----a-w- c:\program files\Lord of the Rings - The Two Towers - Main Theme - Requiem for a Dream.mp3
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-01-10 06:41 2166296 ----a-w- c:\program files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-01-10 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SetDefaultMIDI"="MIDIDef.exe" [2005-04-22 73728]
"Steam"="c:\program files\steam\steam.exe" [2009-10-24 1217808]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2006-03-21 20480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"nwiz"="nwiz.exe" [2009-02-18 1657376]
"P17Helper"="SPIRun.dll" [2006-07-03 10752]
"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-03-25 45056]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-05-07 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-24 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"P17RunE"="P17RunE.dll" [2007-04-09 14848]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-21 2043160]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-26 14370816]
"EPSON Stylus CX4600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE" [2004-03-04 98304]
c:\documents and settings\karl.AUCUNE-1D235B0F\Menu D‚marrer\Programmes\D‚marrage\
CurseClientStartup.ccip [2010-1-10 0]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 13:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 04:34 24576 ----a-w- c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^SATARaid.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\SATARaid.lnk
backup=c:\windows\pss\SATARaid.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSDVCRAgent]
2002-05-30 20:56 1043968 ----a-w- c:\program files\ASUS\ASUS Digital VCR\Schedule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-29 07:00 28672 ----a-w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2006-03-21 06:05 20480 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-12-11 09:50 20992 ------w- c:\windows\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
2005-06-08 20:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 21:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 21:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 23:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
2006-03-08 14:45 190024 ----a-w- c:\program files\MessengerPlus! 3\MsgPlus.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-02-18 19:44 13680640 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-02-18 19:44 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-24 14:53 1217808 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-04-13 08:48 36975 ----a-w- c:\program files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
2002-07-02 09:56 24576 ----a-w- c:\windows\system32\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"=
"c:\\Program Files\\Steam\\SteamApps\\bayer88\\day of defeat\\hl.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Warcraft III\\pickup.listchecker.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\insaniquarium deluxe\\InsaniquariumDeluxe.exe"=
"c:\\Games\\DotA Allstars\\DotA Allstars.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\karl.AUCUNE-1D235B0F\\Local Settings\\Apps\\2.0\\B2NYP7OP.EX1\\L33H515C.EE1\\curs..tion_eee711038731a406_0004.0000_1430d97334050788\\CurseClient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:UDP"= 6112:UDP:WD3-HOST-UDP
"25166:TCP"= 25166:TCP:BitComet 25166 TCP
"25166:UDP"= 25166:UDP:BitComet 25166 UDP
"13549:TCP"= 13549:TCP:BitComet 13549 TCP
"13549:UDP"= 13549:UDP:BitComet 13549 UDP
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-02-07 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-28 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-28 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-28 297752]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-02-05 717296]
S2 gupdate1c9efc02850e80;Service Google Update (gupdate1c9efc02850e80);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-12-29 10880]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp --> c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-08 38224]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 saruen;saruen;\??\c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys --> c:\documents and settings\karl.AUCUNE-1D235B0F\Bureau\maplehack\saruen.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
.
Contenu du dossier 'Tâches planifiées'
2010-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 02:53]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://search.imgag.com/?appid=kwtb&component=UnifiedToolbarFF&c=GNKWO50020&sbs=1&sc=&f=web&vernum=3.2&uid=&did={65bf9ef0-5d4f-11de-b402-0013d4a55fcc}&q=
FF - component: c:\documents and settings\karl.AUCUNE-1D235B0F\Application Data\Mozilla\Firefox\Profiles\5yh4zgpa.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 00:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\KARL~1.AUC\LOCALS~1\Temp\SFE2D5.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dc,57,fc,9f,fb,c0,dc,c2,d6,a1,78,54,81,b3,8f,09,28,89,58,cd,d6,1e,af,
4d,86,3a,17,1c,e4,a1,44,fe,df,8e,28,a7,57,3a,82,d8,90,b2,7c,b6,f8,bb,bd,d9,\
"??"=hex:ac,73,76,d6,2b,c0,79,53,60,58,47,6a,de,d9,14,4b
[HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\Software\SecuROM\License information*]
"datasecu"=hex:cd,23,95,b4,91,93,23,15,f7,5e,ef,5b,ba,b7,29,e5,4d,57,32,c1,fd,
ea,50,3f,d4,fc,c7,34,ce,dd,cf,b3,94,6e,3f,0e,ae,93,23,75,54,4d,11,8d,75,7c,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
.
Heure de fin: 2010-02-09 00:26:26
ComboFix-quarantined-files.txt 2010-02-09 05:26
ComboFix2.txt 2010-02-09 04:45
Avant-CF: 14 149 390 336 octets libres
Après-CF: 14 098 538 496 octets libres
Current=4 Default=4 Failed=3 LastKnownGood=2 Sets=1,2,3,4
- - End Of File - - C88A2DA702B9F1ABE1E2AF5308A169A7
je ne sais pas si je les fais correctement jai redemare mon ordi jai fait mode sans echec et jai parti le combofix dans le mode sans échec après tout cela a redemare par lui même et est redevenue dans le mode normal et ses sa que sa ma donner
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
List'em by g3n-h@ckm@n 1.2.5.0
User : karl (Administrateurs)
Update on 08/02/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 16:27:29 | 2010-02-09
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 111,78 Go (13,11 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\35.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
SetDefaultMIDI REG_SZ MIDIDef.exe
Steam REG_SZ "c:\program files\steam\steam.exe" -silent
EA Core REG_SZ "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Logitech Utility REG_SZ Logi_MwX.Exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
P17Helper REG_SZ Rundll32 SPIRun.dll,RunDLLEntry
Ulead AutoDetector REG_SZ C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
DeathAdder REG_SZ C:\Program Files\Razer\DeathAdder\razerhid.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
P17RunE REG_SZ RunDll32 P17RunE.dll,RunDLLEntry
C-Media Mixer REG_SZ Mixer.exe /startup
AVG8_TRAY REG_SZ C:\PROGRA~1\AVG\AVG8\avgtray.exe
RTHDCPL REG_SZ RTHDCPL.EXE
EPSON Stylus CX4600 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
DisableRegistryTools REG_DWORD 0 (0x0)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDrives REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDrives REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\WINDOWS\system32\wbsys.dll
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ AUCUNE-1D235B0F
DefaultUserName REG_SZ karl
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 0 (0x0)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 1 (0x1)
AltDefaultUserName REG_SZ karl
AltDefaultDomainName REG_SZ AUCUNE-1D235B0F
SfcScan REG_DWORD 0 (0x0)
ChangePasswordUseKerberos REG_DWORD 1 (0x1)
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480
C:\Program Files\HLSW\hlsw.exe REG_SZ C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW
C:\Program Files\Steam\Steam.exe REG_SZ C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
C:\Program Files\Ventrilo\Ventrilo.exe REG_SZ C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo
C:\Program Files\Steam\SteamApps\bayer88\counter-strike\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\Steam\SteamApps\bayer88\counter-strike source\hl2.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\counter-strike source\hl2.exe:*:Enabled:hl2
C:\WINDOWS\system32\dpvsetup.exe REG_SZ C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
C:\Program Files\World of Warcraft\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\mIRC\mirc.exe REG_SZ C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
C:\Program Files\Warcraft III\War3.exe REG_SZ C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III
C:\Program Files\World of Warcraft\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Warcraft III\Frozen Throne.exe REG_SZ C:\Program Files\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne
C:\StubInstaller.exe REG_SZ C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer
C:\Program Files\World of Warcraft\BackgroundDownloader.exe REG_SZ C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\Warcraft III\Warcraft III.exe REG_SZ C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
C:\Program Files\World of Warcraft\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Steam\SteamApps\bayer88\day of defeat\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\day of defeat\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe REG_SZ C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix
C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\WINDOWS\system32\PnkBstrA.exe REG_SZ C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
C:\WINDOWS\system32\PnkBstrB.exe REG_SZ C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\Warcraft III\pickup.listchecker.exe REG_SZ C:\Program Files\Warcraft III\pickup.listchecker.exe:*:Enabled:pickup.listchecker
C:\Program Files\Electronic Arts\EADM\Core.exe REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
C:\Program Files\Java\jre6\bin\java.exe REG_SZ C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
C:\Program Files\BitComet\BitComet.exe REG_SZ C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
C:\Program Files\Aspyr\Guitar Hero III\GH3.exe REG_SZ C:\Program Files\Aspyr\Guitar Hero III\GH3.exe:*:Enabled:Guitar Hero III
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\Program Files\World of Warcraft\Launcher.exe REG_SZ C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
C:\Program Files\Steam\steamapps\common\insaniquarium deluxe\InsaniquariumDeluxe.exe REG_SZ C:\Program Files\Steam\steamapps\common\insaniquarium deluxe\InsaniquariumDeluxe.exe:*:Enabled:Insaniquarium Deluxe Demo
C:\Games\DotA Allstars\DotA Allstars.exe REG_SZ C:\Games\DotA Allstars\DotA Allstars.exe:*:Enabled:DotA Allstars
C:\Program Files\AVG\AVG8\avgemc.exe REG_SZ C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG8\avgupd.exe REG_SZ C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG8\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe REG_SZ C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe:*:Enabled:Curse Client 4.0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\MSN Messenger\msncall.exe REG_SZ C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\CabBuilder
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{33564D57-0000-0010-8000-00AA00389B71}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D6F45B3-9043-443D-A792-115447494D24}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3 ( OK = 3 )
EapHost : 0x3 ( OK = 2 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x2 ( OK = 2 )
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\35.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
96512,9f3a2f5aa6875c72bf062c712cfa2674,b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9,C:\WINDOWS\System32\Drivers\atapi.sys
Sources
=======
C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
C:\WINDOWS\ERDNT\cache\atapi.sys
C:\WINDOWS\ServicePackFiles\i386\atapi.sys
C:\WINDOWS\system32\drivers\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\atapi.sys
Référence :
==========
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
=======
Drive :
=======
Défragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
112 Go total, 13,11 Go libre (11%), 26% fragmenté (fragmentation du fichier 52%)
Vous devriez défragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Present !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
Present !! : C:\Program Files\DAEMON Tools Toolbar
Present !! : C:\Program Files\WinPCap
Present !! : C:\WINDOWS\002891_.tmp
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
Present !! : C:\WINDOWS\iun6002.exe
Present !! : C:\WINDOWS\mbr.exe
Present !! : C:\WINDOWS\newname.dat
Present !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Present !! : C:\WINDOWS\System32\drivers\npf.sys
Present !! : C:\WINDOWS\System32\Packet.dll
Present !! : C:\WINDOWS\System32\pthreadVC.dll
Present !! : C:\WINDOWS\System32\SET*.tmp
Present !! : C:\WINDOWS\System32\WanPacket.dll
Present !! : C:\WINDOWS\System32\wpcap.dll
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\application data\Cosmos Prefs
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Kiwee Toolbar
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\EAD1B.exe
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\IadHide4.dll
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"
Present !! : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\Software\Trymedia Systems"
Present !! : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Present !! : HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Present !! : HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Present !! : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Present !! : HKCR\KiweeIEToolbar.KiweeToolbar
Present !! : HKCR\KiweeIEToolbar.KiweeToolbar.1
Present !! : HKCR\KiweeIEToolbar.ToolbarInfo
Present !! : HKCR\KiweeIEToolbar.ToolbarInfo.1
Present !! : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Present !! : HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Present !! : HKCU\Software\AGI
Present !! : HKLM\Software\Classes\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Present !! : HKLM\Software\Classes\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Present !! : HKLM\Software\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Present !! : HKLM\Software\Classes\Interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Present !! : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Present !! : HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar
Present !! : HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar.1
Present !! : HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Present !! : HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Present !! : HKLM\Software\Classes\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Present !! : HKLM\Software\Classes\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet002\Services\npf
Present !! : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet003\Services\npf
Present !! : HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet004\Services\npf
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\npf
============
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 17:00:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows Live\Communications Clients\Shared\1579758457\Groups]
"\x2019\1A?M?I?L?Y?"=dword:00000001
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys speb.sys >>UNKNOWN [0x8AAC4938]<<
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
Pakito - You Wanna Rock.mp3
01 Maneater.mp3
01 Track 1.wma
02 Felix Da Housecat - Now That The Love Has Gone (Les Rythmes Digitales Mix).mp3
03_bob_sinclar-everybody_movin.mp3
07 Busta Rythmes - I Love My Bitch.mp3
10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
13 Three Doors Down - Here Without You.mp3
14 - VARIOUS R & B ARTISTS - I'LL MAKE LOVE TO YOU - BOYS 11 MEN - MOTOWN FOREVER CD #2.mp3
2 Pac Tupac - Changes.mp3
3 Doors Down - Let Me Go.mp3
70's Disco - Bee Gees - Staying Alive.mp3
70's Pure Disco - Shake Your Groove Thing.mp3
70's Pure Disco - The Hustle.mp3
80s Disco - its raining men.mp3
80s The Whispers - And The Beat Goes On - DISCO 70's - 80's.mp3
90 dance snap - Rythme is a dancer.mp3
ACDC - You Shook Me All Night Long.MP3
Adobe
african bambaataa - breakdance remix.mp3
AGEIA Technologies
Ahead
Akon - Belly Dancer.mp3
Akon - Konvicted - 08 - I Cant Wait.mp3
Akon - Konvicted - 16 - Gun In My Hand.mp3
Akon - No Sunshine.mp3
Akon ft Snoop Dogg - I Wanna Fuck You.mp3
Akon- Dont Matter.mp3
Al Martino - My Foolish Heart.mp3
Alcohol Soft
Anni 60-70-80 - Super Disco Mix - Get Down On It, Funky Town, You Should Be Dancing Ymca, Bee Gees, Born To Be Alive (Mp3 - Musica).mp3
Annie Villeneuve - Un Ange Qui Passe.mp3
Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
Apple Software Update
Aspyr
ASUS
AV Music Morpher Gold
Ave Maria .mp3
AVG
Avril Lavigne - Girlfriend.mp3
Baby Bash feat. Akon - I'm Back.mp3
Baby Cham Feat. Akon - Ghetto Story (Remix).mp3
Backstreet Boys - I'll Never Break Your Heart.mp3
barry white - fetenhits - 70's disco classic - let the music play(2).mp3
Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
Benny Benassi - Can u feel the bass.mp3
Benny Benassi - Club - Insomnia Remix - Techno Dance Hits Mix.mp3
Benny Benassi - House 2006 - 24 - Who's Your Daddy (David Guetta Remix).mp3
Benny Benassi - Turn Me Up.mp3
benny benassi - vitalic - techno cocaine.mp3
Benny Benassi DJ Tiesto - Sparkles.mp3
benny benassi vs 50 cent - in da club satisfaction (remix).mp3
Berry White - You sexy thing.mp3
Billy Talent - Devil In A Midnight Mass.mp3
Billy Talent - Red Flag.mp3
Billy Talent - Try Honesty.mp3.mp3
BitComet
Black Eyed Peas feat Papa Roach - Anxiety.mp3
black taboo - dans ta bouche bitch.mp3
Black Taboo - God Bless The Topless.mp3
black taboo - une plote stune plote.mp3
Bob Sinclaire - Love Generation.mp3
Bob Sinclaire - Rock This Party.mp3
Bob Sinclaire - Sexy Dancer.mp3
Bob Sinclaire - World hold on.mp3
Breakdance - DJ Icey - Break to the Dance - Beats A Rockin'.mp3
Breakdance - Flare, Mill, Flare.mpeg
Breakdance-Bomfunk mc - Uprocking Beats (Speed Garage Mix).mp3
Bruno Pelletier - Aime.mp3
Bruno Pelletier - La Manic.mp3
Bruno Pelletier - Le bon gars et le salaud.mp3
Bruno Pelletier - Miserere.mp3
Bruno Pelletier - What A Wonderful World.mp3
Bun B Feat. Ying Yang Twins - Get It Girl.mp3
Bun B ft Ying Yang Twins - Get It Girl.mp3
Camillionaire - Riding Dirty.mp3
CCR - Mustang Sally.mp3
Ce soir on danse - Disco année 80.mp3
Celine Dion & Barbara Streisand - Tell Him.mp3
Celine Dion - I'm Alive.mp3
Celine Dion - Im Your Lady.mp3
Celine Dion - The Power Of Love.mp3
CEVO
Chrono Trigger - Frog [Orchestrated].mp3
Chrono Trigger - Frog's Theme.mp3
Ciara featuring Chamillionaire - Get Up Music Video.mpg
ClubLand 8 - 09 Rythme Fatal ft. Redd-Angel - Man In The Mirror (Club Mix).mp3
Common Files
ComPlus Applications
Conduit
Contours - Just A Little Misunderstanding (orig motown 45 1966).mp3
Copy of Juanes Feat. Taboo From The Black Eyed Peas - La Paga(1).mp3
Creative
Cypress Hill - Low Rider.mp3
CypressHill - Hits from the bong.mp3
Cypresshill - i wanna get high.mp3
Cypris Hill - Tequilla Sunrise.MP3
DAEMON Tools Toolbar
Dance 2005 - Disco Kings - Born To Be Alive (Benny Benassi Remix).mp3
Dance Fever Hits of the '70s - I Love the Nightlife (Disco Round) - Alicia Bridges.mp3
Dance Trance Dido - You Take My Breath Away - DJ Tiesto Vocal Mix.mp3
David Guetta - Fuck me I'm Famous (Martin Solveig Mix).mp3
David Guetta - In Love With Myself.mp3
David Guetta - love don't let me go.mp3
David Guetta - Love Is Gone.mp3
David Guetta - The World Is Mine.mp3
David Guetta vs The Egg - Love Don't Let Me Go.mp3
David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
Dean Martin & Frank Sinatra - That's Amore.mp3
Dean Martin - Return To Me.mp3
DeEjAy TwOcAn - Love Generation (4 Scott) New Monkey MC Stompin Natz Dance Techno Rave Happy Hardcore Bonkers DJ Besty Cammy Zitkus Gillies Fatcat Jacko Carlee Tiesto.MP3
Desert_Wind-Misirlou-13.wma
Desperado - The Soundtrack - 01 - Los Lobos & Antonio Banderas - Cancion Del Mariachi.mp3
Diablo II
Diablo II l
Dick Dale - Misirlou (Pulp Fiction Theme).mp3
Disco, 70s & 80s - Donna Summers - Hot Stuff.mp3
DivX
DJ Antoine - Arabian Adventure 2.mp3
DJ Igal - Hip Hop Remixes 2005 Vol 2 - Febuary 2005 Mixtape - Tiesto Feat. Kirsty Hawkshaw - Just Be (Club Mix).mp3
Dj Lev - Best Dance Trance MIX (Robert Miles, Delirium, Dj Tiesto, Paul Oakenfold, Sash, Armin Van Buuren and many more).mp3
Dj Tiesto - Adagio For Strings.mp3
DJ Tiesto - Ayla.mp3
DJ Tiesto - Cyberia (Deep Trance Mix).mp3
Dj tiesto - Forbidden Paradise (Deep Trance Mix).mp3
DJ Tiesto - He's a pirate.MP3
DJ Tiesto - In search of sunrise 2.mp3
DJ Tiesto - Lord Of Trance.mp3
Dj Tiesto - Nyana - Cd 2 - 03 - Andain - Beautiful Things (gabriel & Dresden Remix).mp3
dj tiesto - trance energy x - mix 2003 party mix techno.mp3
DJ Tiesto Feat. BT - Love Comes Again.mp3
Donna Summer - Hot Stuff - 70's Disco.mp3
EA GAMES
Electronic Arts
Elvis Crispo - Tu Sonrisa.mp3
Elvis Crispo-Linda Eh.mp3
Elvis Crispo-Suavemente.mp3
Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
Elvis Presley (Gospel) - Amazing Grace.mp3
Elvis Presley - A Little Less Conversation (JXL Remix).mp3
Elvis Presley - Are You Lonesome Tonight.mp3
Elvis Presley - Can't Help Falling in Love with You.mp3
Elvis Presley - Crying In The Chapel .mp3
Elvis Presley - I Believe - (Gospel).mp3
Elvis Presley - I Did It My Way.mp3
Elvis Presley - Its Now Or Never.mp3
Elvis Presley - Memories.mp3
Elvis Presley - Separate Ways.mp3
Elvis Presley - There Goes My Everything.mp3
Elvis Presley - Video - My Way.avi
Elvis Presley - You Were Always On My Mind.mp3
Eminem & Xzibit - Don't Approach Me.mp3
Eminem - Eminem Presents The Re-Up - Get Low (Stat Quo)(Poduced By Dr Dre).mp3
Eminem - Eminem Presents The Re-Up - no apologies.mp3
Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
Eminem - Encore - Mocking Bird.mp3
Eminem - Presents The Re-Up - 02 - Eminem, Obie Trice, Stat Quo, Bobby Creekwater Cahis - Were Back-easymp3s.mp3
Eminem - Presents The Re-Up - 08 - Eminem 50 Cent - Jimmy Crack Corn-easymp3s.mp3
Eminem - Presents The Re-Up - 16 - Stat Quo Bobby Creekwater - Smack That (Remix)-easymp3s.mp3
Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
Eminem - Smack That (ft. Akon).mp3
Eminem - When Im Gone.mp3
Eminem feat. 50 Cent, Cashis & Lloyd Banks - You Don't Know.mp3
Eminem Reup - 06 - THE_RE-UP (DIRTY).mp3
Engelbert Humperdink - Please Release me.mp3
Engelbert Humperdinck - Our Winter World of Love.mp3
engelbert humperdinck - portofino.mp3
Engelbert Humperdinck - Quando Quando.mp3
Engelbert Humperdinck - Ten Guitars.mp3
Engelbert Humperdink - A Man without love.MP3
Engelbert Humperdink - After the loving.mp3
Engelbert Humperdink - Blue Spanish Eyes.mp3
Engelbert Humperdink - MyWorld (Il Mondo).mp3
Engelbert Humperdink - The Last Waltz_the Very Best Of Englebert Humperdinck 1.mp3
Engelbert Humperdink - This Is My Song (The Very Best of Englebert Humperdinck).mp3
Englebert Humperdink - somewhere my love.mp3
Englebert Humperdink - Unchained Melody.mp3
Englebert_Humperdink_-_After_The_Loving.mp3
Enya - Lord of the Rings soundtrack - The Breaking of the Fellowship.mp3
epson
ESEA
Faith Hill ft. Tim McGraw - Like We Never Loved Before.mp3
Fall Out Boy - This Ain't A Scene, It's An Arms Race.mp3
Fall Out Boy - This Aint A Scene, Its An Arms Race.mp3
Fall Out Boys - This Aint A Scene, Its An Arms Race.mp3
Fallout Boys - Dance, Dance.mp3
Fallout Boys - Yule Shoot Your Eye Out.mp3
Fallout Boys- Sugar, Were Going Down.mp3
FEDEE LE GRAND - Put Your Hands Up For Detroit.mp3
Fergie - Fergalicious.mp3
Fergie - Fergalicious.mpg
Fergie - London Bridges.mp3
Fichiers communs
Fort Minor - Remember The Name (CD Version).mp3
Fort Minor - Remember The Name.mp3
Fort Minor- Where'd You Go.mp3
Frank Sinatra - That's Amore ft. Dean Martin.mp3
free-downloads.net
From Justin To Kelly Soundtrack - Timeless.mp3
Full Tilt Poker
G-Unit - Lay You Down.mp3
G-Unit -beg for mercy- Lay You Down.mp3
Garena
Gears of War - Mad World .mp3
Gladiator Soundtrack - End Theme.mp3
Gladiator Soundtrack - Grand Finale.mp3
Gladiator Soundtrack - Main Theme.mp3
Global Deejays vs. Benny Benassi - San Fransisco Dreaming (Musical Racket Mix) techno trance dance house remix underground d.mp3
Gnarles Barkley - Crazy.mp3
Gnarles Barkley - I Try.mp3
Gone in 60 Seconds - Bring Sally Up.mp3
Google
greace - grease soundtrack - tell me more.mp3
Greace - John Travolta Grease - I Got Chills.mp3
Grease - John Travolta - Sandy.mp3
Grease Soundtrack - Summer Love.mp3
Grease soundtrack - We go together.mp3
Grease Soundtrack - You're The One That I Want.mp3
green_theme.lwtp
Greese - Look At Me, I'm Sandra Dee.mp3
Greese Soundtrack - Greased Lightning.mp3
Gritz - My Life Be Like.mp3
gunz n roses - Knockin` On Heaven's Door.mp3
Gunz n Roses - Paradise City.mp3
Gunz N Roses - Welcome to the Jngle.mp3
Gwen Stefani featuring Akon - The Sweet Escape.mp3
Gwen Stefani-Wind It Up.mp3
Gym Class Heroes- Cupids Choke hold.mp3
halloween_theme.lwtp
Hinder - Lips Of An Angel.mp3
HLSW
hound doggy elvis presly.mov
Ice Cube - Go To Church ft. Lil Jon & Snoop Dogg.mp3
ICOO Loader
ijji
iMesh Applications
Incomplete
InstallShield Installation Information
Intel
Internet Explorer
iPod
ironik - J'mennuie part 2.mp3
Ironik - J'mennuie.mp3
Italiano - Mob Hits 1 - 02 - Dean Martin - Al-Di-La.mp3
iTunes
J-Kwon - Tipsy.MP3
Jackson 5 - I Saw Mommy Kissing Santa Claus - A Motown Christmas.mp3
Java
Jazz - Michael McDonald - Motown - 04 - I'm Gonna Make You Love Me.mp3
Joe Dassin - L' ete Indien.mp3
Joe Dassin - Le dernier slow.mp3
Joe Dassin - Le Moustique.mp3
Joe Dassin -=- On s'est aimé comme on se quitte.mp3
Johnny Cash - Cocaine Blues.mp3
Jonas - Edge Of Seventeen.mp3
Jonas - Like A River.mp3
Jonas - Show Me .mp3
Jonas-Fascination.mp3
jonh roles.mp3
Justin Timberlake - 04 - My Love ft T.I. & Timbaland.mp3
Justin Timberlake - Sexyback.mp3
Justin Timberlake - Summer Love.mp3
Justin Timberlake ft T.I - My Love.mp3
K C & THE SUNSHINE BAND - THAT'S THE WAY I LIKE IT - DISCO 70'S 80'S KAUFLEUTEN.MP3
Kansas - Carry On My Wayward Son.mp3
Kaspersky Lab
Kelly Clarkson - Because Of You.mp3
Kid Rock & Sheryl Crow - Picture.mp3
Kill Bill-Mc Mario - Party Mix 2004 -Twisted Nerve (The Whistle Song).mp3
Lavasoft
Led Zeppelin - Stairway To Heaven.mp3
Led Zepplin - Babe Im Going To Leave You .mp3
Les Justiciers Masqués - Détache tous mes boutons.mp3
Les Justiciers Masqués - Elvis Gratton au 411.mp3
Les Justiciers Masqués - Francais chiant (24 sept 05).mp3
Les Justiciers Masqués - Francais chiant (5 mars 05).mp3
Les justiciers masqués - Francais chiant (9 avril 05).mp3
Les Justiciers Masqués - Francais chiant Lance et compte.mp3
Les Justiciers Masqués - Francais chiant,spécial Winnipeg.mp3
Les justiciers masqués - hey toi fille toute seule.mp3
Les Justiciers Masqués - Je fume du pot.mp3
Les Justiciers Masqués - Ligne érotique Tarzan.mp3
Les Justiciers Masqués - Marc-Antoine niaise sa blonde.mp3
Les Justiciers Masqués - Radio réalité Vol à l'étalage.mp3
Les Justiciers Masqués - Radio réalité cadavre dans le coffre.mp3
Les Justiciers Masqués - Radio réalité la grosse Sonia.mp3
Les Justiciers Masqués - Radio réalité Papa chu enceinte.mp3
Les Justiciers Masqués - Radio réalité Sébastien pogne sa mère.mp3
Les justiciers masqués - Radio-réalité - Phonesex avec voix automatisée (17 oct 05).mp3
Les Justiciers Masqués -10- Faire L'amour Au Téléphone.mp3
Les Justiciers Masqués Special Hockey.mp3
Les Rythmes Digitales - American Metal.mp3
Les Rythmes Digitales - Jacques Your Body (Cassius remix).mp3
Limbo Riddim - Voicemail - Shake That Thing.mp3
lime wire ver 4.8.1 pro
LimeWire
Linkin Park - In The End.mp3
lisa marie presley with elvis.mov
List_Kill'em
LocalAutorun
Logitech
Lord of the Rings The Riders of Rohan.mp3
Lord of the Rings - Cirith Ungol.mp3
Lord of the Rings - Instrumental Theme.mp3
Lord Of The Rings - The Return of the King - 03 - Minas Tirith.mp3
Lord of the Rings - The Two Towers - Main Theme - Requiem for a Dream.mp3
Lord of the Rings - Twilight and Shadow.mp3
Lord of the Rings Soundtrack - Enya - May it Be.mp3
Lord of the Rings Soundtrack - Pippin's Song.mp3
Lord of the Rings Theme (Enigma).mp3
Lord of the rings-of Lodoss War - Elven Flute.mp3
Loreena McKennitt - Lord of the Rings - Gandalf.mp3
Lou Rawls - You'll Never Find Another Love Like Mine (Various-Disco Ball Dance Hits of the 70's).mp3
Lynard Skynard - Free Bird.mp3
Macy Gray - I Try.mp3
Malwarebytes' Anti-Malware
Mandy Moore - Only Hope - A Walk to Remember(3).mp3
Mario Lanza - Because You're Mine.mp3
Mario Pelchat - Pleurs Dans La Pluie.mp3
Marvell
MC Mario - (Techno House Rave) Brooklyn Bounce - The Music's Got Me (Club Mix).mp3
MC Mario - King Of My Castle.mp3
MC Mario - Put Your Hands Up In The Air.mp3
Mc Mario - Red Lite.mp3
MC Mario .Dance Club Remixes - House Mix 2006 (tecno).mp3
Mc Mario- Sweet Dreams.mp3
Megamix 70's 80's old school disco-Sos band,frankie Smith,Midnight Star,Chic,Salt & Pepper,Soul sonic force,Rick James,Dazz Band,.mp3
Mes Aieux - Degeneration.mp3
Messenger
MessengerPlus! 3
Mica - Grace Kelly.mp3
Michael McDonald - Motown - 05 - Ain't Nothing Like The Real Thing(1).mp3
Microsoft
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
mIRC
Missy eliot - Missy elliot - Work it.mpg
Missy Eliot feat Ciara - Lose Control.mpg
Missy Eliott - Gossip Folks.mpg
Moby - Porcelain ( The Beach Soundtrack).mp3
Motown - 70's - Bill Withers- Ain't No Sunshine.mp3
Motown - 70's - Isley Brothers - Who's That Lady.mp3
Motown - 70's - Stevie Wonder - Superstition.mp3
Motown - Al Green - I'll take you there.mp3
Motown - Aretha Franklin - Chain Of Fools.mp3
Motown - Four Tops - Baby I Need Your Lovin'.mp3
Motown - Four Tops - It's the Same Old Song.mp3
MOTOWN - Lionel Richey - Easy Like Sunday Morning.mp3
Motown - Marvin Gay - Me and Mrs Jones.mp3
Motown - Marvin Gaye - I Heard it through the grape vine.mp3
Motown - Ray Charles - Georgia on My Mind.mp3
Motown - Smokey Robinson - Ooo Baby Baby.mp3
Motown - The Temptations - I Wish It Would Rain.mp3
motown Aretha Franklin -- Rescue Me.mp3
Motown Legends Duets - Ain't Nothing Like The Real Thing - Marvin Gaye & Tammi Terrell(1).mp3
Motown R&B 70's - Al Green - Let's Get Together.mp3
MOTOWN REMIXED - Gladys Knight & The Pips - I Heard It Through The Grapvine_(sympathy_for_the_grapes_mix).mp3
motown-Percy Sledge - When a Man Loves a Women (1).mp3
MOTOWN-Stylistics - You Make Me Feel Brand New.mp3
Movie Maker
Movie Soundtrack - Space Jam - Theme Song.mp3
Movie Soundtracks - Enya - Gladiator Soundtrack- Now We Are .mp3
Movie Themes-Pirates des caraïbes.MP3
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
MTV ULTIMATE MASH UPS- Benny Benassi vs 50 Cent - SATISFACTION vs IN DA CLUB (100 Baramuda Mash Up Mix).mp3
Nas - Everybody Wants To Rule The World (stillmatic).mp3
Nas - Just a Moment (Featuring Quan).mp3
Nas - Kissing.mp3
Nelly (Ft. Tim McGraw) - Over And Over Again.mp3
Nelly Fertado - Turn Off The Lights.mp3
Nelly Furtado - All Good Things Come To An End.mp3
Nelly Furtado - Say It Right.mp3
Nelly Furtado ft. Timberland & Justin Timberlake - Give It To Me.mp3
Nelly-Grillz.mp3
NetMeeting
NEXON
Nightwish - Lord Of The Rings.mp3
Nikkfurie - The A La Menthe (Ocean's 12 Laser Breakdance).mp3
Now Dance 2005 - DJ Tiesto - Just Be.mp3
Oldies - 70's Disco - Car Wash.mp3
Oldies - Elvis Presley The Wonder Of You.mp3
Oldies - Motown - Delfonics - Oh Girl.mp3
Oldies - Motown - Martha and the Vandellas - Dancing In the Streets.mp3
Oldies- 70's&80's - Pure Disco - The Hustle.mp3
Oldies-Motown - Aretha Franklin - Natural Woman.mp3
Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
one day tom jones.mp3
Online Services
Orbit - And The Beat Goes On (80's breakdance).mp3
Outlook Express
Papa Roach - Between Angels And Insects.mp3
papa roach - last resort.mp3
Papa Roach - Suffication.mp3
Papa Roach - Take Me.mp3
Patsy Cline - Crazy.mp3
Patsy Cline- Crazy.mp3
Phil Collins & Genesis - Easy Lover.mp3
Pirates Des Caraibes - Jack Sparow.mp3
Pit Bull ft. Lil John - Toma.mp3
Plain White T's - Hey There Delilah.mp3
PokerStars.NET
presley elvis loving you.mov
pretty women elvis presley.mov
Pussy Cat Dolls ft Snoop Dogg - Buttons .mp3
QuickTime
Rahzel - Mortal Kombat.mp3
Rahzell - Four Elements.mp3
Rahzell - Heavy Beat Boxing.mp3
Rahzell - The Human Beatbox.mp3
Ratatat - Seventeen Years.mp3
Razelle - The Art Of Beatboxing.mp3
Razer
Real
Realtek
red_theme.lwtp
Reference Assemblies
rick james - disco 70's 80's kaufleuten - superfreak.mp3
Rihana - Unfaithfull.mp3
Rodney Carrington - Dear Penis.mp3
Samsung
Scarface & tupac- Smile.mp3
Screaming Bee
Sean Paul ft. Keyshia Cole - Give It Up To Me (Remix).mp3
Sequelizer
Services en ligne
Shop boyz- Party Like A Rockstarb.mp3
Silverstein - My Sword Versus Your Dagger.mp3
Slash's Snakepit - Speed Parade.mp3
Snoop Dogg feat. Pharrell - Drop It Like It's Hot.mp3
So You Think You Can Dance - Jamile & Melissa - Hip Hop.mov
so you think you can dance - jamile-destini-hiphop-090705.mov
Sony
Sony Setup
Spybot - Search & Destroy
Spybot - Search & Destroyy
SSony Setup
Starcraft
Stardock
Stars on 45 - Motown Disco Megamix - 27.14 medley of Supremes, 4 Tops, Gladys Knight & The Pips, and Martha Reeves & The Van.mp3
Steam
System Of A Down - Aerials.mp3
System Of A Down - Hypnotize .mp3
System Of A Down - Hypnotize.wma
System of a Down - Lonely Day.mp3
System of A Down - Lost In Hollywood.mp3
System Of A Down - The Metro.wma
System of a Down - The Prison Song.mp3
System of a Down-BYOB.mp3
System Of The Down - Chop Suey.mp3
Systeme Of A Down - Toxicity.mp3
SystemRequirementsLab
T-2729580-Greace - You're The One That I Want.mp3
T-2992945-Italian Love Songs 1 - 01 - Speak Softly Love (Godfather Theme) Al Martino.mp3
Taktika - Tu Reconnais Nos Gangs Ft. Black Taboo.mp3
Tears for Fears- Mad World.mp3
Techno - Trance - Delerium - The Silence (DJ Tiesto remix) Paul Oakenfold.mp3
Techno - Trance - House - BT - Dreaming (dj tiesto remix).mp3
Tecno-Rave (Mortel Combat).mp3
Tenacious D - Dear Penis.mp3
Tenacious D - Fuck Her Gently.mp3
Tenacious D - Fuck Her Gently.mpg
Tenacious D - The Greatest Song In the World.mp3
Tenacious D- Tribute.mp3
The Longest Yard Soundtrack - 13 - Fly Away - Nelly .mp3
The Longest Yard Soundtrack - Nelly - Here Comes The Boom.mp3
The Lord of the Rings Enya - Ask the Mountains.mp3
The Lord of the Rings- The Fellowship of the Ring - Original Motion Picture Soundtrack - 18 - Enya - May it Be.mp3
The Trammps - Disco Inferno.mp3
THQ
Three Doors Down - Here By Me.mp3
Three Doors Down - So Far Down.mp3
Three Doors Down - Superman Kryptonite.mp3
Three Doors Down - When I'm Gone.mp3
Three Six Mafia & Fiend - Bring Sally Up Remix.mp3
Thumbs.db
Tim McGraw - My Little Girl.mp3
Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil Jon).mp3
Timberland and One Republic - Apologize.mp3
todd terry - Keep On Jumping (DJ Scot Project Remix).mp3
Tom Jones - It's Not Unusual.mp3
Tom Jones - Sex Bomb.mp3
Tom Jones - She is Lady.mp3
Tower of Power - Soul With A Capital 'S'.mp3
Tower of Power - Soul with a Capital S.mp3
TQDefiler
TrendMicro
Trymedia
Tupac & Dr Dre - California love (1).mp3
Tupac & Dr.Dre - Ghetto Fabulous (Remix).mp3
Tupac & Scarface - Smile.mp3
Tupac - Shed so Many Tears.mp3
Tupac - Thug Passion.mp3
Tupac, Jodeci - Toss It Up.mp3
Ulead Systems
Uninstall Information
Ventrilo
VentSrv
VideoLAN
Viewer
Voicemail - Get Crazy.mp3
Voicemail - Shake that thing.mp3
Volare.mp3
War - Lowrider.mp3
Warcraft III
WC3Banlist
Winamp
Windows Live
Windows Live SkyDrive
Windows Media Components
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinPcap
WinRAR
Wizet
Wolfmother - Woman.mp3
World of Warcraft
World of Warcraft Installer
x-zibit- hey now.mp3
x264
xerox
xibit feat nate dogg - xzibit - multiply.mp3
Xzibit - Get Your Walk On.mp3
Xzibit - Paparazzi.mp3
Xzibit_-_Concentrate.mp3
Yahoo!
Ying Yang Twins - usa - ft. Pitbull - Shake 19.mp3
Young Jeezy ft Akon - Soul Survivor.mp3
============
Drive C:
============
$AVG8.VAULT$
9661a998e466ff936c9d95331dd383
AUTOEXEC.BAT
AV_LOGS
bd9551dcac57f9efe0645dbaf438
Boot.bak
boot.ini
Bootfont.bin
cmdcons
cmldr
CMLoader.log
ComboFix.txt
CONFIG.SYS
Documents and Settings
Downloads
EPSONREG
errlgr.txt
eula.1028.txt
eula.1031.txt
eula.1033.txt
eula.1036.txt
eula.1040.txt
eula.1041.txt
eula.1042.txt
eula.2052.txt
eula.3082.txt
Fraps
Games
globdata.ini
hiberfil.sys
Incomplete
install.ini
install.res.1028.dll
install.res.1031.dll
install.res.1033.dll
install.res.1036.dll
install.res.1040.dll
install.res.1041.dll
install.res.1042.dll
install.res.2052.dll
install.res.3082.dll
IO.SYS
kav
Kill'em
LevelCompilation.txt
List'em.txt
LogiSetup.log
Logs
MSDOS.SYS
MSIInstall.log
MSOCache
npigl.dll
npigl.xpt
User : karl (Administrateurs)
Update on 08/02/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 16:27:29 | 2010-02-09
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 111,78 Go (13,11 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\35.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
SetDefaultMIDI REG_SZ MIDIDef.exe
Steam REG_SZ "c:\program files\steam\steam.exe" -silent
EA Core REG_SZ "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Logitech Utility REG_SZ Logi_MwX.Exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
P17Helper REG_SZ Rundll32 SPIRun.dll,RunDLLEntry
Ulead AutoDetector REG_SZ C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
DeathAdder REG_SZ C:\Program Files\Razer\DeathAdder\razerhid.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
P17RunE REG_SZ RunDll32 P17RunE.dll,RunDLLEntry
C-Media Mixer REG_SZ Mixer.exe /startup
AVG8_TRAY REG_SZ C:\PROGRA~1\AVG\AVG8\avgtray.exe
RTHDCPL REG_SZ RTHDCPL.EXE
EPSON Stylus CX4600 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
DisableRegistryTools REG_DWORD 0 (0x0)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDrives REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDrives REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\WINDOWS\system32\wbsys.dll
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ AUCUNE-1D235B0F
DefaultUserName REG_SZ karl
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 0 (0x0)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 1 (0x1)
AltDefaultUserName REG_SZ karl
AltDefaultDomainName REG_SZ AUCUNE-1D235B0F
SfcScan REG_DWORD 0 (0x0)
ChangePasswordUseKerberos REG_DWORD 1 (0x1)
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480
C:\Program Files\HLSW\hlsw.exe REG_SZ C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW
C:\Program Files\Steam\Steam.exe REG_SZ C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
C:\Program Files\Ventrilo\Ventrilo.exe REG_SZ C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo
C:\Program Files\Steam\SteamApps\bayer88\counter-strike\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\Steam\SteamApps\bayer88\counter-strike source\hl2.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\counter-strike source\hl2.exe:*:Enabled:hl2
C:\WINDOWS\system32\dpvsetup.exe REG_SZ C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
C:\Program Files\World of Warcraft\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.5.1.4449-to-1.9.0.4937-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\mIRC\mirc.exe REG_SZ C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
C:\Program Files\Warcraft III\War3.exe REG_SZ C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III
C:\Program Files\World of Warcraft\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Warcraft III\Frozen Throne.exe REG_SZ C:\Program Files\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne
C:\StubInstaller.exe REG_SZ C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer
C:\Program Files\World of Warcraft\BackgroundDownloader.exe REG_SZ C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\Warcraft III\Warcraft III.exe REG_SZ C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
C:\Program Files\World of Warcraft\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Steam\SteamApps\bayer88\day of defeat\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\bayer88\day of defeat\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe REG_SZ C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix
C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\WINDOWS\system32\PnkBstrA.exe REG_SZ C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
C:\WINDOWS\system32\PnkBstrB.exe REG_SZ C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\Warcraft III\pickup.listchecker.exe REG_SZ C:\Program Files\Warcraft III\pickup.listchecker.exe:*:Enabled:pickup.listchecker
C:\Program Files\Electronic Arts\EADM\Core.exe REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
C:\Program Files\Java\jre6\bin\java.exe REG_SZ C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
C:\Program Files\BitComet\BitComet.exe REG_SZ C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
C:\Program Files\Aspyr\Guitar Hero III\GH3.exe REG_SZ C:\Program Files\Aspyr\Guitar Hero III\GH3.exe:*:Enabled:Guitar Hero III
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\Program Files\World of Warcraft\Launcher.exe REG_SZ C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
C:\Program Files\Steam\steamapps\common\insaniquarium deluxe\InsaniquariumDeluxe.exe REG_SZ C:\Program Files\Steam\steamapps\common\insaniquarium deluxe\InsaniquariumDeluxe.exe:*:Enabled:Insaniquarium Deluxe Demo
C:\Games\DotA Allstars\DotA Allstars.exe REG_SZ C:\Games\DotA Allstars\DotA Allstars.exe:*:Enabled:DotA Allstars
C:\Program Files\AVG\AVG8\avgemc.exe REG_SZ C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG8\avgupd.exe REG_SZ C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG8\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe REG_SZ C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe REG_SZ C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Apps\2.0\B2NYP7OP.EX1\L33H515C.EE1\curs..tion_eee711038731a406_0004.0000_1430d97334050788\CurseClient.exe:*:Enabled:Curse Client 4.0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\MSN Messenger\msncall.exe REG_SZ C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\CabBuilder
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{33564D57-0000-0010-8000-00AA00389B71}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D6F45B3-9043-443D-A792-115447494D24}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3 ( OK = 3 )
EapHost : 0x3 ( OK = 2 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x2 ( OK = 2 )
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\35.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
96512,9f3a2f5aa6875c72bf062c712cfa2674,b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9,C:\WINDOWS\System32\Drivers\atapi.sys
Sources
=======
C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
C:\WINDOWS\ERDNT\cache\atapi.sys
C:\WINDOWS\ServicePackFiles\i386\atapi.sys
C:\WINDOWS\system32\drivers\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys
C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\atapi.sys
Référence :
==========
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
=======
Drive :
=======
Défragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
112 Go total, 13,11 Go libre (11%), 26% fragmenté (fragmentation du fichier 52%)
Vous devriez défragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Present !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
Present !! : C:\Program Files\DAEMON Tools Toolbar
Present !! : C:\Program Files\WinPCap
Present !! : C:\WINDOWS\002891_.tmp
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
Present !! : C:\WINDOWS\iun6002.exe
Present !! : C:\WINDOWS\mbr.exe
Present !! : C:\WINDOWS\newname.dat
Present !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Present !! : C:\WINDOWS\System32\drivers\npf.sys
Present !! : C:\WINDOWS\System32\Packet.dll
Present !! : C:\WINDOWS\System32\pthreadVC.dll
Present !! : C:\WINDOWS\System32\SET*.tmp
Present !! : C:\WINDOWS\System32\WanPacket.dll
Present !! : C:\WINDOWS\System32\wpcap.dll
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\application data\Cosmos Prefs
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Kiwee Toolbar
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\EAD1B.exe
Present !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\IadHide4.dll
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : HKEY_USERS\S-1-5-21-1960408961-1580818891-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Present !! : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"
Present !! : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\Software\Trymedia Systems"
Present !! : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Present !! : HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Present !! : HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Present !! : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Present !! : HKCR\KiweeIEToolbar.KiweeToolbar
Present !! : HKCR\KiweeIEToolbar.KiweeToolbar.1
Present !! : HKCR\KiweeIEToolbar.ToolbarInfo
Present !! : HKCR\KiweeIEToolbar.ToolbarInfo.1
Present !! : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Present !! : HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Present !! : HKCU\Software\AGI
Present !! : HKLM\Software\Classes\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Present !! : HKLM\Software\Classes\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Present !! : HKLM\Software\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Present !! : HKLM\Software\Classes\Interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Present !! : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Present !! : HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar
Present !! : HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar.1
Present !! : HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Present !! : HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Present !! : HKLM\Software\Classes\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Present !! : HKLM\Software\Classes\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet002\Services\npf
Present !! : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet003\Services\npf
Present !! : HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\ControlSet004\Services\npf
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPF
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\npf
============
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 17:00:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:08,39,bf,0c,15,9f,da,bd,82,2f,bd,05,3d,e9,4d,1d,e1,b3,ed,be,34,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:28,98,3d,d1,91,e0,3f,3b,4a,38,13,34,a8,15,aa,40,54,c1,46,f2,4c,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows Live\Communications Clients\Shared\1579758457\Groups]
"\x2019\1A?M?I?L?Y?"=dword:00000001
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys speb.sys >>UNKNOWN [0x8AAC4938]<<
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Elvis Presley and Celine Dion- If I Can Dream (American Idol).mpg
Pakito - You Wanna Rock.mp3
01 Maneater.mp3
01 Track 1.wma
02 Felix Da Housecat - Now That The Love Has Gone (Les Rythmes Digitales Mix).mp3
03_bob_sinclar-everybody_movin.mp3
07 Busta Rythmes - I Love My Bitch.mp3
10 Gym Class Heroes - Take A Look At My Girlfriend.mp3
13 Three Doors Down - Here Without You.mp3
14 - VARIOUS R & B ARTISTS - I'LL MAKE LOVE TO YOU - BOYS 11 MEN - MOTOWN FOREVER CD #2.mp3
2 Pac Tupac - Changes.mp3
3 Doors Down - Let Me Go.mp3
70's Disco - Bee Gees - Staying Alive.mp3
70's Pure Disco - Shake Your Groove Thing.mp3
70's Pure Disco - The Hustle.mp3
80s Disco - its raining men.mp3
80s The Whispers - And The Beat Goes On - DISCO 70's - 80's.mp3
90 dance snap - Rythme is a dancer.mp3
ACDC - You Shook Me All Night Long.MP3
Adobe
african bambaataa - breakdance remix.mp3
AGEIA Technologies
Ahead
Akon - Belly Dancer.mp3
Akon - Konvicted - 08 - I Cant Wait.mp3
Akon - Konvicted - 16 - Gun In My Hand.mp3
Akon - No Sunshine.mp3
Akon ft Snoop Dogg - I Wanna Fuck You.mp3
Akon- Dont Matter.mp3
Al Martino - My Foolish Heart.mp3
Alcohol Soft
Anni 60-70-80 - Super Disco Mix - Get Down On It, Funky Town, You Should Be Dancing Ymca, Bee Gees, Born To Be Alive (Mp3 - Musica).mp3
Annie Villeneuve - Un Ange Qui Passe.mp3
Annie Villeneuve - Quand Je Ferme Les Yeux.mp3
Apple Software Update
Aspyr
ASUS
AV Music Morpher Gold
Ave Maria .mp3
AVG
Avril Lavigne - Girlfriend.mp3
Baby Bash feat. Akon - I'm Back.mp3
Baby Cham Feat. Akon - Ghetto Story (Remix).mp3
Backstreet Boys - I'll Never Break Your Heart.mp3
barry white - fetenhits - 70's disco classic - let the music play(2).mp3
Beat Boxing - Rahzel - Freestyle Beatbox Session 2.mp3
Benny Benassi - Can u feel the bass.mp3
Benny Benassi - Club - Insomnia Remix - Techno Dance Hits Mix.mp3
Benny Benassi - House 2006 - 24 - Who's Your Daddy (David Guetta Remix).mp3
Benny Benassi - Turn Me Up.mp3
benny benassi - vitalic - techno cocaine.mp3
Benny Benassi DJ Tiesto - Sparkles.mp3
benny benassi vs 50 cent - in da club satisfaction (remix).mp3
Berry White - You sexy thing.mp3
Billy Talent - Devil In A Midnight Mass.mp3
Billy Talent - Red Flag.mp3
Billy Talent - Try Honesty.mp3.mp3
BitComet
Black Eyed Peas feat Papa Roach - Anxiety.mp3
black taboo - dans ta bouche bitch.mp3
Black Taboo - God Bless The Topless.mp3
black taboo - une plote stune plote.mp3
Bob Sinclaire - Love Generation.mp3
Bob Sinclaire - Rock This Party.mp3
Bob Sinclaire - Sexy Dancer.mp3
Bob Sinclaire - World hold on.mp3
Breakdance - DJ Icey - Break to the Dance - Beats A Rockin'.mp3
Breakdance - Flare, Mill, Flare.mpeg
Breakdance-Bomfunk mc - Uprocking Beats (Speed Garage Mix).mp3
Bruno Pelletier - Aime.mp3
Bruno Pelletier - La Manic.mp3
Bruno Pelletier - Le bon gars et le salaud.mp3
Bruno Pelletier - Miserere.mp3
Bruno Pelletier - What A Wonderful World.mp3
Bun B Feat. Ying Yang Twins - Get It Girl.mp3
Bun B ft Ying Yang Twins - Get It Girl.mp3
Camillionaire - Riding Dirty.mp3
CCR - Mustang Sally.mp3
Ce soir on danse - Disco année 80.mp3
Celine Dion & Barbara Streisand - Tell Him.mp3
Celine Dion - I'm Alive.mp3
Celine Dion - Im Your Lady.mp3
Celine Dion - The Power Of Love.mp3
CEVO
Chrono Trigger - Frog [Orchestrated].mp3
Chrono Trigger - Frog's Theme.mp3
Ciara featuring Chamillionaire - Get Up Music Video.mpg
ClubLand 8 - 09 Rythme Fatal ft. Redd-Angel - Man In The Mirror (Club Mix).mp3
Common Files
ComPlus Applications
Conduit
Contours - Just A Little Misunderstanding (orig motown 45 1966).mp3
Copy of Juanes Feat. Taboo From The Black Eyed Peas - La Paga(1).mp3
Creative
Cypress Hill - Low Rider.mp3
CypressHill - Hits from the bong.mp3
Cypresshill - i wanna get high.mp3
Cypris Hill - Tequilla Sunrise.MP3
DAEMON Tools Toolbar
Dance 2005 - Disco Kings - Born To Be Alive (Benny Benassi Remix).mp3
Dance Fever Hits of the '70s - I Love the Nightlife (Disco Round) - Alicia Bridges.mp3
Dance Trance Dido - You Take My Breath Away - DJ Tiesto Vocal Mix.mp3
David Guetta - Fuck me I'm Famous (Martin Solveig Mix).mp3
David Guetta - In Love With Myself.mp3
David Guetta - love don't let me go.mp3
David Guetta - Love Is Gone.mp3
David Guetta - The World Is Mine.mp3
David Guetta vs The Egg - Love Don't Let Me Go.mp3
David Guetta vs The Egg - Love Dont Let Me Go vs Walking Away.mp3
Dean Martin & Frank Sinatra - That's Amore.mp3
Dean Martin - Return To Me.mp3
DeEjAy TwOcAn - Love Generation (4 Scott) New Monkey MC Stompin Natz Dance Techno Rave Happy Hardcore Bonkers DJ Besty Cammy Zitkus Gillies Fatcat Jacko Carlee Tiesto.MP3
Desert_Wind-Misirlou-13.wma
Desperado - The Soundtrack - 01 - Los Lobos & Antonio Banderas - Cancion Del Mariachi.mp3
Diablo II
Diablo II l
Dick Dale - Misirlou (Pulp Fiction Theme).mp3
Disco, 70s & 80s - Donna Summers - Hot Stuff.mp3
DivX
DJ Antoine - Arabian Adventure 2.mp3
DJ Igal - Hip Hop Remixes 2005 Vol 2 - Febuary 2005 Mixtape - Tiesto Feat. Kirsty Hawkshaw - Just Be (Club Mix).mp3
Dj Lev - Best Dance Trance MIX (Robert Miles, Delirium, Dj Tiesto, Paul Oakenfold, Sash, Armin Van Buuren and many more).mp3
Dj Tiesto - Adagio For Strings.mp3
DJ Tiesto - Ayla.mp3
DJ Tiesto - Cyberia (Deep Trance Mix).mp3
Dj tiesto - Forbidden Paradise (Deep Trance Mix).mp3
DJ Tiesto - He's a pirate.MP3
DJ Tiesto - In search of sunrise 2.mp3
DJ Tiesto - Lord Of Trance.mp3
Dj Tiesto - Nyana - Cd 2 - 03 - Andain - Beautiful Things (gabriel & Dresden Remix).mp3
dj tiesto - trance energy x - mix 2003 party mix techno.mp3
DJ Tiesto Feat. BT - Love Comes Again.mp3
Donna Summer - Hot Stuff - 70's Disco.mp3
EA GAMES
Electronic Arts
Elvis Crispo - Tu Sonrisa.mp3
Elvis Crispo-Linda Eh.mp3
Elvis Crispo-Suavemente.mp3
Elvis Presley & Lisa Marie - Don't Cry Daddy (Rare Bootleg).mpg
Elvis Presley (Gospel) - Amazing Grace.mp3
Elvis Presley - A Little Less Conversation (JXL Remix).mp3
Elvis Presley - Are You Lonesome Tonight.mp3
Elvis Presley - Can't Help Falling in Love with You.mp3
Elvis Presley - Crying In The Chapel .mp3
Elvis Presley - I Believe - (Gospel).mp3
Elvis Presley - I Did It My Way.mp3
Elvis Presley - Its Now Or Never.mp3
Elvis Presley - Memories.mp3
Elvis Presley - Separate Ways.mp3
Elvis Presley - There Goes My Everything.mp3
Elvis Presley - Video - My Way.avi
Elvis Presley - You Were Always On My Mind.mp3
Eminem & Xzibit - Don't Approach Me.mp3
Eminem - Eminem Presents The Re-Up - Get Low (Stat Quo)(Poduced By Dr Dre).mp3
Eminem - Eminem Presents The Re-Up - no apologies.mp3
Eminem - Eminem Presents The Re-Up - You Don't Know (Ft. 50 Cent, Cashis & Lloyd Banks).mp3
Eminem - Encore - Mocking Bird.mp3
Eminem - Presents The Re-Up - 02 - Eminem, Obie Trice, Stat Quo, Bobby Creekwater Cahis - Were Back-easymp3s.mp3
Eminem - Presents The Re-Up - 08 - Eminem 50 Cent - Jimmy Crack Corn-easymp3s.mp3
Eminem - Presents The Re-Up - 16 - Stat Quo Bobby Creekwater - Smack That (Remix)-easymp3s.mp3
Eminem - Presents The Re-Up - 19 - Eminem 50 Cent - Ski Mask Way (Remix)-easymp3s.mp3
Eminem - Smack That (ft. Akon).mp3
Eminem - When Im Gone.mp3
Eminem feat. 50 Cent, Cashis & Lloyd Banks - You Don't Know.mp3
Eminem Reup - 06 - THE_RE-UP (DIRTY).mp3
Engelbert Humperdink - Please Release me.mp3
Engelbert Humperdinck - Our Winter World of Love.mp3
engelbert humperdinck - portofino.mp3
Engelbert Humperdinck - Quando Quando.mp3
Engelbert Humperdinck - Ten Guitars.mp3
Engelbert Humperdink - A Man without love.MP3
Engelbert Humperdink - After the loving.mp3
Engelbert Humperdink - Blue Spanish Eyes.mp3
Engelbert Humperdink - MyWorld (Il Mondo).mp3
Engelbert Humperdink - The Last Waltz_the Very Best Of Englebert Humperdinck 1.mp3
Engelbert Humperdink - This Is My Song (The Very Best of Englebert Humperdinck).mp3
Englebert Humperdink - somewhere my love.mp3
Englebert Humperdink - Unchained Melody.mp3
Englebert_Humperdink_-_After_The_Loving.mp3
Enya - Lord of the Rings soundtrack - The Breaking of the Fellowship.mp3
epson
ESEA
Faith Hill ft. Tim McGraw - Like We Never Loved Before.mp3
Fall Out Boy - This Ain't A Scene, It's An Arms Race.mp3
Fall Out Boy - This Aint A Scene, Its An Arms Race.mp3
Fall Out Boys - This Aint A Scene, Its An Arms Race.mp3
Fallout Boys - Dance, Dance.mp3
Fallout Boys - Yule Shoot Your Eye Out.mp3
Fallout Boys- Sugar, Were Going Down.mp3
FEDEE LE GRAND - Put Your Hands Up For Detroit.mp3
Fergie - Fergalicious.mp3
Fergie - Fergalicious.mpg
Fergie - London Bridges.mp3
Fichiers communs
Fort Minor - Remember The Name (CD Version).mp3
Fort Minor - Remember The Name.mp3
Fort Minor- Where'd You Go.mp3
Frank Sinatra - That's Amore ft. Dean Martin.mp3
free-downloads.net
From Justin To Kelly Soundtrack - Timeless.mp3
Full Tilt Poker
G-Unit - Lay You Down.mp3
G-Unit -beg for mercy- Lay You Down.mp3
Garena
Gears of War - Mad World .mp3
Gladiator Soundtrack - End Theme.mp3
Gladiator Soundtrack - Grand Finale.mp3
Gladiator Soundtrack - Main Theme.mp3
Global Deejays vs. Benny Benassi - San Fransisco Dreaming (Musical Racket Mix) techno trance dance house remix underground d.mp3
Gnarles Barkley - Crazy.mp3
Gnarles Barkley - I Try.mp3
Gone in 60 Seconds - Bring Sally Up.mp3
greace - grease soundtrack - tell me more.mp3
Greace - John Travolta Grease - I Got Chills.mp3
Grease - John Travolta - Sandy.mp3
Grease Soundtrack - Summer Love.mp3
Grease soundtrack - We go together.mp3
Grease Soundtrack - You're The One That I Want.mp3
green_theme.lwtp
Greese - Look At Me, I'm Sandra Dee.mp3
Greese Soundtrack - Greased Lightning.mp3
Gritz - My Life Be Like.mp3
gunz n roses - Knockin` On Heaven's Door.mp3
Gunz n Roses - Paradise City.mp3
Gunz N Roses - Welcome to the Jngle.mp3
Gwen Stefani featuring Akon - The Sweet Escape.mp3
Gwen Stefani-Wind It Up.mp3
Gym Class Heroes- Cupids Choke hold.mp3
halloween_theme.lwtp
Hinder - Lips Of An Angel.mp3
HLSW
hound doggy elvis presly.mov
Ice Cube - Go To Church ft. Lil Jon & Snoop Dogg.mp3
ICOO Loader
ijji
iMesh Applications
Incomplete
InstallShield Installation Information
Intel
Internet Explorer
iPod
ironik - J'mennuie part 2.mp3
Ironik - J'mennuie.mp3
Italiano - Mob Hits 1 - 02 - Dean Martin - Al-Di-La.mp3
iTunes
J-Kwon - Tipsy.MP3
Jackson 5 - I Saw Mommy Kissing Santa Claus - A Motown Christmas.mp3
Java
Jazz - Michael McDonald - Motown - 04 - I'm Gonna Make You Love Me.mp3
Joe Dassin - L' ete Indien.mp3
Joe Dassin - Le dernier slow.mp3
Joe Dassin - Le Moustique.mp3
Joe Dassin -=- On s'est aimé comme on se quitte.mp3
Johnny Cash - Cocaine Blues.mp3
Jonas - Edge Of Seventeen.mp3
Jonas - Like A River.mp3
Jonas - Show Me .mp3
Jonas-Fascination.mp3
jonh roles.mp3
Justin Timberlake - 04 - My Love ft T.I. & Timbaland.mp3
Justin Timberlake - Sexyback.mp3
Justin Timberlake - Summer Love.mp3
Justin Timberlake ft T.I - My Love.mp3
K C & THE SUNSHINE BAND - THAT'S THE WAY I LIKE IT - DISCO 70'S 80'S KAUFLEUTEN.MP3
Kansas - Carry On My Wayward Son.mp3
Kaspersky Lab
Kelly Clarkson - Because Of You.mp3
Kid Rock & Sheryl Crow - Picture.mp3
Kill Bill-Mc Mario - Party Mix 2004 -Twisted Nerve (The Whistle Song).mp3
Lavasoft
Led Zeppelin - Stairway To Heaven.mp3
Led Zepplin - Babe Im Going To Leave You .mp3
Les Justiciers Masqués - Détache tous mes boutons.mp3
Les Justiciers Masqués - Elvis Gratton au 411.mp3
Les Justiciers Masqués - Francais chiant (24 sept 05).mp3
Les Justiciers Masqués - Francais chiant (5 mars 05).mp3
Les justiciers masqués - Francais chiant (9 avril 05).mp3
Les Justiciers Masqués - Francais chiant Lance et compte.mp3
Les Justiciers Masqués - Francais chiant,spécial Winnipeg.mp3
Les justiciers masqués - hey toi fille toute seule.mp3
Les Justiciers Masqués - Je fume du pot.mp3
Les Justiciers Masqués - Ligne érotique Tarzan.mp3
Les Justiciers Masqués - Marc-Antoine niaise sa blonde.mp3
Les Justiciers Masqués - Radio réalité Vol à l'étalage.mp3
Les Justiciers Masqués - Radio réalité cadavre dans le coffre.mp3
Les Justiciers Masqués - Radio réalité la grosse Sonia.mp3
Les Justiciers Masqués - Radio réalité Papa chu enceinte.mp3
Les Justiciers Masqués - Radio réalité Sébastien pogne sa mère.mp3
Les justiciers masqués - Radio-réalité - Phonesex avec voix automatisée (17 oct 05).mp3
Les Justiciers Masqués -10- Faire L'amour Au Téléphone.mp3
Les Justiciers Masqués Special Hockey.mp3
Les Rythmes Digitales - American Metal.mp3
Les Rythmes Digitales - Jacques Your Body (Cassius remix).mp3
Limbo Riddim - Voicemail - Shake That Thing.mp3
lime wire ver 4.8.1 pro
LimeWire
Linkin Park - In The End.mp3
lisa marie presley with elvis.mov
List_Kill'em
LocalAutorun
Logitech
Lord of the Rings The Riders of Rohan.mp3
Lord of the Rings - Cirith Ungol.mp3
Lord of the Rings - Instrumental Theme.mp3
Lord Of The Rings - The Return of the King - 03 - Minas Tirith.mp3
Lord of the Rings - The Two Towers - Main Theme - Requiem for a Dream.mp3
Lord of the Rings - Twilight and Shadow.mp3
Lord of the Rings Soundtrack - Enya - May it Be.mp3
Lord of the Rings Soundtrack - Pippin's Song.mp3
Lord of the Rings Theme (Enigma).mp3
Lord of the rings-of Lodoss War - Elven Flute.mp3
Loreena McKennitt - Lord of the Rings - Gandalf.mp3
Lou Rawls - You'll Never Find Another Love Like Mine (Various-Disco Ball Dance Hits of the 70's).mp3
Lynard Skynard - Free Bird.mp3
Macy Gray - I Try.mp3
Malwarebytes' Anti-Malware
Mandy Moore - Only Hope - A Walk to Remember(3).mp3
Mario Lanza - Because You're Mine.mp3
Mario Pelchat - Pleurs Dans La Pluie.mp3
Marvell
MC Mario - (Techno House Rave) Brooklyn Bounce - The Music's Got Me (Club Mix).mp3
MC Mario - King Of My Castle.mp3
MC Mario - Put Your Hands Up In The Air.mp3
Mc Mario - Red Lite.mp3
MC Mario .Dance Club Remixes - House Mix 2006 (tecno).mp3
Mc Mario- Sweet Dreams.mp3
Megamix 70's 80's old school disco-Sos band,frankie Smith,Midnight Star,Chic,Salt & Pepper,Soul sonic force,Rick James,Dazz Band,.mp3
Mes Aieux - Degeneration.mp3
Messenger
MessengerPlus! 3
Mica - Grace Kelly.mp3
Michael McDonald - Motown - 05 - Ain't Nothing Like The Real Thing(1).mp3
Microsoft
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
mIRC
Missy eliot - Missy elliot - Work it.mpg
Missy Eliot feat Ciara - Lose Control.mpg
Missy Eliott - Gossip Folks.mpg
Moby - Porcelain ( The Beach Soundtrack).mp3
Motown - 70's - Bill Withers- Ain't No Sunshine.mp3
Motown - 70's - Isley Brothers - Who's That Lady.mp3
Motown - 70's - Stevie Wonder - Superstition.mp3
Motown - Al Green - I'll take you there.mp3
Motown - Aretha Franklin - Chain Of Fools.mp3
Motown - Four Tops - Baby I Need Your Lovin'.mp3
Motown - Four Tops - It's the Same Old Song.mp3
MOTOWN - Lionel Richey - Easy Like Sunday Morning.mp3
Motown - Marvin Gay - Me and Mrs Jones.mp3
Motown - Marvin Gaye - I Heard it through the grape vine.mp3
Motown - Ray Charles - Georgia on My Mind.mp3
Motown - Smokey Robinson - Ooo Baby Baby.mp3
Motown - The Temptations - I Wish It Would Rain.mp3
motown Aretha Franklin -- Rescue Me.mp3
Motown Legends Duets - Ain't Nothing Like The Real Thing - Marvin Gaye & Tammi Terrell(1).mp3
Motown R&B 70's - Al Green - Let's Get Together.mp3
MOTOWN REMIXED - Gladys Knight & The Pips - I Heard It Through The Grapvine_(sympathy_for_the_grapes_mix).mp3
motown-Percy Sledge - When a Man Loves a Women (1).mp3
MOTOWN-Stylistics - You Make Me Feel Brand New.mp3
Movie Maker
Movie Soundtrack - Space Jam - Theme Song.mp3
Movie Soundtracks - Enya - Gladiator Soundtrack- Now We Are .mp3
Movie Themes-Pirates des caraïbes.MP3
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
MTV ULTIMATE MASH UPS- Benny Benassi vs 50 Cent - SATISFACTION vs IN DA CLUB (100 Baramuda Mash Up Mix).mp3
Nas - Everybody Wants To Rule The World (stillmatic).mp3
Nas - Just a Moment (Featuring Quan).mp3
Nas - Kissing.mp3
Nelly (Ft. Tim McGraw) - Over And Over Again.mp3
Nelly Fertado - Turn Off The Lights.mp3
Nelly Furtado - All Good Things Come To An End.mp3
Nelly Furtado - Say It Right.mp3
Nelly Furtado ft. Timberland & Justin Timberlake - Give It To Me.mp3
Nelly-Grillz.mp3
NetMeeting
NEXON
Nightwish - Lord Of The Rings.mp3
Nikkfurie - The A La Menthe (Ocean's 12 Laser Breakdance).mp3
Now Dance 2005 - DJ Tiesto - Just Be.mp3
Oldies - 70's Disco - Car Wash.mp3
Oldies - Elvis Presley The Wonder Of You.mp3
Oldies - Motown - Delfonics - Oh Girl.mp3
Oldies - Motown - Martha and the Vandellas - Dancing In the Streets.mp3
Oldies- 70's&80's - Pure Disco - The Hustle.mp3
Oldies-Motown - Aretha Franklin - Natural Woman.mp3
Olivia Newton John - Hopelessly Devoted To You (Grease Soundtrack).mp3
one day tom jones.mp3
Online Services
Orbit - And The Beat Goes On (80's breakdance).mp3
Outlook Express
Papa Roach - Between Angels And Insects.mp3
papa roach - last resort.mp3
Papa Roach - Suffication.mp3
Papa Roach - Take Me.mp3
Patsy Cline - Crazy.mp3
Patsy Cline- Crazy.mp3
Phil Collins & Genesis - Easy Lover.mp3
Pirates Des Caraibes - Jack Sparow.mp3
Pit Bull ft. Lil John - Toma.mp3
Plain White T's - Hey There Delilah.mp3
PokerStars.NET
presley elvis loving you.mov
pretty women elvis presley.mov
Pussy Cat Dolls ft Snoop Dogg - Buttons .mp3
QuickTime
Rahzel - Mortal Kombat.mp3
Rahzell - Four Elements.mp3
Rahzell - Heavy Beat Boxing.mp3
Rahzell - The Human Beatbox.mp3
Ratatat - Seventeen Years.mp3
Razelle - The Art Of Beatboxing.mp3
Razer
Real
Realtek
red_theme.lwtp
Reference Assemblies
rick james - disco 70's 80's kaufleuten - superfreak.mp3
Rihana - Unfaithfull.mp3
Rodney Carrington - Dear Penis.mp3
Samsung
Scarface & tupac- Smile.mp3
Screaming Bee
Sean Paul ft. Keyshia Cole - Give It Up To Me (Remix).mp3
Sequelizer
Services en ligne
Shop boyz- Party Like A Rockstarb.mp3
Silverstein - My Sword Versus Your Dagger.mp3
Slash's Snakepit - Speed Parade.mp3
Snoop Dogg feat. Pharrell - Drop It Like It's Hot.mp3
So You Think You Can Dance - Jamile & Melissa - Hip Hop.mov
so you think you can dance - jamile-destini-hiphop-090705.mov
Sony
Sony Setup
Spybot - Search & Destroy
Spybot - Search & Destroyy
SSony Setup
Starcraft
Stardock
Stars on 45 - Motown Disco Megamix - 27.14 medley of Supremes, 4 Tops, Gladys Knight & The Pips, and Martha Reeves & The Van.mp3
Steam
System Of A Down - Aerials.mp3
System Of A Down - Hypnotize .mp3
System Of A Down - Hypnotize.wma
System of a Down - Lonely Day.mp3
System of A Down - Lost In Hollywood.mp3
System Of A Down - The Metro.wma
System of a Down - The Prison Song.mp3
System of a Down-BYOB.mp3
System Of The Down - Chop Suey.mp3
Systeme Of A Down - Toxicity.mp3
SystemRequirementsLab
T-2729580-Greace - You're The One That I Want.mp3
T-2992945-Italian Love Songs 1 - 01 - Speak Softly Love (Godfather Theme) Al Martino.mp3
Taktika - Tu Reconnais Nos Gangs Ft. Black Taboo.mp3
Tears for Fears- Mad World.mp3
Techno - Trance - Delerium - The Silence (DJ Tiesto remix) Paul Oakenfold.mp3
Techno - Trance - House - BT - Dreaming (dj tiesto remix).mp3
Tecno-Rave (Mortel Combat).mp3
Tenacious D - Dear Penis.mp3
Tenacious D - Fuck Her Gently.mp3
Tenacious D - Fuck Her Gently.mpg
Tenacious D - The Greatest Song In the World.mp3
Tenacious D- Tribute.mp3
The Longest Yard Soundtrack - 13 - Fly Away - Nelly .mp3
The Longest Yard Soundtrack - Nelly - Here Comes The Boom.mp3
The Lord of the Rings Enya - Ask the Mountains.mp3
The Lord of the Rings- The Fellowship of the Ring - Original Motion Picture Soundtrack - 18 - Enya - May it Be.mp3
The Trammps - Disco Inferno.mp3
THQ
Three Doors Down - Here By Me.mp3
Three Doors Down - So Far Down.mp3
Three Doors Down - Superman Kryptonite.mp3
Three Doors Down - When I'm Gone.mp3
Three Six Mafia & Fiend - Bring Sally Up Remix.mp3
Thumbs.db
Tim McGraw - My Little Girl.mp3
Timbaland Feat. Justin Timberlake & Jay-Z-Laff At Em (Give It To Me Remix)-(RapGodFathers.com).mp3
Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil J.mp3
Timbaland Feat. Nelly Furtado & Justin Timberlake - Give It To Me Aetoms Remix ( best than original 2007 Strasbourg France French Hot Hit Rap Crunk Pop Sex Fergie Lil Jon).mp3
Timberland and One Republic - Apologize.mp3
todd terry - Keep On Jumping (DJ Scot Project Remix).mp3
Tom Jones - It's Not Unusual.mp3
Tom Jones - Sex Bomb.mp3
Tom Jones - She is Lady.mp3
Tower of Power - Soul With A Capital 'S'.mp3
Tower of Power - Soul with a Capital S.mp3
TQDefiler
TrendMicro
Trymedia
Tupac & Dr Dre - California love (1).mp3
Tupac & Dr.Dre - Ghetto Fabulous (Remix).mp3
Tupac & Scarface - Smile.mp3
Tupac - Shed so Many Tears.mp3
Tupac - Thug Passion.mp3
Tupac, Jodeci - Toss It Up.mp3
Ulead Systems
Uninstall Information
Ventrilo
VentSrv
VideoLAN
Viewer
Voicemail - Get Crazy.mp3
Voicemail - Shake that thing.mp3
Volare.mp3
War - Lowrider.mp3
Warcraft III
WC3Banlist
Winamp
Windows Live
Windows Live SkyDrive
Windows Media Components
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinPcap
WinRAR
Wizet
Wolfmother - Woman.mp3
World of Warcraft
World of Warcraft Installer
x-zibit- hey now.mp3
x264
xerox
xibit feat nate dogg - xzibit - multiply.mp3
Xzibit - Get Your Walk On.mp3
Xzibit - Paparazzi.mp3
Xzibit_-_Concentrate.mp3
Yahoo!
Ying Yang Twins - usa - ft. Pitbull - Shake 19.mp3
Young Jeezy ft Akon - Soul Survivor.mp3
============
Drive C:
============
$AVG8.VAULT$
9661a998e466ff936c9d95331dd383
AUTOEXEC.BAT
AV_LOGS
bd9551dcac57f9efe0645dbaf438
Boot.bak
boot.ini
Bootfont.bin
cmdcons
cmldr
CMLoader.log
ComboFix.txt
CONFIG.SYS
Documents and Settings
Downloads
EPSONREG
errlgr.txt
eula.1028.txt
eula.1031.txt
eula.1033.txt
eula.1036.txt
eula.1040.txt
eula.1041.txt
eula.1042.txt
eula.2052.txt
eula.3082.txt
Fraps
Games
globdata.ini
hiberfil.sys
Incomplete
install.ini
install.res.1028.dll
install.res.1031.dll
install.res.1033.dll
install.res.1036.dll
install.res.1040.dll
install.res.1041.dll
install.res.1042.dll
install.res.2052.dll
install.res.3082.dll
IO.SYS
kav
Kill'em
LevelCompilation.txt
List'em.txt
LogiSetup.log
Logs
MSDOS.SYS
MSIInstall.log
MSOCache
npigl.dll
npigl.xpt
ok bin tu me fais downloader plein daffaire dans mon ordi pi tout pi.. sa rien changer encore.. ya encore tout les pages de recherche qui sort a centaine.. c fatiguant la.. jpeux meme aps controler mon keyboeard.. i reste combien detape avant .. que sa larrete..
fais l option 2 de list_kill'em et poste le rapport
au passage je te signale que ton pc est plein de saletés
au passage je te signale que ton pc est plein de saletés
jen doute meme pas !! haha merci quand meme de maider ses grandement apprecier jte post sa dans 2 instant mais ya tu un moyen quon se chat plus vite que sa genre msn ou what ever.. c jsute pour laide au fond la
je n'ai rien d'installé comme messagerie instantanée sur ce pc et je prefere pas melanger CCM et MSN
Kill'em by g3n-h@ckm@n 1.2.5.0
User : karl (Administrateurs)
Update on 08/02/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 20:47:27 | 2010-02-09
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 111,78 Go (13,11 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\4E0.tmp\ERUNT.EXE
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\4E0.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Quarantined & Deleted !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Quarantined & Deleted !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
Quarantined & Deleted !! : C:\Program Files\DAEMON Tools Toolbar
Quarantined & Deleted !! : C:\Program Files\WinPCap
Quarantined & Deleted !! : C:\WINDOWS\002891_.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET3.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET4.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET8.tmp
Quarantined & Deleted !! : C:\WINDOWS\iun6002.exe
Quarantined & Deleted !! : C:\WINDOWS\mbr.exe
Quarantined & Deleted !! : C:\WINDOWS\newname.dat
Quarantined & Deleted !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Quarantined & Deleted !! : C:\WINDOWS\system32\drivers\npf.sys
Quarantined & Deleted !! : C:\WINDOWS\system32\Packet.dll
Quarantined & Deleted !! : C:\WINDOWS\system32\pthreadVC.dll
Quarantined & Deleted !! : C:\WINDOWS\System32\SET97.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SETB5.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SETC1.tmp
Quarantined & Deleted !! : C:\WINDOWS\system32\WanPacket.dll
Quarantined & Deleted !! : C:\WINDOWS\system32\wpcap.dll
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\application data\Cosmos Prefs
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Kiwee Toolbar
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\EAD1B.exe
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\IadHide4.dll
==============
host file OK !
==============
========
Registry
========
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Deleted : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Deleted : "HKLM\Software\Trymedia Systems"
Deleted : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Deleted : HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Deleted : HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Deleted : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Deleted : HKCR\KiweeIEToolbar.KiweeToolbar
Deleted : HKCR\KiweeIEToolbar.KiweeToolbar.1
Deleted : HKCR\KiweeIEToolbar.ToolbarInfo
Deleted : HKCR\KiweeIEToolbar.ToolbarInfo.1
Deleted : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Deleted : HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Deleted : HKCU\Software\AGI
Deleted : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Deleted : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet002\Services\npf
Deleted : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet003\Services\npf
Deleted : HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet004\Services\npf
========
Services
=========
Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
============
Disk Cleaned
============
=================
anti-ver blaster : OK !!
=================
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
User : karl (Administrateurs)
Update on 08/02/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 20:47:27 | 2010-02-09
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) D CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ (!) Disabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 111,78 Go (13,11 Go free) | NTFS
D:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat II\YzShadow\YzShadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\4E0.tmp\ERUNT.EXE
C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\temp\4E0.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Quarantined & Deleted !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Quarantined & Deleted !! : C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
Quarantined & Deleted !! : C:\Program Files\DAEMON Tools Toolbar
Quarantined & Deleted !! : C:\Program Files\WinPCap
Quarantined & Deleted !! : C:\WINDOWS\002891_.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET3.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET4.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET8.tmp
Quarantined & Deleted !! : C:\WINDOWS\iun6002.exe
Quarantined & Deleted !! : C:\WINDOWS\mbr.exe
Quarantined & Deleted !! : C:\WINDOWS\newname.dat
Quarantined & Deleted !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Quarantined & Deleted !! : C:\WINDOWS\system32\drivers\npf.sys
Quarantined & Deleted !! : C:\WINDOWS\system32\Packet.dll
Quarantined & Deleted !! : C:\WINDOWS\system32\pthreadVC.dll
Quarantined & Deleted !! : C:\WINDOWS\System32\SET97.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SETB5.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SETC1.tmp
Quarantined & Deleted !! : C:\WINDOWS\system32\WanPacket.dll
Quarantined & Deleted !! : C:\WINDOWS\system32\wpcap.dll
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\application data\Cosmos Prefs
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\Local Settings\Application Data\Kiwee Toolbar
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\EAD1B.exe
Quarantined & Deleted !! : C:\Documents and Settings\karl.AUCUNE-1D235B0F\LOCAL Settings\Temp\IadHide4.dll
==============
host file OK !
==============
========
Registry
========
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Deleted : HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Deleted : "HKLM\Software\Trymedia Systems"
Deleted : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
Deleted : HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
Deleted : HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
Deleted : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
Deleted : HKCR\KiweeIEToolbar.KiweeToolbar
Deleted : HKCR\KiweeIEToolbar.KiweeToolbar.1
Deleted : HKCR\KiweeIEToolbar.ToolbarInfo
Deleted : HKCR\KiweeIEToolbar.ToolbarInfo.1
Deleted : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
Deleted : HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
Deleted : HKCU\Software\AGI
Deleted : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Deleted : HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet002\Services\npf
Deleted : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet003\Services\npf
Deleted : HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_NPF
Deleted : HKLM\SYSTEM\ControlSet004\Services\npf
========
Services
=========
Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
============
Disk Cleaned
============
=================
anti-ver blaster : OK !!
=================
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Malwarebytes' Anti-Malware 1.44
Database version: 3717
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-02-09 22:04:57
mbam-log-2010-02-09 (22-04-57).txt
Scan type: Quick Scan
Objects scanned: 145916
Time elapsed: 6 minute(s), 27 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Database version: 3717
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-02-09 22:04:57
mbam-log-2010-02-09 (22-04-57).txt
Scan type: Quick Scan
Objects scanned: 145916
Time elapsed: 6 minute(s), 27 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
sa continue encore decire plein daffaire pi davoir d problem avec mon keyboard faut tu que jrestart ?? ou ya encore dautre affaire a faire avant
jai grandement besoin daide sa en devien vraiment fatiguant et avec tout ce que jai dans mon ordi sa me tente pas vraiment d ereformater le tout surtout queje nai aucun porblem pour le faire et je ne sais acunement comment alors je crois surment quia un moment de faire disparraitre cette conerie de mon ordi merci encore
1. Mon clavier arrete de fonctionner et sa lecrit plein de asdasdadsadfadasdadasdadasdasdasdasd sans arrete pendant un certain temps
2. si je suis dans un jeux my fenetre redenscent toujours ses vraiment fatiguant
3. plein de page de recherche windows sort quand je pese pour en fermer une plein dautre arrete pas dapparaitre sa peux aller jusqua 70 comme il vaut .
voila en gros ske sa me fais tres tres souvent et je nai presque pas le controle de mon ordi ses apeine si jpeux faire dekoi dessus miantenant .. avec tout les scan pi tout sa rien changer dutout ! je sais vraiment pas ses quoi jai dans mon ordi mais c vriament dla grosse marde hahah
2. si je suis dans un jeux my fenetre redenscent toujours ses vraiment fatiguant
3. plein de page de recherche windows sort quand je pese pour en fermer une plein dautre arrete pas dapparaitre sa peux aller jusqua 70 comme il vaut .
voila en gros ske sa me fais tres tres souvent et je nai presque pas le controle de mon ordi ses apeine si jpeux faire dekoi dessus miantenant .. avec tout les scan pi tout sa rien changer dutout ! je sais vraiment pas ses quoi jai dans mon ordi mais c vriament dla grosse marde hahah
