Aide Hack clé registre !

Question

Bonjour, bonsoir ... 
J'ai besoin de vous , 
J'ai recemment eu une grosse dispute avec uen personne ... qui s'est permis de ramener des amis dans la conversation ... Bref vous voyez de quoi je parle , ca arrive meme en RL ... --' 
Je me defend des insultes , mes parents en ont prit pour leurs grades etc ... ( Bref je suis resté calme et je les ais remit a leurs places ! ) 
Et un moment , il me ramene un "pseudo Hackeur" la a mon avis vous me comprennez ... Les VRAI hackeurs ne s'occupes pas de simples disputes 
Il me sort toute ses menaces de hacks ... qui au passages m'ont bien fait rire ! je vous l'accorde !
exemple ( attention je vais essayer d'imiter a la perfection ecriture comprise ) : 
Wesh , J V te hacker avc tn adress IP di adiE a ton PC F*** ** **** ... 
2 toute facon regarde avc mn Iphone je te Hack T pret ? 

Ma reponse : 
Vas y eclate toi , 
Moi hier avec ma calculette j'ai detourné la banque de france et j'me suis payé un happy meal au mac drive 

revenons au sujet ... 
Mais un moment ... J'admet qu'il m'a mit un coup de pression !
Il m'a sortit ... ( et la j'ai besoin de vous pour m'expliquer ! ) toute mes propriétés windows : 
===========================
IP : xx.xxx.xxx.xxx ... ( ca je sais l'avoir par MSN c'est pas compliqué ) 
Clé activation de windows : 6546-SDFL-3543354-354411 ( j'ai mit n'importe quoi ^^ ) 
et encore quelques lignes ... 
===========================
La j'admet que ca m'a mit une claque ! 
Je sais pas du tout comment il l'a eu ? vous pouvez m'expliquer ? 
Et que peut il faire avec ca ? 
comment me proteger ? si ce n'est une bonne claque =) :/ 
Bref , merci d'avance ... 
Bax

nono30820 · Answer

si tu a msn plus tu est dans la grave merde!il a du t envoyer un script quand vous etier encore pote et la il a raison il peux tout te niquer sur ton ordi!supprime cette personne de ton msn et desinstalle msn plus et grouille il peux tout te niker

Bax · Answer

Salut salut , 
Merci deja pour votre reponse
Nono , C'est bizzard parce que j'ai jamais rien accépté de lui ... 
Et quand a Guillaume merci , je vais le faire de suite :)

Bax · Answer

PARTIE 1 du Log.text :

Logfile of random's system information tool 1.06 (written by random/random)
Run by renaud at 2010-02-21 18:24:42
Microsoft® Windows Vista™ Édition Familiale Premium  
System drive C: has 26 GB (11%) free of 230 GB
Total RAM: 3062 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:24:47, on 21/02/2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\explorer.exe
C:\Windows\System32undll32.exe
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\Spleak\SpleakLoader.exe
C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe
C:\Program Files\Transcode360\Transcode360Tray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\System32undll32.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Winwall\Winwall.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wermgr.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Emerald Viewer\Emerald.exe
C:\Program Files\Emerald Viewer\SLVoice.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Usersenaud\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThisenaud.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gearheadgarage.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.altavista.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gearheadgarage.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gearheadgarage.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Users\Mcx1\ejeijtk.exe \s
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe"
O4 - HKLM\..\Run: [SpleakPlugin] "C:\Program Files\Spleak\SpleakLoader.exe"
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\fccyvSIA.dll,#1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Five chic data part] "C:\ProgramData\BLAH MORE SOAP.sczkb1y"
O4 - HKLM\..\Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe"
O4 - HKLM\..\Run: [Getting started with MacDrive 8] "C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe" /auto
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [3DNADesktop] "C:\Program Files\3DNA\Resources\3dnasys.exe" -open
O4 - HKLM\..\Run: [Curbupload] "C:\ProgramData\Findcoalcoal.zxhcgy0"
O4 - HKLM\..\Run: [soft soap corn funk] "C:\ProgramDataeal lies ref.b2mnxda"
O4 - HKLM\..\Run: [Transcode360] C:\Program Files\Transcode360\Transcode360Tray.exe
O4 - HKLM\..\Run: [p58jjcmuev4a] C:\Windows\system32\p58jjcluevka.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [fjauev] C:\Windows\system32\fjauev.exe \u
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Usersenaud\AppData\Local\Temp\jkkHXOfc.dll,c
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Tick Error Real.90oa4a"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Usersenaud\AppData\Local\Temp\qoMghgFX.dll,#1
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Desktop Defender 2010; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.ezupa.com/simwork/simwork.html"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: BumpTop.lnk = C:\Program Files\BumpTop\BumpTop.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Winwall Autostart.lnk = C:\Program Files\Winwall\Winwall.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.coolmb.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.coolmb.com (file missing)
O13 - Gopher Prefix: 
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_0_6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: kZfSfX - {A01B2FA1-0AB1-850B-5E02-541299A39AA2} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: lxdx_device -   - C:\Windows\system32\lxdxcoms.exe
O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

Bax · Answer

PARTIE 2 Du log :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
kZfSfX - {A01B2FA1-0AB1-850B-5E02-541299A39AA2}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360b05d7-7447-11de-b702-00030d000001}]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{720a911f-34a9-11de-beba-00030d000001}]
shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd93fe39-f521-11dc-bb87-00030d000001}]
shell\AutoRun\command - H:\launcher.exe


======List of files/folders created in the last 2 months======

2010-02-19 23:39:01 ----D---- C:\ProgramData\Sun
2010-02-19 23:38:11 ----A---- C:\Windows\system32\javaws.exe
2010-02-19 23:38:11 ----A---- C:\Windows\system32\javaw.exe
2010-02-19 23:38:11 ----A---- C:\Windows\system32\java.exe
2010-02-19 23:38:11 ----A---- C:\Windows\system32\deploytk.dll
2010-02-16 01:47:12 ----D---- C:\Usersenaud\AppData\Roaming\FuckinLife
2010-02-15 00:00:18 ----D---- C:\Program Files\RegCleaner
2010-02-13 22:04:05 ----D---- C:\Program Files\18 Wheels of Steel Haulin
2010-02-13 21:08:36 ----D---- C:\Program Files\Farming-Simulator 2009
2010-02-13 20:26:43 ----D---- C:\Program Files\Euro Truck Simulator
2010-02-13 19:56:44 ----D---- C:\Program Files\Microsoft XNA
2010-02-13 19:53:19 ----D---- C:\Program Files\Puddle
2010-02-13 17:25:30 ----HD---- C:\Windows\msdownld.tmp
2010-02-13 17:25:13 ----A---- C:\Windows\Active Setup Log.txt
2010-02-13 17:25:08 ----D---- C:\Program Files\HeadGames
2010-02-11 17:44:31 ----D---- C:\Program Files\Eidos
2010-02-10 12:31:57 ----SHD---- C:\found.003
2010-02-09 02:07:58 ----D---- C:\Program Files\Eidos Interactive
2010-02-06 00:18:31 ----D---- C:\Microsoft
2010-02-06 00:16:25 ----RA---- C:\Windows\system32\vorbisfile.dll
2010-02-06 00:16:25 ----RA---- C:\Windows\system32\vorbis.dll
2010-02-06 00:16:25 ----RA---- C:\Windows\system32\ogg.dll
2010-02-05 22:54:59 ----D---- C:\Program Files\Empire Interactive
2010-02-04 03:45:51 ----D---- C:\Usersenaud\AppData\Roaming\Tropico 3
2010-02-04 03:45:40 ----D---- C:\Program Files\Kalypso
2010-02-04 03:42:14 ----D---- C:\Program Files\MagicDisc
2010-01-19 22:47:57 ----D---- C:\Program Files\YouTUBE (TM) movie downloader
2010-01-15 18:08:32 ----D---- C:\Program Files\Voyage Century Online
2010-01-15 01:30:00 ----D---- C:\Usersenaud\AppData\Roaming\Football Superstars
2010-01-14 23:15:55 ----D---- C:\FSDownloader
2010-01-14 01:35:24 ----D---- C:\Program Files\Dofus
2010-01-11 23:50:46 ----A---- C:\Windows\system32\181026.exe
2010-01-11 23:49:09 ----A---- C:\Windows\system32\fjauev.exe
2010-01-08 22:41:30 ----A---- C:\Windows\WORDPAD.INI
2010-01-07 16:50:20 ----A---- C:\Windows\ago.INI
2010-01-07 16:49:41 ----D---- C:\Program Files\Advanced GIF Optimizer
2010-01-07 16:38:35 ----A---- C:\Windows\PROTOCOL.INI
2010-01-07 16:38:21 ----D---- C:\Program Files\Pedagoguery Software
2010-01-07 16:37:52 ----A---- C:\Windows\uninst.exe
2009-12-31 03:13:02 ----D---- C:\Program Files	rend micro
2009-12-31 03:13:01 ----D---- C:sit
2009-12-31 03:03:49 ----D---- C:\Program Files\Common Files\PC Tools
2009-12-31 03:03:48 ----D---- C:\Usersenaud\AppData\Roaming\PC Tools
2009-12-31 03:03:48 ----D---- C:\ProgramData\PC Tools
2009-12-31 03:03:48 ----D---- C:\Program Files\Spyware Doctor
2009-12-31 03:00:53 ----D---- C:\Program Files\Enigma Software Group
2009-12-28 13:14:11 ----D---- C:\Program Files\CCleaner
2009-12-28 04:07:47 ----A---- C:\Windows\iun6002.exe
2009-12-28 04:07:45 ----D---- C:\Program Files\West Point Bridge Designer 2007
2009-12-27 23:02:44 ----D---- C:\Program Files\Emerald Viewer
2009-12-26 14:47:43 ----D---- C:\Usersenaud\AppData\Roaming\Queue Manager
2009-12-26 03:13:20 ----A---- C:\Windows\system32\aswBoot.exe
2009-12-26 02:40:12 ----A---- C:\Windows\system32\p58jjcluevka.exe
2009-12-26 02:40:01 ----D---- C:\Program Files\Desktop Defender 2010
2009-12-26 02:38:41 ----A---- C:\Windows\system32\lp58jjcquev4c.exe
2009-12-26 02:35:07 ----D---- C:\Usersenaud\AppData\Roaming\Poser Pro
2009-12-26 02:31:23 ----D---- C:\Program Files\Smith Micro
2009-12-25 01:53:02 ----D---- C:\Program Files\Carwash Tycoon
2009-12-25 00:22:12 ----D---- C:\Usersenaud\AppData\Roaming\Mount&Blade Warband
2009-12-25 00:18:23 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-12-25 00:17:15 ----D---- C:\Program Files\Mount&Blade Warband

======List of files/folders modified in the last 2 months======

2010-02-21 18:22:04 ----D---- C:\Windows\Prefetch
2010-02-21 17:52:15 ----D---- C:\Windows\Temp
2010-02-21 17:42:25 ----D---- C:\Program Files\Mozilla Firefox
2010-02-21 17:40:37 ----AD---- C:\ProgramData\TEMP
2010-02-21 17:40:14 ----D---- C:\Program Files\Steam
2010-02-21 17:40:05 ----D---- C:\Program Files\Transcode360
2010-02-21 17:39:15 ----D---- C:\Windows
2010-02-20 17:40:32 ----D---- C:\Usersenaud\AppData\Roaming\SecondLife
2010-02-19 23:39:01 ----SHD---- C:\Windows\Installer
2010-02-19 23:39:01 ----D---- C:\ProgramData
2010-02-19 23:38:51 ----SHD---- C:\Config.Msi
2010-02-19 23:38:49 ----D---- C:\Program Files\Common Files\Java
2010-02-19 23:38:11 ----AD---- C:\Windows\System32
2010-02-19 23:37:54 ----D---- C:\Program Files\Java
2010-02-19 23:37:40 ----SHD---- C:\System Volume Information
2010-02-18 20:43:30 ----D---- C:\Usersenaud\AppData\Roaming\uTorrent
2010-02-16 23:54:50 ----RD---- C:\Program Files
2010-02-15 23:51:28 ----D---- C:\Program Files\uTorrent
2010-02-14 02:34:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-14 01:48:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-14 01:48:25 ----D---- C:\Windows\inf
2010-02-13 19:57:30 ----RSD---- C:\Windows\assembly
2010-02-13 19:56:45 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-13 17:25:30 ----D---- C:\Program Files\Internet Explorer
2010-02-13 17:25:26 ----D---- C:\Windows\Cursors
2010-02-12 23:05:31 ----D---- C:\Program Files\SecondLife
2010-02-11 17:16:29 ----D---- C:\Usersenaud\AppData\Roaming\U3
2010-02-11 13:51:50 ----D---- C:\Program Files\Kudos 2 Demo
2010-02-05 12:11:40 ----D---- C:	mp
2010-02-04 04:04:23 ----RD---- C:\Users
2010-02-04 03:42:14 ----D---- C:\Windows\system32\drivers
2010-02-02 14:12:57 ----D---- C:\Windows\system32\catroot2
2010-01-29 15:34:18 ----D---- C:\Windows\Minidump
2010-01-28 11:41:27 ----D---- C:\ProgramData\Electronic Arts
2010-01-27 17:07:57 ----D---- C:\Program Files\Electronic Arts
2010-01-27 14:35:39 ----D---- C:\Program Files\Warcraft III
2010-01-27 04:10:04 ----D---- C:\Usersenaud\AppData\Roaming\Mount&Blade
2010-01-25 23:59:41 ----D---- C:\Program Files\Teamspeak2_RC2
2010-01-25 22:50:23 ----D---- C:\Usersenaud\AppData\Roaming	eamspeak2
2010-01-24 01:06:06 ----D---- C:\Usersenaud\AppData\Roaming\dvdcss
2010-01-21 21:34:20 ----D---- C:\Program Files\Common Files
2010-01-17 01:14:11 ----D---- C:\ProgramData\CyberLink
2010-01-17 01:11:31 ----D---- C:\Program Files\CyberLink
2010-01-14 19:15:31 ----SD---- C:\Windows\Downloaded Program Files
2010-01-11 02:04:53 ----D---- C:\Program Files\NFSU 2
2010-01-11 00:35:58 ----SHD---- C:\found.002
2010-01-11 00:35:58 ----SHD---- C:\found.001
2010-01-11 00:35:58 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-01-11 00:27:09 ----D---- C:\Windows\system32\Tasks
2010-01-08 20:31:49 ----D---- C:\Usersenaud\AppData\Roaming\gtk-2.0
2009-12-30 18:07:58 ----D---- C:\Usersenaud\AppData\Roaming\vlc
2009-12-28 17:20:25 ----D---- C:\Windows\Debug
2009-12-26 13:56:38 ----D---- C:\ProgramData\Meta Knob Soft Soap
2009-12-26 04:06:34 ----D---- C:\ProgramData\dvddash
2009-12-26 04:06:26 ----D---- C:\Program Files\ZwangiSearch
2009-12-26 03:26:24 ----D---- C:\Program Files\DAEMON Tools SearchBar
2009-12-26 03:23:00 ----D---- C:\Program Files\Circle Dvelopement
2009-12-23 02:17:10 ----D---- C:\Program Files\Rockstar Games
2009-12-22 19:26:21 ----D---- C:\Program Files\Mount&Blade
2009-12-22 19:17:16 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-01-26 52224]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-07-16 278728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-07-16 25416]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERSimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERSimsptsk.sys [2007-01-23 42496]
R3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2006-11-02 93184]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-09-14 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-01-15 23848]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-07-12 163328]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-30 2219520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS
vlddmkm.sys [2007-09-19 7626400]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2006-11-02 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-03-11 82432]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-23 285184]
S1 gxflxapa;gxflxapa; \??\C:\Windows\system32\drivers\gxflxapa.sys []
S3 a4lr58r3;a4lr58r3; C:\Windows\system32\drivers\a4lr58r3.sys []
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2006-11-02 93184]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-04-23 36496]
S3 catchme;catchme; \??\C:\Usersenaud\AppData\Local\Temp\catchme.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-12-11 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-06-12 35216]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-06-12 36496]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 7168]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2006-11-02 514560]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2007-07-26 121360]
R2 lxdx_device;lxdx_device; C:\Windows\system32\lxdxcoms.exe [2008-02-28 594600]
R2 MacDrive8Service;MacDrive 8 service; C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2009-09-23 150528]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-03-19 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-03-19 103736]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-03-06 266343]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-08-24 185640]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2006-03-10 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-11 238960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-26 52080]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-10-26 316664]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []

-----------------EOF-----------------


Par  contre je n'ai pas eu de deuxieme page d'ouverte avec info.txt :s 
Merci pour ton aide :)

Aide Hack clé registre !

4 réponses

Discussions similaires

Newsletters