Sujet Précédent Sujet Suivant

Security tool, comment le supprimer

Fermé
marlo - 1 oct. 2010 à 20:31
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 - 1 oct. 2010 à 23:36
Bonjour,

Après avoir lu les différents messages pour supprimer sécurity tool, j'ai fais les différentes démarches mais sécurity tool est tjrs présent !!!

Voici le rapport d'erreur :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

01/10/2010 20:19:29
mbam-log-2010-10-01 (20-19-29).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 208561
Temps écoulé: 1 heure(s), 18 minute(s), 45 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\nom\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.


Merci à vous de votre aide

A voir également:

10 réponses

Réponse 1 / 10
marlo
1 oct. 2010 à 23:29
c'est bon ça a fonctionné, je n'ai plus rien
merci
1
Réponse 2 / 10
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 20:33
Salut :


DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est détecte a tort comme infection)

Télécharge ici :List_Kill'em de gen-hackman

http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe

et enregistre le sur ton bureau

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "exécuter en tant que...."

sur le raccourci sur ton bureau pour lancer l'installation

Laisse coché :

Exécuter List_Kill'em

une fois terminée , clic sur "terminer" et le programme se lancera seul

Il commencera par télécharger et installer ses mises à jour , puis te donnera son menu

choisis l'option Search

laisse travailler l'outil

il se peut qu'une boite de dialogue s'ouvre , dans ce cas clique sur "OK" ou "Agrée"

à l'apparition de la fenêtre blanche , c'est un peu long , c'est normal ,c'est une recherche supplémentaire de fichiers cachés , le programme n'est pas bloqué.

Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'écran "COMPLETED"
0
Réponse 3 / 10
marlo
1 oct. 2010 à 21:19
¤¤¤¤¤¤¤¤¤¤ List'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

User : nom (Administrateurs)
Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
Start at: 20:45:34 | 01/10/2010

AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 58,59 Go (8,6 Go free) | NTFS
D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible

Boot: Safeboot

¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer


C:\windows\System32\smss.exe ---- 400 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ----
C:\windows\system32\csrss.exe ---- 3252 Ko ---- Normal ---- C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\windows\system32\winlogon.exe ---- 2324 Ko ---- High ---- winlogon.exe ----
C:\windows\system32\services.exe ---- 3372 Ko ---- Normal ---- C:\windows\system32\services.exe ----
C:\windows\system32\lsass.exe ---- 5672 Ko ---- Normal ---- C:\windows\system32\lsass.exe ----
C:\windows\system32\svchost.exe ---- 4868 Ko ---- Normal ---- C:\windows\system32\svchost -k DcomLaunch ----
C:\windows\system32\svchost.exe ---- 4144 Ko ---- Normal ---- C:\windows\system32\svchost -k rpcss ----
C:\windows\system32\svchost.exe ---- 13732 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k netsvcs ----
C:\windows\system32\svchost.exe ---- 3476 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k NetworkService ----
C:\windows\system32\svchost.exe ---- 2980 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k LocalService ----
C:\windows\Explorer.EXE ---- 21184 Ko ---- Normal ---- C:\windows\Explorer.EXE ----
C:\windows\system32\cmd.exe ---- 2812 Ko ---- Normal ---- C:\windows\system32\cmd.exe /K List'em.bat ----
C:\WINDOWS\system32\wbem\wmiprvse.exe ---- 6724 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiprvse.exe ----
C:\Program Files\List_Kill'em\pv.exe ---- 2276 Ko ---- Normal ---- pv -o"%f ---- %m Ko ---- %p ---- %l ---- %s" ----


¤¤¤¤¤¤¤¤¤¤ Keys "Run" ¤¤¤¤¤¤¤¤¤¤

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
SuperCopier2.exe = C:\Program Files\SuperCopier2\SuperCopier2.exe
ctfmon.exe = C:\windows\system32\ctfmon.exe
swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
TomTomHOME.exe = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
RTHDCPL = RTHDCPL.EXE
SkyTel = SkyTel.EXE
Alcmtr = ALCMTR.EXE
NeroFilterCheck = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
NvMediaCenter = RunDLL32.exe NvMCTray.dll,NvTaskbarInit
LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
UVS10 Preload = C:\Documents and Settings\nom\Mes documents\uvPL.exe
SunJavaUpdateSched = "C:\Program Files\Java\jre6\bin\jusched.exe"
HPDJ Taskbar Utility = C:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
HPHUPD06 = C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
HP Software Update = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
HP Component Manager = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
HPHmon06 = C:\windows\system32\hphmon06.exe
SsAAD.exe = C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
avast5 = C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

¤¤¤¤¤¤¤¤¤¤ Other System Keys ¤¤¤¤¤¤¤¤¤¤

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun = 145 (0x91)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting = 1 (0x1)
NoCDBurning = 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS =

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = Explorer.exe
Userinit = C:\WINDOWS\system32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\5c5d4155909]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} =
{56F9679E-7826-4C84-81F3-532071A8BCC5} =

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Messenger\msmsgs.exe = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\LimeWire\LimeWire.exe = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
C:\Program Files\eMule\emule.exe = C:\Program Files\eMule\emule.exe:*:Disabled:eMule
C:\WINDOWS\system32\PnkBstrA.exe = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
C:\WINDOWS\system32\PnkBstrB.exe = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
C:\Program Files\Real\RealPlayer\realplay.exe = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer
C:\Program Files\Windows Live\Messenger\wlcsdk.exe = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
C:\Program Files\Windows Live\Messenger\msnmsgr.exe = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Documents and Settings\All Users\Application Data\15fd6b2\MySecurityEngine.exe = C:\Documents and Settings\All Users\Application Data\15fd6b2\MySecurityEngine.exe:*:Enabled:My Security Engine
C:\windows\explorer.exe = C:\windows\explorer.exe:*:Enabled:Windows Shell
C:\Documents and Settings\All Users\Application Data\15fd6b2\MS15fd.exe = C:\Documents and Settings\All Users\Application Data\15fd6b2\MS15fd.exe:*:Enabled:My Security Engine

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\windows\explorer.exe = C:\windows\explorer.exe:*:Enabled:Windows Shell

¤¤¤¤¤¤¤¤¤¤ ActivX | COM ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6414512B-B978-451D-A0D8-FCFDF33E833C}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A3320D6-C805-4280-B423-B665BDE33D8F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3F7924B9-D148-3141-87B1-68F36043A940}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72AD53CC-CCC0-3757-8480-9EE176866A7C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}]

¤¤¤¤¤¤¤¤¤¤ BHO ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

¤¤¤¤¤¤¤¤¤¤ DNS ¤¤¤¤¤¤¤¤¤¤

Description: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240


¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr/?ocid=iehp
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://fr.yahoo.com/
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = https://www.google.com/?gws_rd=ssl

¤¤¤¤¤ Proxy Internet Explorer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyEnable = 0 (0x0)


¤¤¤¤¤¤¤¤¤¤ Proxy Firefox ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ TaskCache ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ IFEO ¤¤¤¤¤¤¤¤¤¤

[Debugger = svchost.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apitrap.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Arrakis3.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ASSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdagent.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdreinit.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdsubwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdtkexec.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdwizreg.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cleanup.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cqw32.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divxdec.ax]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DJSMAR00.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRMINST.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\egui.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ekrn.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\enc98.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncodeDivXExt.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncryptPatchVer.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\front.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fullsoft.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GBROWSER.DLL]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmarq.ocx]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmm.ocx]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ishscan.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ISSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\javai.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm_g.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\livesrv.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\main123w.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mngreg32.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msci_uno.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscoree.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorsvr.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorwks.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msjava.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mso.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVOPTRF.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NeVideoFX.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NPMLIC.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NSWSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\photohse.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PMSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppw32hlp.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\printhse.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prwin8.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ps80.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\psdmt.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qfinder.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qpw.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\salwrap.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\seccenter.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup32.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sevinst.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symlcnet.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tcore_ebook.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TFDTCTT8.DLL]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ua80.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\udtapi.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\uiscan.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ums.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\upgrepl.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vb40032.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbe6.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsserv.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wpwin8.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xlmlEN.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xwsetup.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Your Image File Name Here without a path]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_INSTPGM.EXE]

¤¤¤¤¤¤¤¤¤¤ File Protection ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]

¤¤¤¤¤¤¤¤¤¤ Safemode ¤¤¤¤¤¤¤¤¤¤

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!

¤¤¤¤¤¤¤¤¤¤ Atapi.sys ¤¤¤¤¤¤¤¤¤¤

[MD5.cdfe4411a69c224bd1d11b2da92dac51] - C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\drivers\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys

¤¤¤¤¤ Reference

Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP1_32b : 95b858761a00e1d4f81f79a0da019aca
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 338c86357871c167a96ab976519bf59e
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C

¤¤¤¤¤¤¤¤¤¤ Explorer ¤¤¤¤¤¤¤¤¤¤

[MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\explorer.exe
[MD5.2a7bd330924252a2fd80344fc949bb72] - C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\ServicePackFiles\i386\explorer.exe

¤¤¤¤¤¤¤¤¤¤ Winlogon ¤¤¤¤¤¤¤¤¤¤

[MD5.123eea158f74d0f67a51dcdf065d1091] - C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\system32\winlogon.exe

¤¤¤¤¤¤¤¤¤¤ Drive ¤¤¤¤¤¤¤¤¤¤

D'fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
58,59 Go total, 8,60 Go libre (14%), 34% fragment' (fragmentation du fichier 67%)

Vous devriez d'fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Mountpoints2 ¤¤¤¤¤¤¤¤¤¤

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun
Extended =
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun\command
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun\command
@ = WDSetup.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun
@ = &Exécution automatique
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun\command
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun\command
@ = F:\LaunchU3.exe -a

¤¤¤¤¤¤¤¤¤¤ First Scan ¤¤¤¤¤¤¤¤¤¤

c:\documents and settings\nom\application data\lg electronics\3g mobilesync 2.0\ems\config.ini:
Verified: Unsigned
File date: 21:14 06/01/2006
Publisher: n/a
Description: n/a
Product: n/a
Version: n/a
File version: n/a


¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

[5c5d4155 = ]
[HKEY_CURRENT_USER\software\2015]
[HKEY_CURRENT_USER\software\3]
[HKEY_CURRENT_USER\software\AC3filter]
[HKEY_CURRENT_USER\software\Ad-Remover]
[HKEY_CURRENT_USER\software\Adobe]
[HKEY_CURRENT_USER\software\Ahead]
[HKEY_CURRENT_USER\software\ALWIL Software]
[HKEY_CURRENT_USER\software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\software\ArcSoft]
[HKEY_CURRENT_USER\software\ASUS]
[HKEY_CURRENT_USER\software\Canon]
[HKEY_CURRENT_USER\software\CDDB]
[HKEY_CURRENT_USER\software\Citrix]
[HKEY_CURRENT_USER\software\Clients]
[HKEY_CURRENT_USER\software\Corel]
[HKEY_CURRENT_USER\software\CoreVorbis]
[HKEY_CURRENT_USER\software\Cyberlink]
[HKEY_CURRENT_USER\software\DivXNetworks]
[HKEY_CURRENT_USER\software\DSP-worx]
[HKEY_CURRENT_USER\software\DVD Shrink]
[HKEY_CURRENT_USER\software\eMule]
[HKEY_CURRENT_USER\software\Fluendo]
[HKEY_CURRENT_USER\software\FRANCE TELECOM]
[HKEY_CURRENT_USER\software\Freeplayer]
[HKEY_CURRENT_USER\software\Gabest]
[HKEY_CURRENT_USER\software\GameSpy]
[HKEY_CURRENT_USER\software\GNU]
[HKEY_CURRENT_USER\software\Google]
[HKEY_CURRENT_USER\software\GSpot Appliance Corp]
[HKEY_CURRENT_USER\software\Haali]
[HKEY_CURRENT_USER\software\HaaliMkx]
[HKEY_CURRENT_USER\software\Hewlett-Packard]
[HKEY_CURRENT_USER\software\IM Providers]
[HKEY_CURRENT_USER\software\Intel]
[HKEY_CURRENT_USER\software\IZSoftware]
[HKEY_CURRENT_USER\software\JavaSoft]
[HKEY_CURRENT_USER\software\Kodak]
[HKEY_CURRENT_USER\software\Labtec]
[HKEY_CURRENT_USER\software\Lavalys]
[HKEY_CURRENT_USER\software\LG Electronics Inc]
[HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]
[HKEY_CURRENT_USER\software\Logitech]
[HKEY_CURRENT_USER\software\LowRegistry]
[HKEY_CURRENT_USER\software\Macromedia]
[HKEY_CURRENT_USER\software\Magnet]
[HKEY_CURRENT_USER\software\MainConcept]
[HKEY_CURRENT_USER\software\Malwarebytes' Anti-Malware]
[HKEY_CURRENT_USER\software\MediaInfo]
[HKEY_CURRENT_USER\software\Microsoft]
[HKEY_CURRENT_USER\software\Moovida]
[HKEY_CURRENT_USER\software\Nero]
[HKEY_CURRENT_USER\software\Netscape]
[HKEY_CURRENT_USER\software\NVIDIA Corporation]
[HKEY_CURRENT_USER\software\ODBC]
[HKEY_CURRENT_USER\software\Opendisc]
[HKEY_CURRENT_USER\software\OpenOffice.org]
[HKEY_CURRENT_USER\software\ORL]
[HKEY_CURRENT_USER\software\Piriform]
[HKEY_CURRENT_USER\software\Policies]
[HKEY_CURRENT_USER\software\RealNetworks]
[HKEY_CURRENT_USER\software\Realtek]
[HKEY_CURRENT_USER\software\Safer Networking Limited]
[HKEY_CURRENT_USER\software\ScanSoft]
[HKEY_CURRENT_USER\software\SecuROM]
[HKEY_CURRENT_USER\software\SFX TEAM]
[HKEY_CURRENT_USER\software\Sony Corporation]
[HKEY_CURRENT_USER\software\Sysinternals]
[HKEY_CURRENT_USER\software\TomTom]
[HKEY_CURRENT_USER\software\Trolltech]
[HKEY_CURRENT_USER\software\Ulead]
[HKEY_CURRENT_USER\software\Ulead Systems]
[HKEY_CURRENT_USER\software\VB and VBA Program Settings]
[HKEY_CURRENT_USER\software\VirginMega]
[HKEY_CURRENT_USER\software\Windows Live]
[HKEY_CURRENT_USER\software\Windows Live Writer]
[HKEY_CURRENT_USER\software\WinRAR]
[HKEY_CURRENT_USER\software\WinRAR SFX]
[HKEY_CURRENT_USER\software\Xmxeieuutg]
[HKEY_CURRENT_USER\software\Yahoo]
[HKEY_CURRENT_USER\software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\software\Classes]

[HKEY_LOCAL_MACHINE\software\781]
[HKEY_LOCAL_MACHINE\software\8ec]
[HKEY_LOCAL_MACHINE\software\Activision]
[HKEY_LOCAL_MACHINE\software\Adobe]
[HKEY_LOCAL_MACHINE\software\ahead]
[HKEY_LOCAL_MACHINE\software\ALWIL Software]
[HKEY_LOCAL_MACHINE\software\aMule]
[HKEY_LOCAL_MACHINE\software\AppDataLow]
[HKEY_LOCAL_MACHINE\software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\software\ASUS]
[HKEY_LOCAL_MACHINE\software\Attansic]
[HKEY_LOCAL_MACHINE\software\Audible]
[HKEY_LOCAL_MACHINE\software\Aureal]
[HKEY_LOCAL_MACHINE\software\BrowserChoice]
[HKEY_LOCAL_MACHINE\software\C07ft5Y]
[HKEY_LOCAL_MACHINE\software\Canon]
[HKEY_LOCAL_MACHINE\software\Canopus]
[HKEY_LOCAL_MACHINE\software\CCleaner]
[HKEY_LOCAL_MACHINE\software\CDDB]
[HKEY_LOCAL_MACHINE\software\Cisco Systems]
[HKEY_LOCAL_MACHINE\software\Citrix]
[HKEY_LOCAL_MACHINE\software\Classes]
[HKEY_LOCAL_MACHINE\software\Clients]
[HKEY_LOCAL_MACHINE\software\Codec Tweak Tool]
[HKEY_LOCAL_MACHINE\software\Codemasters]
[HKEY_LOCAL_MACHINE\software\Crytek]
[HKEY_LOCAL_MACHINE\software\Cyberlink]
[HKEY_LOCAL_MACHINE\software\Debug]
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks]
[HKEY_LOCAL_MACHINE\software\DivXNetworks]
[HKEY_LOCAL_MACHINE\software\Electronic Arts]
[HKEY_LOCAL_MACHINE\software\Gabest]
[HKEY_LOCAL_MACHINE\software\Gemplus]
[HKEY_LOCAL_MACHINE\software\GNU]
[HKEY_LOCAL_MACHINE\software\Google]
[HKEY_LOCAL_MACHINE\software\HaaliMkx]
[HKEY_LOCAL_MACHINE\software\Hewlett-Packard]
[HKEY_LOCAL_MACHINE\software\HP]
[HKEY_LOCAL_MACHINE\software\ICE]
[HKEY_LOCAL_MACHINE\software\InstallShield]
[HKEY_LOCAL_MACHINE\software\Intel]
[HKEY_LOCAL_MACHINE\software\InterVideo]
[HKEY_LOCAL_MACHINE\software\JavaSoft]
[HKEY_LOCAL_MACHINE\software\KLCodecPack]
[HKEY_LOCAL_MACHINE\software\Kodak]
[HKEY_LOCAL_MACHINE\software\KONICA MINOLTA PHOTO IMAGING, INC.]
[HKEY_LOCAL_MACHINE\software\lameme]
[HKEY_LOCAL_MACHINE\software\LEAD Technologies, Inc.]
[HKEY_LOCAL_MACHINE\software\LG Electronics]
[HKEY_LOCAL_MACHINE\software\LimeWire]
[HKEY_LOCAL_MACHINE\software\Logitech]
[HKEY_LOCAL_MACHINE\software\Macromedia]
[HKEY_LOCAL_MACHINE\software\Macrovision]
[HKEY_LOCAL_MACHINE\software\Malwarebytes' Anti-Malware]
[HKEY_LOCAL_MACHINE\software\Microsoft]
[HKEY_LOCAL_MACHINE\software\Mindscape]
[HKEY_LOCAL_MACHINE\software\MINOLTA]
[HKEY_LOCAL_MACHINE\software\Moovida]
[HKEY_LOCAL_MACHINE\software\Mozilla]
[HKEY_LOCAL_MACHINE\software\mozilla.org]
[HKEY_LOCAL_MACHINE\software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\software\Nero]
[HKEY_LOCAL_MACHINE\software\NOS]
[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\software\ODBC]
[HKEY_LOCAL_MACHINE\software\OpenOffice.org]
[HKEY_LOCAL_MACHINE\software\Policies]
[HKEY_LOCAL_MACHINE\software\Program Groups]
[HKEY_LOCAL_MACHINE\software\Pterodon]
[HKEY_LOCAL_MACHINE\software\RealNetworks]
[HKEY_LOCAL_MACHINE\software\Realtek]
[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\software\RegisteredApplications]
[HKEY_LOCAL_MACHINE\software\S3R521]
[HKEY_LOCAL_MACHINE\software\Safer Networking Limited]
[HKEY_LOCAL_MACHINE\software\ScanSoft]
[HKEY_LOCAL_MACHINE\software\Schlumberger]
[HKEY_LOCAL_MACHINE\software\Secure]
[HKEY_LOCAL_MACHINE\software\SECURITOO]
[HKEY_LOCAL_MACHINE\software\SmartSound Software]
[HKEY_LOCAL_MACHINE\software\Sony]
[HKEY_LOCAL_MACHINE\software\Sony Corporation]
[HKEY_LOCAL_MACHINE\software\Sun Microsystems]
[HKEY_LOCAL_MACHINE\software\SystemCheck]
[HKEY_LOCAL_MACHINE\software\TomTom]
[HKEY_LOCAL_MACHINE\software\Trolltech]
[HKEY_LOCAL_MACHINE\software\Ulead Systems]
[HKEY_LOCAL_MACHINE\software\Unreal Technology]
[HKEY_LOCAL_MACHINE\software\VIA Technologies, Inc]
[HKEY_LOCAL_MACHINE\software\VirginMega]
[HKEY_LOCAL_MACHINE\software\Windows]
[HKEY_LOCAL_MACHINE\software\Windows 3.1 Migration Status]
[HKEY_LOCAL_MACHINE\software\Xing Technology Corp.]
[HKEY_LOCAL_MACHINE\software\Yahoo]
[HKEY_LOCAL_MACHINE\software\ZSMC]

¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤

Present !! : C:\Program Files\Ask.com
Present !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Present !! : C:\windows\002566_.tmp
Present !! : C:\windows\SET25.tmp
Present !! : C:\windows\SET3.tmp
Present !! : C:\windows\SET4.tmp
Present !! : C:\windows\SET8.tmp
Present !! : C:\windows\System32\drivers\etc\hosts.msn
Present !! : C:\windows\System32\unrar.exe
Present !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
Present !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat

¤¤¤¤¤¤¤¤¤¤ Keys :

Present !! : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
Present !! : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
Present !! : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
Present !! : HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

FEATURE_BROWSER_EMULATION | svchost :
====================================


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-01 20:57:16
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys
kernel: MBR read successfully
user & kernel MBR OK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled = 1 (0x1)
AntiVirusOverride = 1 (0x1)
FirewallOverride = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

End of scan : 21:16:57,04
0
Réponse 4 / 10
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 21:21
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

choisis l'option CLEAN

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

colle le contenu dans ta réponse
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
marlo
1 oct. 2010 à 21:42
¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤

------------------------------------------------------------------------------
explorer.exe pid: 268
Command line: C:\windows\Explorer.EXE
Base Size Version Path
0x01000000 0x100000 6.00.2900.5512 C:\windows\Explorer.EXE
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x75f10000 0xfd000 6.00.2900.5512 C:\windows\system32\BROWSEUI.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x7e210000 0x171000 6.00.2900.5512 C:\windows\system32\SHDOCVW.dll
0x779e0000 0x97000 5.131.2600.5512 C:\windows\system32\CRYPT32.dll
0x77a80000 0x12000 5.01.2600.5875 C:\windows\system32\MSASN1.dll
0x76610000 0x84000 5.131.2600.5512 C:\windows\system32\CRYPTUI.dll
0x6fee0000 0x55000 5.01.2600.5694 C:\windows\system32\NETAPI32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x404a0000 0xe6000 8.00.6001.18939 C:\windows\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\windows\system32\Normaliz.dll
0x45180000 0x133000 8.00.6001.18939 C:\windows\system32\urlmon.dll
0x40b40000 0x1e8000 8.00.6001.18939 C:\windows\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x75140000 0x2e000 5.01.2600.5768 C:\windows\system32\msctfime.ime
0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\appHelp.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
0x765b0000 0x56000 5.01.2600.5512 C:\windows\System32\cscui.dll
0x76590000 0x1d000 5.01.2600.5512 C:\windows\System32\CSCDLL.dll
0x5b950000 0x73000 6.00.2900.5512 C:\windows\system32\themeui.dll
0x76310000 0x5000 5.01.2600.5512 C:\windows\system32\MSIMG32.dll
0x01100000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x76920000 0x8000 5.01.2600.5512 C:\windows\system32\LINKINFO.dll
0x76930000 0x26000 5.01.2600.5512 C:\windows\system32\ntshrui.dll
0x76ac0000 0x11000 3.05.2284.0002 C:\windows\system32\ATL.DLL
0x40d30000 0xa94000 8.00.6001.18939 C:\WINDOWS\system32\ieframe.dll
0x75d30000 0x91000 6.00.2900.5512 C:\windows\system32\MLANG.dll
0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
0x76390000 0x1a9000 5.01.2600.5512 C:\WINDOWS\system32\NETSHELL.dll
0x76bb0000 0x2f000 5.01.2600.5512 C:\WINDOWS\system32\credui.dll
0x5b660000 0xa000 5.01.2600.5512 C:\WINDOWS\system32\dot3api.dll
0x76e30000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\rtutils.dll
0x72640000 0x6000 5.01.2600.5512 C:\WINDOWS\system32\dot3dlg.dll
0x73990000 0x28000 5.01.2600.5512 C:\WINDOWS\system32\OneX.DLL
0x76f00000 0x8000 5.01.2600.5512 C:\WINDOWS\system32\WTSAPI32.dll
0x762f0000 0x10000 5.01.2600.5512 C:\WINDOWS\system32\WINSTA.dll
0x6da60000 0x22000 5.01.2600.5512 C:\WINDOWS\system32\eappcfg.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x200e0000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\eappprxy.dll
0x76d10000 0x19000 5.01.2600.5512 C:\WINDOWS\system32\iphlpapi.dll
0x719f0000 0x17000 5.01.2600.5512 C:\WINDOWS\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 C:\WINDOWS\system32\WS2HELP.dll
0x61310000 0x54000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
0x4eb80000 0x1ab000 5.02.6001.22319 C:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll
0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\OpenOffice.org 2.4\program\MSVCR71.dll
0x60e20000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.4\program\stlport_vc7145.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\OpenOffice.org 2.4\program\MSVCP71.dll
0x10000000 0x5b000 9.00.0000.0332 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.3053 C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
0x01df0000 0x4d000 7.00.6001.18260 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
0x01f00000 0x4c000 9.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\windows\system32\msi.dll
0x71a60000 0x12000 5.01.2600.5512 C:\windows\system32\MPR.dll
0x75ef0000 0x7000 5.01.2600.5512 C:\windows\System32\drprov.dll
0x71b70000 0xe000 5.01.2600.5512 C:\windows\System32\ntlanman.dll
0x71c30000 0x17000 5.01.2600.5512 C:\windows\System32\NETUI0.dll
0x71bf0000 0x40000 5.01.2600.5512 C:\windows\System32\NETUI1.dll
0x71be0000 0x7000 5.01.2600.5512 C:\windows\System32\NETRAP.dll
0x71b50000 0x13000 5.01.2600.5512 C:\windows\System32\SAMLIB.dll
0x75f00000 0xa000 5.01.2600.5512 C:\windows\System32\davclnt.dll

No matching processes were found.

No matching processes were found.

No matching processes were found.

No matching processes were found.

No matching processes were found.

------------------------------------------------------------------------------
csrss.exe pid: 784
Command line: C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Base Size Version Path
0x4a680000 0x5000 \??\C:\windows\system32\csrss.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x75ad0000 0xb000 5.01.2600.5915 C:\windows\system32\CSRSRV.dll
0x75ae0000 0x10000 5.01.2600.5512 C:\windows\system32\basesrv.dll
0x75af0000 0x4b000 5.01.2600.6001 C:\windows\system32\winsrv.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\KERNEL32.dll
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77210000 0xb1000 5.01.2600.5512 C:\windows\system32\sxs.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll

------------------------------------------------------------------------------
smss.exe pid: 712
Command line: \SystemRoot\System32\smss.exe
Base Size Version Path
0x48580000 0xf000 \SystemRoot\System32\smss.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll

------------------------------------------------------------------------------
winlogon.exe pid: 808
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\windows\system32\winlogon.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x77680000 0x12000 5.01.2600.5512 C:\windows\system32\AUTHZ.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\windows\system32\CRYPT32.dll
0x77a80000 0x12000 5.01.2600.5875 C:\windows\system32\MSASN1.dll
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x758d0000 0x8000 5.01.2600.5512 C:\windows\system32\NDdeApi.dll
0x758c0000 0xa000 5.01.2600.5512 C:\windows\system32\PROFMAP.dll
0x6fee0000 0x55000 5.01.2600.5694 C:\windows\system32\NETAPI32.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x76ba0000 0xb000 5.01.2600.5512 C:\windows\system32\PSAPI.DLL
0x76b60000 0xf000 5.01.2600.5512 C:\windows\system32\REGAPI.dll
0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x762f0000 0x10000 5.01.2600.5512 C:\windows\system32\WINSTA.dll
0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
0x719f0000 0x17000 5.01.2600.5512 C:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 C:\windows\system32\WS2HELP.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x75900000 0xfa000 5.01.2600.5512 C:\windows\system32\MSGINA.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\windows\system32\ODBC32.dll
0x76340000 0x4a000 6.00.2900.5512 C:\windows\system32\comdlg32.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\windows\system32\odbcint.dll
0x776a0000 0x24000 6.00.2900.5512 C:\windows\system32\SHSVCS.dll
0x76b50000 0x5000 5.01.2600.5512 C:\windows\system32\sfc.dll
0x76c10000 0x2a000 5.01.2600.5512 C:\windows\system32\sfc_os.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\Apphelp.dll
0x75140000 0x2e000 5.01.2600.5768 C:\windows\system32\msctfime.ime
0x72340000 0x1c000 5.01.2600.5512 C:\windows\system32\WINSCARD.DLL
0x76f00000 0x8000 5.01.2600.5512 C:\windows\system32\WTSAPI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x76590000 0x1d000 5.01.2600.5512 C:\windows\system32\cscdll.dll
0x46fc0000 0x8000 5.01.2600.5512 C:\windows\System32\dimsntfy.dll
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x758e0000 0x1b000 5.01.2600.5512 C:\windows\system32\WlNotify.dll
0x71a60000 0x12000 5.01.2600.5512 C:\windows\system32\MPR.dll
0x72f50000 0x26000 5.01.2600.5512 C:\windows\system32\WINSPOOL.DRV
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
0x77c40000 0x25000 5.01.2600.5876 C:\windows\system32\msv1_0.dll
0x76730000 0xc000 5.01.2600.5512 C:\windows\system32\cryptdll.dll
0x76d10000 0x19000 5.01.2600.5512 C:\windows\system32\iphlpapi.dll
0x765b0000 0x56000 5.01.2600.5512 C:\windows\system32\cscui.dll
0x76cf0000 0x18000 5.01.2600.5512 C:\windows\system32\MPRAPI.dll
0x77c90000 0x32000 5.01.2600.5512 C:\windows\system32\ACTIVEDS.dll
0x76dc0000 0x25000 5.01.2600.5512 C:\windows\system32\adsldpc.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x76ac0000 0x11000 3.05.2284.0002 C:\windows\system32\ATL.DLL
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x76e30000 0xe000 5.01.2600.5512 C:\windows\system32\rtutils.dll
0x01240000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL

------------------------------------------------------------------------------
svchost.exe pid: 1024
Command line: C:\windows\system32\svchost -k DcomLaunch
Base Size Version Path
0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x76870000 0x64000 5.01.2600.5755 c:\windows\system32\rpcss.dll
0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
0x006b0000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x766a0000 0x54000 5.01.2600.5512 c:\windows\system32\termsrv.dll
0x74ee0000 0x6000 5.01.2600.5512 c:\windows\system32\ICAAPI.dll
0x778e0000 0xf8000 5.01.2600.5512 c:\windows\system32\SETUPAPI.dll
0x76be0000 0x2e000 5.131.2600.5922 c:\windows\system32\WINTRUST.dll
0x779e0000 0x97000 5.131.2600.5512 c:\windows\system32\CRYPT32.dll
0x77a80000 0x12000 5.01.2600.5875 c:\windows\system32\MSASN1.dll
0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
0x77680000 0x12000 5.01.2600.5512 c:\windows\system32\AUTHZ.dll
0x75080000 0x1f000 5.01.2600.5512 c:\windows\system32\mstlsapi.dll
0x77c90000 0x32000 5.01.2600.5512 c:\windows\system32\ACTIVEDS.dll
0x76dc0000 0x25000 5.01.2600.5512 c:\windows\system32\adsldpc.dll
0x6fee0000 0x55000 5.01.2600.5694 c:\windows\system32\NETAPI32.dll
0x76ac0000 0x11000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x76b60000 0xf000 5.01.2600.5512 C:\windows\system32\REGAPI.dll
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\Apphelp.dll
------------------------------------------------------------------------------
svchost.exe pid: 1156
Command line: C:\windows\system32\svchost -k rpcss
Base Size Version Path
0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x76870000 0x64000 5.01.2600.5755 c:\windows\system32\rpcss.dll
0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
0x006b0000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
0x76ed0000 0x27000 5.01.2600.5625 C:\windows\system32\DNSAPI.dll
0x76d10000 0x19000 5.01.2600.5512 C:\windows\system32\iphlpapi.dll
0x76f60000 0x8000 5.01.2600.5512 C:\windows\System32\winrnr.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x76f70000 0x6000 5.01.2600.5512 C:\windows\system32\rasadhlp.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
------------------------------------------------------------------------------
svchost.exe pid: 1364
Command line: C:\windows\system32\svchost.exe -k netsvcs
Base Size Version Path
0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x00630000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x7d4d0000 0x22000 5.01.2600.5512 c:\windows\system32\dhcpcsvc.dll
0x76ed0000 0x27000 5.01.2600.5625 c:\windows\system32\DNSAPI.dll
0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
0x7db30000 0x8c000 5.01.2600.5512 c:\windows\system32\wzcsvc.dll
0x76e30000 0xe000 5.01.2600.5512 c:\windows\system32\rtutils.dll
0x76ce0000 0x4000 5.01.2600.5512 c:\windows\system32\WMI.dll
0x779e0000 0x97000 5.131.2600.5512 c:\windows\system32\CRYPT32.dll
0x77a80000 0x12000 5.01.2600.5875 c:\windows\system32\MSASN1.dll
0x71780000 0xb000 5.01.2600.5512 c:\windows\system32\EapolQec.dll
0x76ac0000 0x11000 3.05.2284.0002 c:\windows\system32\ATL.DLL
0x5bdf0000 0x16000 5.01.2600.5512 c:\windows\system32\QUtil.dll
0x76010000 0x65000 6.02.3104.0000 c:\windows\system32\MSVCP60.dll
0x5b660000 0xa000 5.01.2600.5512 c:\windows\system32\dot3api.dll
0x76f00000 0x8000 5.01.2600.5512 c:\windows\system32\WTSAPI32.dll
0x762f0000 0x10000 5.01.2600.5512 c:\windows\system32\WINSTA.dll
0x6fee0000 0x55000 5.01.2600.5694 c:\windows\system32\NETAPI32.dll
0x6f890000 0x111000 5.01.2600.5512 c:\windows\system32\ESENT.dll
0x772d0000 0x23000 5.01.2600.5826 c:\windows\system32\wkssvc.dll
0x76740000 0x13000 5.01.2600.5512 c:\windows\system32\NTDSAPI.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x7d500000 0x27000 5.01.2600.5886 C:\windows\System32\rastls.dll
0x76610000 0x84000 5.131.2600.5512 C:\windows\system32\CRYPTUI.dll
0x404a0000 0xe6000 8.00.6001.18939 C:\windows\system32\WININET.dll
0x015e0000 0x9000 6.00.5441.0000 C:\windows\system32\Normaliz.dll
0x45180000 0x133000 8.00.6001.18939 C:\windows\system32\urlmon.dll
0x40b40000 0x1e8000 8.00.6001.18939 C:\windows\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
0x76cf0000 0x18000 5.01.2600.5512 C:\windows\system32\MPRAPI.dll
0x77c90000 0x32000 5.01.2600.5512 C:\windows\system32\ACTIVEDS.dll
0x76dc0000 0x25000 5.01.2600.5512 C:\windows\system32\adsldpc.dll
0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
0x76e90000 0x3c000 5.01.2600.5512 C:\windows\system32\RASAPI32.dll
0x76e40000 0x12000 5.01.2600.5512 C:\windows\system32\rasman.dll
0x76e60000 0x2f000 5.01.2600.5512 C:\windows\system32\TAPI32.dll
0x76790000 0x28000 5.01.2600.6006 C:\windows\system32\SCHANNEL.dll
0x72340000 0x1c000 5.01.2600.5512 C:\windows\system32\WinSCard.dll
0x76ba0000 0xb000 5.01.2600.5512 C:\windows\system32\PSAPI.DLL
0x76cc0000 0x12000 5.01.2600.5512 c:\windows\system32\cryptsvc.dll
0x752c0000 0x33000 5.01.2600.5512 c:\windows\system32\certcli.dll
0x75000000 0x1a000 5.01.2600.5512 c:\windows\system32\srvsvc.dll
0x76c90000 0x16000 5.01.2600.5886 C:\windows\System32\raschap.dll
0x77cd0000 0x33000 5.01.2600.5512 c:\windows\system32\netman.dll
0x76390000 0x1a9000 5.01.2600.5512 c:\windows\system32\netshell.dll
0x76bb0000 0x2f000 5.01.2600.5512 c:\windows\system32\credui.dll
0x72640000 0x6000 5.01.2600.5512 c:\windows\system32\dot3dlg.dll
0x73990000 0x28000 5.01.2600.5512 c:\windows\system32\OneX.DLL
0x6da60000 0x22000 5.01.2600.5512 c:\windows\system32\eappcfg.dll
0x200e0000 0xe000 5.01.2600.5512 c:\windows\system32\eappprxy.dll
0x72f80000 0x10000 5.01.2600.5512 c:\windows\system32\WZCSAPI.DLL
0x74eb0000 0xc000 5.01.2600.5512 c:\windows\pchealth\helpctr\binaries\pchsvc.dll
0x75110000 0x2e000 5.01.2600.5512 c:\windows\system32\srsvc.dll
0x74a40000 0x8000 6.00.2900.5512 c:\windows\system32\POWRPROF.dll
0x4f0b0000 0x28000 5.01.2600.5512 c:\windows\system32\wbem\wmisvc.dll
0x75350000 0x6d000 5.01.2600.5512 C:\windows\system32\VSSAPI.DLL
0x77c40000 0x25000 5.01.2600.5876 C:\windows\system32\msv1_0.dll
0x76730000 0xc000 5.01.2600.5512 C:\windows\system32\cryptdll.dll
0x66890000 0x56000 5.01.2600.5512 c:\windows\system32\ipnathlp.dll
0x77680000 0x12000 5.01.2600.5512 c:\windows\system32\AUTHZ.dll
0x72f50000 0x26000 5.01.2600.5512 C:\windows\system32\winspool.drv
0x76d90000 0x16000 5.01.2600.5512 c:\windows\system32\browser.dll
0x75200000 0x37000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wbemcomn.dll
0x76250000 0x85000 5.01.2600.5512 C:\windows\System32\Wbem\wbemcore.dll
0x75280000 0x3f000 5.01.2600.5512 C:\windows\System32\Wbem\esscli.dll
0x75610000 0x76000 5.01.2600.5755 C:\windows\System32\Wbem\FastProx.dll
0x74f90000 0x1c000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wmiutils.dll
0x75170000 0x2f000 5.01.2600.5512 C:\WINDOWS\system32\wbem\repdrvfs.dll
0x41d50000 0x72000 5.01.2600.5755 C:\WINDOWS\system32\wbem\wmiprvsd.dll
0x5fb00000 0xc000 5.01.2600.5512 C:\windows\system32\NCObjAPI.DLL
0x75300000 0x46000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wbemess.dll
0x75570000 0x9d000 5.01.2600.5512 C:\WINDOWS\system32\netcfgx.dll
0x76d50000 0x12000 5.01.2600.5512 C:\WINDOWS\system32\CLUSAPI.dll
0x7def0000 0x32000 5.01.2600.5512 C:\windows\system32\rasmans.dll
0x72240000 0xd000 5.01.2600.5512 C:\windows\system32\Sens.dll
0x742d0000 0xb000 5.01.2600.5512 C:\windows\system32\WINIPSEC.DLL
0x5fad0000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\wbem\ncprov.dll
------------------------------------------------------------------------------
svchost.exe pid: 1384
Command line: C:\windows\system32\svchost.exe -k NetworkService
Base Size Version Path
0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x76710000 0xd000 5.01.2600.5512 c:\windows\system32\dnsrslvr.dll
0x76ed0000 0x27000 5.01.2600.5625 c:\windows\system32\DNSAPI.dll
0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
------------------------------------------------------------------------------
svchost.exe pid: 1556
Command line: C:\windows\system32\svchost.exe -k LocalService
Base Size Version Path
0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
0x00630000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
0x74bb0000 0x6000 5.01.2600.5512 c:\windows\system32\lmhsvc.dll
0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll

No matching processes were found.

¤¤¤¤¤¤¤¤¤¤¤ Ports ¤¤¤¤¤¤¤¤¤¤

Pid Process Port Proto Path
1156 -> 135 TCP
4 System -> 139 TCP
4 System -> 445 TCP
1156 -> 445 UDP
4 System -> 137 UDP
4 System -> 138 UDP

¤¤¤¤¤¤¤¤¤¤ Boot Execute ¤¤¤¤¤¤¤¤¤¤


HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Utilitaire de vérification automatique
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\autochk.exe
b16ccbf66bf41f994d2810cc2299d9d6 (MD5)
1ca550976a0a04527ba38312ffc87b0e083e5f31 (SHA-1)
72a10210863995896fdd1725f072967961ffd41926c099634ff3bc99bbd65b4f (SHA-256)

¤¤¤¤¤¤¤¤¤¤ LSA | Security Providers ¤¤¤¤¤¤¤¤¤¤


HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
msapsspc.dll
msapsspc.dll
Client DPA pour plate-forme 32 bit
Microsoft Corporation
6.00.0000.7755
c:\windows\system32\msapsspc.dll
9b5b153f4d0d5cb14d9865435182bd70 (MD5)
81f2fa4984c6dd3b9bca38d5c348343062d90815 (SHA-1)
5dbbbb5c1e4b0ffe1fedb6bcacc6693c835948deec967f5e412329a02b799d5f (SHA-256)
schannel.dll
schannel.dll
TLS / SSL Security Provider
Microsoft Corporation
5.01.2600.6006
c:\windows\system32\schannel.dll
6e11d1dd3943e986fc05919813d38ae9 (MD5)
ecd1e59eb81f3585f391757f27e891a8038e705e (SHA-1)
304b7d55e9082733350f8d92d5a587068a8335764347e71f400044b4af9d3c4d (SHA-256)
digest.dll
digest.dll
Package d'authentification Digest SSPI
Microsoft Corporation
6.00.2900.5512
c:\windows\system32\digest.dll
6cc5c1dac782a63bbc18afc1a23acb68 (MD5)
a71acf37920ee69a9b6ad859c9bcd713826cf598 (SHA-1)
31a5cabdbd646bb97d75118c738229d440020a99301d3a0552210630ad8bb431 (SHA-256)
msnsspc.dll
msnsspc.dll
Accès MSN Internet
Microsoft Corporation
6.01.1825.0000
c:\windows\system32\msnsspc.dll
25f3fbfb7cbc160674b1ac246fd13dc0 (MD5)
223431b21e851cd14c1cf0ab1fbec16d1aa86518 (SHA-1)
ffaa55260dd1c2989508910b0470997ef9c868eb578f4a2b10e187de59fe35e7 (SHA-256)

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
msv1_0
msv1_0
Microsoft Authentication Package v1.0
Microsoft Corporation
5.01.2600.5876
c:\windows\system32\msv1_0.dll
2921bbeab3eb2a09e7cbc7cae2a18110 (MD5)
c049c6d3536f7168824270ddc72f6e201bcf03eb (SHA-1)
ed20c345ba0fd88ff5f30247d8c61484a8f36196da644ba7f1f27b3c0270d3c4 (SHA-256)

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
scecli
scecli
Moteur du client de l'Éditeur de configuration de sécurité Windows
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\scecli.dll
973b36634c544948c663e8269aa1b3a3 (MD5)
eae992c87e70dfdcdcd615624e80438e03f42f54 (SHA-1)
ad2c0561d4248c29e71dbffe5ecca1b1d061d2339773e1b54857f6d57970fe80 (SHA-256)

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
kerberos
kerberos
Kerberos Security Package
Microsoft Corporation
5.01.2600.5834
c:\windows\system32\kerberos.dll
14e7cfebe8a6241a288182f13b3e33a9 (MD5)
7b52bdf770244bca686f56b87856c9677bfb90b9 (SHA-1)
1bb7db40d13047b39a97f19b8e7f9beaa1a883bb293201f15f5accdb6b5bbcd4 (SHA-256)
msv1_0
msv1_0
Microsoft Authentication Package v1.0
Microsoft Corporation
5.01.2600.5876
c:\windows\system32\msv1_0.dll
2921bbeab3eb2a09e7cbc7cae2a18110 (MD5)
c049c6d3536f7168824270ddc72f6e201bcf03eb (SHA-1)
ed20c345ba0fd88ff5f30247d8c61484a8f36196da644ba7f1f27b3c0270d3c4 (SHA-256)
schannel
schannel
TLS / SSL Security Provider
Microsoft Corporation
5.01.2600.6006
c:\windows\system32\schannel.dll
6e11d1dd3943e986fc05919813d38ae9 (MD5)
ecd1e59eb81f3585f391757f27e891a8038e705e (SHA-1)
304b7d55e9082733350f8d92d5a587068a8335764347e71f400044b4af9d3c4d (SHA-256)
wdigest
wdigest
Microsoft Digest Access
Microsoft Corporation
5.01.2600.5834
c:\windows\system32\wdigest.dll
a3d1365c368971fa7d1cbb35d88a2f46 (MD5)
77f95987bc18db143675daa80449ecf1b1f4c81e (SHA-1)
bdef87760e7ed74a913a2365213f5288eac39197a29dec813e15b0e2823cbf51 (SHA-256)

¤¤¤¤¤¤¤¤¤¤ Scheduled tasks ¤¤¤¤¤¤¤¤¤¤


Task Scheduler
HPpromotions HP Photosmart 370 Series.job
C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe /N "HP Photosmart 370 Series" -r
HPpromo
hp
5.00.0001.0004
c:\program files\hp\digital imaging\bin\hpqwrg.exe
f525d5e31385785a9d5309d0659b24b2 (MD5)
12097ceeefefa4fc39134e8605b1654963092cb0 (SHA-1)
2c4b9a716de0a6665a599ba1aac09b04ba28ff0e63a35082c901ee87fa8dbd80 (SHA-256)
User_Feed_Synchronization-{FB8E4B1D-8CA7-449B-9055-43B7D6CA5098}.job
C:\WINDOWS\system32\msfeedssync.exe sync
Microsoft Feeds Synchronization
Microsoft Corporation
8.00.6001.18702
c:\windows\system32\msfeedssync.exe
fee2ba1ad38f457f418e82ea30724053 (MD5)
7ba67318a83e01543dc455288191b6e6dd41047b (SHA-1)
e4641a129d07f33901df4af9b234a7ee5ff6565e8414ee0ba755976da250a809 (SHA-256)

¤¤¤¤¤¤¤¤¤¤ Programs ¤¤¤¤¤¤¤¤¤¤

Ad-Remover By C_XX
Adobe Flash Player 10 ActiveX 10.1.82.76
Adobe Flash Player 10 Plugin 10.0.45.2
Adobe Reader 9 - Français 9.0.0
Assistant de connexion Windows Live 5.000.818.6
Attansic L1 Gigabit Ethernet Driver
AutoUpdate 1.1
BufferChm 43.1.5.000
CCScore 6.02.1001.0001
CCleaner (remove only)
CMN
Call of Duty(R) 4 - Modern Warfare(TM) Demo 1.00.0000
Call of Duty(R) 4 - Modern Warfare(TM) Demo 1.00.0000
Canon MP Navigator 2.0
Canon MP450
Canon Utilities Easy-PhotoPrint
Cisco Systems VPN Client 5.0.00.0340 5.0.0
Client Citrix Presentation Server - Web uniquement 10.200.2650
Codeur Windows Media Série 9 9.00.2980
Codeur Windows Media Série 9
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB2158563) 1
Correctif pour Windows XP (KB952287) 1
Correctif pour Windows XP (KB961118) 1
Correctif pour Windows XP (KB970653-v3) 3
Correctif pour Windows XP (KB979306) 1
Correctif pour Windows XP (KB981793) 1
CreativeProjects 43.1.5.000
CreativeProjectsTemplates 43.1.5.000
CueTour 43.1.5.000
DVD Shrink 3.2
Destinations 43.1.5.000
DiMAGE Viewer
Director 43.1.5.000
DivX Codec 6.8.5
DivX Converter Mobile 1.0.0
DivX Player 6.8.2
DivX Web Player 1.4.2
Dongle Sagem 703
EAX4 Unified Redist 4.001
ESSBrwr 6.04.0000.0001
ESSCDBK 6.04.0000.0001
ESSPCD 6.04.0000.0001
ESSPDock 6.03.0001.0004
ESSSONIC 6.4.0000.0001
ESSTOOLS 5.00.0000.0004
ESScore 6.04.0000.0003
ESSgui 6.04.0000.0001
ESSini 6.04.0000.0001
EVEREST Home Edition v2.20 2.20
Easy-WebPrint
Extension de Windows Live Toolbar (Windows Live Toolbar) 03.01.0146
Freeplayer 20070531
Galerie de photos Windows Live 14.0.8081.709
Google Toolbar for Internet Explorer
HP Diagnostic Assistant 1.0.0.0
HP Image Zone 4.0 4.0
HP Software Update 2.0.39.20040212
HPSystemDiagnostics 1.5.0.0
HPpromotions 1.00.0000
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4) 4
Hotfix for Windows XP (KB954550-v5) 5
Hotfix for Windows XP (KB976002-v5) 5
IZArc 3.81 3.81 Build 1550
Installation Windows Live 14.0.8089.726
Installation Windows Live 14.0.8089.0726
InstantShare 4.0.0.40
Java(TM) 6 Update 15 6.0.150
Java(TM) 6 Update 4 1.6.0.40
Java(TM) 6 Update 7 1.6.0.70
Junk Mail filter update 14.0.8089.726
K-Lite Codec Pack 4.1.7 (Full) 4.1.7
LG Bluetooth Drivers 1.0
LG MC USB U330 driver 1.0.0.0000
LG PC Suite III 1.0.0.0
LG PC Suite III 1.0.0.0
LG USB Modem driver 4.9.4
Labtec WebCam 8.17.0000
Lecteur Windows Media 11
LimeWire 5.5.14 5.5.14
List_Kill'em
MSN
MSVCRT 14.0.1468.721
MSXML 4.0 SP2 (KB936181) 4.20.9848.0
MSXML 4.0 SP2 (KB954430) 4.20.9870.0
MSXML 4.0 SP2 (KB973688) 4.20.9876.0
Malwarebytes' Anti-Malware
Menus intelligents (Windows Live Toolbar) 03.01.0146
Microsoft .NET Framework 1.1 1.1.4322
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack 1.1.4322
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA 2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA 3.2.30729
Microsoft .NET Framework 3.5 Language Pack SP1 - fra 3.5.30729
Microsoft .NET Framework 3.5 SP1 3.5.30729
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting 12.0.6012.5000
Microsoft Choice Guard 2.0.48.0
Microsoft Compression Client Pack 1.0 for Windows XP 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (French) 2007 12.0.6425.1000
Microsoft Office Excel MUI (French) 2007 12.0.6425.1000
Microsoft Office InfoPath MUI (French) 2007 12.0.6425.1000
Microsoft Office Live Add-in 1.3 2.0.2313.0
Microsoft Office Outlook Connector 12.0.6423.1000
Microsoft Office Outlook MUI (French) 2007 12.0.6425.1000
Microsoft Office PowerPoint MUI (French) 2007 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Professional Plus 2007 12.0.6425.1000
Microsoft Office Proof (Arabic) 2007 12.0.6425.1000
Microsoft Office Proof (Dutch) 2007 12.0.6425.1000
Microsoft Office Proof (English) 2007 12.0.6425.1000
Microsoft Office Proof (French) 2007 12.0.6425.1000
Microsoft Office Proof (German) 2007 12.0.6425.1000
Microsoft Office Proof (Spanish) 2007 12.0.6425.1000
Microsoft Office Proofing (French) 2007 12.0.4518.1014
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (French) 2007 12.0.6425.1000
Microsoft Office Shared MUI (French) 2007 12.0.6425.1000
Microsoft Office Word MUI (French) 2007 12.0.6425.1000
Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
Microsoft Search Enhancement Pack 1.3.59.0
Microsoft Silverlight 4.0.50917.0
Microsoft Software Update for Web Folders (French) 12 12.0.6425.1000
Microsoft Sync Framework Runtime Native v1.0 (x86) 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) 1.0.1215.0
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable 8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)
Mise à jour de sécurité pour Lecteur Windows Media (KB975558)
Mise à jour de sécurité pour Lecteur Windows Media (KB978695)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) 2
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) 1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260) 1
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2183461) 1
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) 1
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) 1
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332) 1
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381) 1
Mise à jour de sécurité pour Windows XP (KB2079403) 1
Mise à jour de sécurité pour Windows XP (KB2115168) 1
Mise à jour de sécurité pour Windows XP (KB2121546) 1
Mise à jour de sécurité pour Windows XP (KB2160329) 1
Mise à jour de sécurité pour Windows XP (KB2229593) 1
Mise à jour de sécurité pour Windows XP (KB2259922) 1
Mise à jour de sécurité pour Windows XP (KB2286198) 1
Mise à jour de sécurité pour Windows XP (KB2347290) 1
Mise à jour de sécurité pour Windows XP (KB923561) 1
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour de sécurité pour Windows XP (KB938464) 1
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648) 1
Mise à jour de sécurité pour Windows XP (KB950762) 1
Mise à jour de sécurité pour Windows XP (KB950974) 1
Mise à jour de sécurité pour Windows XP (KB951066) 1
Mise à jour de sécurité pour Windows XP (KB951376-v2) 2
Mise à jour de sécurité pour Windows XP (KB951698) 1
Mise à jour de sécurité pour Windows XP (KB951748) 1
Mise à jour de sécurité pour Windows XP (KB952004) 1
Mise à jour de sécurité pour Windows XP (KB952954) 1
Mise à jour de sécurité pour Windows XP (KB953839) 1
Mise à jour de sécurité pour Windows XP (KB954211) 1
Mise à jour de sécurité pour Windows XP (KB954459) 1
Mise à jour de sécurité pour Windows XP (KB954600) 1
Mise à jour de sécurité pour Windows XP (KB955069) 1
Mise à jour de sécurité pour Windows XP (KB956391) 1
Mise à jour de sécurité pour Windows XP (KB956572) 1
Mise à jour de sécurité pour Windows XP (KB956744) 1
Mise à jour de sécurité pour Windows XP (KB956802) 1
Mise à jour de sécurité pour Windows XP (KB956803) 1
Mise à jour de sécurité pour Windows XP (KB956841) 1
Mise à jour de sécurité pour Windows XP (KB956844) 1
Mise à jour de sécurité pour Windows XP (KB957095) 1
Mise à jour de sécurité pour Windows XP (KB957097) 1
Mise à jour de sécurité pour Windows XP (KB958644) 1
Mise à jour de sécurité pour Windows XP (KB958687) 1
Mise à jour de sécurité pour Windows XP (KB958690) 1
Mise à jour de sécurité pour Windows XP (KB958869) 1
Mise à jour de sécurité pour Windows XP (KB959426) 1
Mise à jour de sécurité pour Windows XP (KB960225) 1
Mise à jour de sécurité pour Windows XP (KB960715) 1
Mise à jour de sécurité pour Windows XP (KB960803) 1
Mise à jour de sécurité pour Windows XP (KB960859) 1
Mise à jour de sécurité pour Windows XP (KB961371) 1
Mise à jour de sécurité pour Windows XP (KB961373) 1
Mise à jour de sécurité pour Windows XP (KB961501) 1
Mise à jour de sécurité pour Windows XP (KB968537) 1
Mise à jour de sécurité pour Windows XP (KB969059) 1
Mise à jour de sécurité pour Windows XP (KB969898) 1
Mise à jour de sécurité pour Windows XP (KB969947) 1
Mise à jour de sécurité pour Windows XP (KB970238) 1
Mise à jour de sécurité pour Windows XP (KB970430) 1
Mise à jour de sécurité pour Windows XP (KB971468) 1
Mise à jour de sécurité pour Windows XP (KB971557) 1
Mise à jour de sécurité pour Windows XP (KB971633) 1
Mise à jour de sécurité pour Windows XP (KB971657) 1
Mise à jour de sécurité pour Windows XP (KB972270) 1
Mise à jour de sécurité pour Windows XP (KB973346) 1
Mise à jour de sécurité pour Windows XP (KB973354) 1
Mise à jour de sécurité pour Windows XP (KB973507) 1
Mise à jour de sécurité pour Windows XP (KB973869) 1
Mise à jour de sécurité pour Windows XP (KB973904) 1
Mise à jour de sécurité pour Windows XP (KB974112) 1
Mise à jour de sécurité pour Windows XP (KB974318) 1
Mise à jour de sécurité pour Windows XP (KB974392) 1
Mise à jour de sécurité pour Windows XP (KB974571) 1
Mise à jour de sécurité pour Windows XP (KB975025) 1
Mise à jour de sécurité pour Windows XP (KB975467) 1
Mise à jour de sécurité pour Windows XP (KB975560) 1
Mise à jour de sécurité pour Windows XP (KB975561) 1
Mise à jour de sécurité pour Windows XP (KB975562) 1
Mise à jour de sécurité pour Windows XP (KB975713) 1
Mise à jour de sécurité pour Windows XP (KB977816) 1
Mise à jour de sécurité pour Windows XP (KB977914) 1
Mise à jour de sécurité pour Windows XP (KB978037) 1
Mise à jour de sécurité pour Windows XP (KB978262) 1
Mise à jour de sécurité pour Windows XP (KB978338) 1
Mise à jour de sécurité pour Windows XP (KB978542) 1
Mise à jour de sécurité pour Windows XP (KB978601) 1
Mise à jour de sécurité pour Windows XP (KB978706) 1
Mise à jour de sécurité pour Windows XP (KB979309) 1
Mise à jour de sécurité pour Windows XP (KB979482) 1
Mise à jour de sécurité pour Windows XP (KB979559) 1
Mise à jour de sécurité pour Windows XP (KB979683) 1
Mise à jour de sécurité pour Windows XP (KB980195) 1
Mise à jour de sécurité pour Windows XP (KB980218) 1
Mise à jour de sécurité pour Windows XP (KB980232) 1
Mise à jour de sécurité pour Windows XP (KB980436) 1
Mise à jour de sécurité pour Windows XP (KB981322) 1
Mise à jour de sécurité pour Windows XP (KB981852) 1
Mise à jour de sécurité pour Windows XP (KB981997) 1
Mise à jour de sécurité pour Windows XP (KB982214) 1
Mise à jour de sécurité pour Windows XP (KB982665) 1
Mise à jour de sécurité pour Windows XP (KB982802) 1
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour le Codeur Windows Media (KB979332)
Mise à jour pour Windows Internet Explorer 8 (KB972636) 1
Mise à jour pour Windows Internet Explorer 8 (KB976662) 1
Mise à jour pour Windows Internet Explorer 8 (KB980182) 1
Mise à jour pour Windows XP (KB2141007) 1
Mise à jour pour Windows XP (KB898461) 1
Mise à jour pour Windows XP (KB951072-v2) 2
Mise à jour pour Windows XP (KB951978) 1
Mise à jour pour Windows XP (KB955759) 1
Mise à jour pour Windows XP (KB955839) 1
Mise à jour pour Windows XP (KB961503) 1
Mise à jour pour Windows XP (KB967715) 1
Mise à jour pour Windows XP (KB968389) 1
Mise à jour pour Windows XP (KB971737) 1
Mise à jour pour Windows XP (KB973687) 1
Mise à jour pour Windows XP (KB973815) 1
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Moovida 1.00.0000
Moovida 2.0.9
NVIDIA Drivers
Nero 7 Essentials 7.02.4861
OfotoXMI 6.04.0000.0001
OmniPage SE 2.0 2.00.0004
OpenMG Limited Patch 4.1-05-13-31-01
OpenMG Secure Module 4.1.00 4.1.00.13261
OpenMG Secure Module 4.1.00 4.1.00.13261
OpenOffice.org 2.4 2.4.9310
Outil de téléchargement Windows Live 14.0.8014.1029
Overland 2.1.5
PGameScan 0.90.3
PS370 1.00.0000
PSPrinters06 1.00.0000
PhotoGallery 43.1.5.000
Photosmart 320,370,7400,8100,8400 Series (fra) 2.0
Platform 1.27
PrintScreen 43.1.5.000
Programme de gestion Camera de Logitech®
PunkBuster Services 0.986
QFolder 1.00.0000
QuickProjects 43.1.5.000
QuickTime 7.2.0.240
Realtek High Definition Audio Driver 5.10.0.5294
SFR 6.04.0000.0001
SHASTA 6.04.0000.0001
SKINXSDK 6.02.1001.0001
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906) 2.1.0.2
Security Update for CAPICOM (KB931906) 2.1.0.2
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Windows Search 4 - KB963093
Segoe UI 14.0.4327.805
SkinsHP1 43.1.5.000
SmartSound Quicktracks Plugin 3.0.2.7
SmartSound Quicktracks Plugin 3.0.2.7
SonicStage 3.0 3.0
Spybot - Search & Destroy 1.6.0
SuperCopier2
Surligneur (Windows Live Toolbar) 03.01.0146
TomTom HOME 2.7.6.2056 2.7.6.2056
TomTom HOME Visual Studio Merge Modules 1.0.2
TrayApp 43.1.5.000
Ulead VideoStudio 10 10.0
Unload 4.0.0
Unreal Tournament G.O.T.Y. Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1
Update for Outlook 2007 Junk Email Filter (kb2291599)
VIA Gestionnaire de périphériques de plate-forme 1.27
VPRINTOL 6.04.0000.0001
VirginMega.Fr Premium 1.00.0008
WD FAT32 Formatter 1.0.1
WIRELESS 6.04.0000.0001
WebFldrs XP 9.50.7523
WebReg 43.1.5.000
WinRAR archiver
Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7 20070813.185237
Windows Internet Explorer 8 20090308.140743
Windows Live Call 14.0.8064.0206
Windows Live Communications Platform 14.0.8064.206
Windows Live Contrôle parental 14.0.8093.805
Windows Live Favorites pour Windows Live Toolbar 03.01.0146
Windows Live FolderShare 14.0.8089.726
Windows Live Mail
Windows Live Mail 14.0.8089.0726
Windows Live Messenger 14.0.8089.0726
Windows Live OneCare safety scanner
Windows Live Toolbar 14.0.8064.206
Windows Live Writer 14.0.8089.0726
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 04.00.6001.503
Windows XP Service Pack 3 20080413.144513
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Yahoo! Install Manager
Yahoo! Toolbar
Yahoo! Toolbar avec bloqueur de fenêtres pop-up
ZHPDiag 1.25 1.25
avast! Free Antivirus 5.0.545.0
eMule
essvatgt 6.04.0000.0001
fflink 6.02.1001.0001
kgcbaby 5.03.0000.0002
kgcbase 5.03.0000.0004
kgchday 5.03.0000.0002
kgchlwn 5.03.0000.0002
kgcinvt 5.03.0000.0003
kgckids 6.03.0001.0001
kgcmove 6.03.0001.0001
kgcvday 5.03.0000.0002
netbrdg 6.04.0000.0001
skin0001 6.04.0000.0004
staticcr 6.04.0000.0005
tooltips 6.04.0000.0001

¤¤¤¤¤¤¤¤¤¤ Drivers ¤¤¤¤¤¤¤¤¤¤

a5246ed2586aa807af0bcf63165a71cc c:\windows\system32\drivers\aavmker4.sys
e5e6dbfc41ea8aad005cb9a57a96b43b c:\windows\system32\drivers\acpi.sys
e4abc1212b70bb03d35e60681c447210 c:\windows\system32\drivers\acpiec.sys
ee7e0588072d196fc95486c23b8c6599 c:\windows\system32\drivers\adv01nt5.dll
7043187713dbf552d749c6accbb23c4e c:\windows\system32\drivers\adv02nt5.dll
f37bbf29cf0ec8c53fa14eac14679e1a c:\windows\system32\drivers\adv05nt5.dll
4c2d5029d8bd503c6a3a8061782fc69d c:\windows\system32\drivers\adv07nt5.dll
41e0f54f896ac2e891b87736d5778f3c c:\windows\system32\drivers\adv08nt5.dll
26db5e53d36407180b60c66d96658e2b c:\windows\system32\drivers\adv09nt5.dll
2a1106a5cc3d8f874158e19507634ddb c:\windows\system32\drivers\adv11nt5.dll
8bed39e3c35d6a489438b8141717a557 c:\windows\system32\drivers\aec.sys
7e775010ef291da96ad17ca4b17137d7 c:\windows\system32\drivers\afd.sys
08fd04aa961bdc77fb983f328334e3d7 c:\windows\system32\drivers\agp440.sys
03a7e0922acfe1b07d5db2eeb0773063 c:\windows\system32\drivers\agpcpq.sys
cb08aed0de2dd889a8a820cd8082d83c c:\windows\system32\drivers\alim1541.sys
95b4fb835e28aa1336ceeb07fd5b9398 c:\windows\system32\drivers\amdagp.sys
c6c0f974ab7e825813f8e6b4e5581750 c:\windows\system32\drivers\amdk6.sys
d3dabc57be6d456dfd4bc026cfa582ff c:\windows\system32\drivers\amdk7.sys
033448d435e65c4bd72e70521fd05c76 c:\windows\system32\drivers\AmdPPM.sys
b5b8a80875c1dededa8b02765642c32f c:\windows\system32\drivers\arp1394.sys
d48659bb24c48345d926ecb45c1ebdf5 c:\windows\system32\drivers\ASACPI.sys
c2a6683c9ff46aa70e2c2092b008edc7 c:\windows\system32\drivers\ASUSHWIO.SYS
1b6ed99291ddf5d2501554cc5757aab6 c:\windows\system32\drivers\aswFsBlk.sys
5ffe0c6a55930b77686535c070db408c c:\windows\system32\drivers\aswmon.sys
81432b1a4b31036c822eb967decf613c c:\windows\system32\drivers\aswmon2.sys
3e2b6112d2766f87eda8466fde86a986 c:\windows\system32\drivers\aswRdr.sys
d78b644816db540e103d0b0766fd9967 c:\windows\system32\drivers\aswSP.sys
606d731008d98b6ef946730c597c1642 c:\windows\system32\d
0
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
Modifié par benurrr le 1/10/2010 à 21:47
tu as un rapport du nom de Kill'em.txt sur ton bureau poste le aussi ,
0
Réponse 6 / 10
marlo
1 oct. 2010 à 21:49
¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

User : nom (Administrateurs)
Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
Start at: 21:29:05 | 01/10/2010

AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 58,59 Go (8,59 Go free) | NTFS
D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Program Files\Ask.com
Quarantined & Deleted !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Quarantined & Deleted !! : C:\windows\002566_.tmp
Quarantined & Deleted !! : C:\windows\SET25.tmp
Quarantined & Deleted !! : C:\windows\SET3.tmp
Quarantined & Deleted !! : C:\windows\SET4.tmp
Quarantined & Deleted !! : C:\windows\SET8.tmp

Quarantined & Deleted !! : C:\windows\System32\drivers\etc\hosts.msn
Quarantined & Deleted !! : C:\windows\System32\unrar.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc2.com
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc3.exe
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc4.lnk

¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
Deleted : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
Deleted : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}

¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr/?ocid=iehp
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled = 1 ()
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)

¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤

Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FEATURE_BROWSER_EMULATION | svchost :
====================================


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 7 / 10
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 22:00
relance Malwarebytes fait la mise a jour cette fois ci et refait un scan complet
0
Réponse 8 / 10
marlo
1 oct. 2010 à 22:23
très bien c'est encours
merci pour l'aide,
ensuite que faut-il faire??
0
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 22:28
apres malwarbyte

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit


Tutoriel pour t'aider

https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm


si le rapport ne passe pas sur le forum à cause de sa longeur envoie-le sur : cijoint

http://www.cijoint.fr/

fais parcourir ,

puis envoie le fichier.
0
Réponse 9 / 10
marlo
1 oct. 2010 à 23:23
¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

User : nom (Administrateurs)
Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
Start at: 21:29:05 | 01/10/2010

AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 58,59 Go (8,59 Go free) | NTFS
D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Program Files\Ask.com
Quarantined & Deleted !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Quarantined & Deleted !! : C:\windows\002566_.tmp
Quarantined & Deleted !! : C:\windows\SET25.tmp
Quarantined & Deleted !! : C:\windows\SET3.tmp
Quarantined & Deleted !! : C:\windows\SET4.tmp
Quarantined & Deleted !! : C:\windows\SET8.tmp

Quarantined & Deleted !! : C:\windows\System32\drivers\etc\hosts.msn
Quarantined & Deleted !! : C:\windows\System32\unrar.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc2.com
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc3.exe
Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc4.lnk

¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
Deleted : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
Deleted : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}

¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr/?ocid=iehp
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled = 1 ()
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)

¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤

Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FEATURE_BROWSER_EMULATION | svchost :
====================================


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


Fichier(s) infecté(s):
C:\Documents and Settings\nom\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
0
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 23:27
c'est malwarbyte que j'attend
0
Réponse 10 / 10
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 107
1 oct. 2010 à 23:36
tu peut poster le rapport stp

peut-être qu'il y'a des residues


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que ­tu es libre...Merci a australe13
0

Discussions similaires

Code de réinitialisation mdp facebook sans le demander
Colonel_El_Moustachat -
Colonel_El_Moustachat -

4 réponses
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses