Security tool, comment le supprimer

marlo -  
benurrr Messages postés 9766 Statut Contributeur sécurité -
Bonjour,

Après avoir lu les différents messages pour supprimer sécurity tool, j'ai fais les différentes démarches mais sécurity tool est tjrs présent !!!

Voici le rapport d'erreur :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

01/10/2010 20:19:29
mbam-log-2010-10-01 (20-19-29).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 208561
Temps écoulé: 1 heure(s), 18 minute(s), 45 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\nom\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.

Merci à vous de votre aide

10 réponses

  1. marlo
     
    c'est bon ça a fonctionné, je n'ai plus rien
    merci
    1
  2. benurrr Messages postés 9766 Statut Contributeur sécurité 107
     
    Salut :

    DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est détecte a tort comme infection)

    Télécharge ici :List_Kill'em de gen-hackman

    http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe

    et enregistre le sur ton bureau

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "exécuter en tant que...."

    sur le raccourci sur ton bureau pour lancer l'installation

    Laisse coché :

    Exécuter List_Kill'em

    une fois terminée , clic sur "terminer" et le programme se lancera seul

    Il commencera par télécharger et installer ses mises à jour , puis te donnera son menu

    choisis l'option Search

    laisse travailler l'outil

    il se peut qu'une boite de dialogue s'ouvre , dans ce cas clique sur "OK" ou "Agrée"

    à l'apparition de la fenêtre blanche , c'est un peu long , c'est normal ,c'est une recherche supplémentaire de fichiers cachés , le programme n'est pas bloqué.

    Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'écran "COMPLETED"
    0
  3. marlo
     
    ¤¤¤¤¤¤¤¤¤¤ List'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

    User : nom (Administrateurs)
    Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
    Start at: 20:45:34 | 01/10/2010

    AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local | 58,59 Go (8,6 Go free) | NTFS
    D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible

    Boot: Safeboot

    ¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer

    C:\windows\System32\smss.exe ---- 400 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ----
    C:\windows\system32\csrss.exe ---- 3252 Ko ---- Normal ---- C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
    C:\windows\system32\winlogon.exe ---- 2324 Ko ---- High ---- winlogon.exe ----
    C:\windows\system32\services.exe ---- 3372 Ko ---- Normal ---- C:\windows\system32\services.exe ----
    C:\windows\system32\lsass.exe ---- 5672 Ko ---- Normal ---- C:\windows\system32\lsass.exe ----
    C:\windows\system32\svchost.exe ---- 4868 Ko ---- Normal ---- C:\windows\system32\svchost -k DcomLaunch ----
    C:\windows\system32\svchost.exe ---- 4144 Ko ---- Normal ---- C:\windows\system32\svchost -k rpcss ----
    C:\windows\system32\svchost.exe ---- 13732 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k netsvcs ----
    C:\windows\system32\svchost.exe ---- 3476 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k NetworkService ----
    C:\windows\system32\svchost.exe ---- 2980 Ko ---- Normal ---- C:\windows\system32\svchost.exe -k LocalService ----
    C:\windows\Explorer.EXE ---- 21184 Ko ---- Normal ---- C:\windows\Explorer.EXE ----
    C:\windows\system32\cmd.exe ---- 2812 Ko ---- Normal ---- C:\windows\system32\cmd.exe /K List'em.bat ----
    C:\WINDOWS\system32\wbem\wmiprvse.exe ---- 6724 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiprvse.exe ----
    C:\Program Files\List_Kill'em\pv.exe ---- 2276 Ko ---- Normal ---- pv -o"%f ---- %m Ko ---- %p ---- %l ---- %s" ----

    ¤¤¤¤¤¤¤¤¤¤ Keys "Run" ¤¤¤¤¤¤¤¤¤¤

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    SuperCopier2.exe = C:\Program Files\SuperCopier2\SuperCopier2.exe
    ctfmon.exe = C:\windows\system32\ctfmon.exe
    swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    TomTomHOME.exe = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    RTHDCPL = RTHDCPL.EXE
    SkyTel = SkyTel.EXE
    Alcmtr = ALCMTR.EXE
    NeroFilterCheck = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz = nwiz.exe /install
    NvMediaCenter = RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe
    LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe
    OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
    UVS10 Preload = C:\Documents and Settings\nom\Mes documents\uvPL.exe
    SunJavaUpdateSched = "C:\Program Files\Java\jre6\bin\jusched.exe"
    HPDJ Taskbar Utility = C:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
    HPHUPD06 = C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    HP Software Update = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    HP Component Manager = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    HPHmon06 = C:\windows\system32\hphmon06.exe
    SsAAD.exe = C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    avast5 = C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    ¤¤¤¤¤¤¤¤¤¤ Other System Keys ¤¤¤¤¤¤¤¤¤¤

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoDriveTypeAutoRun = 145 (0x91)

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    HonorAutoRunSetting = 1 (0x1)
    NoCDBurning = 0 (0x0)

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS =

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Shell = Explorer.exe
    Userinit = C:\WINDOWS\system32\userinit.exe,

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\5c5d4155909]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {AEB6717E-7E19-11d0-97EE-00C04FD91972} =
    {56F9679E-7826-4C84-81F3-532071A8BCC5} =

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\Program Files\Messenger\msmsgs.exe = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
    C:\Program Files\LimeWire\LimeWire.exe = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
    C:\Program Files\eMule\emule.exe = C:\Program Files\eMule\emule.exe:*:Disabled:eMule
    C:\WINDOWS\system32\PnkBstrA.exe = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
    C:\WINDOWS\system32\PnkBstrB.exe = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
    C:\Program Files\Real\RealPlayer\realplay.exe = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
    C:\Documents and Settings\All Users\Application Data\15fd6b2\MySecurityEngine.exe = C:\Documents and Settings\All Users\Application Data\15fd6b2\MySecurityEngine.exe:*:Enabled:My Security Engine
    C:\windows\explorer.exe = C:\windows\explorer.exe:*:Enabled:Windows Shell
    C:\Documents and Settings\All Users\Application Data\15fd6b2\MS15fd.exe = C:\Documents and Settings\All Users\Application Data\15fd6b2\MS15fd.exe:*:Enabled:My Security Engine

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
    C:\windows\explorer.exe = C:\windows\explorer.exe:*:Enabled:Windows Shell

    ¤¤¤¤¤¤¤¤¤¤ ActivX | COM ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6414512B-B978-451D-A0D8-FCFDF33E833C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
    [HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A3320D6-C805-4280-B423-B665BDE33D8F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3F7924B9-D148-3141-87B1-68F36043A940}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72AD53CC-CCC0-3757-8480-9EE176866A7C}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}]
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}]

    ¤¤¤¤¤¤¤¤¤¤ BHO ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

    ¤¤¤¤¤¤¤¤¤¤ DNS ¤¤¤¤¤¤¤¤¤¤

    Description: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 212.27.40.241
    DNS Server Search Order: 212.27.40.240
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{4A1B71D5-4067-49AE-AA20-EF3AA7CE8CE9}: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{85E8358D-A848-4A88-812C-7D9B09933BBD}: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

    ¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    Local Page = C:\WINDOWS\system32\blank.htm
    Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://fr.yahoo.com/
    Local Page = C:\WINDOWS\system32\blank.htm
    Search Page = https://www.google.com/?gws_rd=ssl

    ¤¤¤¤¤ Proxy Internet Explorer

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    ProxyEnable = 0 (0x0)

    ¤¤¤¤¤¤¤¤¤¤ Proxy Firefox ¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤ TaskCache ¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤ IFEO ¤¤¤¤¤¤¤¤¤¤

    [Debugger = svchost.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apitrap.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Arrakis3.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ASSTE.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVSTE.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdagent.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdreinit.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdsubwiz.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdtkexec.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdwizreg.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cleanup.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cqw32.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divxdec.ax]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DJSMAR00.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRMINST.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\egui.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ekrn.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\enc98.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncodeDivXExt.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncryptPatchVer.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\front.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fullsoft.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GBROWSER.DLL]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmarq.ocx]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmm.ocx]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ishscan.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ISSTE.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\javai.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm_g.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\livesrv.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\main123w.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mngreg32.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msci_uno.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscoree.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorsvr.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorwks.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msjava.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mso.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVOPTRF.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NeVideoFX.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NPMLIC.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NSWSTE.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\photohse.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PMSTE.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppw32hlp.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\printhse.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prwin8.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ps80.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\psdmt.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qfinder.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qpw.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\salwrap.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\seccenter.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup32.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sevinst.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symlcnet.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tcore_ebook.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TFDTCTT8.DLL]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ua80.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\udtapi.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\uiscan.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ums.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\upgrepl.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vb40032.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbe6.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsserv.exe]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wpwin8.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xlmlEN.dll]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xwsetup.EXE]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Your Image File Name Here without a path]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_INSTPGM.EXE]

    ¤¤¤¤¤¤¤¤¤¤ File Protection ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]

    ¤¤¤¤¤¤¤¤¤¤ Safemode ¤¤¤¤¤¤¤¤¤¤

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!

    ¤¤¤¤¤¤¤¤¤¤ Atapi.sys ¤¤¤¤¤¤¤¤¤¤

    [MD5.cdfe4411a69c224bd1d11b2da92dac51] - C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\drivers\atapi.sys
    [MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
    [MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys

    ¤¤¤¤¤ Reference

    Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
    Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
    Win XP_32b : a64013e98426e1877cb653685c5c0009
    Win XP_SP1_32b : 95b858761a00e1d4f81f79a0da019aca
    Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
    Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
    Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
    Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
    Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
    Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
    Windows 7_32b : 338c86357871c167a96ab976519bf59e
    Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C

    ¤¤¤¤¤¤¤¤¤¤ Explorer ¤¤¤¤¤¤¤¤¤¤

    [MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\explorer.exe
    [MD5.2a7bd330924252a2fd80344fc949bb72] - C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    ¤¤¤¤¤¤¤¤¤¤ Winlogon ¤¤¤¤¤¤¤¤¤¤

    [MD5.123eea158f74d0f67a51dcdf065d1091] - C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\system32\winlogon.exe

    ¤¤¤¤¤¤¤¤¤¤ Drive ¤¤¤¤¤¤¤¤¤¤

    D'fragmenteur de disque Windows
    Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

    Rapport d'analyse
    58,59 Go total, 8,60 Go libre (14%), 34% fragment' (fragmentation du fichier 67%)

    Vous devriez d'fragmenter ce volume.

    ¤¤¤¤¤¤¤¤¤¤ Mountpoints2 ¤¤¤¤¤¤¤¤¤¤

    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun
    Extended =
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun\command
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5032f3f0-275a-11de-97c4-00173161950b}\shell\autorun\command
    @ = WDSetup.exe
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun
    @ = &Exécution automatique
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun\command
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0479d3a-3748-11de-97d6-00173161950b}\shell\autorun\command
    @ = F:\LaunchU3.exe -a

    ¤¤¤¤¤¤¤¤¤¤ First Scan ¤¤¤¤¤¤¤¤¤¤

    c:\documents and settings\nom\application data\lg electronics\3g mobilesync 2.0\ems\config.ini:
    Verified: Unsigned
    File date: 21:14 06/01/2006
    Publisher: n/a
    Description: n/a
    Product: n/a
    Version: n/a
    File version: n/a

    ¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

    [5c5d4155 = ]
    [HKEY_CURRENT_USER\software\2015]
    [HKEY_CURRENT_USER\software\3]
    [HKEY_CURRENT_USER\software\AC3filter]
    [HKEY_CURRENT_USER\software\Ad-Remover]
    [HKEY_CURRENT_USER\software\Adobe]
    [HKEY_CURRENT_USER\software\Ahead]
    [HKEY_CURRENT_USER\software\ALWIL Software]
    [HKEY_CURRENT_USER\software\Apple Computer, Inc.]
    [HKEY_CURRENT_USER\software\ArcSoft]
    [HKEY_CURRENT_USER\software\ASUS]
    [HKEY_CURRENT_USER\software\Canon]
    [HKEY_CURRENT_USER\software\CDDB]
    [HKEY_CURRENT_USER\software\Citrix]
    [HKEY_CURRENT_USER\software\Clients]
    [HKEY_CURRENT_USER\software\Corel]
    [HKEY_CURRENT_USER\software\CoreVorbis]
    [HKEY_CURRENT_USER\software\Cyberlink]
    [HKEY_CURRENT_USER\software\DivXNetworks]
    [HKEY_CURRENT_USER\software\DSP-worx]
    [HKEY_CURRENT_USER\software\DVD Shrink]
    [HKEY_CURRENT_USER\software\eMule]
    [HKEY_CURRENT_USER\software\Fluendo]
    [HKEY_CURRENT_USER\software\FRANCE TELECOM]
    [HKEY_CURRENT_USER\software\Freeplayer]
    [HKEY_CURRENT_USER\software\Gabest]
    [HKEY_CURRENT_USER\software\GameSpy]
    [HKEY_CURRENT_USER\software\GNU]
    [HKEY_CURRENT_USER\software\Google]
    [HKEY_CURRENT_USER\software\GSpot Appliance Corp]
    [HKEY_CURRENT_USER\software\Haali]
    [HKEY_CURRENT_USER\software\HaaliMkx]
    [HKEY_CURRENT_USER\software\Hewlett-Packard]
    [HKEY_CURRENT_USER\software\IM Providers]
    [HKEY_CURRENT_USER\software\Intel]
    [HKEY_CURRENT_USER\software\IZSoftware]
    [HKEY_CURRENT_USER\software\JavaSoft]
    [HKEY_CURRENT_USER\software\Kodak]
    [HKEY_CURRENT_USER\software\Labtec]
    [HKEY_CURRENT_USER\software\Lavalys]
    [HKEY_CURRENT_USER\software\LG Electronics Inc]
    [HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]
    [HKEY_CURRENT_USER\software\Logitech]
    [HKEY_CURRENT_USER\software\LowRegistry]
    [HKEY_CURRENT_USER\software\Macromedia]
    [HKEY_CURRENT_USER\software\Magnet]
    [HKEY_CURRENT_USER\software\MainConcept]
    [HKEY_CURRENT_USER\software\Malwarebytes' Anti-Malware]
    [HKEY_CURRENT_USER\software\MediaInfo]
    [HKEY_CURRENT_USER\software\Microsoft]
    [HKEY_CURRENT_USER\software\Moovida]
    [HKEY_CURRENT_USER\software\Nero]
    [HKEY_CURRENT_USER\software\Netscape]
    [HKEY_CURRENT_USER\software\NVIDIA Corporation]
    [HKEY_CURRENT_USER\software\ODBC]
    [HKEY_CURRENT_USER\software\Opendisc]
    [HKEY_CURRENT_USER\software\OpenOffice.org]
    [HKEY_CURRENT_USER\software\ORL]
    [HKEY_CURRENT_USER\software\Piriform]
    [HKEY_CURRENT_USER\software\Policies]
    [HKEY_CURRENT_USER\software\RealNetworks]
    [HKEY_CURRENT_USER\software\Realtek]
    [HKEY_CURRENT_USER\software\Safer Networking Limited]
    [HKEY_CURRENT_USER\software\ScanSoft]
    [HKEY_CURRENT_USER\software\SecuROM]
    [HKEY_CURRENT_USER\software\SFX TEAM]
    [HKEY_CURRENT_USER\software\Sony Corporation]
    [HKEY_CURRENT_USER\software\Sysinternals]
    [HKEY_CURRENT_USER\software\TomTom]
    [HKEY_CURRENT_USER\software\Trolltech]
    [HKEY_CURRENT_USER\software\Ulead]
    [HKEY_CURRENT_USER\software\Ulead Systems]
    [HKEY_CURRENT_USER\software\VB and VBA Program Settings]
    [HKEY_CURRENT_USER\software\VirginMega]
    [HKEY_CURRENT_USER\software\Windows Live]
    [HKEY_CURRENT_USER\software\Windows Live Writer]
    [HKEY_CURRENT_USER\software\WinRAR]
    [HKEY_CURRENT_USER\software\WinRAR SFX]
    [HKEY_CURRENT_USER\software\Xmxeieuutg]
    [HKEY_CURRENT_USER\software\Yahoo]
    [HKEY_CURRENT_USER\software\YahooPartnerToolbar]
    [HKEY_CURRENT_USER\software\Classes]

    [HKEY_LOCAL_MACHINE\software\781]
    [HKEY_LOCAL_MACHINE\software\8ec]
    [HKEY_LOCAL_MACHINE\software\Activision]
    [HKEY_LOCAL_MACHINE\software\Adobe]
    [HKEY_LOCAL_MACHINE\software\ahead]
    [HKEY_LOCAL_MACHINE\software\ALWIL Software]
    [HKEY_LOCAL_MACHINE\software\aMule]
    [HKEY_LOCAL_MACHINE\software\AppDataLow]
    [HKEY_LOCAL_MACHINE\software\Apple Computer, Inc.]
    [HKEY_LOCAL_MACHINE\software\ASUS]
    [HKEY_LOCAL_MACHINE\software\Attansic]
    [HKEY_LOCAL_MACHINE\software\Audible]
    [HKEY_LOCAL_MACHINE\software\Aureal]
    [HKEY_LOCAL_MACHINE\software\BrowserChoice]
    [HKEY_LOCAL_MACHINE\software\C07ft5Y]
    [HKEY_LOCAL_MACHINE\software\Canon]
    [HKEY_LOCAL_MACHINE\software\Canopus]
    [HKEY_LOCAL_MACHINE\software\CCleaner]
    [HKEY_LOCAL_MACHINE\software\CDDB]
    [HKEY_LOCAL_MACHINE\software\Cisco Systems]
    [HKEY_LOCAL_MACHINE\software\Citrix]
    [HKEY_LOCAL_MACHINE\software\Classes]
    [HKEY_LOCAL_MACHINE\software\Clients]
    [HKEY_LOCAL_MACHINE\software\Codec Tweak Tool]
    [HKEY_LOCAL_MACHINE\software\Codemasters]
    [HKEY_LOCAL_MACHINE\software\Crytek]
    [HKEY_LOCAL_MACHINE\software\Cyberlink]
    [HKEY_LOCAL_MACHINE\software\Debug]
    [HKEY_LOCAL_MACHINE\software\DeterministicNetworks]
    [HKEY_LOCAL_MACHINE\software\DivXNetworks]
    [HKEY_LOCAL_MACHINE\software\Electronic Arts]
    [HKEY_LOCAL_MACHINE\software\Gabest]
    [HKEY_LOCAL_MACHINE\software\Gemplus]
    [HKEY_LOCAL_MACHINE\software\GNU]
    [HKEY_LOCAL_MACHINE\software\Google]
    [HKEY_LOCAL_MACHINE\software\HaaliMkx]
    [HKEY_LOCAL_MACHINE\software\Hewlett-Packard]
    [HKEY_LOCAL_MACHINE\software\HP]
    [HKEY_LOCAL_MACHINE\software\ICE]
    [HKEY_LOCAL_MACHINE\software\InstallShield]
    [HKEY_LOCAL_MACHINE\software\Intel]
    [HKEY_LOCAL_MACHINE\software\InterVideo]
    [HKEY_LOCAL_MACHINE\software\JavaSoft]
    [HKEY_LOCAL_MACHINE\software\KLCodecPack]
    [HKEY_LOCAL_MACHINE\software\Kodak]
    [HKEY_LOCAL_MACHINE\software\KONICA MINOLTA PHOTO IMAGING, INC.]
    [HKEY_LOCAL_MACHINE\software\lameme]
    [HKEY_LOCAL_MACHINE\software\LEAD Technologies, Inc.]
    [HKEY_LOCAL_MACHINE\software\LG Electronics]
    [HKEY_LOCAL_MACHINE\software\LimeWire]
    [HKEY_LOCAL_MACHINE\software\Logitech]
    [HKEY_LOCAL_MACHINE\software\Macromedia]
    [HKEY_LOCAL_MACHINE\software\Macrovision]
    [HKEY_LOCAL_MACHINE\software\Malwarebytes' Anti-Malware]
    [HKEY_LOCAL_MACHINE\software\Microsoft]
    [HKEY_LOCAL_MACHINE\software\Mindscape]
    [HKEY_LOCAL_MACHINE\software\MINOLTA]
    [HKEY_LOCAL_MACHINE\software\Moovida]
    [HKEY_LOCAL_MACHINE\software\Mozilla]
    [HKEY_LOCAL_MACHINE\software\mozilla.org]
    [HKEY_LOCAL_MACHINE\software\MozillaPlugins]
    [HKEY_LOCAL_MACHINE\software\Nero]
    [HKEY_LOCAL_MACHINE\software\NOS]
    [HKEY_LOCAL_MACHINE\software\NVIDIA Corporation]
    [HKEY_LOCAL_MACHINE\software\ODBC]
    [HKEY_LOCAL_MACHINE\software\OpenOffice.org]
    [HKEY_LOCAL_MACHINE\software\Policies]
    [HKEY_LOCAL_MACHINE\software\Program Groups]
    [HKEY_LOCAL_MACHINE\software\Pterodon]
    [HKEY_LOCAL_MACHINE\software\RealNetworks]
    [HKEY_LOCAL_MACHINE\software\Realtek]
    [HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.]
    [HKEY_LOCAL_MACHINE\software\RegisteredApplications]
    [HKEY_LOCAL_MACHINE\software\S3R521]
    [HKEY_LOCAL_MACHINE\software\Safer Networking Limited]
    [HKEY_LOCAL_MACHINE\software\ScanSoft]
    [HKEY_LOCAL_MACHINE\software\Schlumberger]
    [HKEY_LOCAL_MACHINE\software\Secure]
    [HKEY_LOCAL_MACHINE\software\SECURITOO]
    [HKEY_LOCAL_MACHINE\software\SmartSound Software]
    [HKEY_LOCAL_MACHINE\software\Sony]
    [HKEY_LOCAL_MACHINE\software\Sony Corporation]
    [HKEY_LOCAL_MACHINE\software\Sun Microsystems]
    [HKEY_LOCAL_MACHINE\software\SystemCheck]
    [HKEY_LOCAL_MACHINE\software\TomTom]
    [HKEY_LOCAL_MACHINE\software\Trolltech]
    [HKEY_LOCAL_MACHINE\software\Ulead Systems]
    [HKEY_LOCAL_MACHINE\software\Unreal Technology]
    [HKEY_LOCAL_MACHINE\software\VIA Technologies, Inc]
    [HKEY_LOCAL_MACHINE\software\VirginMega]
    [HKEY_LOCAL_MACHINE\software\Windows]
    [HKEY_LOCAL_MACHINE\software\Windows 3.1 Migration Status]
    [HKEY_LOCAL_MACHINE\software\Xing Technology Corp.]
    [HKEY_LOCAL_MACHINE\software\Yahoo]
    [HKEY_LOCAL_MACHINE\software\ZSMC]

    ¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤

    Present !! : C:\Program Files\Ask.com
    Present !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Present !! : C:\windows\002566_.tmp
    Present !! : C:\windows\SET25.tmp
    Present !! : C:\windows\SET3.tmp
    Present !! : C:\windows\SET4.tmp
    Present !! : C:\windows\SET8.tmp
    Present !! : C:\windows\System32\drivers\etc\hosts.msn
    Present !! : C:\windows\System32\unrar.exe
    Present !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
    Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
    Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
    Present !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
    Present !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    Present !! : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
    Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
    Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
    Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
    Present !! : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
    Present !! : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
    Present !! : HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

    FEATURE_BROWSER_EMULATION | svchost :
    ====================================

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-10-01 20:57:16
    Windows 5.1.2600 Service Pack 3 FAT NTAPI

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys
    kernel: MBR read successfully
    user & kernel MBR OK

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    FirstRunDisabled = 1 (0x1)
    AntiVirusOverride = 1 (0x1)
    FirewallOverride = 0 (0x0)
    AntiVirusDisableNotify = 0 (0x0)
    FirewallDisableNotify = 0 (0x0)
    UpdatesDisableNotify = 0 (0x0)

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    End of scan : 21:16:57,04
    0
  4. benurrr Messages postés 9766 Statut Contributeur sécurité 107
     
    Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
    mais cette fois-ci :

    choisis l'option CLEAN

    laisse travailler l'outil.

    en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

    colle le contenu dans ta réponse
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. marlo
     
    ¤¤¤¤¤¤¤¤¤¤ More informations ¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤ DLLs ¤¤¤¤¤¤¤¤¤¤

    ------------------------------------------------------------------------------
    explorer.exe pid: 268
    Command line: C:\windows\Explorer.EXE
    Base Size Version Path
    0x01000000 0x100000 6.00.2900.5512 C:\windows\Explorer.EXE
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x75f10000 0xfd000 6.00.2900.5512 C:\windows\system32\BROWSEUI.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x7e210000 0x171000 6.00.2900.5512 C:\windows\system32\SHDOCVW.dll
    0x779e0000 0x97000 5.131.2600.5512 C:\windows\system32\CRYPT32.dll
    0x77a80000 0x12000 5.01.2600.5875 C:\windows\system32\MSASN1.dll
    0x76610000 0x84000 5.131.2600.5512 C:\windows\system32\CRYPTUI.dll
    0x6fee0000 0x55000 5.01.2600.5694 C:\windows\system32\NETAPI32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x404a0000 0xe6000 8.00.6001.18939 C:\windows\system32\WININET.dll
    0x00400000 0x9000 6.00.5441.0000 C:\windows\system32\Normaliz.dll
    0x45180000 0x133000 8.00.6001.18939 C:\windows\system32\urlmon.dll
    0x40b40000 0x1e8000 8.00.6001.18939 C:\windows\system32\iertutil.dll
    0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
    0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x75140000 0x2e000 5.01.2600.5768 C:\windows\system32\msctfime.ime
    0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\appHelp.dll
    0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
    0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
    0x765b0000 0x56000 5.01.2600.5512 C:\windows\System32\cscui.dll
    0x76590000 0x1d000 5.01.2600.5512 C:\windows\System32\CSCDLL.dll
    0x5b950000 0x73000 6.00.2900.5512 C:\windows\system32\themeui.dll
    0x76310000 0x5000 5.01.2600.5512 C:\windows\system32\MSIMG32.dll
    0x01100000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x76920000 0x8000 5.01.2600.5512 C:\windows\system32\LINKINFO.dll
    0x76930000 0x26000 5.01.2600.5512 C:\windows\system32\ntshrui.dll
    0x76ac0000 0x11000 3.05.2284.0002 C:\windows\system32\ATL.DLL
    0x40d30000 0xa94000 8.00.6001.18939 C:\WINDOWS\system32\ieframe.dll
    0x75d30000 0x91000 6.00.2900.5512 C:\windows\system32\MLANG.dll
    0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
    0x76390000 0x1a9000 5.01.2600.5512 C:\WINDOWS\system32\NETSHELL.dll
    0x76bb0000 0x2f000 5.01.2600.5512 C:\WINDOWS\system32\credui.dll
    0x5b660000 0xa000 5.01.2600.5512 C:\WINDOWS\system32\dot3api.dll
    0x76e30000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\rtutils.dll
    0x72640000 0x6000 5.01.2600.5512 C:\WINDOWS\system32\dot3dlg.dll
    0x73990000 0x28000 5.01.2600.5512 C:\WINDOWS\system32\OneX.DLL
    0x76f00000 0x8000 5.01.2600.5512 C:\WINDOWS\system32\WTSAPI32.dll
    0x762f0000 0x10000 5.01.2600.5512 C:\WINDOWS\system32\WINSTA.dll
    0x6da60000 0x22000 5.01.2600.5512 C:\WINDOWS\system32\eappcfg.dll
    0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
    0x200e0000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\eappprxy.dll
    0x76d10000 0x19000 5.01.2600.5512 C:\WINDOWS\system32\iphlpapi.dll
    0x719f0000 0x17000 5.01.2600.5512 C:\WINDOWS\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 C:\WINDOWS\system32\WS2HELP.dll
    0x61310000 0x54000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
    0x4eb80000 0x1ab000 5.02.6001.22319 C:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll
    0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\OpenOffice.org 2.4\program\MSVCR71.dll
    0x60e20000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.4\program\stlport_vc7145.dll
    0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\OpenOffice.org 2.4\program\MSVCP71.dll
    0x10000000 0x5b000 9.00.0000.0332 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
    0x78130000 0x9b000 8.00.50727.3053 C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
    0x01df0000 0x4d000 7.00.6001.18260 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
    0x01f00000 0x4c000 9.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x7d200000 0x2bc000 3.01.4001.5512 C:\windows\system32\msi.dll
    0x71a60000 0x12000 5.01.2600.5512 C:\windows\system32\MPR.dll
    0x75ef0000 0x7000 5.01.2600.5512 C:\windows\System32\drprov.dll
    0x71b70000 0xe000 5.01.2600.5512 C:\windows\System32\ntlanman.dll
    0x71c30000 0x17000 5.01.2600.5512 C:\windows\System32\NETUI0.dll
    0x71bf0000 0x40000 5.01.2600.5512 C:\windows\System32\NETUI1.dll
    0x71be0000 0x7000 5.01.2600.5512 C:\windows\System32\NETRAP.dll
    0x71b50000 0x13000 5.01.2600.5512 C:\windows\System32\SAMLIB.dll
    0x75f00000 0xa000 5.01.2600.5512 C:\windows\System32\davclnt.dll

    No matching processes were found.

    No matching processes were found.

    No matching processes were found.

    No matching processes were found.

    No matching processes were found.

    ------------------------------------------------------------------------------
    csrss.exe pid: 784
    Command line: C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
    Base Size Version Path
    0x4a680000 0x5000 \??\C:\windows\system32\csrss.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x75ad0000 0xb000 5.01.2600.5915 C:\windows\system32\CSRSRV.dll
    0x75ae0000 0x10000 5.01.2600.5512 C:\windows\system32\basesrv.dll
    0x75af0000 0x4b000 5.01.2600.6001 C:\windows\system32\winsrv.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\KERNEL32.dll
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77210000 0xb1000 5.01.2600.5512 C:\windows\system32\sxs.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll

    ------------------------------------------------------------------------------
    smss.exe pid: 712
    Command line: \SystemRoot\System32\smss.exe
    Base Size Version Path
    0x48580000 0xf000 \SystemRoot\System32\smss.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll

    ------------------------------------------------------------------------------
    winlogon.exe pid: 808
    Command line: winlogon.exe
    Base Size Version Path
    0x01000000 0x82000 \??\C:\windows\system32\winlogon.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x77680000 0x12000 5.01.2600.5512 C:\windows\system32\AUTHZ.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x779e0000 0x97000 5.131.2600.5512 C:\windows\system32\CRYPT32.dll
    0x77a80000 0x12000 5.01.2600.5875 C:\windows\system32\MSASN1.dll
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x758d0000 0x8000 5.01.2600.5512 C:\windows\system32\NDdeApi.dll
    0x758c0000 0xa000 5.01.2600.5512 C:\windows\system32\PROFMAP.dll
    0x6fee0000 0x55000 5.01.2600.5694 C:\windows\system32\NETAPI32.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x76ba0000 0xb000 5.01.2600.5512 C:\windows\system32\PSAPI.DLL
    0x76b60000 0xf000 5.01.2600.5512 C:\windows\system32\REGAPI.dll
    0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x762f0000 0x10000 5.01.2600.5512 C:\windows\system32\WINSTA.dll
    0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
    0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
    0x719f0000 0x17000 5.01.2600.5512 C:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 C:\windows\system32\WS2HELP.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x75900000 0xfa000 5.01.2600.5512 C:\windows\system32\MSGINA.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\COMCTL32.dll
    0x74730000 0x3d000 3.525.1132.0000 C:\windows\system32\ODBC32.dll
    0x76340000 0x4a000 6.00.2900.5512 C:\windows\system32\comdlg32.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x1f840000 0x18000 3.525.1117.0000 C:\windows\system32\odbcint.dll
    0x776a0000 0x24000 6.00.2900.5512 C:\windows\system32\SHSVCS.dll
    0x76b50000 0x5000 5.01.2600.5512 C:\windows\system32\sfc.dll
    0x76c10000 0x2a000 5.01.2600.5512 C:\windows\system32\sfc_os.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\Apphelp.dll
    0x75140000 0x2e000 5.01.2600.5768 C:\windows\system32\msctfime.ime
    0x72340000 0x1c000 5.01.2600.5512 C:\windows\system32\WINSCARD.DLL
    0x76f00000 0x8000 5.01.2600.5512 C:\windows\system32\WTSAPI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x76590000 0x1d000 5.01.2600.5512 C:\windows\system32\cscdll.dll
    0x46fc0000 0x8000 5.01.2600.5512 C:\windows\System32\dimsntfy.dll
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x758e0000 0x1b000 5.01.2600.5512 C:\windows\system32\WlNotify.dll
    0x71a60000 0x12000 5.01.2600.5512 C:\windows\system32\MPR.dll
    0x72f50000 0x26000 5.01.2600.5512 C:\windows\system32\WINSPOOL.DRV
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
    0x77c40000 0x25000 5.01.2600.5876 C:\windows\system32\msv1_0.dll
    0x76730000 0xc000 5.01.2600.5512 C:\windows\system32\cryptdll.dll
    0x76d10000 0x19000 5.01.2600.5512 C:\windows\system32\iphlpapi.dll
    0x765b0000 0x56000 5.01.2600.5512 C:\windows\system32\cscui.dll
    0x76cf0000 0x18000 5.01.2600.5512 C:\windows\system32\MPRAPI.dll
    0x77c90000 0x32000 5.01.2600.5512 C:\windows\system32\ACTIVEDS.dll
    0x76dc0000 0x25000 5.01.2600.5512 C:\windows\system32\adsldpc.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x76ac0000 0x11000 3.05.2284.0002 C:\windows\system32\ATL.DLL
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x76e30000 0xe000 5.01.2600.5512 C:\windows\system32\rtutils.dll
    0x01240000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
    0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
    0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL

    ------------------------------------------------------------------------------
    svchost.exe pid: 1024
    Command line: C:\windows\system32\svchost -k DcomLaunch
    Base Size Version Path
    0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
    0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x76870000 0x64000 5.01.2600.5755 c:\windows\system32\rpcss.dll
    0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
    0x006b0000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x766a0000 0x54000 5.01.2600.5512 c:\windows\system32\termsrv.dll
    0x74ee0000 0x6000 5.01.2600.5512 c:\windows\system32\ICAAPI.dll
    0x778e0000 0xf8000 5.01.2600.5512 c:\windows\system32\SETUPAPI.dll
    0x76be0000 0x2e000 5.131.2600.5922 c:\windows\system32\WINTRUST.dll
    0x779e0000 0x97000 5.131.2600.5512 c:\windows\system32\CRYPT32.dll
    0x77a80000 0x12000 5.01.2600.5875 c:\windows\system32\MSASN1.dll
    0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
    0x77680000 0x12000 5.01.2600.5512 c:\windows\system32\AUTHZ.dll
    0x75080000 0x1f000 5.01.2600.5512 c:\windows\system32\mstlsapi.dll
    0x77c90000 0x32000 5.01.2600.5512 c:\windows\system32\ACTIVEDS.dll
    0x76dc0000 0x25000 5.01.2600.5512 c:\windows\system32\adsldpc.dll
    0x6fee0000 0x55000 5.01.2600.5694 c:\windows\system32\NETAPI32.dll
    0x76ac0000 0x11000 3.05.2284.0002 c:\windows\system32\ATL.DLL
    0x76b60000 0xf000 5.01.2600.5512 C:\windows\system32\REGAPI.dll
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
    0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
    0x77b50000 0x22000 5.01.2600.5512 C:\windows\system32\Apphelp.dll
    ------------------------------------------------------------------------------
    svchost.exe pid: 1156
    Command line: C:\windows\system32\svchost -k rpcss
    Base Size Version Path
    0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x76870000 0x64000 5.01.2600.5755 c:\windows\system32\rpcss.dll
    0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
    0x006b0000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
    0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
    0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
    0x76ed0000 0x27000 5.01.2600.5625 C:\windows\system32\DNSAPI.dll
    0x76d10000 0x19000 5.01.2600.5512 C:\windows\system32\iphlpapi.dll
    0x76f60000 0x8000 5.01.2600.5512 C:\windows\System32\winrnr.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x76f70000 0x6000 5.01.2600.5512 C:\windows\system32\rasadhlp.dll
    0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
    0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
    ------------------------------------------------------------------------------
    svchost.exe pid: 1364
    Command line: C:\windows\system32\svchost.exe -k netsvcs
    Base Size Version Path
    0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
    0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x00630000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x7d4d0000 0x22000 5.01.2600.5512 c:\windows\system32\dhcpcsvc.dll
    0x76ed0000 0x27000 5.01.2600.5625 c:\windows\system32\DNSAPI.dll
    0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
    0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
    0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
    0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
    0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
    0x7db30000 0x8c000 5.01.2600.5512 c:\windows\system32\wzcsvc.dll
    0x76e30000 0xe000 5.01.2600.5512 c:\windows\system32\rtutils.dll
    0x76ce0000 0x4000 5.01.2600.5512 c:\windows\system32\WMI.dll
    0x779e0000 0x97000 5.131.2600.5512 c:\windows\system32\CRYPT32.dll
    0x77a80000 0x12000 5.01.2600.5875 c:\windows\system32\MSASN1.dll
    0x71780000 0xb000 5.01.2600.5512 c:\windows\system32\EapolQec.dll
    0x76ac0000 0x11000 3.05.2284.0002 c:\windows\system32\ATL.DLL
    0x5bdf0000 0x16000 5.01.2600.5512 c:\windows\system32\QUtil.dll
    0x76010000 0x65000 6.02.3104.0000 c:\windows\system32\MSVCP60.dll
    0x5b660000 0xa000 5.01.2600.5512 c:\windows\system32\dot3api.dll
    0x76f00000 0x8000 5.01.2600.5512 c:\windows\system32\WTSAPI32.dll
    0x762f0000 0x10000 5.01.2600.5512 c:\windows\system32\WINSTA.dll
    0x6fee0000 0x55000 5.01.2600.5694 c:\windows\system32\NETAPI32.dll
    0x6f890000 0x111000 5.01.2600.5512 c:\windows\system32\ESENT.dll
    0x772d0000 0x23000 5.01.2600.5826 c:\windows\system32\wkssvc.dll
    0x76740000 0x13000 5.01.2600.5512 c:\windows\system32\NTDSAPI.dll
    0x76f80000 0x7f000 2001.12.4414.0700 C:\windows\system32\CLBCATQ.DLL
    0x77000000 0xd4000 2001.12.4414.0700 C:\windows\system32\COMRes.dll
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x7d500000 0x27000 5.01.2600.5886 C:\windows\System32\rastls.dll
    0x76610000 0x84000 5.131.2600.5512 C:\windows\system32\CRYPTUI.dll
    0x404a0000 0xe6000 8.00.6001.18939 C:\windows\system32\WININET.dll
    0x015e0000 0x9000 6.00.5441.0000 C:\windows\system32\Normaliz.dll
    0x45180000 0x133000 8.00.6001.18939 C:\windows\system32\urlmon.dll
    0x40b40000 0x1e8000 8.00.6001.18939 C:\windows\system32\iertutil.dll
    0x76be0000 0x2e000 5.131.2600.5922 C:\windows\system32\WINTRUST.dll
    0x76c40000 0x28000 5.01.2600.5512 C:\windows\system32\IMAGEHLP.dll
    0x76cf0000 0x18000 5.01.2600.5512 C:\windows\system32\MPRAPI.dll
    0x77c90000 0x32000 5.01.2600.5512 C:\windows\system32\ACTIVEDS.dll
    0x76dc0000 0x25000 5.01.2600.5512 C:\windows\system32\adsldpc.dll
    0x778e0000 0xf8000 5.01.2600.5512 C:\windows\system32\SETUPAPI.dll
    0x76e90000 0x3c000 5.01.2600.5512 C:\windows\system32\RASAPI32.dll
    0x76e40000 0x12000 5.01.2600.5512 C:\windows\system32\rasman.dll
    0x76e60000 0x2f000 5.01.2600.5512 C:\windows\system32\TAPI32.dll
    0x76790000 0x28000 5.01.2600.6006 C:\windows\system32\SCHANNEL.dll
    0x72340000 0x1c000 5.01.2600.5512 C:\windows\system32\WinSCard.dll
    0x76ba0000 0xb000 5.01.2600.5512 C:\windows\system32\PSAPI.DLL
    0x76cc0000 0x12000 5.01.2600.5512 c:\windows\system32\cryptsvc.dll
    0x752c0000 0x33000 5.01.2600.5512 c:\windows\system32\certcli.dll
    0x75000000 0x1a000 5.01.2600.5512 c:\windows\system32\srvsvc.dll
    0x76c90000 0x16000 5.01.2600.5886 C:\windows\System32\raschap.dll
    0x77cd0000 0x33000 5.01.2600.5512 c:\windows\system32\netman.dll
    0x76390000 0x1a9000 5.01.2600.5512 c:\windows\system32\netshell.dll
    0x76bb0000 0x2f000 5.01.2600.5512 c:\windows\system32\credui.dll
    0x72640000 0x6000 5.01.2600.5512 c:\windows\system32\dot3dlg.dll
    0x73990000 0x28000 5.01.2600.5512 c:\windows\system32\OneX.DLL
    0x6da60000 0x22000 5.01.2600.5512 c:\windows\system32\eappcfg.dll
    0x200e0000 0xe000 5.01.2600.5512 c:\windows\system32\eappprxy.dll
    0x72f80000 0x10000 5.01.2600.5512 c:\windows\system32\WZCSAPI.DLL
    0x74eb0000 0xc000 5.01.2600.5512 c:\windows\pchealth\helpctr\binaries\pchsvc.dll
    0x75110000 0x2e000 5.01.2600.5512 c:\windows\system32\srsvc.dll
    0x74a40000 0x8000 6.00.2900.5512 c:\windows\system32\POWRPROF.dll
    0x4f0b0000 0x28000 5.01.2600.5512 c:\windows\system32\wbem\wmisvc.dll
    0x75350000 0x6d000 5.01.2600.5512 C:\windows\system32\VSSAPI.DLL
    0x77c40000 0x25000 5.01.2600.5876 C:\windows\system32\msv1_0.dll
    0x76730000 0xc000 5.01.2600.5512 C:\windows\system32\cryptdll.dll
    0x66890000 0x56000 5.01.2600.5512 c:\windows\system32\ipnathlp.dll
    0x77680000 0x12000 5.01.2600.5512 c:\windows\system32\AUTHZ.dll
    0x72f50000 0x26000 5.01.2600.5512 C:\windows\system32\winspool.drv
    0x76d90000 0x16000 5.01.2600.5512 c:\windows\system32\browser.dll
    0x75200000 0x37000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wbemcomn.dll
    0x76250000 0x85000 5.01.2600.5512 C:\windows\System32\Wbem\wbemcore.dll
    0x75280000 0x3f000 5.01.2600.5512 C:\windows\System32\Wbem\esscli.dll
    0x75610000 0x76000 5.01.2600.5755 C:\windows\System32\Wbem\FastProx.dll
    0x74f90000 0x1c000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wmiutils.dll
    0x75170000 0x2f000 5.01.2600.5512 C:\WINDOWS\system32\wbem\repdrvfs.dll
    0x41d50000 0x72000 5.01.2600.5755 C:\WINDOWS\system32\wbem\wmiprvsd.dll
    0x5fb00000 0xc000 5.01.2600.5512 C:\windows\system32\NCObjAPI.DLL
    0x75300000 0x46000 5.01.2600.5512 C:\WINDOWS\system32\wbem\wbemess.dll
    0x75570000 0x9d000 5.01.2600.5512 C:\WINDOWS\system32\netcfgx.dll
    0x76d50000 0x12000 5.01.2600.5512 C:\WINDOWS\system32\CLUSAPI.dll
    0x7def0000 0x32000 5.01.2600.5512 C:\windows\system32\rasmans.dll
    0x72240000 0xd000 5.01.2600.5512 C:\windows\system32\Sens.dll
    0x742d0000 0xb000 5.01.2600.5512 C:\windows\system32\WINIPSEC.DLL
    0x5fad0000 0xe000 5.01.2600.5512 C:\WINDOWS\system32\wbem\ncprov.dll
    ------------------------------------------------------------------------------
    svchost.exe pid: 1384
    Command line: C:\windows\system32\svchost.exe -k NetworkService
    Base Size Version Path
    0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x76710000 0xd000 5.01.2600.5512 c:\windows\system32\dnsrslvr.dll
    0x76ed0000 0x27000 5.01.2600.5625 c:\windows\system32\DNSAPI.dll
    0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll
    0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
    0x68000000 0x36000 5.01.2600.5507 C:\windows\system32\rsaenh.dll
    0x71990000 0x40000 5.01.2600.5625 C:\windows\system32\mswsock.dll
    0x62e40000 0x59000 5.01.2600.5512 C:\windows\system32\hnetcfg.dll
    0x719d0000 0x8000 5.01.2600.5512 C:\windows\System32\wshtcpip.dll
    ------------------------------------------------------------------------------
    svchost.exe pid: 1556
    Command line: C:\windows\system32\svchost.exe -k LocalService
    Base Size Version Path
    0x01000000 0x6000 5.01.2600.5512 C:\windows\system32\svchost.exe
    0x7c910000 0xb9000 5.01.2600.5755 C:\windows\system32\ntdll.dll
    0x7c800000 0x106000 5.01.2600.5781 C:\windows\system32\kernel32.dll
    0x77da0000 0xac000 5.01.2600.5755 C:\windows\system32\ADVAPI32.dll
    0x77e50000 0x93000 5.01.2600.6015 C:\windows\system32\RPCRT4.dll
    0x77fc0000 0x11000 5.01.2600.5834 C:\windows\system32\Secur32.dll
    0x5cea0000 0x26000 5.01.2600.5512 C:\windows\system32\ShimEng.dll
    0x595b0000 0x1ca000 5.01.2600.5512 C:\windows\AppPatch\AcGenral.DLL
    0x7e390000 0x91000 5.01.2600.5512 C:\windows\system32\USER32.dll
    0x77ef0000 0x49000 5.01.2600.5698 C:\windows\system32\GDI32.dll
    0x76ae0000 0x2f000 5.01.2600.5512 C:\windows\system32\WINMM.dll
    0x774a0000 0x13d000 5.01.2600.5512 C:\windows\system32\ole32.dll
    0x77be0000 0x58000 7.00.2600.5512 C:\windows\system32\msvcrt.dll
    0x770e0000 0x8b000 5.01.2600.5512 C:\windows\system32\OLEAUT32.dll
    0x77bb0000 0x15000 5.01.2600.5512 C:\windows\system32\MSACM32.dll
    0x77bd0000 0x8000 5.01.2600.5512 C:\windows\system32\VERSION.dll
    0x7c9d0000 0x825000 6.00.2900.6018 C:\windows\system32\SHELL32.dll
    0x77f40000 0x76000 6.00.2900.5912 C:\windows\system32\SHLWAPI.dll
    0x76960000 0xb6000 5.01.2600.5512 C:\windows\system32\USERENV.dll
    0x5b090000 0x38000 6.00.2900.5512 C:\windows\system32\UxTheme.dll
    0x76320000 0x1d000 5.01.2600.5512 C:\windows\system32\IMM32.DLL
    0x77390000 0x103000 6.00.2900.5512 C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    0x58b50000 0x9a000 5.82.2900.5512 C:\windows\system32\comctl32.dll
    0x77650000 0x21000 5.01.2600.5512 C:\windows\system32\NTMARTA.DLL
    0x71b50000 0x13000 5.01.2600.5512 C:\windows\system32\SAMLIB.dll
    0x76f10000 0x2d000 5.01.2600.5512 C:\windows\system32\WLDAP32.dll
    0x00630000 0x2da000 5.01.2600.5512 C:\windows\system32\xpsp2res.dll
    0x74bb0000 0x6000 5.01.2600.5512 c:\windows\system32\lmhsvc.dll
    0x76d10000 0x19000 5.01.2600.5512 c:\windows\system32\iphlpapi.dll
    0x719f0000 0x17000 5.01.2600.5512 c:\windows\system32\WS2_32.dll
    0x719e0000 0x8000 5.01.2600.5512 c:\windows\system32\WS2HELP.dll

    No matching processes were found.

    ¤¤¤¤¤¤¤¤¤¤¤ Ports ¤¤¤¤¤¤¤¤¤¤

    Pid Process Port Proto Path
    1156 -> 135 TCP
    4 System -> 139 TCP
    4 System -> 445 TCP
    1156 -> 445 UDP
    4 System -> 137 UDP
    4 System -> 138 UDP

    ¤¤¤¤¤¤¤¤¤¤ Boot Execute ¤¤¤¤¤¤¤¤¤¤

    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    autocheck autochk *
    autocheck autochk *
    Utilitaire de vérification automatique
    Microsoft Corporation
    5.01.2600.5512
    c:\windows\system32\autochk.exe
    b16ccbf66bf41f994d2810cc2299d9d6 (MD5)
    1ca550976a0a04527ba38312ffc87b0e083e5f31 (SHA-1)
    72a10210863995896fdd1725f072967961ffd41926c099634ff3bc99bbd65b4f (SHA-256)

    ¤¤¤¤¤¤¤¤¤¤ LSA | Security Providers ¤¤¤¤¤¤¤¤¤¤

    HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
    msapsspc.dll
    msapsspc.dll
    Client DPA pour plate-forme 32 bit
    Microsoft Corporation
    6.00.0000.7755
    c:\windows\system32\msapsspc.dll
    9b5b153f4d0d5cb14d9865435182bd70 (MD5)
    81f2fa4984c6dd3b9bca38d5c348343062d90815 (SHA-1)
    5dbbbb5c1e4b0ffe1fedb6bcacc6693c835948deec967f5e412329a02b799d5f (SHA-256)
    schannel.dll
    schannel.dll
    TLS / SSL Security Provider
    Microsoft Corporation
    5.01.2600.6006
    c:\windows\system32\schannel.dll
    6e11d1dd3943e986fc05919813d38ae9 (MD5)
    ecd1e59eb81f3585f391757f27e891a8038e705e (SHA-1)
    304b7d55e9082733350f8d92d5a587068a8335764347e71f400044b4af9d3c4d (SHA-256)
    digest.dll
    digest.dll
    Package d'authentification Digest SSPI
    Microsoft Corporation
    6.00.2900.5512
    c:\windows\system32\digest.dll
    6cc5c1dac782a63bbc18afc1a23acb68 (MD5)
    a71acf37920ee69a9b6ad859c9bcd713826cf598 (SHA-1)
    31a5cabdbd646bb97d75118c738229d440020a99301d3a0552210630ad8bb431 (SHA-256)
    msnsspc.dll
    msnsspc.dll
    Accès MSN Internet
    Microsoft Corporation
    6.01.1825.0000
    c:\windows\system32\msnsspc.dll
    25f3fbfb7cbc160674b1ac246fd13dc0 (MD5)
    223431b21e851cd14c1cf0ab1fbec16d1aa86518 (SHA-1)
    ffaa55260dd1c2989508910b0470997ef9c868eb578f4a2b10e187de59fe35e7 (SHA-256)

    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
    msv1_0
    msv1_0
    Microsoft Authentication Package v1.0
    Microsoft Corporation
    5.01.2600.5876
    c:\windows\system32\msv1_0.dll
    2921bbeab3eb2a09e7cbc7cae2a18110 (MD5)
    c049c6d3536f7168824270ddc72f6e201bcf03eb (SHA-1)
    ed20c345ba0fd88ff5f30247d8c61484a8f36196da644ba7f1f27b3c0270d3c4 (SHA-256)

    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
    scecli
    scecli
    Moteur du client de l'Éditeur de configuration de sécurité Windows
    Microsoft Corporation
    5.01.2600.5512
    c:\windows\system32\scecli.dll
    973b36634c544948c663e8269aa1b3a3 (MD5)
    eae992c87e70dfdcdcd615624e80438e03f42f54 (SHA-1)
    ad2c0561d4248c29e71dbffe5ecca1b1d061d2339773e1b54857f6d57970fe80 (SHA-256)

    HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
    kerberos
    kerberos
    Kerberos Security Package
    Microsoft Corporation
    5.01.2600.5834
    c:\windows\system32\kerberos.dll
    14e7cfebe8a6241a288182f13b3e33a9 (MD5)
    7b52bdf770244bca686f56b87856c9677bfb90b9 (SHA-1)
    1bb7db40d13047b39a97f19b8e7f9beaa1a883bb293201f15f5accdb6b5bbcd4 (SHA-256)
    msv1_0
    msv1_0
    Microsoft Authentication Package v1.0
    Microsoft Corporation
    5.01.2600.5876
    c:\windows\system32\msv1_0.dll
    2921bbeab3eb2a09e7cbc7cae2a18110 (MD5)
    c049c6d3536f7168824270ddc72f6e201bcf03eb (SHA-1)
    ed20c345ba0fd88ff5f30247d8c61484a8f36196da644ba7f1f27b3c0270d3c4 (SHA-256)
    schannel
    schannel
    TLS / SSL Security Provider
    Microsoft Corporation
    5.01.2600.6006
    c:\windows\system32\schannel.dll
    6e11d1dd3943e986fc05919813d38ae9 (MD5)
    ecd1e59eb81f3585f391757f27e891a8038e705e (SHA-1)
    304b7d55e9082733350f8d92d5a587068a8335764347e71f400044b4af9d3c4d (SHA-256)
    wdigest
    wdigest
    Microsoft Digest Access
    Microsoft Corporation
    5.01.2600.5834
    c:\windows\system32\wdigest.dll
    a3d1365c368971fa7d1cbb35d88a2f46 (MD5)
    77f95987bc18db143675daa80449ecf1b1f4c81e (SHA-1)
    bdef87760e7ed74a913a2365213f5288eac39197a29dec813e15b0e2823cbf51 (SHA-256)

    ¤¤¤¤¤¤¤¤¤¤ Scheduled tasks ¤¤¤¤¤¤¤¤¤¤

    Task Scheduler
    HPpromotions HP Photosmart 370 Series.job
    C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe /N "HP Photosmart 370 Series" -r
    HPpromo
    hp
    5.00.0001.0004
    c:\program files\hp\digital imaging\bin\hpqwrg.exe
    f525d5e31385785a9d5309d0659b24b2 (MD5)
    12097ceeefefa4fc39134e8605b1654963092cb0 (SHA-1)
    2c4b9a716de0a6665a599ba1aac09b04ba28ff0e63a35082c901ee87fa8dbd80 (SHA-256)
    User_Feed_Synchronization-{FB8E4B1D-8CA7-449B-9055-43B7D6CA5098}.job
    C:\WINDOWS\system32\msfeedssync.exe sync
    Microsoft Feeds Synchronization
    Microsoft Corporation
    8.00.6001.18702
    c:\windows\system32\msfeedssync.exe
    fee2ba1ad38f457f418e82ea30724053 (MD5)
    7ba67318a83e01543dc455288191b6e6dd41047b (SHA-1)
    e4641a129d07f33901df4af9b234a7ee5ff6565e8414ee0ba755976da250a809 (SHA-256)

    ¤¤¤¤¤¤¤¤¤¤ Programs ¤¤¤¤¤¤¤¤¤¤

    Ad-Remover By C_XX
    Adobe Flash Player 10 ActiveX 10.1.82.76
    Adobe Flash Player 10 Plugin 10.0.45.2
    Adobe Reader 9 - Français 9.0.0
    Assistant de connexion Windows Live 5.000.818.6
    Attansic L1 Gigabit Ethernet Driver
    AutoUpdate 1.1
    BufferChm 43.1.5.000
    CCScore 6.02.1001.0001
    CCleaner (remove only)
    CMN
    Call of Duty(R) 4 - Modern Warfare(TM) Demo 1.00.0000
    Call of Duty(R) 4 - Modern Warfare(TM) Demo 1.00.0000
    Canon MP Navigator 2.0
    Canon MP450
    Canon Utilities Easy-PhotoPrint
    Cisco Systems VPN Client 5.0.00.0340 5.0.0
    Client Citrix Presentation Server - Web uniquement 10.200.2650
    Codeur Windows Media Série 9 9.00.2980
    Codeur Windows Media Série 9
    Correctif pour Lecteur Windows Media 11 (KB939683)
    Correctif pour Windows XP (KB2158563) 1
    Correctif pour Windows XP (KB952287) 1
    Correctif pour Windows XP (KB961118) 1
    Correctif pour Windows XP (KB970653-v3) 3
    Correctif pour Windows XP (KB979306) 1
    Correctif pour Windows XP (KB981793) 1
    CreativeProjects 43.1.5.000
    CreativeProjectsTemplates 43.1.5.000
    CueTour 43.1.5.000
    DVD Shrink 3.2
    Destinations 43.1.5.000
    DiMAGE Viewer
    Director 43.1.5.000
    DivX Codec 6.8.5
    DivX Converter Mobile 1.0.0
    DivX Player 6.8.2
    DivX Web Player 1.4.2
    Dongle Sagem 703
    EAX4 Unified Redist 4.001
    ESSBrwr 6.04.0000.0001
    ESSCDBK 6.04.0000.0001
    ESSPCD 6.04.0000.0001
    ESSPDock 6.03.0001.0004
    ESSSONIC 6.4.0000.0001
    ESSTOOLS 5.00.0000.0004
    ESScore 6.04.0000.0003
    ESSgui 6.04.0000.0001
    ESSini 6.04.0000.0001
    EVEREST Home Edition v2.20 2.20
    Easy-WebPrint
    Extension de Windows Live Toolbar (Windows Live Toolbar) 03.01.0146
    Freeplayer 20070531
    Galerie de photos Windows Live 14.0.8081.709
    Google Toolbar for Internet Explorer
    HP Diagnostic Assistant 1.0.0.0
    HP Image Zone 4.0 4.0
    HP Software Update 2.0.39.20040212
    HPSystemDiagnostics 1.5.0.0
    HPpromotions 1.00.0000
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB915800-v4) 4
    Hotfix for Windows XP (KB954550-v5) 5
    Hotfix for Windows XP (KB976002-v5) 5
    IZArc 3.81 3.81 Build 1550
    Installation Windows Live 14.0.8089.726
    Installation Windows Live 14.0.8089.0726
    InstantShare 4.0.0.40
    Java(TM) 6 Update 15 6.0.150
    Java(TM) 6 Update 4 1.6.0.40
    Java(TM) 6 Update 7 1.6.0.70
    Junk Mail filter update 14.0.8089.726
    K-Lite Codec Pack 4.1.7 (Full) 4.1.7
    LG Bluetooth Drivers 1.0
    LG MC USB U330 driver 1.0.0.0000
    LG PC Suite III 1.0.0.0
    LG PC Suite III 1.0.0.0
    LG USB Modem driver 4.9.4
    Labtec WebCam 8.17.0000
    Lecteur Windows Media 11
    LimeWire 5.5.14 5.5.14
    List_Kill'em
    MSN
    MSVCRT 14.0.1468.721
    MSXML 4.0 SP2 (KB936181) 4.20.9848.0
    MSXML 4.0 SP2 (KB954430) 4.20.9870.0
    MSXML 4.0 SP2 (KB973688) 4.20.9876.0
    Malwarebytes' Anti-Malware
    Menus intelligents (Windows Live Toolbar) 03.01.0146
    Microsoft .NET Framework 1.1 1.1.4322
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 French Language Pack 1.1.4322
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA 2.2.30729
    Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA 3.2.30729
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra 3.5.30729
    Microsoft .NET Framework 3.5 SP1 3.5.30729
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting 12.0.6012.5000
    Microsoft Choice Guard 2.0.48.0
    Microsoft Compression Client Pack 1.0 for Windows XP 1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (French) 2007 12.0.6425.1000
    Microsoft Office Excel MUI (French) 2007 12.0.6425.1000
    Microsoft Office InfoPath MUI (French) 2007 12.0.6425.1000
    Microsoft Office Live Add-in 1.3 2.0.2313.0
    Microsoft Office Outlook Connector 12.0.6423.1000
    Microsoft Office Outlook MUI (French) 2007 12.0.6425.1000
    Microsoft Office PowerPoint MUI (French) 2007 12.0.6425.1000
    Microsoft Office Professional Plus 2007 12.0.6425.1000
    Microsoft Office Professional Plus 2007 12.0.6425.1000
    Microsoft Office Proof (Arabic) 2007 12.0.6425.1000
    Microsoft Office Proof (Dutch) 2007 12.0.6425.1000
    Microsoft Office Proof (English) 2007 12.0.6425.1000
    Microsoft Office Proof (French) 2007 12.0.6425.1000
    Microsoft Office Proof (German) 2007 12.0.6425.1000
    Microsoft Office Proof (Spanish) 2007 12.0.6425.1000
    Microsoft Office Proofing (French) 2007 12.0.4518.1014
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (French) 2007 12.0.6425.1000
    Microsoft Office Shared MUI (French) 2007 12.0.6425.1000
    Microsoft Office Word MUI (French) 2007 12.0.6425.1000
    Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
    Microsoft Search Enhancement Pack 1.3.59.0
    Microsoft Silverlight 4.0.50917.0
    Microsoft Software Update for Web Folders (French) 12 12.0.6425.1000
    Microsoft Sync Framework Runtime Native v1.0 (x86) 1.0.1215.0
    Microsoft Sync Framework Services Native v1.0 (x86) 1.0.1215.0
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable 8.0.56336
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)
    Mise à jour de sécurité pour Lecteur Windows Media (KB975558)
    Mise à jour de sécurité pour Lecteur Windows Media (KB978695)
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) 2
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) 1
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260) 1
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2183461) 1
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) 1
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) 1
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332) 1
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381) 1
    Mise à jour de sécurité pour Windows XP (KB2079403) 1
    Mise à jour de sécurité pour Windows XP (KB2115168) 1
    Mise à jour de sécurité pour Windows XP (KB2121546) 1
    Mise à jour de sécurité pour Windows XP (KB2160329) 1
    Mise à jour de sécurité pour Windows XP (KB2229593) 1
    Mise à jour de sécurité pour Windows XP (KB2259922) 1
    Mise à jour de sécurité pour Windows XP (KB2286198) 1
    Mise à jour de sécurité pour Windows XP (KB2347290) 1
    Mise à jour de sécurité pour Windows XP (KB923561) 1
    Mise à jour de sécurité pour Windows XP (KB923789)
    Mise à jour de sécurité pour Windows XP (KB938464) 1
    Mise à jour de sécurité pour Windows XP (KB941569)
    Mise à jour de sécurité pour Windows XP (KB946648) 1
    Mise à jour de sécurité pour Windows XP (KB950762) 1
    Mise à jour de sécurité pour Windows XP (KB950974) 1
    Mise à jour de sécurité pour Windows XP (KB951066) 1
    Mise à jour de sécurité pour Windows XP (KB951376-v2) 2
    Mise à jour de sécurité pour Windows XP (KB951698) 1
    Mise à jour de sécurité pour Windows XP (KB951748) 1
    Mise à jour de sécurité pour Windows XP (KB952004) 1
    Mise à jour de sécurité pour Windows XP (KB952954) 1
    Mise à jour de sécurité pour Windows XP (KB953839) 1
    Mise à jour de sécurité pour Windows XP (KB954211) 1
    Mise à jour de sécurité pour Windows XP (KB954459) 1
    Mise à jour de sécurité pour Windows XP (KB954600) 1
    Mise à jour de sécurité pour Windows XP (KB955069) 1
    Mise à jour de sécurité pour Windows XP (KB956391) 1
    Mise à jour de sécurité pour Windows XP (KB956572) 1
    Mise à jour de sécurité pour Windows XP (KB956744) 1
    Mise à jour de sécurité pour Windows XP (KB956802) 1
    Mise à jour de sécurité pour Windows XP (KB956803) 1
    Mise à jour de sécurité pour Windows XP (KB956841) 1
    Mise à jour de sécurité pour Windows XP (KB956844) 1
    Mise à jour de sécurité pour Windows XP (KB957095) 1
    Mise à jour de sécurité pour Windows XP (KB957097) 1
    Mise à jour de sécurité pour Windows XP (KB958644) 1
    Mise à jour de sécurité pour Windows XP (KB958687) 1
    Mise à jour de sécurité pour Windows XP (KB958690) 1
    Mise à jour de sécurité pour Windows XP (KB958869) 1
    Mise à jour de sécurité pour Windows XP (KB959426) 1
    Mise à jour de sécurité pour Windows XP (KB960225) 1
    Mise à jour de sécurité pour Windows XP (KB960715) 1
    Mise à jour de sécurité pour Windows XP (KB960803) 1
    Mise à jour de sécurité pour Windows XP (KB960859) 1
    Mise à jour de sécurité pour Windows XP (KB961371) 1
    Mise à jour de sécurité pour Windows XP (KB961373) 1
    Mise à jour de sécurité pour Windows XP (KB961501) 1
    Mise à jour de sécurité pour Windows XP (KB968537) 1
    Mise à jour de sécurité pour Windows XP (KB969059) 1
    Mise à jour de sécurité pour Windows XP (KB969898) 1
    Mise à jour de sécurité pour Windows XP (KB969947) 1
    Mise à jour de sécurité pour Windows XP (KB970238) 1
    Mise à jour de sécurité pour Windows XP (KB970430) 1
    Mise à jour de sécurité pour Windows XP (KB971468) 1
    Mise à jour de sécurité pour Windows XP (KB971557) 1
    Mise à jour de sécurité pour Windows XP (KB971633) 1
    Mise à jour de sécurité pour Windows XP (KB971657) 1
    Mise à jour de sécurité pour Windows XP (KB972270) 1
    Mise à jour de sécurité pour Windows XP (KB973346) 1
    Mise à jour de sécurité pour Windows XP (KB973354) 1
    Mise à jour de sécurité pour Windows XP (KB973507) 1
    Mise à jour de sécurité pour Windows XP (KB973869) 1
    Mise à jour de sécurité pour Windows XP (KB973904) 1
    Mise à jour de sécurité pour Windows XP (KB974112) 1
    Mise à jour de sécurité pour Windows XP (KB974318) 1
    Mise à jour de sécurité pour Windows XP (KB974392) 1
    Mise à jour de sécurité pour Windows XP (KB974571) 1
    Mise à jour de sécurité pour Windows XP (KB975025) 1
    Mise à jour de sécurité pour Windows XP (KB975467) 1
    Mise à jour de sécurité pour Windows XP (KB975560) 1
    Mise à jour de sécurité pour Windows XP (KB975561) 1
    Mise à jour de sécurité pour Windows XP (KB975562) 1
    Mise à jour de sécurité pour Windows XP (KB975713) 1
    Mise à jour de sécurité pour Windows XP (KB977816) 1
    Mise à jour de sécurité pour Windows XP (KB977914) 1
    Mise à jour de sécurité pour Windows XP (KB978037) 1
    Mise à jour de sécurité pour Windows XP (KB978262) 1
    Mise à jour de sécurité pour Windows XP (KB978338) 1
    Mise à jour de sécurité pour Windows XP (KB978542) 1
    Mise à jour de sécurité pour Windows XP (KB978601) 1
    Mise à jour de sécurité pour Windows XP (KB978706) 1
    Mise à jour de sécurité pour Windows XP (KB979309) 1
    Mise à jour de sécurité pour Windows XP (KB979482) 1
    Mise à jour de sécurité pour Windows XP (KB979559) 1
    Mise à jour de sécurité pour Windows XP (KB979683) 1
    Mise à jour de sécurité pour Windows XP (KB980195) 1
    Mise à jour de sécurité pour Windows XP (KB980218) 1
    Mise à jour de sécurité pour Windows XP (KB980232) 1
    Mise à jour de sécurité pour Windows XP (KB980436) 1
    Mise à jour de sécurité pour Windows XP (KB981322) 1
    Mise à jour de sécurité pour Windows XP (KB981852) 1
    Mise à jour de sécurité pour Windows XP (KB981997) 1
    Mise à jour de sécurité pour Windows XP (KB982214) 1
    Mise à jour de sécurité pour Windows XP (KB982665) 1
    Mise à jour de sécurité pour Windows XP (KB982802) 1
    Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
    Mise à jour de sécurité pour le Codeur Windows Media (KB979332)
    Mise à jour pour Windows Internet Explorer 8 (KB972636) 1
    Mise à jour pour Windows Internet Explorer 8 (KB976662) 1
    Mise à jour pour Windows Internet Explorer 8 (KB980182) 1
    Mise à jour pour Windows XP (KB2141007) 1
    Mise à jour pour Windows XP (KB898461) 1
    Mise à jour pour Windows XP (KB951072-v2) 2
    Mise à jour pour Windows XP (KB951978) 1
    Mise à jour pour Windows XP (KB955759) 1
    Mise à jour pour Windows XP (KB955839) 1
    Mise à jour pour Windows XP (KB961503) 1
    Mise à jour pour Windows XP (KB967715) 1
    Mise à jour pour Windows XP (KB968389) 1
    Mise à jour pour Windows XP (KB971737) 1
    Mise à jour pour Windows XP (KB973687) 1
    Mise à jour pour Windows XP (KB973815) 1
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    Moovida 1.00.0000
    Moovida 2.0.9
    NVIDIA Drivers
    Nero 7 Essentials 7.02.4861
    OfotoXMI 6.04.0000.0001
    OmniPage SE 2.0 2.00.0004
    OpenMG Limited Patch 4.1-05-13-31-01
    OpenMG Secure Module 4.1.00 4.1.00.13261
    OpenMG Secure Module 4.1.00 4.1.00.13261
    OpenOffice.org 2.4 2.4.9310
    Outil de téléchargement Windows Live 14.0.8014.1029
    Overland 2.1.5
    PGameScan 0.90.3
    PS370 1.00.0000
    PSPrinters06 1.00.0000
    PhotoGallery 43.1.5.000
    Photosmart 320,370,7400,8100,8400 Series (fra) 2.0
    Platform 1.27
    PrintScreen 43.1.5.000
    Programme de gestion Camera de Logitech®
    PunkBuster Services 0.986
    QFolder 1.00.0000
    QuickProjects 43.1.5.000
    QuickTime 7.2.0.240
    Realtek High Definition Audio Driver 5.10.0.5294
    SFR 6.04.0000.0001
    SHASTA 6.04.0000.0001
    SKINXSDK 6.02.1001.0001
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for CAPICOM (KB931906) 2.1.0.2
    Security Update for CAPICOM (KB931906) 2.1.0.2
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office Outlook 2007 (KB2288953)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office Publisher 2007 (KB982124)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Windows Search 4 - KB963093
    Segoe UI 14.0.4327.805
    SkinsHP1 43.1.5.000
    SmartSound Quicktracks Plugin 3.0.2.7
    SmartSound Quicktracks Plugin 3.0.2.7
    SonicStage 3.0 3.0
    Spybot - Search & Destroy 1.6.0
    SuperCopier2
    Surligneur (Windows Live Toolbar) 03.01.0146
    TomTom HOME 2.7.6.2056 2.7.6.2056
    TomTom HOME Visual Studio Merge Modules 1.0.2
    TrayApp 43.1.5.000
    Ulead VideoStudio 10 10.0
    Unload 4.0.0
    Unreal Tournament G.O.T.Y. Edition
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1
    Update for Outlook 2007 Junk Email Filter (kb2291599)
    VIA Gestionnaire de périphériques de plate-forme 1.27
    VPRINTOL 6.04.0000.0001
    VirginMega.Fr Premium 1.00.0008
    WD FAT32 Formatter 1.0.1
    WIRELESS 6.04.0000.0001
    WebFldrs XP 9.50.7523
    WebReg 43.1.5.000
    WinRAR archiver
    Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7 20070813.185237
    Windows Internet Explorer 8 20090308.140743
    Windows Live Call 14.0.8064.0206
    Windows Live Communications Platform 14.0.8064.206
    Windows Live Contrôle parental 14.0.8093.805
    Windows Live Favorites pour Windows Live Toolbar 03.01.0146
    Windows Live FolderShare 14.0.8089.726
    Windows Live Mail
    Windows Live Mail 14.0.8089.0726
    Windows Live Messenger 14.0.8089.0726
    Windows Live OneCare safety scanner
    Windows Live Toolbar 14.0.8064.206
    Windows Live Writer 14.0.8089.0726
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Search 4.0 04.00.6001.503
    Windows XP Service Pack 3 20080413.144513
    XML Paper Specification Shared Components Language Pack 1.0
    XML Paper Specification Shared Components Pack 1.0
    Yahoo! Install Manager
    Yahoo! Toolbar
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up
    ZHPDiag 1.25 1.25
    avast! Free Antivirus 5.0.545.0
    eMule
    essvatgt 6.04.0000.0001
    fflink 6.02.1001.0001
    kgcbaby 5.03.0000.0002
    kgcbase 5.03.0000.0004
    kgchday 5.03.0000.0002
    kgchlwn 5.03.0000.0002
    kgcinvt 5.03.0000.0003
    kgckids 6.03.0001.0001
    kgcmove 6.03.0001.0001
    kgcvday 5.03.0000.0002
    netbrdg 6.04.0000.0001
    skin0001 6.04.0000.0004
    staticcr 6.04.0000.0005
    tooltips 6.04.0000.0001

    ¤¤¤¤¤¤¤¤¤¤ Drivers ¤¤¤¤¤¤¤¤¤¤

    a5246ed2586aa807af0bcf63165a71cc c:\windows\system32\drivers\aavmker4.sys
    e5e6dbfc41ea8aad005cb9a57a96b43b c:\windows\system32\drivers\acpi.sys
    e4abc1212b70bb03d35e60681c447210 c:\windows\system32\drivers\acpiec.sys
    ee7e0588072d196fc95486c23b8c6599 c:\windows\system32\drivers\adv01nt5.dll
    7043187713dbf552d749c6accbb23c4e c:\windows\system32\drivers\adv02nt5.dll
    f37bbf29cf0ec8c53fa14eac14679e1a c:\windows\system32\drivers\adv05nt5.dll
    4c2d5029d8bd503c6a3a8061782fc69d c:\windows\system32\drivers\adv07nt5.dll
    41e0f54f896ac2e891b87736d5778f3c c:\windows\system32\drivers\adv08nt5.dll
    26db5e53d36407180b60c66d96658e2b c:\windows\system32\drivers\adv09nt5.dll
    2a1106a5cc3d8f874158e19507634ddb c:\windows\system32\drivers\adv11nt5.dll
    8bed39e3c35d6a489438b8141717a557 c:\windows\system32\drivers\aec.sys
    7e775010ef291da96ad17ca4b17137d7 c:\windows\system32\drivers\afd.sys
    08fd04aa961bdc77fb983f328334e3d7 c:\windows\system32\drivers\agp440.sys
    03a7e0922acfe1b07d5db2eeb0773063 c:\windows\system32\drivers\agpcpq.sys
    cb08aed0de2dd889a8a820cd8082d83c c:\windows\system32\drivers\alim1541.sys
    95b4fb835e28aa1336ceeb07fd5b9398 c:\windows\system32\drivers\amdagp.sys
    c6c0f974ab7e825813f8e6b4e5581750 c:\windows\system32\drivers\amdk6.sys
    d3dabc57be6d456dfd4bc026cfa582ff c:\windows\system32\drivers\amdk7.sys
    033448d435e65c4bd72e70521fd05c76 c:\windows\system32\drivers\AmdPPM.sys
    b5b8a80875c1dededa8b02765642c32f c:\windows\system32\drivers\arp1394.sys
    d48659bb24c48345d926ecb45c1ebdf5 c:\windows\system32\drivers\ASACPI.sys
    c2a6683c9ff46aa70e2c2092b008edc7 c:\windows\system32\drivers\ASUSHWIO.SYS
    1b6ed99291ddf5d2501554cc5757aab6 c:\windows\system32\drivers\aswFsBlk.sys
    5ffe0c6a55930b77686535c070db408c c:\windows\system32\drivers\aswmon.sys
    81432b1a4b31036c822eb967decf613c c:\windows\system32\drivers\aswmon2.sys
    3e2b6112d2766f87eda8466fde86a986 c:\windows\system32\drivers\aswRdr.sys
    d78b644816db540e103d0b0766fd9967 c:\windows\system32\drivers\aswSP.sys
    606d731008d98b6ef946730c597c1642 c:\windows\system32\d
    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      tu as un rapport du nom de Kill'em.txt sur ton bureau poste le aussi ,
      0
  7. marlo
     
    ¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

    User : nom (Administrateurs)
    Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
    Start at: 21:29:05 | 01/10/2010

    AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local | 58,59 Go (8,59 Go free) | NTFS
    D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    Quarantined & Deleted !! : C:\Program Files\Ask.com
    Quarantined & Deleted !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Quarantined & Deleted !! : C:\windows\002566_.tmp
    Quarantined & Deleted !! : C:\windows\SET25.tmp
    Quarantined & Deleted !! : C:\windows\SET3.tmp
    Quarantined & Deleted !! : C:\windows\SET4.tmp
    Quarantined & Deleted !! : C:\windows\SET8.tmp

    Quarantined & Deleted !! : C:\windows\System32\drivers\etc\hosts.msn
    Quarantined & Deleted !! : C:\windows\System32\unrar.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
    Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc2.com
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc3.exe
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc4.lnk

    ¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

    Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
    Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
    Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
    Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
    Deleted : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
    Deleted : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}

    ¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    Local Page = C:\WINDOWS\system32\blank.htm
    Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://www.google.com/?gws_rd=ssl
    Local Page = C:\WINDOWS\system32\blank.htm
    Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

    ¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    FirstRunDisabled = 1 ()
    AntiVirusOverride = 0 (0x0)
    FirewallOverride = 0 (0x0)
    AntiVirusDisableNotify = 0 (0x0)
    FirewallDisableNotify = 0 (0x0)
    UpdatesDisableNotify = 0 (0x0)

    ¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤

    Ndisuio : Start = 3
    EapHost : Start = 2
    Ip6Fw : Start = 2
    SharedAccess : Start = 2
    wuauserv : Start = 2
    wscsvc : Start = 2

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    Disk Cleaned
    anti-ver blaster : OK
    Prefetch cleaned
    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    FEATURE_BROWSER_EMULATION | svchost :
    ====================================

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
    kernel: MBR read successfully
    user & kernel MBR OK

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  8. benurrr Messages postés 9766 Statut Contributeur sécurité 107
     
    relance Malwarebytes fait la mise a jour cette fois ci et refait un scan complet
    0
  9. marlo
     
    très bien c'est encours
    merci pour l'aide,
    ensuite que faut-il faire??
    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      apres malwarbyte

      Télécharge ici :

      http://images.malwareremoval.com/random/RSIT.exe

      random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

      Double-clique sur RSIT.exe afin de lancer RSIT.

      Clique Continue à l'écran Disclaimer.

      Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

      Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

      Poste le contenu de log.txt (<<qui sera affiché)
      ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

      NB : Les rapports sont sauvegardés dans le dossier C:\rsit


      Tutoriel pour t'aider

      https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm


      si le rapport ne passe pas sur le forum à cause de sa longeur envoie-le sur : cijoint

      http://www.cijoint.fr/

      fais parcourir ,

      puis envoie le fichier.
      0
  10. marlo
     
    ¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.0.8 ¤¤¤¤¤¤¤¤¤¤

    User : nom (Administrateurs)
    Update on 01/10/2010 by g3n-h@ckm@n ::::: 13.00
    Start at: 21:29:05 | 01/10/2010

    AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : avast! Antivirus 5.0.83886625 [ (!) Disabled | Updated ]

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local | 58,59 Go (8,59 Go free) | NTFS
    D:\ -> Disque fixe local | 131,31 Go (1,01 Go free) [Principal 200] | NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque amovible

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    Quarantined & Deleted !! : C:\Program Files\Ask.com
    Quarantined & Deleted !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Quarantined & Deleted !! : C:\windows\002566_.tmp
    Quarantined & Deleted !! : C:\windows\SET25.tmp
    Quarantined & Deleted !! : C:\windows\SET3.tmp
    Quarantined & Deleted !! : C:\windows\SET4.tmp
    Quarantined & Deleted !! : C:\windows\SET8.tmp

    Quarantined & Deleted !! : C:\windows\System32\drivers\etc\hosts.msn
    Quarantined & Deleted !! : C:\windows\System32\unrar.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Application Data\0371774.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\SHSetup.exe
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna4972086009889916554.dll
    Quarantined & Deleted !! : C:\Documents and Settings\nom\LOCAL Settings\Temp\jna8770808846093814997.dll
    Quarantined & Deleted !! : C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\SuggestedSites.dat
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc2.com
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc3.exe
    Deleted !! : C:\RECYCLER\S-1-5-21-1715567821-790525478-839522115-1004\Dc4.lnk

    ¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

    Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar : {66886C4D-B307-4ECA-A228-52CA9B9851A4}
    Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {D4027C7F-154A-4066-A1AD-4243D8127440}
    Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
    Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
    Deleted : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
    Deleted : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}

    ¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    Local Page = C:\WINDOWS\system32\blank.htm
    Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    Start Page = https://www.google.com/?gws_rd=ssl
    Local Page = C:\WINDOWS\system32\blank.htm
    Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

    ¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    FirstRunDisabled = 1 ()
    AntiVirusOverride = 0 (0x0)
    FirewallOverride = 0 (0x0)
    AntiVirusDisableNotify = 0 (0x0)
    FirewallDisableNotify = 0 (0x0)
    UpdatesDisableNotify = 0 (0x0)

    ¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤

    Ndisuio : Start = 3
    EapHost : Start = 2
    Ip6Fw : Start = 2
    SharedAccess : Start = 2
    wuauserv : Start = 2
    wscsvc : Start = 2

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    Disk Cleaned
    anti-ver blaster : OK
    Prefetch cleaned
    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    FEATURE_BROWSER_EMULATION | svchost :
    ====================================

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
    kernel: MBR read successfully
    user & kernel MBR OK

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    Fichier(s) infecté(s):
    C:\Documents and Settings\nom\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      c'est malwarbyte que j'attend
      0
  11. benurrr Messages postés 9766 Statut Contributeur sécurité 107
     
    tu peut poster le rapport stp

    peut-être qu'il y'a des residues

    Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
    Mais C.. de penser que ­tu es libre...Merci a australe13
    0