Soucis .
HnRRrr
-
Marou81 Messages postés 4472 Statut Membre -
Marou81 Messages postés 4472 Statut Membre -
Bonjour, voilà voilà .
Dernièrement j'ai chopé un truc sur ma bécane . un trojan ou un spy je sais pas .
J'ai lancé des scan avec Antivir pro' et malwarebytes plus un coups de spywareterminator .
Et j'aimerais avoir votre avis par raport a mon Random's System Information Tool (RSIT)
Logfile of random's system information tool 1.09 (written by random/random)
Run by HnRRrr at 2014-01-24 22:09:21
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 12 GB (5%) free of 269 GB
Total RAM: 2047 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:40, on 24/01/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\G35\G35.exe
C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE
C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Overwolf\Overwolf.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Razer\Razer Game Booster\gbtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\HnRRrr\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\HnRRrr.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=Userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Logitech G35] C:\Program Files\Logitech\G35\G35.exe
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [GB_UPDATE] C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe/AUTORUN
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Documents and Settings\HnRRrr\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Protection e-mail (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf - C:\Program Files\Overwolf\OverwolfUpdater.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 11000 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RunOW.job
C:\WINDOWS\tasks\WGASetup.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HnRRrr\Application Data\Mozilla\Firefox\Profiles\pn34ahvn.default
prefs.js - "browser.startup.homepage" - "google.fr"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Module iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gametap.com/npdd,version=1.0]
"Description"=Downloader Detector
"Path"=C:\Program Files\Downloader\npdd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java(TM) Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java(TM) Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin]
"Description"=Arc PlayNow plugin for Mozilla browsers
"Path"=C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Documents and Settings\HnRRrr\Application Data\Mozilla\Firefox\Profiles\pn34ahvn.default\extensions\
***@***
***@***
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}]
ArcPluginIEBHO Class - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2013-09-26 108904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2008-08-29 380928]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-10-01 348664]
"Logitech G35"=C:\Program Files\Logitech\G35\G35.exe [2010-10-05 1811800]
"RoccatIsku"=C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2011-07-12 536576]
"RoccatKova+"=C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2011-03-17 539688]
""= []
"Razer Synapse"=C:\Program Files\Razer\Synapse\RzSynapse.exe [2013-07-23 606056]
"GB_UPDATE"=C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05 2051688]
"APSDaemon"=C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Aeria Ignite"=C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [2013-06-06 1925656]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS SmartDoctor"=C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2008-12-18 1175552]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Spotify Web Helper"=C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe [2013-07-19 1104384]
"Spotify"=C:\Documents and Settings\HnRRrr\Application Data\Spotify\Spotify.exe [2013-07-19 4640768]
"Akamai NetSession Interface"=C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe [2013-06-05 4489472]
"Overwolf"=C:\Program Files\Overwolf\Overwolf.exe [2013-12-09 35768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-11-16 192512]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe"="D:\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe"="D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"D:\Steam\Steam.exe"="D:\Steam\Steam.exe:*:Enabled:Steam"
"D:\Steam\SteamApps\fhouh\counter-strike source\hl2.exe"="D:\Steam\SteamApps\fhouh\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\ManiaPlanet\ManiaPlanet.exe"="C:\Program Files\ManiaPlanet\ManiaPlanet.exe:*:Enabled:ManiaPlanet"
"D:\Steam\SteamApps\common\dota 2 test\dota.exe"="D:\Steam\SteamApps\common\dota 2 test\dota.exe:*:Enabled:Dota 2 Test"
"D:\Steam\SteamApps\common\dota 2 beta\dota.exe"="D:\Steam\SteamApps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe"="D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe:*:Enabled:Spiral Knights"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe"="D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe:*:Enabled:Borderlands 2"
"D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:Counter-Strike: Global Offensive"
"C:\Documents and Settings\HnRRrr\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\HnRRrr\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"
"C:\Program Files\Steam\SteamApps\fhouh\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\fhouh\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe"="C:\Program Files\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe:*:Enabled:Borderlands 2"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe"="C:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe:*:Enabled:Warframe"
"C:\Program Files\Steam\SteamApps\common\The War Z\Infestation.exe"="C:\Program Files\Steam\SteamApps\common\The War Z\Infestation.exe:*:Enabled:Infestation: Survivor Stories"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\SteamApps\common\The War Z\WarZlauncher.exe"="C:\Program Files\Steam\SteamApps\common\The War Z\WarZlauncher.exe:*:Enabled:Infestation: Survivor Stories"
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\HnRRrr\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\HnRRrr\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe"="C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe"="C:\Program Files\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe:*:Enabled:Dragon's Prophet (EU)"
"C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:Counter-Strike: Global Offensive"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.asv2"=asusasv2.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-01-24 22:09:50 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2014-01-24 22:09:48 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Spyware Terminator
2014-01-24 22:09:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2014-01-24 22:09:34 ----D---- C:\Program Files\Spyware Terminator
2014-01-24 22:09:23 ----D---- C:\Program Files\trend micro
2014-01-24 22:09:19 ----D---- C:\rsit
2014-01-23 18:11:21 ----A---- C:\WINDOWS\ntbtlog.txt
2014-01-23 14:38:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-23 14:27:18 ----A---- C:\WINDOWS\system32\drivers\48230029.sys
2014-01-23 13:02:48 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-01-23 12:59:52 ----HD---- C:\WINDOWS\PIF
2014-01-22 20:31:57 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Malwarebytes
2014-01-22 20:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-22 20:31:05 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-01-22 20:31:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-22 20:21:59 ----SHD---- C:\WINDOWS\system32\NwhXS1pm8SEa
2014-01-15 05:56:57 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\java.exe
2013-12-26 09:06:29 ----D---- C:\Documents and Settings\HnRRrr\Application Data\DofusBeta-3
======List of files/folders modified in the last 1 month======
2014-01-24 22:10:13 ----D---- C:\WINDOWS\Temp
2014-01-24 22:09:50 ----D---- C:\WINDOWS\system32\drivers
2014-01-24 22:09:34 ----RD---- C:\Program Files
2014-01-24 22:07:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-24 21:58:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-24 21:57:46 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Spotify
2014-01-24 21:57:31 ----SD---- C:\WINDOWS\Tasks
2014-01-24 21:51:01 ----D---- C:\WINDOWS\Prefetch
2014-01-24 21:48:18 ----D---- C:\WINDOWS\system32
2014-01-24 21:48:18 ----D---- C:\WINDOWS
2014-01-24 21:48:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-24 21:48:17 ----D---- C:\WINDOWS\system32\fr-fr
2014-01-24 21:48:15 ----HD---- C:\WINDOWS\inf
2014-01-24 21:48:15 ----D---- C:\WINDOWS\Help
2014-01-24 21:48:14 ----D---- C:\Program Files\Internet Explorer
2014-01-24 21:48:14 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2014-01-24 21:45:18 ----D---- C:\WINDOWS\ie8updates
2014-01-24 21:39:33 ----D---- C:\Documents and Settings\HnRRrr\Application Data\uTorrent
2014-01-23 19:01:31 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-23 18:51:23 ----D---- C:\Documents and Settings\HnRRrr\Application Data\TS3Client
2014-01-23 12:44:25 ----D---- C:\WINDOWS\msapps
2014-01-23 12:39:32 ----D---- C:\WINDOWS\system32\NtmsData
2014-01-21 15:48:29 ----D---- C:\Documents and Settings\HnRRrr\Application Data\vlc
2014-01-21 14:01:40 ----D---- C:\WINDOWS\Registration
2014-01-20 11:51:33 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Dofus2
2014-01-19 04:17:57 ----D---- C:\WINDOWS\system32\config
2014-01-18 17:09:32 ----D---- C:\Program Files\TERA
2014-01-17 21:43:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-01-16 08:08:14 ----SHD---- C:\WINDOWS\Installer
2014-01-16 08:06:58 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2014-01-15 05:56:39 ----D---- C:\Program Files\Java
2014-01-12 07:30:01 ----D---- C:\AeriaGames
2014-01-12 07:29:57 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2014-01-05 13:48:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-04 22:28:05 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Mumble
2013-12-26 09:28:41 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Dofus2Beta
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2008-08-29 11136]
R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2012-11-14 112584]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-10-01 137928]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-12-01 36000]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-10-01 83392]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2008-08-29 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-11-16 7874560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2012-11-14 92008]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 LADF_DHP2;G35 DHP2 Filter Driver; C:\WINDOWS\system32\DRIVERS\ladfDHP2i386.sys [2010-09-29 53976]
R3 LADF_SBVM;G35 SBVM Filter Driver; C:\WINDOWS\system32\DRIVERS\ladfSBVMi386.sys [2010-09-29 335064]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
R3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-12-15 26624]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2008-08-29 10752]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys []
S3 6fphip23a;6fphip23a; \??\C:\DOCUME~1\HnRRrr\LOCALS~1\Temp\j3b5r38ut.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Firewall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2012-10-01 619472]
R2 AntiVirMailService;Avira Protection e-mail; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2012-10-01 375760]
R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-10-01 86224]
R2 AntiVirService;Avira Protection temps réel; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-10-01 110032]
R2 AntiVirWebService;Avira Protection Web; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-10-01 465360]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-11-16 643072]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2008-08-29 262144]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2013-02-08 8704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-08-01 76888]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2013-10-22 587912]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 257928]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files\Overwolf\OverwolfUpdater.exe [2013-12-09 96184]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Sinon vous avez besoin de quoi que ce sois , d'autre , car j'aimerais avoir ma becane clean .
Merci les gens .
Dernièrement j'ai chopé un truc sur ma bécane . un trojan ou un spy je sais pas .
J'ai lancé des scan avec Antivir pro' et malwarebytes plus un coups de spywareterminator .
Et j'aimerais avoir votre avis par raport a mon Random's System Information Tool (RSIT)
Logfile of random's system information tool 1.09 (written by random/random)
Run by HnRRrr at 2014-01-24 22:09:21
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 12 GB (5%) free of 269 GB
Total RAM: 2047 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:40, on 24/01/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\G35\G35.exe
C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE
C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Overwolf\Overwolf.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Razer\Razer Game Booster\gbtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\HnRRrr\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\HnRRrr.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=Userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Logitech G35] C:\Program Files\Logitech\G35\G35.exe
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [GB_UPDATE] C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe/AUTORUN
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Documents and Settings\HnRRrr\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Protection e-mail (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf - C:\Program Files\Overwolf\OverwolfUpdater.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 11000 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RunOW.job
C:\WINDOWS\tasks\WGASetup.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HnRRrr\Application Data\Mozilla\Firefox\Profiles\pn34ahvn.default
prefs.js - "browser.startup.homepage" - "google.fr"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Module iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gametap.com/npdd,version=1.0]
"Description"=Downloader Detector
"Path"=C:\Program Files\Downloader\npdd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java(TM) Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java(TM) Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin]
"Description"=Arc PlayNow plugin for Mozilla browsers
"Path"=C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Documents and Settings\HnRRrr\Application Data\Mozilla\Firefox\Profiles\pn34ahvn.default\extensions\
***@***
***@***
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}]
ArcPluginIEBHO Class - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2013-09-26 108904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2008-08-29 380928]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-10-01 348664]
"Logitech G35"=C:\Program Files\Logitech\G35\G35.exe [2010-10-05 1811800]
"RoccatIsku"=C:\Program Files\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2011-07-12 536576]
"RoccatKova+"=C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2011-03-17 539688]
""= []
"Razer Synapse"=C:\Program Files\Razer\Synapse\RzSynapse.exe [2013-07-23 606056]
"GB_UPDATE"=C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05 2051688]
"APSDaemon"=C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Aeria Ignite"=C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [2013-06-06 1925656]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS SmartDoctor"=C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2008-12-18 1175552]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Spotify Web Helper"=C:\Documents and Settings\HnRRrr\Application Data\Spotify\Data\SpotifyWebHelper.exe [2013-07-19 1104384]
"Spotify"=C:\Documents and Settings\HnRRrr\Application Data\Spotify\Spotify.exe [2013-07-19 4640768]
"Akamai NetSession Interface"=C:\Documents and Settings\HnRRrr\Local Settings\Application Data\Akamai\netsession_win.exe [2013-06-05 4489472]
"Overwolf"=C:\Program Files\Overwolf\Overwolf.exe [2013-12-09 35768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-11-16 192512]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe"="D:\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe"="D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"D:\Steam\Steam.exe"="D:\Steam\Steam.exe:*:Enabled:Steam"
"D:\Steam\SteamApps\fhouh\counter-strike source\hl2.exe"="D:\Steam\SteamApps\fhouh\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\ManiaPlanet\ManiaPlanet.exe"="C:\Program Files\ManiaPlanet\ManiaPlanet.exe:*:Enabled:ManiaPlanet"
"D:\Steam\SteamApps\common\dota 2 test\dota.exe"="D:\Steam\SteamApps\common\dota 2 test\dota.exe:*:Enabled:Dota 2 Test"
"D:\Steam\SteamApps\common\dota 2 beta\dota.exe"="D:\Steam\SteamApps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe"="D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe:*:Enabled:Spiral Knights"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe"="D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe:*:Enabled:Borderlands 2"
"D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:Counter-Strike: Global Offensive"
"C:\Documents and Settings\HnRRrr\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\HnRRrr\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"
"C:\Program Files\Steam\SteamApps\fhouh\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\fhouh\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe"="C:\Program Files\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe:*:Enabled:Borderlands 2"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe"="C:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe:*:Enabled:Warframe"
"C:\Program Files\Steam\SteamApps\common\The War Z\Infestation.exe"="C:\Program Files\Steam\SteamApps\common\The War Z\Infestation.exe:*:Enabled:Infestation: Survivor Stories"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\SteamApps\common\The War Z\WarZlauncher.exe"="C:\Program Files\Steam\SteamApps\common\The War Z\WarZlauncher.exe:*:Enabled:Infestation: Survivor Stories"
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\HnRRrr\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\HnRRrr\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe"="C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe"="C:\Program Files\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe:*:Enabled:Dragon's Prophet (EU)"
"C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:Counter-Strike: Global Offensive"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.asv2"=asusasv2.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-01-24 22:09:50 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2014-01-24 22:09:48 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Spyware Terminator
2014-01-24 22:09:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2014-01-24 22:09:34 ----D---- C:\Program Files\Spyware Terminator
2014-01-24 22:09:23 ----D---- C:\Program Files\trend micro
2014-01-24 22:09:19 ----D---- C:\rsit
2014-01-23 18:11:21 ----A---- C:\WINDOWS\ntbtlog.txt
2014-01-23 14:38:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-23 14:27:18 ----A---- C:\WINDOWS\system32\drivers\48230029.sys
2014-01-23 13:02:48 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-01-23 12:59:52 ----HD---- C:\WINDOWS\PIF
2014-01-22 20:31:57 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Malwarebytes
2014-01-22 20:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-22 20:31:05 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-01-22 20:31:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-22 20:21:59 ----SHD---- C:\WINDOWS\system32\NwhXS1pm8SEa
2014-01-15 05:56:57 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-15 05:56:39 ----A---- C:\WINDOWS\system32\java.exe
2013-12-26 09:06:29 ----D---- C:\Documents and Settings\HnRRrr\Application Data\DofusBeta-3
======List of files/folders modified in the last 1 month======
2014-01-24 22:10:13 ----D---- C:\WINDOWS\Temp
2014-01-24 22:09:50 ----D---- C:\WINDOWS\system32\drivers
2014-01-24 22:09:34 ----RD---- C:\Program Files
2014-01-24 22:07:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-24 21:58:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-24 21:57:46 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Spotify
2014-01-24 21:57:31 ----SD---- C:\WINDOWS\Tasks
2014-01-24 21:51:01 ----D---- C:\WINDOWS\Prefetch
2014-01-24 21:48:18 ----D---- C:\WINDOWS\system32
2014-01-24 21:48:18 ----D---- C:\WINDOWS
2014-01-24 21:48:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-24 21:48:17 ----D---- C:\WINDOWS\system32\fr-fr
2014-01-24 21:48:15 ----HD---- C:\WINDOWS\inf
2014-01-24 21:48:15 ----D---- C:\WINDOWS\Help
2014-01-24 21:48:14 ----D---- C:\Program Files\Internet Explorer
2014-01-24 21:48:14 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2014-01-24 21:45:18 ----D---- C:\WINDOWS\ie8updates
2014-01-24 21:39:33 ----D---- C:\Documents and Settings\HnRRrr\Application Data\uTorrent
2014-01-23 19:01:31 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-23 18:51:23 ----D---- C:\Documents and Settings\HnRRrr\Application Data\TS3Client
2014-01-23 12:44:25 ----D---- C:\WINDOWS\msapps
2014-01-23 12:39:32 ----D---- C:\WINDOWS\system32\NtmsData
2014-01-21 15:48:29 ----D---- C:\Documents and Settings\HnRRrr\Application Data\vlc
2014-01-21 14:01:40 ----D---- C:\WINDOWS\Registration
2014-01-20 11:51:33 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Dofus2
2014-01-19 04:17:57 ----D---- C:\WINDOWS\system32\config
2014-01-18 17:09:32 ----D---- C:\Program Files\TERA
2014-01-17 21:43:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-01-16 08:08:14 ----SHD---- C:\WINDOWS\Installer
2014-01-16 08:06:58 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2014-01-15 05:56:39 ----D---- C:\Program Files\Java
2014-01-12 07:30:01 ----D---- C:\AeriaGames
2014-01-12 07:29:57 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2014-01-05 13:48:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-04 22:28:05 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Mumble
2013-12-26 09:28:41 ----D---- C:\Documents and Settings\HnRRrr\Application Data\Dofus2Beta
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2008-08-29 11136]
R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2012-11-14 112584]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-10-01 137928]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-12-01 36000]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-10-01 83392]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2008-08-29 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-11-16 7874560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2012-11-14 92008]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 LADF_DHP2;G35 DHP2 Filter Driver; C:\WINDOWS\system32\DRIVERS\ladfDHP2i386.sys [2010-09-29 53976]
R3 LADF_SBVM;G35 SBVM Filter Driver; C:\WINDOWS\system32\DRIVERS\ladfSBVMi386.sys [2010-09-29 335064]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
R3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-12-15 26624]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2008-08-29 10752]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys []
S3 6fphip23a;6fphip23a; \??\C:\DOCUME~1\HnRRrr\LOCALS~1\Temp\j3b5r38ut.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirFirewallService;Avira Firewall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2012-10-01 619472]
R2 AntiVirMailService;Avira Protection e-mail; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2012-10-01 375760]
R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-10-01 86224]
R2 AntiVirService;Avira Protection temps réel; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-10-01 110032]
R2 AntiVirWebService;Avira Protection Web; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-10-01 465360]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-11-16 643072]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2008-08-29 262144]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2013-02-08 8704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-08-01 76888]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2013-10-22 587912]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 257928]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files\Overwolf\OverwolfUpdater.exe [2013-12-09 96184]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Sinon vous avez besoin de quoi que ce sois , d'autre , car j'aimerais avoir ma becane clean .
Merci les gens .
2 réponses
Bonsoir,
On va utiliser un autre outil au lieu de RSIT. Pense à me copier/coller le dernier rapport MalwareBytes tu le trouveras dans l'onglet rapports/logs.
Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :
▶ Télécharge ZHPDiag (de Nicolas Coolman)
▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
▶ Clique sur configurer puis sur l'icône représentant une loupe («Diagnostic par défaut avec légitimes») et accepte le "rapport full options"
▶ le rapport se trouve sur ton Bureau
▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Si tu as besoin d'aide, suis ce tuto : http://www.sosvirus.net/canned-speech-zhpdiag-t712.html. Confond pas ZHPFix et ZHPDiag !
A+
On va utiliser un autre outil au lieu de RSIT. Pense à me copier/coller le dernier rapport MalwareBytes tu le trouveras dans l'onglet rapports/logs.
Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :
▶ Télécharge ZHPDiag (de Nicolas Coolman)
▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
▶ Clique sur configurer puis sur l'icône représentant une loupe («Diagnostic par défaut avec légitimes») et accepte le "rapport full options"
▶ le rapport se trouve sur ton Bureau
▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Si tu as besoin d'aide, suis ce tuto : http://www.sosvirus.net/canned-speech-zhpdiag-t712.html. Confond pas ZHPFix et ZHPDiag !
A+
Bonsoir,
Utilise cet outil de désinfection spécifique aux logiciels publicitaires :
▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
▶ Lance le, clique sur Nettoyer puis patiente le temps du scan.
▶ Une fois le nettoyage terminée, un message de prévention va s'afficher, je te conseille de le lire attentivement (n'hésite pas à me poser des questions si tu n'as pas compris certaines choses dans ce message).
▶ Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.
Ensuite télécharge Junk Removal Tool. Suis ce tuto et poste moi le rapport :
https://forum.security-x.fr/tutoriels-317/tutoriel-junkware-removal-tool
Utilise ce logiciel de désinfection généraliste :
▶ Télécharge et installe Malwarebytes' Anti-Malware
▶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
▶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
▶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
▶ A la fin de l'analyse, clique sur Afficher les résultats
▶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
▶ S'il t'est demandé de redémarrer l'ordinateur, accepte.
▶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression.
Reparamètre tes navigateurs WEB :
▶ Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
▶ Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
▶ Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
@+
Utilise cet outil de désinfection spécifique aux logiciels publicitaires :
▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
▶ Lance le, clique sur Nettoyer puis patiente le temps du scan.
▶ Une fois le nettoyage terminée, un message de prévention va s'afficher, je te conseille de le lire attentivement (n'hésite pas à me poser des questions si tu n'as pas compris certaines choses dans ce message).
▶ Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.
Ensuite télécharge Junk Removal Tool. Suis ce tuto et poste moi le rapport :
https://forum.security-x.fr/tutoriels-317/tutoriel-junkware-removal-tool
Utilise ce logiciel de désinfection généraliste :
▶ Télécharge et installe Malwarebytes' Anti-Malware
▶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
▶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
▶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
▶ A la fin de l'analyse, clique sur Afficher les résultats
▶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
▶ S'il t'est demandé de redémarrer l'ordinateur, accepte.
▶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression.
Reparamètre tes navigateurs WEB :
▶ Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
▶ Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
▶ Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
@+
Par rapport a malwarbytes je t'ai posté plus haut le fichier sur ce qu'il avais trouvé par rapport a adwcleaner il a rien trouvé .
le rapport junk https://pjjoint.malekal.com/files.php?id=20140125_v11j11c11r7n12
sinon par rapport a ce que avira a trouvé c'est TR/Dropper.gen et depuis que je l'ai la bécane quand je la lance normalement freeze en début de session
le rapport junk https://pjjoint.malekal.com/files.php?id=20140125_v11j11c11r7n12
sinon par rapport a ce que avira a trouvé c'est TR/Dropper.gen et depuis que je l'ai la bécane quand je la lance normalement freeze en début de session
désolé j'aurais pus le faire avant et plus vite , mais disons que maintenant l'ordi plante en début de session , donc un peut galère ..
https://pjjoint.malekal.com/files.php?id=20140125_r8x14e14z13y15 ( le RSIT )
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20140125_n6h15e7w8l10 ( Zhpdiag)
https://pjjoint.malekal.com/files.php?id=OTL_20140125_c5m13j15s811 (otl)
https://pjjoint.malekal.com/files.php?id=OTL_Extras_20140125_u5q10k6x10l10 ( Extra otl )
https://pjjoint.malekal.com/files.php?id=20140125_i7d13r8h15e5 ( et voila 1er rapport Mbam)
je te remercie de prendre du temps pour m'aider .