Pbm cheval de troie corpo.dll
Fermé
bblilou-31
-
21 janv. 2008 à 19:27
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 24 janv. 2008 à 19:11
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 24 janv. 2008 à 19:11
A voir également:
- Pbm cheval de troie corpo.dll
- Comment supprimer cheval de troie gratuitement - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Cheval de troie virus - Accueil - Virus
- Skyrim cheval perdu - Forum Jeux PC
- Message cheval de troie - Forum Virus
26 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 19:38
21 janv. 2008 à 19:38
Salut
télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
voici comme convenu le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:00, on 21/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\HAUPPA~1\MVPStart.exe
C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\FreeGo\FreeGo3.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe
C:\PROGRA~1\HAUPPA~1\Hardware\HcwSms.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IEPro\MiniDM.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DFC86520-D46F-49BA-B6C4-E543ABA8F331} - C:\WINDOWS\system32\corpo.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [FreeGo] C:/Program Files/FreeGo/FreeGo3.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to MVP Favorite Radio Stations - C:\Program Files\Hauppauge MediaMVP\mvp.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://bianca-31.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/bingame/popcaploader_v10.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F89A1C57-0BE1-4B00-BE11-36CDF6729569}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: MVPMedia - Hauppauge Computer Works - C:\PROGRA~1\HAUPPA~1\MVPStart.exe
O23 - Service: MVPMediaSvc - Hauppauge Computer Works, Inc. - C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O24 - Desktop Component 0: (no name) - file:///D:/fondecran/chevalKv.jpg
O24 - Desktop Component 1: (no name) - file:///D:/fondecran/chevalIv.jpg
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:00, on 21/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\HAUPPA~1\MVPStart.exe
C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\FreeGo\FreeGo3.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe
C:\PROGRA~1\HAUPPA~1\Hardware\HcwSms.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IEPro\MiniDM.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DFC86520-D46F-49BA-B6C4-E543ABA8F331} - C:\WINDOWS\system32\corpo.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [FreeGo] C:/Program Files/FreeGo/FreeGo3.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to MVP Favorite Radio Stations - C:\Program Files\Hauppauge MediaMVP\mvp.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.connect-we.fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://bianca-31.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/bingame/popcaploader_v10.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F89A1C57-0BE1-4B00-BE11-36CDF6729569}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: MVPMedia - Hauppauge Computer Works - C:\PROGRA~1\HAUPPA~1\MVPStart.exe
O23 - Service: MVPMediaSvc - Hauppauge Computer Works, Inc. - C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O24 - Desktop Component 0: (no name) - file:///D:/fondecran/chevalKv.jpg
O24 - Desktop Component 1: (no name) - file:///D:/fondecran/chevalIv.jpg
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 19:52
21 janv. 2008 à 19:52
ok,
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp
++
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp
++
voici le rapport de combofix
Merci de ton aide green day ;-)
2008-01-21 17:39 77,353 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2008-01-21 17:34 --------- d-----w C:\Program Files\Hauppauge MediaMVP
2008-01-16 11:30 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\LimeWire
2008-01-06 09:55 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-06 09:54 --------- d-----w C:\Program Files\IE7Pro
2008-01-06 09:50 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\IE7Pro
2007-12-25 22:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-25 18:20 --------- d-----w C:\Program Files\Auto-IP Publisher
2007-12-25 18:19 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\Skype
2007-12-17 20:49 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 16:48 19,456 ----a-w C:\WINDOWS\system32\drivers\emuoxnfr.dat
2007-12-17 16:44 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-12-17 16:42 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-12-17 12:44 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\DivX
2007-12-10 18:52 303,104 ----a-w C:\WINDOWS\system32\adssite_sidebar.dll
2007-12-09 00:54 --------- d-----w C:\Program Files\DivX
2007-12-09 00:30 --------- d-----w C:\Program Files\Google Video
2007-12-08 11:57 --------- d-----w C:\Program Files\eRightSoft
2007-12-08 11:57 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2007-12-05 13:22 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\VadeRetro
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-11-30 13:04 --------- d-----w C:\Program Files\Windows Live
2007-11-30 12:56 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-29 22:30 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-29 22:30 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-11-29 22:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-11-29 22:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-26 19:33 --------- d-----w C:\Program Files\FreeGo
2007-11-26 18:33 --------- d-----w C:\Program Files\WinPcap
2007-11-26 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 18:23 --------- d-----w C:\Program Files\Paragon Software
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 16:51 300,544 ----a-w C:\WINDOWS\system32\rfouftn.exe
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-24 17:54 47,360 ----a-w C:\Documents and Settings\cattaneo\Application Data\pcouffin.sys
2003-07-09 14:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-01-03 11:54 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-10 19:52 303104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFC86520-D46F-49BA-B6C4-E543ABA8F331}]
2007-01-08 19:01 84992 --a------ C:\WINDOWS\system32\corpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 17:10 787696]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2006-10-06 06:27 305152]
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe" [2006-05-18 19:02 4202496 C:\Program Files\FreeGo\FreeGo3.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="NvMCTray.dll" [2003-07-28 14:19 49152 C:\WINDOWS\system32\nvmctray.dll]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-01-01 02:05 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
C:\Documents and Settings\cattaneo\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 21:47:48 344064]
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2007-07-06 13:23:10 90112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2003-01-01 02:05 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
R0 ijexhsyw;ijexhsyw;C:\WINDOWS\system32\drivers\emuoxnfr.dat []
R2 MVPMedia;MVPMedia;C:\PROGRA~1\HAUPPA~1\MVPStart.exe [2004-06-18 11:28]
R2 MVPMediaSvc;MVPMediaSvc;C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [2005-01-31 11:33]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 16:10]
R3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 19:00:00 C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
- c:\docume~1\cattaneo\applic~1\startd~1\HOLDDEADHELP.exe
"2007-11-17 18:39:24 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-04-12 16:19:12 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-01-21 18:48:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Merci de ton aide green day ;-)
2008-01-21 17:39 77,353 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2008-01-21 17:34 --------- d-----w C:\Program Files\Hauppauge MediaMVP
2008-01-16 11:30 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\LimeWire
2008-01-06 09:55 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-06 09:54 --------- d-----w C:\Program Files\IE7Pro
2008-01-06 09:50 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\IE7Pro
2007-12-25 22:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-25 18:20 --------- d-----w C:\Program Files\Auto-IP Publisher
2007-12-25 18:19 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\Skype
2007-12-17 20:49 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 16:48 19,456 ----a-w C:\WINDOWS\system32\drivers\emuoxnfr.dat
2007-12-17 16:44 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-12-17 16:42 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-12-17 12:44 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\DivX
2007-12-10 18:52 303,104 ----a-w C:\WINDOWS\system32\adssite_sidebar.dll
2007-12-09 00:54 --------- d-----w C:\Program Files\DivX
2007-12-09 00:30 --------- d-----w C:\Program Files\Google Video
2007-12-08 11:57 --------- d-----w C:\Program Files\eRightSoft
2007-12-08 11:57 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2007-12-05 13:22 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\VadeRetro
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-11-30 13:04 --------- d-----w C:\Program Files\Windows Live
2007-11-30 12:56 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-29 22:30 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-29 22:30 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-11-29 22:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-11-29 22:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-26 19:33 --------- d-----w C:\Program Files\FreeGo
2007-11-26 18:33 --------- d-----w C:\Program Files\WinPcap
2007-11-26 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 18:23 --------- d-----w C:\Program Files\Paragon Software
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 16:51 300,544 ----a-w C:\WINDOWS\system32\rfouftn.exe
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-24 17:54 47,360 ----a-w C:\Documents and Settings\cattaneo\Application Data\pcouffin.sys
2003-07-09 14:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-01-03 11:54 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-10 19:52 303104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFC86520-D46F-49BA-B6C4-E543ABA8F331}]
2007-01-08 19:01 84992 --a------ C:\WINDOWS\system32\corpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 17:10 787696]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2006-10-06 06:27 305152]
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe" [2006-05-18 19:02 4202496 C:\Program Files\FreeGo\FreeGo3.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="NvMCTray.dll" [2003-07-28 14:19 49152 C:\WINDOWS\system32\nvmctray.dll]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-01-01 02:05 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
C:\Documents and Settings\cattaneo\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 21:47:48 344064]
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2007-07-06 13:23:10 90112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2003-01-01 02:05 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
R0 ijexhsyw;ijexhsyw;C:\WINDOWS\system32\drivers\emuoxnfr.dat []
R2 MVPMedia;MVPMedia;C:\PROGRA~1\HAUPPA~1\MVPStart.exe [2004-06-18 11:28]
R2 MVPMediaSvc;MVPMediaSvc;C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [2005-01-31 11:33]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 16:10]
R3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 19:00:00 C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
- c:\docume~1\cattaneo\applic~1\startd~1\HOLDDEADHELP.exe
"2007-11-17 18:39:24 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-04-12 16:19:12 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-01-21 18:48:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 20:29
21 janv. 2008 à 20:29
le rapport n'est pas complet !
poste le en entier stp ! :)
++
poste le en entier stp ! :)
++
oupps dsl lol
Le voici
ComboFix 08-01-20.1 - cattaneo 2008-01-21 19:59:20.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.153 [GMT 1:00]
Running from: C:\Documents and Settings\cattaneo\Bureau\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\cattaneo\Application Data\inst.exe
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\defaultPack.cab
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\languages.xml
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\pack1.cab
C:\WINDOWS\dialerexe.ini
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\nwcgir.dat
C:\WINDOWS\system32\nwcgir.exe
C:\WINDOWS\system32\nwcgir_nav.dat
C:\WINDOWS\system32\nwcgir_navps.dat
C:\WINDOWS\system32\prodsrvs.exe
C:\WINDOWS\system32\uvzfti.dat
c:\windows\system32\uvzfti.exe
C:\WINDOWS\system32\uvzfti_nav.dat
c:\WINDOWS\system32\uvzfti_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-21 to 2008-01-21 ))))))))))))))))))))))))))))))))))))
.
2008-01-21 19:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-21 19:44 . 2008-01-21 19:44 <REP> d-------- C:\Program Files\Trend Micro
2008-01-14 11:20 . 2008-01-14 11:23 <REP> d-------- C:\Documents and Settings\cattaneo\Application Data\MiniDm
2008-01-06 22:39 . 2008-01-06 22:46 2,324 --a------ C:\WINDOWS\desctemp.dat
2008-01-06 10:54 . 2008-01-06 10:54 <REP> d-------- C:\Program Files\IEPro
2008-01-06 10:54 . 2008-01-06 10:54 <REP> d-------- C:\Documents and Settings\cattaneo\Application Data\IEPro
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 17:39 77,353 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2008-01-21 17:34 --------- d-----w C:\Program Files\Hauppauge MediaMVP
2008-01-16 11:30 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\LimeWire
2008-01-06 09:55 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-06 09:54 --------- d-----w C:\Program Files\IE7Pro
2008-01-06 09:50 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\IE7Pro
2007-12-25 22:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-25 18:20 --------- d-----w C:\Program Files\Auto-IP Publisher
2007-12-25 18:19 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\Skype
2007-12-17 20:49 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 16:48 19,456 ----a-w C:\WINDOWS\system32\drivers\emuoxnfr.dat
2007-12-17 16:44 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-12-17 16:42 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-12-17 12:44 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\DivX
2007-12-10 18:52 303,104 ----a-w C:\WINDOWS\system32\adssite_sidebar.dll
2007-12-09 00:54 --------- d-----w C:\Program Files\DivX
2007-12-09 00:30 --------- d-----w C:\Program Files\Google Video
2007-12-08 11:57 --------- d-----w C:\Program Files\eRightSoft
2007-12-08 11:57 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2007-12-05 13:22 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\VadeRetro
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-11-30 13:04 --------- d-----w C:\Program Files\Windows Live
2007-11-30 12:56 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-29 22:30 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-29 22:30 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-11-29 22:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-11-29 22:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-26 19:33 --------- d-----w C:\Program Files\FreeGo
2007-11-26 18:33 --------- d-----w C:\Program Files\WinPcap
2007-11-26 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 18:23 --------- d-----w C:\Program Files\Paragon Software
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 16:51 300,544 ----a-w C:\WINDOWS\system32\rfouftn.exe
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-24 17:54 47,360 ----a-w C:\Documents and Settings\cattaneo\Application Data\pcouffin.sys
2003-07-09 14:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-01-03 11:54 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-10 19:52 303104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFC86520-D46F-49BA-B6C4-E543ABA8F331}]
2007-01-08 19:01 84992 --a------ C:\WINDOWS\system32\corpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 17:10 787696]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2006-10-06 06:27 305152]
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe" [2006-05-18 19:02 4202496 C:\Program Files\FreeGo\FreeGo3.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="NvMCTray.dll" [2003-07-28 14:19 49152 C:\WINDOWS\system32\nvmctray.dll]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-01-01 02:05 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
C:\Documents and Settings\cattaneo\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 21:47:48 344064]
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2007-07-06 13:23:10 90112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2003-01-01 02:05 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
R0 ijexhsyw;ijexhsyw;C:\WINDOWS\system32\drivers\emuoxnfr.dat []
R2 MVPMedia;MVPMedia;C:\PROGRA~1\HAUPPA~1\MVPStart.exe [2004-06-18 11:28]
R2 MVPMediaSvc;MVPMediaSvc;C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [2005-01-31 11:33]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 16:10]
R3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 19:00:00 C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
- c:\docume~1\cattaneo\applic~1\startd~1\HOLDDEADHELP.exe
"2007-11-17 18:39:24 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-04-12 16:19:12 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-01-21 18:48:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Le voici
ComboFix 08-01-20.1 - cattaneo 2008-01-21 19:59:20.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.153 [GMT 1:00]
Running from: C:\Documents and Settings\cattaneo\Bureau\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\cattaneo\Application Data\inst.exe
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\defaultPack.cab
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\languages.xml
C:\Documents and Settings\cattaneo\Application Data\MessengerSkinner\Userdata\pack1.cab
C:\WINDOWS\dialerexe.ini
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\nwcgir.dat
C:\WINDOWS\system32\nwcgir.exe
C:\WINDOWS\system32\nwcgir_nav.dat
C:\WINDOWS\system32\nwcgir_navps.dat
C:\WINDOWS\system32\prodsrvs.exe
C:\WINDOWS\system32\uvzfti.dat
c:\windows\system32\uvzfti.exe
C:\WINDOWS\system32\uvzfti_nav.dat
c:\WINDOWS\system32\uvzfti_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-21 to 2008-01-21 ))))))))))))))))))))))))))))))))))))
.
2008-01-21 19:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-21 19:44 . 2008-01-21 19:44 <REP> d-------- C:\Program Files\Trend Micro
2008-01-14 11:20 . 2008-01-14 11:23 <REP> d-------- C:\Documents and Settings\cattaneo\Application Data\MiniDm
2008-01-06 22:39 . 2008-01-06 22:46 2,324 --a------ C:\WINDOWS\desctemp.dat
2008-01-06 10:54 . 2008-01-06 10:54 <REP> d-------- C:\Program Files\IEPro
2008-01-06 10:54 . 2008-01-06 10:54 <REP> d-------- C:\Documents and Settings\cattaneo\Application Data\IEPro
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 17:39 77,353 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2008-01-21 17:34 --------- d-----w C:\Program Files\Hauppauge MediaMVP
2008-01-16 11:30 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\LimeWire
2008-01-06 09:55 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-06 09:54 --------- d-----w C:\Program Files\IE7Pro
2008-01-06 09:50 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\IE7Pro
2007-12-25 22:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-25 18:20 --------- d-----w C:\Program Files\Auto-IP Publisher
2007-12-25 18:19 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\Skype
2007-12-17 20:49 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 16:48 19,456 ----a-w C:\WINDOWS\system32\drivers\emuoxnfr.dat
2007-12-17 16:44 40,737 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
2007-12-17 16:42 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-12-17 12:44 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\DivX
2007-12-10 18:52 303,104 ----a-w C:\WINDOWS\system32\adssite_sidebar.dll
2007-12-09 00:54 --------- d-----w C:\Program Files\DivX
2007-12-09 00:30 --------- d-----w C:\Program Files\Google Video
2007-12-08 11:57 --------- d-----w C:\Program Files\eRightSoft
2007-12-08 11:57 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-05 13:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2007-12-05 13:22 --------- d-----w C:\Documents and Settings\cattaneo\Application Data\VadeRetro
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 01:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-11-30 13:04 --------- d-----w C:\Program Files\Windows Live
2007-11-30 12:56 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-29 22:30 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-29 22:30 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-11-29 22:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-11-29 22:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-26 19:33 --------- d-----w C:\Program Files\FreeGo
2007-11-26 18:33 --------- d-----w C:\Program Files\WinPcap
2007-11-26 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 18:23 --------- d-----w C:\Program Files\Paragon Software
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 16:51 300,544 ----a-w C:\WINDOWS\system32\rfouftn.exe
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-24 17:54 47,360 ----a-w C:\Documents and Settings\cattaneo\Application Data\pcouffin.sys
2003-07-09 14:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-01-03 11:54 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-10 19:52 303104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFC86520-D46F-49BA-B6C4-E543ABA8F331}]
2007-01-08 19:01 84992 --a------ C:\WINDOWS\system32\corpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 17:10 787696]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2006-10-06 06:27 305152]
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe" [2006-05-18 19:02 4202496 C:\Program Files\FreeGo\FreeGo3.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="NvMCTray.dll" [2003-07-28 14:19 49152 C:\WINDOWS\system32\nvmctray.dll]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-01-01 02:05 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]
C:\Documents and Settings\cattaneo\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [2006-05-14 21:47:48 344064]
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2007-07-06 13:23:10 90112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 16:09 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2003-01-01 02:05 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
R0 ijexhsyw;ijexhsyw;C:\WINDOWS\system32\drivers\emuoxnfr.dat []
R2 MVPMedia;MVPMedia;C:\PROGRA~1\HAUPPA~1\MVPStart.exe [2004-06-18 11:28]
R2 MVPMediaSvc;MVPMediaSvc;C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [2005-01-31 11:33]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 16:10]
R3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2006-05-09 16:50]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-21 19:00:00 C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
- c:\docume~1\cattaneo\applic~1\startd~1\HOLDDEADHELP.exe
"2007-11-17 18:39:24 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-04-12 16:19:12 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-01-21 18:48:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 20:34
21 janv. 2008 à 20:34
ok,
Télécharge ce fichier :
https://3a6249fb-a-62cb3a1a-s-sites.googlegroups.com/site/dcangeldark/Kill_Adssite.zip?attachauth=ANoY7cpRWBfHsjuUtXZm7O4gV7WXXvxoLJ-TUP99ktFmVi2pEXSTZPNyF5UFeqWMsQcqd3ryZTikvN1on7hoH1XPyXy7qmp0JdS1s633s-IOhSn4lawPBaW2N9oZF7BGPV3Iec0zg3VoGioRcpfS2G8Pzg-CFokFx5vmq6OLijndTPDrcDyQi6Q3X-jx0qwnNQ7xJeaKpqRCVGFNyqNBVBmC_eYqmp8xMQ%3D%3D&attredirects=3
Dézippe-le puis lance Kill.cmd. Poste le rapport.
++
Télécharge ce fichier :
https://3a6249fb-a-62cb3a1a-s-sites.googlegroups.com/site/dcangeldark/Kill_Adssite.zip?attachauth=ANoY7cpRWBfHsjuUtXZm7O4gV7WXXvxoLJ-TUP99ktFmVi2pEXSTZPNyF5UFeqWMsQcqd3ryZTikvN1on7hoH1XPyXy7qmp0JdS1s633s-IOhSn4lawPBaW2N9oZF7BGPV3Iec0zg3VoGioRcpfS2G8Pzg-CFokFx5vmq6OLijndTPDrcDyQi6Q3X-jx0qwnNQ7xJeaKpqRCVGFNyqNBVBmC_eYqmp8xMQ%3D%3D&attredirects=3
Dézippe-le puis lance Kill.cmd. Poste le rapport.
++
voici le rapport
C:\WINDOWS\system32\adssite_sidebar.dll - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar.dll - Erreur de Suppression !
----------
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe - Supprime !
----------
C:\WINDOWS\system32\rightonadz-uninst.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\rightonadz-uninst.exe - Supprime !
----------
C:\WINDOWS\system32\adssite-remove.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite-remove.exe - Supprime !
----------
C:\WINDOWS\system32\adssite_sidebar.dll - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar.dll - Erreur de Suppression !
----------
C:\WINDOWS\system32\adssite_sidebar.dll - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar.dll - Erreur de Suppression !
----------
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe - Supprime !
----------
C:\WINDOWS\system32\rightonadz-uninst.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\rightonadz-uninst.exe - Supprime !
----------
C:\WINDOWS\system32\adssite-remove.exe - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite-remove.exe - Supprime !
----------
C:\WINDOWS\system32\adssite_sidebar.dll - [b]Trouve[/b] !
C:\WINDOWS\system32\adssite_sidebar.dll - Erreur de Suppression !
----------
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 21:19
21 janv. 2008 à 21:19
ok,
* Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
* Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
* Faire un clic droit sur navilog1.zip et choisir "tout extraire"
* Double-cliquez sur navilog1.exe
* Arriver au menu principal, choisir l'option 1 et valider.
* Patientez jusqu'au message : Analyse Termine le ...
* Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
==> poste le stp
++
* Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
* Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
* Faire un clic droit sur navilog1.zip et choisir "tout extraire"
* Double-cliquez sur navilog1.exe
* Arriver au menu principal, choisir l'option 1 et valider.
* Patientez jusqu'au message : Analyse Termine le ...
* Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
==> poste le stp
++
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:09
21 janv. 2008 à 22:09
Le scan est long si tu peux patienter un tout petit peu je te le transmet de suite apres :-)
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:14
21 janv. 2008 à 22:14
Creation de la liste des programmes installes
Veuillez patienter
Search Navipromo version 3.4.2 commence le 2008-01-21 a 22:00:10.67
!!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!
*** Recherche programmes installes ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\WINDOWS ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\Program Files ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\application data
" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\local settings\a
pplication data" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~
1" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
Veuillez patienter
Recherche terminee
*** Recherche avec Catchme par gmer ***
pour + d'infos : http://www.gmer.net
Veuillez patienter ... Le scan peut durer une dizaine de minutes ...
*** Recherche avec GenericNaviSearch ***
Veuillez patienter
1 fichier(s) copié(s).
GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
[+] C:\WINDOWS\system32\rfouftn.exe
[·] NaviPromo - Malware/Packer id:{1c81a4b.6437649600}
└────────────────────────────────────────────────────────┘ 1 fichier(s) c
opié(s).
1 fichier(s) copié(s).
GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
└────────────────────────────────────────────────────────┘
*** Recherche fichiers ***
Veuillez patienter
Recherche terminee
*** Recherche cles specifiques dans le Registre ***
Veuillez patienter
*** Module de Recherche complementaire ***
Veuillez patienter...
*** Analyse terminee le 2008-01-21 a 22:09:42.95 ***
Appuyez sur une touche pour continuer...
Veuillez patienter
Search Navipromo version 3.4.2 commence le 2008-01-21 a 22:00:10.67
!!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!
*** Recherche programmes installes ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\WINDOWS ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\Program Files ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\application data
" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\local settings\a
pplication data" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~
1" ***
Veuillez patienter
Recherche terminee
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
Veuillez patienter
Recherche terminee
*** Recherche avec Catchme par gmer ***
pour + d'infos : http://www.gmer.net
Veuillez patienter ... Le scan peut durer une dizaine de minutes ...
*** Recherche avec GenericNaviSearch ***
Veuillez patienter
1 fichier(s) copié(s).
GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
[+] C:\WINDOWS\system32\rfouftn.exe
[·] NaviPromo - Malware/Packer id:{1c81a4b.6437649600}
└────────────────────────────────────────────────────────┘ 1 fichier(s) c
opié(s).
1 fichier(s) copié(s).
GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
└────────────────────────────────────────────────────────┘
*** Recherche fichiers ***
Veuillez patienter
Recherche terminee
*** Recherche cles specifiques dans le Registre ***
Veuillez patienter
*** Module de Recherche complementaire ***
Veuillez patienter...
*** Analyse terminee le 2008-01-21 a 22:09:42.95 ***
Appuyez sur une touche pour continuer...
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 22:15
21 janv. 2008 à 22:15
laisse le fix terminer ! :)
Patientez jusqu'au message : Analyse Termine le ...
try again ! :p
++
Patientez jusqu'au message : Analyse Termine le ...
try again ! :p
++
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:18
21 janv. 2008 à 22:18
je l'ai laissé faire! il ne se passe plus rien apart la fenètre ou il y a tout ce que je t'ai écris au dessus? dois-je appuyer sur une touche pour continuer?
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 22:22
21 janv. 2008 à 22:22
dans ce cas, regarde ici le rapport et poste le : Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
++
++
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:25
21 janv. 2008 à 22:25
voila
Search Navipromo version 3.4.2 commencé le 2008-01-21 à 22:00:10.67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.01.2008 à 14h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\application data" ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\local settings\application data" ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~1" ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
Fichiers trouvés :
rfouftn.exe trouvé !
* Recherche dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\WINDOWS\system32 :
atodcgh.exe trouvé !
fihjmbr.exe trouvé !
iwsxqcz.exe trouvé !
lvwpmltoa.exe trouvé !
rnzdsft.exe trouvé !
sdvbzyjhx.exe trouvé !
tnkighod.exe trouvé !
vrlylx.exe trouvé !
vwgtyc.exe trouvé !
wesdgv.exe trouvé !
xybkhcom.exe trouvé !
ybwrilg.exe trouvé !
zyiewps.exe trouvé !
* Dans "C:\Documents and Settings\cattaneo\local settings\application data" :
3)Recherche Certificats :
Certificat Egroup absent !
4)Recherche fichiers connus :
*** Analyse terminée le 2008-01-21 à 22:09:42.95 ***
Search Navipromo version 3.4.2 commencé le 2008-01-21 à 22:00:10.67
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.01.2008 à 14h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\application data" ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\local settings\application data" ***
*** Recherche dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~1" ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
Fichiers trouvés :
rfouftn.exe trouvé !
* Recherche dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\WINDOWS\system32 :
atodcgh.exe trouvé !
fihjmbr.exe trouvé !
iwsxqcz.exe trouvé !
lvwpmltoa.exe trouvé !
rnzdsft.exe trouvé !
sdvbzyjhx.exe trouvé !
tnkighod.exe trouvé !
vrlylx.exe trouvé !
vwgtyc.exe trouvé !
wesdgv.exe trouvé !
xybkhcom.exe trouvé !
ybwrilg.exe trouvé !
zyiewps.exe trouvé !
* Dans "C:\Documents and Settings\cattaneo\local settings\application data" :
3)Recherche Certificats :
Certificat Egroup absent !
4)Recherche fichiers connus :
*** Analyse terminée le 2008-01-21 à 22:09:42.95 ***
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 22:28
21 janv. 2008 à 22:28
ok,
o Double-cliquer sur navilog1.exe
o Arriver au menu principal, choisir l'option 2 et valider.
o Indiquer le mode de nettoyage "automatique"
o Répondre aux questions éventuelles, le bureau disparaitra, c'est normal !
o Patienter jusqu'au message : Nettoyage Termine le ...
o Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaitra
o Le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt)
==> poste le !
ensuite :
Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.cmd pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
++
je vais pas tarder, je verrai les résultat demain !
@+
o Double-cliquer sur navilog1.exe
o Arriver au menu principal, choisir l'option 2 et valider.
o Indiquer le mode de nettoyage "automatique"
o Répondre aux questions éventuelles, le bureau disparaitra, c'est normal !
o Patienter jusqu'au message : Nettoyage Termine le ...
o Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaitra
o Le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt)
==> poste le !
ensuite :
Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.cmd pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
++
je vais pas tarder, je verrai les résultat demain !
@+
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:47
21 janv. 2008 à 22:47
Clean Navipromo version 3.4.2 commencé le 2008-01-21 à 22:32:19.62
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.01.2008 à 14h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\WINDOWS\System32 *
rfouftn.exe trouvé !
Copie rfouftn.exe réalisée avec succès !
rfouftn.exe supprimé !
* Suppression dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\application data" ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\local settings\application data" ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~1" ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\cattaneo\local settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans C:\WINDOWS\system32 *
atodcgh.exe trouvé !
Copie atodcgh.exe réalisée avec succès !
atodcgh.exe supprimé !
fihjmbr.exe trouvé !
Copie fihjmbr.exe réalisée avec succès !
fihjmbr.exe supprimé !
iwsxqcz.exe trouvé !
Copie iwsxqcz.exe réalisée avec succès !
iwsxqcz.exe supprimé !
lvwpmltoa.exe trouvé !
Copie lvwpmltoa.exe réalisée avec succès !
lvwpmltoa.exe supprimé !
rnzdsft.exe trouvé !
Copie rnzdsft.exe réalisée avec succès !
rnzdsft.exe supprimé !
sdvbzyjhx.exe trouvé !
Copie sdvbzyjhx.exe réalisée avec succès !
sdvbzyjhx.exe supprimé !
tnkighod.exe trouvé !
Copie tnkighod.exe réalisée avec succès !
tnkighod.exe supprimé !
vrlylx.exe trouvé !
Copie vrlylx.exe réalisée avec succès !
vrlylx.exe supprimé !
vwgtyc.exe trouvé !
Copie vwgtyc.exe réalisée avec succès !
vwgtyc.exe supprimé !
wesdgv.exe trouvé !
Copie wesdgv.exe réalisée avec succès !
wesdgv.exe supprimé !
xybkhcom.exe trouvé !
Copie xybkhcom.exe réalisée avec succès !
xybkhcom.exe supprimé !
ybwrilg.exe trouvé !
Copie ybwrilg.exe réalisée avec succès !
ybwrilg.exe supprimé !
zyiewps.exe trouvé !
Copie zyiewps.exe réalisée avec succès !
zyiewps.exe supprimé !
* Dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
*** Nettoyage terminé le 2008-01-21 à 22:38:53.84 ***
Ok en tout cas c'est gentil de ta part si tu n'est pas encore parti ben je te souhaite bonne nuit
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.01.2008 à 14h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\WINDOWS\System32 *
rfouftn.exe trouvé !
Copie rfouftn.exe réalisée avec succès !
rfouftn.exe supprimé !
* Suppression dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\application data" ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\local settings\application data" ***
*** Suppression dossiers dans "C:\Documents and Settings\cattaneo\MENUDM~1\PROGRA~1" ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\cattaneo\local settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans C:\WINDOWS\system32 *
atodcgh.exe trouvé !
Copie atodcgh.exe réalisée avec succès !
atodcgh.exe supprimé !
fihjmbr.exe trouvé !
Copie fihjmbr.exe réalisée avec succès !
fihjmbr.exe supprimé !
iwsxqcz.exe trouvé !
Copie iwsxqcz.exe réalisée avec succès !
iwsxqcz.exe supprimé !
lvwpmltoa.exe trouvé !
Copie lvwpmltoa.exe réalisée avec succès !
lvwpmltoa.exe supprimé !
rnzdsft.exe trouvé !
Copie rnzdsft.exe réalisée avec succès !
rnzdsft.exe supprimé !
sdvbzyjhx.exe trouvé !
Copie sdvbzyjhx.exe réalisée avec succès !
sdvbzyjhx.exe supprimé !
tnkighod.exe trouvé !
Copie tnkighod.exe réalisée avec succès !
tnkighod.exe supprimé !
vrlylx.exe trouvé !
Copie vrlylx.exe réalisée avec succès !
vrlylx.exe supprimé !
vwgtyc.exe trouvé !
Copie vwgtyc.exe réalisée avec succès !
vwgtyc.exe supprimé !
wesdgv.exe trouvé !
Copie wesdgv.exe réalisée avec succès !
wesdgv.exe supprimé !
xybkhcom.exe trouvé !
Copie xybkhcom.exe réalisée avec succès !
xybkhcom.exe supprimé !
ybwrilg.exe trouvé !
Copie ybwrilg.exe réalisée avec succès !
ybwrilg.exe supprimé !
zyiewps.exe trouvé !
Copie zyiewps.exe réalisée avec succès !
zyiewps.exe supprimé !
* Dans "C:\Documents and Settings\cattaneo\local settings\application data" *
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
*** Nettoyage terminé le 2008-01-21 à 22:38:53.84 ***
Ok en tout cas c'est gentil de ta part si tu n'est pas encore parti ben je te souhaite bonne nuit
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 22:59
21 janv. 2008 à 22:59
Pour SDfix j'ai ca moi:
1: Download/run a-squared
2: Download/ Run normal malware cleaner
3: Download/ run SAV32CLI
4: Download kaspersky Anti-virus S.O.S
A: Create Systeme report
B: Create service/ driver list
C: create catchme log
D: Export safeboot key
U: Download latest version of SDFix
E: Exit
Je fais quelle commande? la 2eme?
1: Download/run a-squared
2: Download/ Run normal malware cleaner
3: Download/ run SAV32CLI
4: Download kaspersky Anti-virus S.O.S
A: Create Systeme report
B: Create service/ driver list
C: create catchme log
D: Export safeboot key
U: Download latest version of SDFix
E: Exit
Je fais quelle commande? la 2eme?
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
21 janv. 2008 à 23:02
21 janv. 2008 à 23:02
choisis : A
++
++
bblilou-31
Messages postés
33
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
25 janvier 2008
5
21 janv. 2008 à 23:14
21 janv. 2008 à 23:14
System Report
*************
Run on 2008-01-21 at 23:11
Microsoft Windows XP [version 5.1.2600]
Current user is an administrator
Running Processes:
\SystemRoot\System32\smss.exe [812]
\??\C:\WINDOWS\system32\csrss.exe [892]
\??\C:\WINDOWS\system32\winlogon.exe [920]
C:\WINDOWS\system32\services.exe [968]
C:\WINDOWS\system32\lsass.exe [980]
C:\WINDOWS\system32\svchost.exe [1160]
C:\WINDOWS\system32\svchost.exe [1224]
C:\WINDOWS\System32\svchost.exe [1312]
C:\WINDOWS\System32\svchost.exe [1384]
C:\WINDOWS\System32\svchost.exe [1492]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [1720]
C:\Program Files\Alwil Software\Avast4\ashServ.exe [1768]
C:\WINDOWS\system32\spoolsv.exe [128]
C:\WINDOWS\Explorer.EXE [644]
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [740]
C:\PROGRA~1\HAUPPA~1\MVPStart.exe [780]
C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [848]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [424]
C:\PROGRA~1\HAUPPA~1\Hardware\HcwSms.exe [484]
C:\WINDOWS\System32\svchost.exe [600]
C:\WINDOWS\system32\SearchIndexer.exe [1464]
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2092]
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2216]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2224]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2320]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2492]
C:\Program Files\Messenger\msmsgs.exe [2648]
C:\WINDOWS\system32\ctfmon.exe [2668]
C:\WINDOWS\System32\alg.exe [2736]
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2824]
C:\Program Files\FreeGo\FreeGo3.exe [2924]
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [3172]
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [3204]
C:\Program Files\Internet Explorer\iexplore.exe [624]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [2944]
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe [3164]
C:\Program Files\Windows Live\Mail\wlmail.exe [2472]
Drivers - Running:
SERVICE_NAME: Aavmker4
SERVICE_NAME: ACPI
SERVICE_NAME: AFD
SERVICE_NAME: ALCXSENS
SERVICE_NAME: ALCXWDM
SERVICE_NAME: Arp1394
SERVICE_NAME: aswMon2
SERVICE_NAME: aswRdr
SERVICE_NAME: aswTdi
SERVICE_NAME: atapi
SERVICE_NAME: audstub
SERVICE_NAME: basic2
SERVICE_NAME: Beep
SERVICE_NAME: BlueletAudio
SERVICE_NAME: BT
SERVICE_NAME: BTHidEnum
SERVICE_NAME: BTHidMgr
SERVICE_NAME: catchme
SERVICE_NAME: Cdfs
SERVICE_NAME: Cdrom
SERVICE_NAME: Disk
SERVICE_NAME: Fallback
SERVICE_NAME: Fdc
SERVICE_NAME: Fips
SERVICE_NAME: Flpydisk
SERVICE_NAME: FltMgr
SERVICE_NAME: Fsks
SERVICE_NAME: Ftdisk
SERVICE_NAME: gameenum
SERVICE_NAME: Gpc
SERVICE_NAME: HidUsb
SERVICE_NAME: hsf_msft
SERVICE_NAME: i8042prt
SERVICE_NAME: ijexhsyw
SERVICE_NAME: Imapi
SERVICE_NAME: intelppm
SERVICE_NAME: ip6fw
SERVICE_NAME: IpFilterDriver
SERVICE_NAME: IpNat
SERVICE_NAME: IPSec
SERVICE_NAME: isapnp
SERVICE_NAME: K56
SERVICE_NAME: Kbdclass
SERVICE_NAME: KSecDD
SERVICE_NAME: mdmxsdk
SERVICE_NAME: mnmdd
SERVICE_NAME: Modem
SERVICE_NAME: Mouclass
SERVICE_NAME: mouhid
SERVICE_NAME: MountMgr
SERVICE_NAME: MRxDAV
SERVICE_NAME: MRxSmb
SERVICE_NAME: Msfs
SERVICE_NAME: mssmbios
SERVICE_NAME: ms_mpu401
SERVICE_NAME: Mup
SERVICE_NAME: NDIS
SERVICE_NAME: NdisTapi
SERVICE_NAME: Ndisuio
SERVICE_NAME: NdisWan
SERVICE_NAME: NDProxy
SERVICE_NAME: NetBIOS
SERVICE_NAME: NetBT
SERVICE_NAME: NIC1394
SERVICE_NAME: nm
SERVICE_NAME: NPF
SERVICE_NAME: Npfs
SERVICE_NAME: Ntfs
SERVICE_NAME: Null
SERVICE_NAME: nv
SERVICE_NAME: NwlnkIpx
SERVICE_NAME: NwlnkNb
SERVICE_NAME: NwlnkSpx
SERVICE_NAME: ohci1394
SERVICE_NAME: Parport
SERVICE_NAME: PartMgr
SERVICE_NAME: ParVdm
SERVICE_NAME: PCI
SERVICE_NAME: Pcouffin
SERVICE_NAME: PptpMiniport
SERVICE_NAME: PSched
SERVICE_NAME: Ptilink
SERVICE_NAME: PxHelp20
SERVICE_NAME: RasAcd
SERVICE_NAME: Rasl2tp
SERVICE_NAME: RasPppoe
SERVICE_NAME: Raspti
SERVICE_NAME: Rdbss
SERVICE_NAME: RDPCDD
SERVICE_NAME: redbook
SERVICE_NAME: Rksample
SERVICE_NAME: ROOTMODEM
SERVICE_NAME: rtl8139
SERVICE_NAME: Secdrv
SERVICE_NAME: serenum
SERVICE_NAME: Serial
SERVICE_NAME: sfdrv01
SERVICE_NAME: sfhlp02
SERVICE_NAME: sfvfs02
SERVICE_NAME: SoC PC-Camera Service
SERVICE_NAME: SoftFax
SERVICE_NAME: sr
SERVICE_NAME: Srv
SERVICE_NAME: swenum
SERVICE_NAME: sysaudio
SERVICE_NAME: Tcpip
SERVICE_NAME: Tcpip6
SERVICE_NAME: TermDD
SERVICE_NAME: Tones
SERVICE_NAME: tunmp
SERVICE_NAME: Update
SERVICE_NAME: usbehci
SERVICE_NAME: usbhub
SERVICE_NAME: usbprint
SERVICE_NAME: usbuhci
SERVICE_NAME: V124
SERVICE_NAME: VComm
SERVICE_NAME: VcommMgr
SERVICE_NAME: viaagp1
SERVICE_NAME: ViaIde
SERVICE_NAME: VolSnap
SERVICE_NAME: Wanarp
SERVICE_NAME: wdmaud
Drivers - Stopped:
SERVICE_NAME: Abiosdsk
SERVICE_NAME: abp480n5
SERVICE_NAME: ACPIEC
SERVICE_NAME: adpu160m
SERVICE_NAME: aec
SERVICE_NAME: Aha154x
SERVICE_NAME: aic78u2
SERVICE_NAME: aic78xx
SERVICE_NAME: AliIde
SERVICE_NAME: amsint
SERVICE_NAME: asc
SERVICE_NAME: asc3350p
SERVICE_NAME: asc3550
SERVICE_NAME: AsyncMac
SERVICE_NAME: Atdisk
SERVICE_NAME: Atmarpc
SERVICE_NAME: Bridge
SERVICE_NAME: BridgeMP
SERVICE_NAME: Btcsrusb
SERVICE_NAME: BTNetFilter
SERVICE_NAME: cbidf2k
SERVICE_NAME: CCDECODE
SERVICE_NAME: cd20xrnt
SERVICE_NAME: Cdaudio
SERVICE_NAME: Changer
SERVICE_NAME: CmdIde
SERVICE_NAME: Cpqarray
SERVICE_NAME: dac960nt
SERVICE_NAME: dbustrcm
SERVICE_NAME: dmboot
SERVICE_NAME: dmio
SERVICE_NAME: dmload
SERVICE_NAME: DMusic
SERVICE_NAME: dpti2o
SERVICE_NAME: drmkaud
SERVICE_NAME: Fastfat
SERVICE_NAME: fbxusb
SERVICE_NAME: hpn
SERVICE_NAME: HSFHWBS2
SERVICE_NAME: HSF_DP
SERVICE_NAME: HTTP
SERVICE_NAME: i2omgmt
SERVICE_NAME: i2omp
SERVICE_NAME: ini910u
SERVICE_NAME: IntelIde
SERVICE_NAME: IpInIp
SERVICE_NAME: IRENUM
SERVICE_NAME: kmixer
SERVICE_NAME: lbrtfdc
SERVICE_NAME: LMouKE
SERVICE_NAME: mraid35x
SERVICE_NAME: MSKSSRV
SERVICE_NAME: MSPCLOCK
SERVICE_NAME: MSPQM
SERVICE_NAME: MSTEE
SERVICE_NAME: NABTSFEC
SERVICE_NAME: NdisIP
SERVICE_NAME: NwlnkFlt
SERVICE_NAME: NwlnkFwd
SERVICE_NAME: PCAMPR5
SERVICE_NAME: PCANDIS5
SERVICE_NAME: PCIDump
SERVICE_NAME: PCIIde
SERVICE_NAME: Pcmcia
SERVICE_NAME: PDCOMP
SERVICE_NAME: PDFRAME
SERVICE_NAME: PDRELI
SERVICE_NAME: PDRFRAME
SERVICE_NAME: perc2
SERVICE_NAME: perc2hib
SERVICE_NAME: PRISM_A02
SERVICE_NAME: Processor
SERVICE_NAME: ql1080
SERVICE_NAME: Ql10wnt
SERVICE_NAME: ql12160
SERVICE_NAME: ql1240
SERVICE_NAME: ql1280
SERVICE_NAME: RDPWD
SERVICE_NAME: Sfloppy
SERVICE_NAME: Simbad
SERVICE_NAME: SLIP
SERVICE_NAME: Sparrow
SERVICE_NAME: splitter
SERVICE_NAME: SQTECH905C
SERVICE_NAME: sscdbus
SERVICE_NAME: sscdmdfl
SERVICE_NAME: sscdmdm
SERVICE_NAME: streamip
SERVICE_NAME: swmidi
SERVICE_NAME: symc810
SERVICE_NAME: symc8xx
SERVICE_NAME: sym_hi
SERVICE_NAME: sym_u3
SERVICE_NAME: TDPIPE
SERVICE_NAME: TDTCP
SERVICE_NAME: TosIde
SERVICE_NAME: Udfs
SERVICE_NAME: ultra
SERVICE_NAME: USBSTOR
SERVICE_NAME: VgaSave
SERVICE_NAME: WDICA
SERVICE_NAME: winachsf
SERVICE_NAME: WSTCODEC
SERVICE_NAME: WudfPf
SERVICE_NAME: WudfRd
Services - Running:
SERVICE_NAME: 6to4
SERVICE_NAME: ALG
SERVICE_NAME: aswUpdSv
SERVICE_NAME: AudioSrv
SERVICE_NAME: avast! Antivirus
SERVICE_NAME: avast! Mail Scanner
SERVICE_NAME: avast! Web Scanner
SERVICE_NAME: BITS
SERVICE_NAME: BlueSoleil Hid Service
SERVICE_NAME: Browser
SERVICE_NAME: CryptSvc
SERVICE_NAME: DcomLaunch
SERVICE_NAME: Dhcp
SERVICE_NAME: Dnscache
SERVICE_NAME: ERSvc
SERVICE_NAME: Eventlog
SERVICE_NAME: EventSystem
SERVICE_NAME: FastUserSwitchingCompatibility
SERVICE_NAME: helpsvc
SERVICE_NAME: lanmanserver
SERVICE_NAME: lanmanworkstation
SERVICE_NAME: LmHosts
SERVICE_NAME: MVPMedia
SERVICE_NAME: MVPMediaSvc
SERVICE_NAME: Nero BackItUp Scheduler 3
SERVICE_NAME: Netman
SERVICE_NAME: Nla
SERVICE_NAME: PlugPlay
SERVICE_NAME: PolicyAgent
SERVICE_NAME: ProtectedStorage
SERVICE_NAME: RasMan
SERVICE_NAME: RpcSs
SERVICE_NAME: SamSs
SERVICE_NAME: Schedule
SERVICE_NAME: seclogon
SERVICE_NAME: SENS
SERVICE_NAME: SharedAccess
SERVICE_NAME: ShellHWDetection
SERVICE_NAME: Spooler
SERVICE_NAME: srservice
SERVICE_NAME: stisvc
SERVICE_NAME: TapiSrv
SERVICE_NAME: TermService
SERVICE_NAME: Themes
SERVICE_NAME: TrkWks
SERVICE_NAME: usnjsvc
SERVICE_NAME: UxTuneUp
SERVICE_NAME: W32Time
SERVICE_NAME: WebClient
SERVICE_NAME: winmgmt
SERVICE_NAME: wscsvc
SERVICE_NAME: WSearch
SERVICE_NAME: wuauserv
SERVICE_NAME: WZCSVC
Services - Stopped:
SERVICE_NAME: Alerter
SERVICE_NAME: AppMgmt
SERVICE_NAME: aspnet_state
SERVICE_NAME: CiSvc
SERVICE_NAME: ClipSrv
SERVICE_NAME: clr_optimization_v2.0.50727_32
SERVICE_NAME: COMSysApp
SERVICE_NAME: dmadmin
SERVICE_NAME: dmserver
SERVICE_NAME: HidServ
SERVICE_NAME: HTTPFilter
SERVICE_NAME: ImapiService
SERVICE_NAME: Messenger
SERVICE_NAME: mnmsrvc
SERVICE_NAME: MSDTC
SERVICE_NAME: MSIServer
SERVICE_NAME: NetDDE
SERVICE_NAME: NetDDEdsdm
SERVICE_NAME: Netlogon
SERVICE_NAME: NMIndexingService
SERVICE_NAME: NtLmSsp
SERVICE_NAME: NtmsSvc
SERVICE_NAME: RasAuto
SERVICE_NAME: RDSessMgr
SERVICE_NAME: RemoteAccess
SERVICE_NAME: RichVideo
SERVICE_NAME: rpcapd
SERVICE_NAME: RpcLocator
SERVICE_NAME: RSVP
SERVICE_NAME: SCardSvr
SERVICE_NAME: SSDPSRV
SERVICE_NAME: SwPrv
SERVICE_NAME: SysmonLog
SERVICE_NAME: upnphost
SERVICE_NAME: UPS
SERVICE_NAME: VSS
SERVICE_NAME: Wlancfg
SERVICE_NAME: WLSetupSvc
SERVICE_NAME: WmdmPmSN
SERVICE_NAME: WmiApSrv
SERVICE_NAME: WMPNetworkSvc
SERVICE_NAME: WudfSvc
SERVICE_NAME: xmlprov
Files Created/Modified - 60 Days :
C:\
21 Jan 2008 22:38:54 3 273 A.... "C:\cleannavi.txt"
21 Jan 2008 22:37:36 536 403 968 A.SH. "C:\hiberfil.sys"
9 Jan 2008 12:17:04 239 030 A.... "C:\hpfr3500.log"
8 Dec 2007 13:06:58 6 013 184 A.... "C:\nat et moi.3GP"
21 Jan 2008 22:37:34 402 653 184 A.SH. "C:\pagefile.sys"
8 Dec 2007 13:01:18 6 116 023 A.... "C:\Quick.3gp.3GP"
C:\WINDOWS\
21 Jan 2008 22:37:38 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
6 Jan 2008 22:46:26 2 324 A.... "C:\WINDOWS\desctemp.dat"
7 Dec 2007 18:55:54 5 788 A.... "C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt"
7 Dec 2007 19:02:20 8 820 A.... "C:\WINDOWS\ModemLog_Generic SoftK56.txt"
19 Jan 2008 22:46:44 2 204 A.... "C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt"
19 Jan 2008 22:46:48 2 204 A.... "C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt"
5 Dec 2007 14:37:02 241 A.... "C:\WINDOWS\msnfix.txt"
19 Jan 2008 22:55:10 69 A.... "C:\WINDOWS\NeroDigital.ini"
5 Dec 2007 14:37:02 13 A.... "C:\WINDOWS\presf.txt"
9 Jan 2008 12:00:02 32 378 A.... "C:\WINDOWS\SchedLgU.Txt"
20 Dec 2007 16:17:40 0 A.... "C:\WINDOWS\Sti_Trace.log"
21 Jan 2008 20:10:26 390 A.... "C:\WINDOWS\system.ini"
19 Jan 2008 23:30:54 420 A.... "C:\WINDOWS\ulead32.ini"
21 Jan 2008 22:38:06 159 A.... "C:\WINDOWS\wiadebug.log"
21 Jan 2008 22:38:04 50 A.... "C:\WINDOWS\wiaservc.log"
21 Jan 2008 22:40:56 25 166 A.... "C:\WINDOWS\WindowsUpdate.log"
21 Jan 2008 22:37:38 0 A.... "C:\WINDOWS\Debug\PASSWD.LOG"
10 Dec 2007 19:52:20 303 104 ..... "C:\WINDOWS\system32\adssite_sidebar.dll"
4 Dec 2007 14:04:28 837 496 A.... "C:\WINDOWS\system32\aswBoot.exe"
4 Dec 2007 13:54:04 95 608 A.... "C:\WINDOWS\system32\AvastSS.scr"
16 Jan 2008 12:11:40 3 121 A.... "C:\WINDOWS\system32\CONFIG.NT"
4 Dec 2007 2:33:16 682 496 A.... "C:\WINDOWS\system32\DivX.dll"
28 Nov 2007 22:55:18 156 992 A.... "C:\WINDOWS\system32\DivXCodecVersionChecker.exe"
4 Dec 2007 2:33:14 630 784 A.... "C:\WINDOWS\system32\divxdec.ax"
28 Nov 2007 22:53:08 352 401 A.... "C:\WINDOWS\system32\DivXMedia.ax"
29 Nov 2007 23:30:42 524 288 A.... "C:\WINDOWS\system32\DivXsm.exe"
29 Nov 2007 23:30:42 4 816 A.... "C:\WINDOWS\system32\divxsm.tlb"
28 Nov 2007 22:52:32 12 288 A.... "C:\WINDOWS\system32\DivXWMPExtType.dll"
4 Dec 2007 2:33:18 823 296 A.... "C:\WINDOWS\system32\divx_xx0c.dll"
4 Dec 2007 2:33:18 823 296 A.... "C:\WINDOWS\system32\divx_xx07.dll"
4 Dec 2007 2:33:18 802 816 A.... "C:\WINDOWS\system32\divx_xx11.dll"
29 Nov 2007 23:28:24 81 920 A.... "C:\WINDOWS\system32\dpl100.dll"
29 Nov 2007 23:28:24 416 A.... "C:\WINDOWS\system32\dpl100.dll.manifest"
28 Nov 2007 22:53:18 294 912 A.... "C:\WINDOWS\system32\dpu10.dll"
28 Nov 2007 22:53:18 294 912 A.... "C:\WINDOWS\system32\dpu11.dll"
28 Nov 2007 22:52:12 8 835 A.... "C:\WINDOWS\system32\dpufr.qm"
28 Nov 2007 22:53:18 53 248 A.... "C:\WINDOWS\system32\dpuGUI10.dll"
28 Nov 2007 22:53:18 593 920 A.... "C:\WINDOWS\system32\dpuGUI11.dll"
28 Nov 2007 22:53:18 344 064 A.... "C:\WINDOWS\system32\dpus11.dll"
28 Nov 2007 22:53:18 57 344 A.... "C:\WINDOWS\system32\dpv11.dll"
29 Nov 2007 23:30:42 9 878 A.... "C:\WINDOWS\system32\dsm_fr.qm"
29 Nov 2007 23:28:24 196 608 A.... "C:\WINDOWS\system32\dtu100.dll"
29 Nov 2007 23:28:24 416 A.... "C:\WINDOWS\system32\dtu100.dll.manifest"
28 Nov 2007 22:52:12 3 162 A.... "C:\WINDOWS\system32\dtu_fr.qm"
29 Nov 2007 23:30:16 1 044 480 A.... "C:\WINDOWS\system32\libdivx.dll"
2 Jan 2008 19:21:36 17 642 616 A.... "C:\WINDOWS\system32\MRT.exe"
29 Nov 2007 23:30:22 551 672 ..... "C:\WINDOWS\system32\Px.dll"
29 Nov 2007 23:30:22 129 784 ..... "C:\WINDOWS\system32\pxafs.dll"
29 Nov 2007 23:30:22 66 296 ..... "C:\WINDOWS\system32\pxcpya64.exe"
29 Nov 2007 23:30:22 120 056 ..... "C:\WINDOWS\system32\pxcpyi64.exe"
29 Nov 2007 23:30:24 518 904 ..... "C:\WINDOWS\system32\pxdrv.dll"
29 Nov 2007 23:30:24 72 440 ..... "C:\WINDOWS\system32\pxhpinst.exe"
29 Nov 2007 23:30:22 64 760 ..... "C:\WINDOWS\system32\pxinsa64.exe"
29 Nov 2007 23:30:22 118 520 ..... "C:\WINDOWS\system32\pxinsi64.exe"
29 Nov 2007 23:30:24 187 128 ..... "C:\WINDOWS\system32\PxMas.dll"
29 Nov 2007 23:30:24 1 628 920 ..... "C:\WINDOWS\system32\PxSFS.DLL"
29 Nov 2007 23:30:24 379 640 ..... "C:\WINDOWS\system32\PxWave.dll"
29 Nov 2007 23:30:28 3 596 288 A.... "C:\WINDOWS\system32\qt-dx331.dll"
29 Nov 2007 23:30:16 200 704 A.... "C:\WINDOWS\system32\ssldivx.dll"
8 Jan 2008 11:40:44 5 632 A.SH. "C:\WINDOWS\system32\Thumbs.db"
14 Dec 2007 19:33:42 386 478 A.... "C:\WINDOWS\system32\TZLog.log"
29 Nov 2007 23:30:22 88 824 ..... "C:\WINDOWS\system32\VXBLOCK.dll"
21 Jan 2008 22:38:24 1 158 A.... "C:\WINDOWS\system32\wpa.dbl"
21 Jan 2008 23:00:02 272 A..H. "C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
21 Jan 2008 22:37:44 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
21 Jan 2008 22:48:06 260 A.... "C:\WINDOWS\Tasks\V‚rifier les mises … jour de Windows Live Toolbar.job"
21 Jan 2008 22:37:44 16 384 A.... "C:\WINDOWS\temp\Perflib_Perfdata_6e8.dat"
21 Jan 2008 23:04:40 7 064 A.... "C:\WINDOWS\temp\scsB.tmp"
21 Jan 2008 22:38:26 409 A.... "C:\WINDOWS\temp\WGANotify.settings"
21 Jan 2008 19:57:44 835 584 A.... "C:\WINDOWS\erdnt\Hiv-backup\default"
21 Jan 2008 19:57:46 673 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.CON"
21 Jan 2008 19:57:46 1 247 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.INF"
21 Jan 2008 19:57:44 20 480 A.... "C:\WINDOWS\erdnt\Hiv-backup\SAM"
21 Jan 2008 19:57:42 49 152 A.... "C:\WINDOWS\erdnt\Hiv-backup\SECURITY"
21 Jan 2008 19:57:44 28 540 928 A.... "C:\WINDOWS\erdnt\Hiv-backup\software"
21 Jan 2008 19:57:44 5 480 448 A.... "C:\WINDOWS\erdnt\Hiv-backup\system"
14 Dec 2007 19:30:34 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00002"
14 Dec 2007 19:30:34 266 240 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00003"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00004"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00005"
14 Dec 2007 19:30:36 12 288 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00006"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00007"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00008"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00009"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00010"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00011"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00012"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00013"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00014"
14 Dec 2007 19:30:36 16 384 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00015"
4 Dec 2007 15:49:02 26 624 A.... "C:\WINDOWS\system32\drivers\aavmker4.sys"
4 Dec 2007 15:56:02 93 264 A.... "C:\WINDOWS\system32\drivers\aswmon.sys"
4 Dec 2007 15:55:46 94 544 A.... "C:\WINDOWS\system32\drivers\aswmon2.sys"
4 Dec 2007 15:53:40 23 152 A.... "C:\WINDOWS\system32\drivers\aswRdr.sys"
4 Dec 2007 15:51:52 42 912 A.... "C:\WINDOWS\system32\drivers\aswTdi.sys"
29 Nov 2007 23:30:24 9 336 ..... "C:\WINDOWS\system32\drivers\cdr4_xp.sys"
29 Nov 2007 23:30:24 9 464 ..... "C:\WINDOWS\system32\drivers\cdralw2k.sys"
17 Dec 2007 17:48:26 19 456 A.... "C:\WINDOWS\system32\drivers\emuoxnfr.dat"
29 Nov 2007 23:30:24 43 528 ..... "C:\WINDOWS\system32\drivers\pxhelp20.sys"
2 Dec 2007 1:23:28 237 568 A.... "C:\WINDOWS\system32\ias\ias.mdb"
17 Dec 2007 17:51:52 78 A.... "C:\WINDOWS\system32\Restore\MachineGuid.txt"
21 Jan 2008 22:39:10 0 A.... "C:\WINDOWS\temp\_avast4_\Webshlock.txt"
14 Dec 2007 19:31:12 18 081 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.inf"
14 Dec 2007 19:30:36 7 309 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.txt"
25 Dec 2007 14:41:08 8 A.... "C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp"
14 Jan 2008 9:50:04 8 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp"
21 Jan 2008 19:57:46 782 336 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT"
21 Jan 2008 19:57:46 548 864 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat"
21 Jan 2008 19:57:46 1 835 008 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT"
21 Jan 2008 19:57:46 548 864 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat"
21 Jan 2008 19:57:46 9 863 168 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT"
21 Jan 2008 19:57:46 720 896 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat"
C:\Program Files\
22 Nov 2007 17:10:36 787 696 A.... "C:\Program Files\CCleaner\ccleaner.exe"
26 Nov 2007 9:53:50 24 064 A.... "C:\Program Files\CCleaner\lang-1036.dll"
16 Jan 2008 12:26:52 111 005 A.... "C:\Program Files\CCleaner\uninst.exe"
9 Dec 2007 1:54:54 120 738 A.... "C:\Program Files\DivX\DivXBundleUninstall.exe"
9 Dec 2007 1:52:50 120 738 A.... "C:\Program Files\DivX\DivXCodecUninstall.exe"
9 Dec 2007 1:53:30 120 738 A.... "C:\Program Files\DivX\DivXConverterUninstall.exe"
9 Dec 2007 1:54:52 120 738 A.... "C:\Program Files\DivX\DivXContentUploaderUninstall.exe"
9 Dec 2007 1:54:34 120 738 A.... "C:\Program Files\DivX\DivXPlayerUninstall.exe"
9 Dec 2007 1:54:46 120 738 A.... "C:\Program Files\DivX\DivXWebPlayerUninstall.exe"
26 Nov 2007 19:32:52 2 714 A.... "C:\Program Files\FreeGo\unins000.dat"
26 Nov 2007 19:32:38 782 279 A.... "C:\Program Files\FreeGo\unins000.exe"
2 Jan 2008 9:34:10 699 496 A.... "C:\Program Files\IEPro\IEPro.dll"
2 Jan 2008 9:34:08 72 832 A.... "C:\Program Files\IEPro\IEProCx.exe"
2 Jan 2008 6:54:56 126 976 A.... "C:\Program Files\IEPro\IEProRs.dll"
2 Jan 2008 9:34:12 617 608 A.... "C:\Program Files\IEPro\MiniDM.exe"
6 Jan 2008 10:54:28 173 994 A.... "C:\Program Files\IEPro\uninst.exe"
21 Nov 2007 23:50:08 390 656 A.... "C:\Program Files\Messenger Plus! Live\lame_enc.dll"
22 Nov 2007 2:24:26 370 688 A.... "C:\Program Files\Messenger Plus! Live\libsndfile.dll"
16 Dec 2007 0:37:48 1 027 408 A.... "C:\Program Files\Messenger Plus! Live\Log Viewer.exe"
16 Dec 2007 0:37:50 8 528 A.... "C:\Program Files\Messenger Plus! Live\MPScripts.dll"
16 Dec 2007 0:38:00 8 528 A.... "C:\Program Files\Messenger Plus! Live\MPSkins.dll"
16 Dec 2007 0:37:52 490 320 A.... "C:\Program Files\Messenger Plus! Live\MPTools.exe"
16 Dec 2007 0:37:54 1 815 376 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll"
16 Dec 2007 0:37:56 59 728 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLoader.dll"
16 Dec 2007 0:37:54 3 291 472 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll"
16 Dec 2007 0:37:58 900 432 A.... "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
27 Nov 2007 7:37:34 94 208 A.... "C:\Program Files\Navilog1\GetPaths.exe"
21 Jan 2008 14:20:32 576 071 A.... "C:\Program Files\Navilog1\navilog1.bat"
5 Jan 2008 21:37:10 46 788 A.... "C:\Program Files\Navilog1\regnavi.reg"
29 Nov 2007 15:39:10 210 A.... "C:\Program Files\Navilog1\traite2.bat"
21 Jan 2008 21:58:42 1 795 A.... "C:\Program Files\Navilog1\unins000.dat"
21 Jan 2008 21:58:30 689 104 A.... "C:\Program Files\Navilog1\unins000.exe"
6 Jan 2008 10:55:44 472 A.... "C:\Program Files\TuneUp Utilities 2006\TUProduct.dat"
26 Nov 2007 19:33:12 99 278 A.... "C:\Program Files\WinPcap\Uninstall.exe"
4 Dec 2007 13:54:44 212 992 A.... "C:\Program Files\Alwil Software\Avast4\Aavm4h.dll"
4 Dec 2007 14:00:48 188 416 A.... "C:\Program Files\Alwil Software\Avast4\AavmGuih.dll"
4 Dec 2007 13:54:34 20 480 A.... "C:\Program Files\Alwil Software\Avast4\AavmRpch.dll"
4 Dec 2007 13:55:24 35 840 A.... "C:\Program Files\Alwil Software\Avast4\AhResMai.dll"
4 Dec 2007 13:56:24 32 768 A.... "C:\Program Files\Alwil Software\Avast4\ahResMes.dll"
4 Dec 2007 13:55:38 31 744 A.... "C:\Program Files\Alwil Software\Avast4\AhResNS.dll"
4 Dec 2007 14:00:08 29 696 A.... "C:\Program Files\Alwil Software\Avast4\AhResOut.dll"
4 Dec 2007 13:56:12 32 768 A.... "C:\Program Files\Alwil Software\Avast4\ahResP2P.dll"
4 Dec 2007 14:01:10 43 008 A.... "C:\Program Files\Alwil Software\Avast4\AhResStd.dll"
4 Dec 2007 13:55:08 53 248 A.... "C:\Program Files\Alwil Software\Avast4\AhResWS.dll"
4 Dec 2007 13:57:58 65 536 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiMai.dll"
4 Dec 2007 13:56:22 36 864 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiMes.dll"
4 Dec 2007 13:55:34 36 864 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiNS.dll"
4 Dec 2007 13:58:24 90 112 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiOut.dll"
4 Dec 2007 13:56:10 22 016 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiP2P.dll"
4 Dec 2007 14:01:06 57 344 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiStd.dll"
4 Dec 2007 13:57:38 49 152 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiWS.dll"
4 Dec 2007 13:52:16 271 736 A.... "C:\Program Files\Alwil Software\Avast4\ashAvast.exe"
4 Dec 2007 13:47:52 221 184 A.... "C:\Program Files\Alwil Software\Avast4\ashBase.dll"
4 Dec 2007 13:52:06 128 376 A.... "C:\Program Files\Alwil Software\Avast4\ashBug.exe"
4 Dec 2007 13:50:58 98 304 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgP.dll"
4 Dec 2007 13:51:22 131 072 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgT.dll"
4 Dec 2007 13:51:36 151 552 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.dll"
4 Dec 2007 13:52:34 66 936 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.exe"
4 Dec 2007 14:00:24 79 224 A.... "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
4 Dec 2007 13:51:48 49 016 A.... "C:\Program Files\Alwil Software\Avast4\ashLogV.exe"
4 Dec 2007 13:59:54 247 160 A.... "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe"
4 Dec 2007 14:00:04 202 104 A.... "C:\Program Files\Alwil Software\Avast4\ashOutXt.dll"
4 Dec 2007 14:00:36 206 200 A.... "C:\Program Files\Alwil Software\Avast4\ashPopWz.exe"
4 Dec 2007 13:53:48 279 928 A.... "C:\Program Files\Alwil Software\Avast4\ashQuick.exe"
4 Dec 2007 14:00:16 140 664 A.... "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
4 Dec 2007 13:53:54 75 128 A.... "C:\Program Files\Alwil Software\Avast4\ashShell.dll"
4 Dec 2007 13:53:30 128 376 A.... "C:\Program Files\Alwil Software\Avast4\ashSimp2.exe"
4 Dec 2007 13:54:24 157 048 A.... "C:\Program Files\Alwil Software\Avast4\ashSimpl.exe"
4 Dec 2007 13:51:52 18 432 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe"
4 Dec 2007 13:51:58 61 440 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPck.exe"
4 Dec 2007 13:48:04 53 248 A.... "C:\Program Files\Alwil Software\Avast4\ashSODBC.dll"
4 Dec 2007 13:48:54 233 472 A.... "C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll"
4 Dec 2007 13:49:00 48 128 A.... "C:\Program Files\Alwil Software\Avast4\ashSXML.dll"
4 Dec 2007 13:48:12 110 592 A.... "C:\Program Files\Alwil Software\Avast4\ashTask.dll"
4 Dec 2007 13:50:40 307 200 A.... "C:\Program Files\Alwil Software\Avast4\ashUInt.dll"
4 Dec 2007 13:48:24 66 936 A.... "C:\Program Files\Alwil Software\Avast4\ashUpd.exe"
4 Dec 2007 13:59:02 345 464 A.... "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe"
4 Dec 2007 13:59:42 118 784 A.... "C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll"
4 Dec 2007 15:35:48 659 456 A.... "C:\Program Files\Alwil Software\Avast4\aswAux.dll"
4 Dec 2007 15:33:02 131 072 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnB.dll"
4 Dec 2007 15:32:54 69 632 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll"
4 Dec 2007 15:33:16 184 320 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnS.dll"
4 Dec 2007 13:47:36 1 204 224 A.... "C:\Program Files\Alwil Software\Avast4\aswEngin.dll"
4 Dec 2007 15:36:28 4 608 A.... "C:\Program Files\Alwil Software\Avast4\aswIdle.dll"
4 Dec 2007 13:47:10 22 528 A.... "C:\Program Files\Alwil Software\Avast4\aswInteg.dll"
4 Dec 2007 15:32:34 143 360 A.... "C:\Program Files\Alwil Software\Avast4\aswRes.dll"
4 Dec 2007 13:46:48 81 920 A.... "C:\Program Files\Alwil Software\Avast4\aswScan.dll"
4 Dec 2007 15:36:34 17 272 A.... "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
4 Dec 2007 15:50:58 106 496 A.... "C:\Program Files\Alwil Software\Avast4\avCommEx.dll"
4 Dec 2007 15:41:36 6 656 A.... "C:\Program Files\Alwil Software\Avast4\AVSSHOOK.dll"
4 Dec 2007 14:03:54 66 936 A.... "C:\Program Files\Alwil Software\Avast4\sched.exe"
4 Dec 2007 13:52:22 66 936 A.... "C:\Program Files\Alwil Software\Avast4\VisthAux.exe"
4 Dec 2007 13:54:10 51 576 A.... "C:\Program Files\Alwil Software\Avast4\VisthLic.exe"
4 Dec 2007 13:53:58 51 576 A.... "C:\Program Files\Alwil Software\Avast4\VisthUpd.exe"
4 Dec 2007 15:45:20 917 504 A.... "C:\Program Files\Alwil Software\Avast4\XT1922.dll"
28 Nov 2007 22:52:32 69 632 A.... "C:\Program Files\DivX\DivX Codec\config.exe"
28 Nov 2007 22:54:00 341 504 A.... "C:\Program Files\DivX\DivX Codec\DivX EKG.exe"
28 Nov 2007 22:54:00 270 336 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1031.dll"
28 Nov 2007 22:54:02 262 144 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1033.dll"
28 Nov 2007 22:54:02 270 336 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1036.dll"
28 Nov 2007 22:54:02 237 568 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1041.dll"
29 Nov 2007 23:28:00 1 552 384 A.... "C:\Program Files\DivX\DivX Converter\Converter.exe"
29 Nov 2007 23:28:00 61 440 A.... "C:\Program Files\DivX\DivX Converter\dpil100.dll"
29 Nov 2007 23:28:02 1 191 936 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1041.dll"
29 Nov 2007 23:28:00 1 196 032 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1036.dll"
29 Nov 2007 23:28:00 1 040 384 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1033.dll"
29 Nov 2007 23:28:02 1 196 032 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1031.dll"
29 Nov 2007 23:28:02 81 920 A.... "C:\Program Files\DivX\DivX Converter\dvd2divxsub.dll"
29 Nov 2007 23:28:00 895 488 A.... "C:\Program Files\DivX\DivX Converter\libxml2.dll"
29 Nov 2007 23:28:00 122 880 A.... "C:\Program Files\DivX\DivX Converter\xdclm.dll"
29 Nov 2007 23:28:00 1 085 440 A.... "C:\Program Files\DivX\DivX Converter\xdsbp.dll"
29 Nov 2007 23:28:00 479 232 A.... "C:\Program Files\DivX\DivX Converter\xdsbv.dll"
29 Nov 2007 23:27:54 1 933 312 A.... "C:\Program Files\DivX\DivX Content Uploader\ContentUploadCheck.dll"
29 Nov 2007 23:27:54 845 824 A.... "C:\Program Files\DivX\DivX Content Uploader\libxml2.dll"
29 Nov 2007 23:27:54 1 359 872 A.... "C:\Program Files\DivX\DivX Content Uploader\npUpload.dll"
29 Nov 2007 23:31:04 1 933 312 A.... "C:\Program Files\DivX\DivX Player\ContentUploadCheck.dll"
29 Nov 2007 23:28:44 81 920 A.... "C:\Program Files\DivX\DivX Player\ConverterPlugin.dll"
29 Nov 2007 23:28:46 348 160 A.... "C:\Program Files\DivX\DivX Player\DCManager.dll"
29 Nov 2007 23:28:44 1 647 616 A.... "C:\Program Files\DivX\DivX Player\DivX Player.exe"
29 Nov 2007 23:28:42 1 290 240 A.... "C:\Program Files\DivX\DivX Player\DXMBuilderLite.dll"
29 Nov 2007 23:31:06 845 824 A.... "C:\Program Files\DivX\DivX Player\libxml2.dll"
29 Nov 2007 23:28:46 98 304 A.... "C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll"
29 Nov 2007 23:28:46 1 789 952 A.... "C:\Program Files\DivX\DivX Player\PlaybackModule2.dll"
29 Nov 2007 23:30:24 207 608 A.... "C:\Program Files\DivX\DivX Player\primosdk.dll"
29 Nov 2007 23:28:06 1 334 576 A.... "C:\Program Files\DivX\DivX Web Player\npdivx32.dll"
8 Dec 2007 12:56:56 72 704 ..SHR "C:\Program Files\eRightSoft\SUPER\Setup.exe"
2 Jan 2008 6:47:04 929 792 A.... "C:\Program Files\IEPro\modules\adblock.dll"
2 Jan 2008 6:51:30 385 024 A.... "C:\Program Files\IEPro\modules\autoform.dll"
2 Jan 2008 6:50:16 532 480 A.... "C:\Program Files\IEPro\modules\basemod.dll"
2 Jan 2008 6:48:16 139 264 A.... "C:\Program Files\IEPro\modules\downmod.dll"
2 Jan 2008 6:50:36 126 976 A.... "C:\Program Files\IEPro\modules\findbar.dll"
2 Jan 2008 6:47:26 90 112 A.... "C:\Program Files\IEPro\modules\ie6mod.dll"
2 Jan 2008 6:48:48 86 016 A.... "C:\Program Files\IEPro\modules\iecleaner.dll"
2 Jan 2008 6:53:14 634 880 A.... "C:\Program Files\IEPro\modules\iescript.dll"
2 Jan 2008 6:47:58 307 200 A.... "C:\Program Files\IEPro\modules\liveserv.dll"
2 Jan 2008 6:48:30 73 728 A.... "C:\Program Files\IEPro\modules\singleie.dll"
2 Jan 2008 6:52:10 454 656 A.... "C:\Program Files\IEPro\modules\spellchk.dll"
29 Nov 2007 23:28:06 1 334 576 A.... "C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll"
29 Nov 2007 23:28:46 98 304 A.... "C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll"
21 Jan 2008 22:33:00 110 702 300 A.... "C:\Program Files\Navilog1\Backupnavi\backup_registry.dat"
21 Jan 2008 19:44:08 396 288 A.... "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
16 Dec 2007 0:37:56 59 728 A.... "C:\Program Files\Windows Live\Messenger\msimg32.dll"
21 Jan 2008 22:44:40 391 216 A.... "C:\Program Files\Alwil Software\Avast4\DATA\clnr0.dll"
21 Jan 2008 22:44:40 219 192 A.... "C:\Program Files\Alwil Software\Avast4\DATA\dllcc0.dat"
21 Jan 2008 22:44:40 9 080 A.... "C:\Program Files\Alwil Software\Avast4\DATA\exts0.dll"
16 Jan 2008 12:11:26 70 766 A.... "C:\Program Files\Alwil Software\Avast4\DATA\iNews.htm"
4 Dec 2007 15:31:08 98 304 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Base.dll"
4 Dec 2007 15:29:24 17 920 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Boot.dll"
4 Dec 2007 15:31:06 2 560 000 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Lang.dll"
4 Dec 2007 15:31:02 61 440 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\LangMai.dll"
16 Jan 2008 12:11:26 127 024 A.... "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcr80.dll"
29 Nov 2007 23:31:02 1 101 824 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80.dll"
29 Nov 2007 23:31:02 1 093 120 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80u.dll"
29 Nov 2007 23:31:02 69 632 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80.dll"
29 Nov 2007 23:31:02 57 856 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80u.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcr80.dll"
29 Nov 2007 23:31:02 1 101 824 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfc80.dll"
29 Nov 2007 23:31:02 1 093 120 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfc80u.dll"
29 Nov 2007 23:31:02 69 632 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80.dll"
29 Nov 2007 23:31:02 57 856 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80u.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcr80.dll"
12 Dec 2007 9:33:52 512 A.... "C:\Program Files\Messenger Plus! Live\Skins\Ev0\DisableAds.reg"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcr80.dll"
4 Dec 2007 15:49:02 26 624 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\Aavmker4.sys"
4 Dec 2007 15:56:02 93 264 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon.sys"
4 Dec 2007 15:55:46 94 544 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon2.sys"
4 Dec 2007 15:52:16 45 648 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMonFlt.sys"
4 Dec 2007 15:53:40 23 152 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswRdr.sys"
4 Dec 2007 15:51:52 42 912 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswTdi.sys"
4 Dec 2007 15:49:14 24 656 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\Aavmker4.sys"
4 Dec 2007 15:55:58 75 856 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMon2.sys"
4 Dec 2007 15:52:32 55 888 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMonFlt.sys"
4 Dec 2007 15:53:44 27 216 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswRdr.sys"
4 Dec 2007 15:52:00 48 720 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswTdi.sys"
4 Dec 2007 15:52:24 115 792 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswMonFlt.sys"
4 Dec 2007 15:53:48 55 376 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswRdr.sys"
4 Dec 2007 15:52:02 103 504 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswTdi.sys"
Files with hidden attributes:
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,744 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Sat 8 Dec 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Catchme:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 23:05:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail]
"SqmSrvSuccessCount HTTPMail"=dword:0000000b
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 800
Program Folders:
C:\Program Files\
Actual Moon 3D
Adobe
Alwil Software
Anuman Interactive
Auto-IP Publisher
AviSynth 2.5
Black Isle
CCleaner
CIF USB CAMERA
CyberLink
directx
DivX
EA GAMES
EducMedia
Eidos Interactive
Elecard MPEG2 Decoder Package 2.0
eRightSoft
Fichiers communs
Free
FreeGo
Google Video
Hauppauge MediaMVP
Hewlett-Packard
HP
IE7Pro
IEPro
InstallShield Installation Information
Internet Explorer
Inventel
IVT Corporation
Java
Lavasoft
LimeWire
Messenger
Messenger Plus! Live
Micro Application
Microsoft Baseline Security Analyzer 2
Microsoft Encarta
microsoft frontpage
Microsoft Games
Microsoft Office
Microsoft SQL Server Compact Edition
Mindscape
Movie Maker
Mozilla Firefox
MP3 Player Utilities 1.48
MSECache
MSN
MSN Gaming Zone
Musicmatch
Navilog1
Nero
NetMeeting
Outlook Express
Paragon Software
PhotoFiltre
Plus!
QuickTime
RegCleaner
Samsung
Services en ligne
Skype
SoftwarePassport
Spybot - Search & Destroy
Trend Micro
TuneUp Utilities 2006
TZ Connection Booster
Ulead Systems
ultra degrade
UnFREEz
Uninstall Information
VSO
VViewer
Web Media Player
Webshots
WinAVI Video Converter
Windows Desktop Search
Windows Live
Windows Live Toolbar
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinPcap
WinRAR
xerox
C:\Program Files\Fichiers communs\
Adobe
Ahead
Designer
Elecard
InstallShield
Java
Microsoft Shared
MSSoap
Nero
Skype
Softwin
Sony Shared
SpeechEngines
System
Totem Shared
Ulead Systems
Wise Installation Wizard
Xuisoft
Add/Remove Programs:
Browser Optimizer Adssite
Search Assistant Adssite
avast! Antivirus
Baldur's Gate
CCleaner (remove only)
CIF USB CAMERA
Elecard MPEG2 Decoder Package 2.0
FreeGo 3
Hauppauge MediaMVP
HijackThis 2.0.2
hp deskjet 3500 series
hp print screen utility
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
IE7Pro
Samsung USB Driver (MCCI 4.24)
Lara Croft Tomb Raider : L’Ange des Ténèbres
Plus de 200 000 Cliparts et Photos
Samsung PC Studio 2.1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Language pack for Ad-Aware SE
LimeWire 4.14.10
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Maxi Mah Jong 3D
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 2.0
Microsoft .NET Framework (French) v1.0.3705
Mozilla Firefox (1.5)
Microsoft Compression Client Pack 1.0 for Windows XP
Navilog1 3.4.2
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
OpenMG Limited Patch 3.3-03-09-03-01
Pack Crystal Clear 1.0
Pack Crystal XP 3.0
PhotoFiltre
QuickTime
Browser Optimizer Rightonadz
Intel RSX 3D
Adobe Flash Player 9 ActiveX
Spybot - Search & Destroy 1.4
TZ Connection Booster 2.6
Ultra Degrade 1.0
VIRTUA COP 2
Web Media Player 0.63c
Webshots Desktop
Windows Imaging Component
Windows Live Toolbar
Windows Media Format 11 runtime
Lecteur Windows Media 11
Windows XP Service Pack 2
WinPcap 4.0 alpha1
Archiveur WinRAR
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Office 2000 Professional
MSXML4 Parser
Encyclopédie Microsoft Encarta 2004
Windows Live Toolbar
Extension de Windows Live Toolbar (Windows Live Toolbar)
Menus intelligents (Windows Live Toolbar)
Windows Live installer
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
MSXML 4.0 SP2 (KB927978)
VCRedistSetup
Ulead COOL 360 1.0
Windows Movie Maker 2.0
neroxml
MP3 Player Utilities 1.48
Skype™ 3.2
Nero 8 Demo
OpenMG Secure Module 3.3.01
Paragon Easy CD-DVD Recorder
PowerDVD
Microsoft .NET Framework (French)
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
LSDA Le Retour du Roi tm
Microsoft .NET Framework 2.0
MSXML 4.0 SP2 Parser and SDK
Ulead VideoStudio 7 SE Basic
Samsung USB Driver (MCCI 4.24)
DivX Codec
Microsoft Baseline Security Analyzer 2.0.1
BlueSoleil
TuneUp Utilities 2006
DivX Player
Musicmatch® Jukebox
Module de compatibilité pour Microsoft Office System 2007
Lara Croft Tomb Raider: The Angel Of Darkness
Entraîneur Cérébral 2
Galerie de photos Windows Live
Bloqueur de fenêtres pop-up (Windows Live Toolbar)
Adobe Reader 8.1.1 - Français
DivX Converter
DivX Web Player
Windows Live Messenger
ConvertXtoDVD 2.2.3.258
Visionneuse Microsoft Visio 2002
MSXML 4.0 SP2 (KB936181)
Windows Live Mail
hp deskjet 3500
Assistant de connexion Windows Live
Plus de 200 000 Cliparts et Photos
DivX Content Uploader
Ulead Photo Explorer 8.0 SE Basic
Samsung PC Studio 2.1
HP Photo and Imaging 2.0 - Deskjet Series
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
Microsoft SQL Server 2005 Compact Edition [ENU]
OneCare Advisor (Windows Live Toolbar)
SweetIM For Internet Explorer 3.0b
Realtek AC'97 Audio
Dr. DivX 2.0 OSS
Run Values:
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
"TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2006\\MemOptimizer.exe\" autostart"
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe"
Bot Check:
SERVICE_NAME: wscsvc
DISPLAY_NAME : Centre de sécurité
START_TYPE : 2 AUTO_START
SERVICE_NAME: sharedaccess
DISPLAY_NAME : Pare-feu Windows / Partage de connexion Internet
START_TYPE : 2 AUTO_START
SERVICE_NAME: wuauserv
DISPLAY_NAME : Mises à jour automatiques
START_TYPE : 2 AUTO_START
SERVICE_NAME: srservice
DISPLAY_NAME : Service de restauration système
START_TYPE : 2 AUTO_START
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="1000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"SfcScan"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"
ShellExecuteHooks:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=""
Environment:
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
Path REG_EXPAND_SZ %systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD
windir REG_EXPAND_SZ %SystemRoot%
OS REG_SZ Windows_NT
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
LANG REG_SZ fr
SecurityProviders:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Authentication Packages:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Non-Default IFEO Debugger:
Non-Default Installed Components:
Non-Default Safeboot Minimal:
File Associations:
[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*"
[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\https\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"
[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""
[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"
[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"
Finished!
*************
Run on 2008-01-21 at 23:11
Microsoft Windows XP [version 5.1.2600]
Current user is an administrator
Running Processes:
\SystemRoot\System32\smss.exe [812]
\??\C:\WINDOWS\system32\csrss.exe [892]
\??\C:\WINDOWS\system32\winlogon.exe [920]
C:\WINDOWS\system32\services.exe [968]
C:\WINDOWS\system32\lsass.exe [980]
C:\WINDOWS\system32\svchost.exe [1160]
C:\WINDOWS\system32\svchost.exe [1224]
C:\WINDOWS\System32\svchost.exe [1312]
C:\WINDOWS\System32\svchost.exe [1384]
C:\WINDOWS\System32\svchost.exe [1492]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [1720]
C:\Program Files\Alwil Software\Avast4\ashServ.exe [1768]
C:\WINDOWS\system32\spoolsv.exe [128]
C:\WINDOWS\Explorer.EXE [644]
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [740]
C:\PROGRA~1\HAUPPA~1\MVPStart.exe [780]
C:\PROGRA~1\HAUPPA~1\Hardware\DglSvcMain.exe [848]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [424]
C:\PROGRA~1\HAUPPA~1\Hardware\HcwSms.exe [484]
C:\WINDOWS\System32\svchost.exe [600]
C:\WINDOWS\system32\SearchIndexer.exe [1464]
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2092]
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2216]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2224]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2320]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2492]
C:\Program Files\Messenger\msmsgs.exe [2648]
C:\WINDOWS\system32\ctfmon.exe [2668]
C:\WINDOWS\System32\alg.exe [2736]
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2824]
C:\Program Files\FreeGo\FreeGo3.exe [2924]
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [3172]
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [3204]
C:\Program Files\Internet Explorer\iexplore.exe [624]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [2944]
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe [3164]
C:\Program Files\Windows Live\Mail\wlmail.exe [2472]
Drivers - Running:
SERVICE_NAME: Aavmker4
SERVICE_NAME: ACPI
SERVICE_NAME: AFD
SERVICE_NAME: ALCXSENS
SERVICE_NAME: ALCXWDM
SERVICE_NAME: Arp1394
SERVICE_NAME: aswMon2
SERVICE_NAME: aswRdr
SERVICE_NAME: aswTdi
SERVICE_NAME: atapi
SERVICE_NAME: audstub
SERVICE_NAME: basic2
SERVICE_NAME: Beep
SERVICE_NAME: BlueletAudio
SERVICE_NAME: BT
SERVICE_NAME: BTHidEnum
SERVICE_NAME: BTHidMgr
SERVICE_NAME: catchme
SERVICE_NAME: Cdfs
SERVICE_NAME: Cdrom
SERVICE_NAME: Disk
SERVICE_NAME: Fallback
SERVICE_NAME: Fdc
SERVICE_NAME: Fips
SERVICE_NAME: Flpydisk
SERVICE_NAME: FltMgr
SERVICE_NAME: Fsks
SERVICE_NAME: Ftdisk
SERVICE_NAME: gameenum
SERVICE_NAME: Gpc
SERVICE_NAME: HidUsb
SERVICE_NAME: hsf_msft
SERVICE_NAME: i8042prt
SERVICE_NAME: ijexhsyw
SERVICE_NAME: Imapi
SERVICE_NAME: intelppm
SERVICE_NAME: ip6fw
SERVICE_NAME: IpFilterDriver
SERVICE_NAME: IpNat
SERVICE_NAME: IPSec
SERVICE_NAME: isapnp
SERVICE_NAME: K56
SERVICE_NAME: Kbdclass
SERVICE_NAME: KSecDD
SERVICE_NAME: mdmxsdk
SERVICE_NAME: mnmdd
SERVICE_NAME: Modem
SERVICE_NAME: Mouclass
SERVICE_NAME: mouhid
SERVICE_NAME: MountMgr
SERVICE_NAME: MRxDAV
SERVICE_NAME: MRxSmb
SERVICE_NAME: Msfs
SERVICE_NAME: mssmbios
SERVICE_NAME: ms_mpu401
SERVICE_NAME: Mup
SERVICE_NAME: NDIS
SERVICE_NAME: NdisTapi
SERVICE_NAME: Ndisuio
SERVICE_NAME: NdisWan
SERVICE_NAME: NDProxy
SERVICE_NAME: NetBIOS
SERVICE_NAME: NetBT
SERVICE_NAME: NIC1394
SERVICE_NAME: nm
SERVICE_NAME: NPF
SERVICE_NAME: Npfs
SERVICE_NAME: Ntfs
SERVICE_NAME: Null
SERVICE_NAME: nv
SERVICE_NAME: NwlnkIpx
SERVICE_NAME: NwlnkNb
SERVICE_NAME: NwlnkSpx
SERVICE_NAME: ohci1394
SERVICE_NAME: Parport
SERVICE_NAME: PartMgr
SERVICE_NAME: ParVdm
SERVICE_NAME: PCI
SERVICE_NAME: Pcouffin
SERVICE_NAME: PptpMiniport
SERVICE_NAME: PSched
SERVICE_NAME: Ptilink
SERVICE_NAME: PxHelp20
SERVICE_NAME: RasAcd
SERVICE_NAME: Rasl2tp
SERVICE_NAME: RasPppoe
SERVICE_NAME: Raspti
SERVICE_NAME: Rdbss
SERVICE_NAME: RDPCDD
SERVICE_NAME: redbook
SERVICE_NAME: Rksample
SERVICE_NAME: ROOTMODEM
SERVICE_NAME: rtl8139
SERVICE_NAME: Secdrv
SERVICE_NAME: serenum
SERVICE_NAME: Serial
SERVICE_NAME: sfdrv01
SERVICE_NAME: sfhlp02
SERVICE_NAME: sfvfs02
SERVICE_NAME: SoC PC-Camera Service
SERVICE_NAME: SoftFax
SERVICE_NAME: sr
SERVICE_NAME: Srv
SERVICE_NAME: swenum
SERVICE_NAME: sysaudio
SERVICE_NAME: Tcpip
SERVICE_NAME: Tcpip6
SERVICE_NAME: TermDD
SERVICE_NAME: Tones
SERVICE_NAME: tunmp
SERVICE_NAME: Update
SERVICE_NAME: usbehci
SERVICE_NAME: usbhub
SERVICE_NAME: usbprint
SERVICE_NAME: usbuhci
SERVICE_NAME: V124
SERVICE_NAME: VComm
SERVICE_NAME: VcommMgr
SERVICE_NAME: viaagp1
SERVICE_NAME: ViaIde
SERVICE_NAME: VolSnap
SERVICE_NAME: Wanarp
SERVICE_NAME: wdmaud
Drivers - Stopped:
SERVICE_NAME: Abiosdsk
SERVICE_NAME: abp480n5
SERVICE_NAME: ACPIEC
SERVICE_NAME: adpu160m
SERVICE_NAME: aec
SERVICE_NAME: Aha154x
SERVICE_NAME: aic78u2
SERVICE_NAME: aic78xx
SERVICE_NAME: AliIde
SERVICE_NAME: amsint
SERVICE_NAME: asc
SERVICE_NAME: asc3350p
SERVICE_NAME: asc3550
SERVICE_NAME: AsyncMac
SERVICE_NAME: Atdisk
SERVICE_NAME: Atmarpc
SERVICE_NAME: Bridge
SERVICE_NAME: BridgeMP
SERVICE_NAME: Btcsrusb
SERVICE_NAME: BTNetFilter
SERVICE_NAME: cbidf2k
SERVICE_NAME: CCDECODE
SERVICE_NAME: cd20xrnt
SERVICE_NAME: Cdaudio
SERVICE_NAME: Changer
SERVICE_NAME: CmdIde
SERVICE_NAME: Cpqarray
SERVICE_NAME: dac960nt
SERVICE_NAME: dbustrcm
SERVICE_NAME: dmboot
SERVICE_NAME: dmio
SERVICE_NAME: dmload
SERVICE_NAME: DMusic
SERVICE_NAME: dpti2o
SERVICE_NAME: drmkaud
SERVICE_NAME: Fastfat
SERVICE_NAME: fbxusb
SERVICE_NAME: hpn
SERVICE_NAME: HSFHWBS2
SERVICE_NAME: HSF_DP
SERVICE_NAME: HTTP
SERVICE_NAME: i2omgmt
SERVICE_NAME: i2omp
SERVICE_NAME: ini910u
SERVICE_NAME: IntelIde
SERVICE_NAME: IpInIp
SERVICE_NAME: IRENUM
SERVICE_NAME: kmixer
SERVICE_NAME: lbrtfdc
SERVICE_NAME: LMouKE
SERVICE_NAME: mraid35x
SERVICE_NAME: MSKSSRV
SERVICE_NAME: MSPCLOCK
SERVICE_NAME: MSPQM
SERVICE_NAME: MSTEE
SERVICE_NAME: NABTSFEC
SERVICE_NAME: NdisIP
SERVICE_NAME: NwlnkFlt
SERVICE_NAME: NwlnkFwd
SERVICE_NAME: PCAMPR5
SERVICE_NAME: PCANDIS5
SERVICE_NAME: PCIDump
SERVICE_NAME: PCIIde
SERVICE_NAME: Pcmcia
SERVICE_NAME: PDCOMP
SERVICE_NAME: PDFRAME
SERVICE_NAME: PDRELI
SERVICE_NAME: PDRFRAME
SERVICE_NAME: perc2
SERVICE_NAME: perc2hib
SERVICE_NAME: PRISM_A02
SERVICE_NAME: Processor
SERVICE_NAME: ql1080
SERVICE_NAME: Ql10wnt
SERVICE_NAME: ql12160
SERVICE_NAME: ql1240
SERVICE_NAME: ql1280
SERVICE_NAME: RDPWD
SERVICE_NAME: Sfloppy
SERVICE_NAME: Simbad
SERVICE_NAME: SLIP
SERVICE_NAME: Sparrow
SERVICE_NAME: splitter
SERVICE_NAME: SQTECH905C
SERVICE_NAME: sscdbus
SERVICE_NAME: sscdmdfl
SERVICE_NAME: sscdmdm
SERVICE_NAME: streamip
SERVICE_NAME: swmidi
SERVICE_NAME: symc810
SERVICE_NAME: symc8xx
SERVICE_NAME: sym_hi
SERVICE_NAME: sym_u3
SERVICE_NAME: TDPIPE
SERVICE_NAME: TDTCP
SERVICE_NAME: TosIde
SERVICE_NAME: Udfs
SERVICE_NAME: ultra
SERVICE_NAME: USBSTOR
SERVICE_NAME: VgaSave
SERVICE_NAME: WDICA
SERVICE_NAME: winachsf
SERVICE_NAME: WSTCODEC
SERVICE_NAME: WudfPf
SERVICE_NAME: WudfRd
Services - Running:
SERVICE_NAME: 6to4
SERVICE_NAME: ALG
SERVICE_NAME: aswUpdSv
SERVICE_NAME: AudioSrv
SERVICE_NAME: avast! Antivirus
SERVICE_NAME: avast! Mail Scanner
SERVICE_NAME: avast! Web Scanner
SERVICE_NAME: BITS
SERVICE_NAME: BlueSoleil Hid Service
SERVICE_NAME: Browser
SERVICE_NAME: CryptSvc
SERVICE_NAME: DcomLaunch
SERVICE_NAME: Dhcp
SERVICE_NAME: Dnscache
SERVICE_NAME: ERSvc
SERVICE_NAME: Eventlog
SERVICE_NAME: EventSystem
SERVICE_NAME: FastUserSwitchingCompatibility
SERVICE_NAME: helpsvc
SERVICE_NAME: lanmanserver
SERVICE_NAME: lanmanworkstation
SERVICE_NAME: LmHosts
SERVICE_NAME: MVPMedia
SERVICE_NAME: MVPMediaSvc
SERVICE_NAME: Nero BackItUp Scheduler 3
SERVICE_NAME: Netman
SERVICE_NAME: Nla
SERVICE_NAME: PlugPlay
SERVICE_NAME: PolicyAgent
SERVICE_NAME: ProtectedStorage
SERVICE_NAME: RasMan
SERVICE_NAME: RpcSs
SERVICE_NAME: SamSs
SERVICE_NAME: Schedule
SERVICE_NAME: seclogon
SERVICE_NAME: SENS
SERVICE_NAME: SharedAccess
SERVICE_NAME: ShellHWDetection
SERVICE_NAME: Spooler
SERVICE_NAME: srservice
SERVICE_NAME: stisvc
SERVICE_NAME: TapiSrv
SERVICE_NAME: TermService
SERVICE_NAME: Themes
SERVICE_NAME: TrkWks
SERVICE_NAME: usnjsvc
SERVICE_NAME: UxTuneUp
SERVICE_NAME: W32Time
SERVICE_NAME: WebClient
SERVICE_NAME: winmgmt
SERVICE_NAME: wscsvc
SERVICE_NAME: WSearch
SERVICE_NAME: wuauserv
SERVICE_NAME: WZCSVC
Services - Stopped:
SERVICE_NAME: Alerter
SERVICE_NAME: AppMgmt
SERVICE_NAME: aspnet_state
SERVICE_NAME: CiSvc
SERVICE_NAME: ClipSrv
SERVICE_NAME: clr_optimization_v2.0.50727_32
SERVICE_NAME: COMSysApp
SERVICE_NAME: dmadmin
SERVICE_NAME: dmserver
SERVICE_NAME: HidServ
SERVICE_NAME: HTTPFilter
SERVICE_NAME: ImapiService
SERVICE_NAME: Messenger
SERVICE_NAME: mnmsrvc
SERVICE_NAME: MSDTC
SERVICE_NAME: MSIServer
SERVICE_NAME: NetDDE
SERVICE_NAME: NetDDEdsdm
SERVICE_NAME: Netlogon
SERVICE_NAME: NMIndexingService
SERVICE_NAME: NtLmSsp
SERVICE_NAME: NtmsSvc
SERVICE_NAME: RasAuto
SERVICE_NAME: RDSessMgr
SERVICE_NAME: RemoteAccess
SERVICE_NAME: RichVideo
SERVICE_NAME: rpcapd
SERVICE_NAME: RpcLocator
SERVICE_NAME: RSVP
SERVICE_NAME: SCardSvr
SERVICE_NAME: SSDPSRV
SERVICE_NAME: SwPrv
SERVICE_NAME: SysmonLog
SERVICE_NAME: upnphost
SERVICE_NAME: UPS
SERVICE_NAME: VSS
SERVICE_NAME: Wlancfg
SERVICE_NAME: WLSetupSvc
SERVICE_NAME: WmdmPmSN
SERVICE_NAME: WmiApSrv
SERVICE_NAME: WMPNetworkSvc
SERVICE_NAME: WudfSvc
SERVICE_NAME: xmlprov
Files Created/Modified - 60 Days :
C:\
21 Jan 2008 22:38:54 3 273 A.... "C:\cleannavi.txt"
21 Jan 2008 22:37:36 536 403 968 A.SH. "C:\hiberfil.sys"
9 Jan 2008 12:17:04 239 030 A.... "C:\hpfr3500.log"
8 Dec 2007 13:06:58 6 013 184 A.... "C:\nat et moi.3GP"
21 Jan 2008 22:37:34 402 653 184 A.SH. "C:\pagefile.sys"
8 Dec 2007 13:01:18 6 116 023 A.... "C:\Quick.3gp.3GP"
C:\WINDOWS\
21 Jan 2008 22:37:38 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
6 Jan 2008 22:46:26 2 324 A.... "C:\WINDOWS\desctemp.dat"
7 Dec 2007 18:55:54 5 788 A.... "C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt"
7 Dec 2007 19:02:20 8 820 A.... "C:\WINDOWS\ModemLog_Generic SoftK56.txt"
19 Jan 2008 22:46:44 2 204 A.... "C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt"
19 Jan 2008 22:46:48 2 204 A.... "C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt"
5 Dec 2007 14:37:02 241 A.... "C:\WINDOWS\msnfix.txt"
19 Jan 2008 22:55:10 69 A.... "C:\WINDOWS\NeroDigital.ini"
5 Dec 2007 14:37:02 13 A.... "C:\WINDOWS\presf.txt"
9 Jan 2008 12:00:02 32 378 A.... "C:\WINDOWS\SchedLgU.Txt"
20 Dec 2007 16:17:40 0 A.... "C:\WINDOWS\Sti_Trace.log"
21 Jan 2008 20:10:26 390 A.... "C:\WINDOWS\system.ini"
19 Jan 2008 23:30:54 420 A.... "C:\WINDOWS\ulead32.ini"
21 Jan 2008 22:38:06 159 A.... "C:\WINDOWS\wiadebug.log"
21 Jan 2008 22:38:04 50 A.... "C:\WINDOWS\wiaservc.log"
21 Jan 2008 22:40:56 25 166 A.... "C:\WINDOWS\WindowsUpdate.log"
21 Jan 2008 22:37:38 0 A.... "C:\WINDOWS\Debug\PASSWD.LOG"
10 Dec 2007 19:52:20 303 104 ..... "C:\WINDOWS\system32\adssite_sidebar.dll"
4 Dec 2007 14:04:28 837 496 A.... "C:\WINDOWS\system32\aswBoot.exe"
4 Dec 2007 13:54:04 95 608 A.... "C:\WINDOWS\system32\AvastSS.scr"
16 Jan 2008 12:11:40 3 121 A.... "C:\WINDOWS\system32\CONFIG.NT"
4 Dec 2007 2:33:16 682 496 A.... "C:\WINDOWS\system32\DivX.dll"
28 Nov 2007 22:55:18 156 992 A.... "C:\WINDOWS\system32\DivXCodecVersionChecker.exe"
4 Dec 2007 2:33:14 630 784 A.... "C:\WINDOWS\system32\divxdec.ax"
28 Nov 2007 22:53:08 352 401 A.... "C:\WINDOWS\system32\DivXMedia.ax"
29 Nov 2007 23:30:42 524 288 A.... "C:\WINDOWS\system32\DivXsm.exe"
29 Nov 2007 23:30:42 4 816 A.... "C:\WINDOWS\system32\divxsm.tlb"
28 Nov 2007 22:52:32 12 288 A.... "C:\WINDOWS\system32\DivXWMPExtType.dll"
4 Dec 2007 2:33:18 823 296 A.... "C:\WINDOWS\system32\divx_xx0c.dll"
4 Dec 2007 2:33:18 823 296 A.... "C:\WINDOWS\system32\divx_xx07.dll"
4 Dec 2007 2:33:18 802 816 A.... "C:\WINDOWS\system32\divx_xx11.dll"
29 Nov 2007 23:28:24 81 920 A.... "C:\WINDOWS\system32\dpl100.dll"
29 Nov 2007 23:28:24 416 A.... "C:\WINDOWS\system32\dpl100.dll.manifest"
28 Nov 2007 22:53:18 294 912 A.... "C:\WINDOWS\system32\dpu10.dll"
28 Nov 2007 22:53:18 294 912 A.... "C:\WINDOWS\system32\dpu11.dll"
28 Nov 2007 22:52:12 8 835 A.... "C:\WINDOWS\system32\dpufr.qm"
28 Nov 2007 22:53:18 53 248 A.... "C:\WINDOWS\system32\dpuGUI10.dll"
28 Nov 2007 22:53:18 593 920 A.... "C:\WINDOWS\system32\dpuGUI11.dll"
28 Nov 2007 22:53:18 344 064 A.... "C:\WINDOWS\system32\dpus11.dll"
28 Nov 2007 22:53:18 57 344 A.... "C:\WINDOWS\system32\dpv11.dll"
29 Nov 2007 23:30:42 9 878 A.... "C:\WINDOWS\system32\dsm_fr.qm"
29 Nov 2007 23:28:24 196 608 A.... "C:\WINDOWS\system32\dtu100.dll"
29 Nov 2007 23:28:24 416 A.... "C:\WINDOWS\system32\dtu100.dll.manifest"
28 Nov 2007 22:52:12 3 162 A.... "C:\WINDOWS\system32\dtu_fr.qm"
29 Nov 2007 23:30:16 1 044 480 A.... "C:\WINDOWS\system32\libdivx.dll"
2 Jan 2008 19:21:36 17 642 616 A.... "C:\WINDOWS\system32\MRT.exe"
29 Nov 2007 23:30:22 551 672 ..... "C:\WINDOWS\system32\Px.dll"
29 Nov 2007 23:30:22 129 784 ..... "C:\WINDOWS\system32\pxafs.dll"
29 Nov 2007 23:30:22 66 296 ..... "C:\WINDOWS\system32\pxcpya64.exe"
29 Nov 2007 23:30:22 120 056 ..... "C:\WINDOWS\system32\pxcpyi64.exe"
29 Nov 2007 23:30:24 518 904 ..... "C:\WINDOWS\system32\pxdrv.dll"
29 Nov 2007 23:30:24 72 440 ..... "C:\WINDOWS\system32\pxhpinst.exe"
29 Nov 2007 23:30:22 64 760 ..... "C:\WINDOWS\system32\pxinsa64.exe"
29 Nov 2007 23:30:22 118 520 ..... "C:\WINDOWS\system32\pxinsi64.exe"
29 Nov 2007 23:30:24 187 128 ..... "C:\WINDOWS\system32\PxMas.dll"
29 Nov 2007 23:30:24 1 628 920 ..... "C:\WINDOWS\system32\PxSFS.DLL"
29 Nov 2007 23:30:24 379 640 ..... "C:\WINDOWS\system32\PxWave.dll"
29 Nov 2007 23:30:28 3 596 288 A.... "C:\WINDOWS\system32\qt-dx331.dll"
29 Nov 2007 23:30:16 200 704 A.... "C:\WINDOWS\system32\ssldivx.dll"
8 Jan 2008 11:40:44 5 632 A.SH. "C:\WINDOWS\system32\Thumbs.db"
14 Dec 2007 19:33:42 386 478 A.... "C:\WINDOWS\system32\TZLog.log"
29 Nov 2007 23:30:22 88 824 ..... "C:\WINDOWS\system32\VXBLOCK.dll"
21 Jan 2008 22:38:24 1 158 A.... "C:\WINDOWS\system32\wpa.dbl"
21 Jan 2008 23:00:02 272 A..H. "C:\WINDOWS\Tasks\AE198A0A93CA0176.job"
21 Jan 2008 22:37:44 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
21 Jan 2008 22:48:06 260 A.... "C:\WINDOWS\Tasks\V‚rifier les mises … jour de Windows Live Toolbar.job"
21 Jan 2008 22:37:44 16 384 A.... "C:\WINDOWS\temp\Perflib_Perfdata_6e8.dat"
21 Jan 2008 23:04:40 7 064 A.... "C:\WINDOWS\temp\scsB.tmp"
21 Jan 2008 22:38:26 409 A.... "C:\WINDOWS\temp\WGANotify.settings"
21 Jan 2008 19:57:44 835 584 A.... "C:\WINDOWS\erdnt\Hiv-backup\default"
21 Jan 2008 19:57:46 673 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.CON"
21 Jan 2008 19:57:46 1 247 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.INF"
21 Jan 2008 19:57:44 20 480 A.... "C:\WINDOWS\erdnt\Hiv-backup\SAM"
21 Jan 2008 19:57:42 49 152 A.... "C:\WINDOWS\erdnt\Hiv-backup\SECURITY"
21 Jan 2008 19:57:44 28 540 928 A.... "C:\WINDOWS\erdnt\Hiv-backup\software"
21 Jan 2008 19:57:44 5 480 448 A.... "C:\WINDOWS\erdnt\Hiv-backup\system"
14 Dec 2007 19:30:34 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00002"
14 Dec 2007 19:30:34 266 240 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00003"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00004"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00005"
14 Dec 2007 19:30:36 12 288 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00006"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00007"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00008"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00009"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00010"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00011"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00012"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00013"
14 Dec 2007 19:30:36 8 192 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00014"
14 Dec 2007 19:30:36 16 384 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\reg00015"
4 Dec 2007 15:49:02 26 624 A.... "C:\WINDOWS\system32\drivers\aavmker4.sys"
4 Dec 2007 15:56:02 93 264 A.... "C:\WINDOWS\system32\drivers\aswmon.sys"
4 Dec 2007 15:55:46 94 544 A.... "C:\WINDOWS\system32\drivers\aswmon2.sys"
4 Dec 2007 15:53:40 23 152 A.... "C:\WINDOWS\system32\drivers\aswRdr.sys"
4 Dec 2007 15:51:52 42 912 A.... "C:\WINDOWS\system32\drivers\aswTdi.sys"
29 Nov 2007 23:30:24 9 336 ..... "C:\WINDOWS\system32\drivers\cdr4_xp.sys"
29 Nov 2007 23:30:24 9 464 ..... "C:\WINDOWS\system32\drivers\cdralw2k.sys"
17 Dec 2007 17:48:26 19 456 A.... "C:\WINDOWS\system32\drivers\emuoxnfr.dat"
29 Nov 2007 23:30:24 43 528 ..... "C:\WINDOWS\system32\drivers\pxhelp20.sys"
2 Dec 2007 1:23:28 237 568 A.... "C:\WINDOWS\system32\ias\ias.mdb"
17 Dec 2007 17:51:52 78 A.... "C:\WINDOWS\system32\Restore\MachineGuid.txt"
21 Jan 2008 22:39:10 0 A.... "C:\WINDOWS\temp\_avast4_\Webshlock.txt"
14 Dec 2007 19:31:12 18 081 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.inf"
14 Dec 2007 19:30:36 7 309 A.... "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.txt"
25 Dec 2007 14:41:08 8 A.... "C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp"
14 Jan 2008 9:50:04 8 A.... "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp"
21 Jan 2008 19:57:46 782 336 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT"
21 Jan 2008 19:57:46 548 864 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat"
21 Jan 2008 19:57:46 1 835 008 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT"
21 Jan 2008 19:57:46 548 864 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat"
21 Jan 2008 19:57:46 9 863 168 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT"
21 Jan 2008 19:57:46 720 896 A.... "C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat"
C:\Program Files\
22 Nov 2007 17:10:36 787 696 A.... "C:\Program Files\CCleaner\ccleaner.exe"
26 Nov 2007 9:53:50 24 064 A.... "C:\Program Files\CCleaner\lang-1036.dll"
16 Jan 2008 12:26:52 111 005 A.... "C:\Program Files\CCleaner\uninst.exe"
9 Dec 2007 1:54:54 120 738 A.... "C:\Program Files\DivX\DivXBundleUninstall.exe"
9 Dec 2007 1:52:50 120 738 A.... "C:\Program Files\DivX\DivXCodecUninstall.exe"
9 Dec 2007 1:53:30 120 738 A.... "C:\Program Files\DivX\DivXConverterUninstall.exe"
9 Dec 2007 1:54:52 120 738 A.... "C:\Program Files\DivX\DivXContentUploaderUninstall.exe"
9 Dec 2007 1:54:34 120 738 A.... "C:\Program Files\DivX\DivXPlayerUninstall.exe"
9 Dec 2007 1:54:46 120 738 A.... "C:\Program Files\DivX\DivXWebPlayerUninstall.exe"
26 Nov 2007 19:32:52 2 714 A.... "C:\Program Files\FreeGo\unins000.dat"
26 Nov 2007 19:32:38 782 279 A.... "C:\Program Files\FreeGo\unins000.exe"
2 Jan 2008 9:34:10 699 496 A.... "C:\Program Files\IEPro\IEPro.dll"
2 Jan 2008 9:34:08 72 832 A.... "C:\Program Files\IEPro\IEProCx.exe"
2 Jan 2008 6:54:56 126 976 A.... "C:\Program Files\IEPro\IEProRs.dll"
2 Jan 2008 9:34:12 617 608 A.... "C:\Program Files\IEPro\MiniDM.exe"
6 Jan 2008 10:54:28 173 994 A.... "C:\Program Files\IEPro\uninst.exe"
21 Nov 2007 23:50:08 390 656 A.... "C:\Program Files\Messenger Plus! Live\lame_enc.dll"
22 Nov 2007 2:24:26 370 688 A.... "C:\Program Files\Messenger Plus! Live\libsndfile.dll"
16 Dec 2007 0:37:48 1 027 408 A.... "C:\Program Files\Messenger Plus! Live\Log Viewer.exe"
16 Dec 2007 0:37:50 8 528 A.... "C:\Program Files\Messenger Plus! Live\MPScripts.dll"
16 Dec 2007 0:38:00 8 528 A.... "C:\Program Files\Messenger Plus! Live\MPSkins.dll"
16 Dec 2007 0:37:52 490 320 A.... "C:\Program Files\Messenger Plus! Live\MPTools.exe"
16 Dec 2007 0:37:54 1 815 376 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll"
16 Dec 2007 0:37:56 59 728 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLoader.dll"
16 Dec 2007 0:37:54 3 291 472 A.... "C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll"
16 Dec 2007 0:37:58 900 432 A.... "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
27 Nov 2007 7:37:34 94 208 A.... "C:\Program Files\Navilog1\GetPaths.exe"
21 Jan 2008 14:20:32 576 071 A.... "C:\Program Files\Navilog1\navilog1.bat"
5 Jan 2008 21:37:10 46 788 A.... "C:\Program Files\Navilog1\regnavi.reg"
29 Nov 2007 15:39:10 210 A.... "C:\Program Files\Navilog1\traite2.bat"
21 Jan 2008 21:58:42 1 795 A.... "C:\Program Files\Navilog1\unins000.dat"
21 Jan 2008 21:58:30 689 104 A.... "C:\Program Files\Navilog1\unins000.exe"
6 Jan 2008 10:55:44 472 A.... "C:\Program Files\TuneUp Utilities 2006\TUProduct.dat"
26 Nov 2007 19:33:12 99 278 A.... "C:\Program Files\WinPcap\Uninstall.exe"
4 Dec 2007 13:54:44 212 992 A.... "C:\Program Files\Alwil Software\Avast4\Aavm4h.dll"
4 Dec 2007 14:00:48 188 416 A.... "C:\Program Files\Alwil Software\Avast4\AavmGuih.dll"
4 Dec 2007 13:54:34 20 480 A.... "C:\Program Files\Alwil Software\Avast4\AavmRpch.dll"
4 Dec 2007 13:55:24 35 840 A.... "C:\Program Files\Alwil Software\Avast4\AhResMai.dll"
4 Dec 2007 13:56:24 32 768 A.... "C:\Program Files\Alwil Software\Avast4\ahResMes.dll"
4 Dec 2007 13:55:38 31 744 A.... "C:\Program Files\Alwil Software\Avast4\AhResNS.dll"
4 Dec 2007 14:00:08 29 696 A.... "C:\Program Files\Alwil Software\Avast4\AhResOut.dll"
4 Dec 2007 13:56:12 32 768 A.... "C:\Program Files\Alwil Software\Avast4\ahResP2P.dll"
4 Dec 2007 14:01:10 43 008 A.... "C:\Program Files\Alwil Software\Avast4\AhResStd.dll"
4 Dec 2007 13:55:08 53 248 A.... "C:\Program Files\Alwil Software\Avast4\AhResWS.dll"
4 Dec 2007 13:57:58 65 536 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiMai.dll"
4 Dec 2007 13:56:22 36 864 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiMes.dll"
4 Dec 2007 13:55:34 36 864 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiNS.dll"
4 Dec 2007 13:58:24 90 112 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiOut.dll"
4 Dec 2007 13:56:10 22 016 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiP2P.dll"
4 Dec 2007 14:01:06 57 344 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiStd.dll"
4 Dec 2007 13:57:38 49 152 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiWS.dll"
4 Dec 2007 13:52:16 271 736 A.... "C:\Program Files\Alwil Software\Avast4\ashAvast.exe"
4 Dec 2007 13:47:52 221 184 A.... "C:\Program Files\Alwil Software\Avast4\ashBase.dll"
4 Dec 2007 13:52:06 128 376 A.... "C:\Program Files\Alwil Software\Avast4\ashBug.exe"
4 Dec 2007 13:50:58 98 304 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgP.dll"
4 Dec 2007 13:51:22 131 072 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgT.dll"
4 Dec 2007 13:51:36 151 552 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.dll"
4 Dec 2007 13:52:34 66 936 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.exe"
4 Dec 2007 14:00:24 79 224 A.... "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
4 Dec 2007 13:51:48 49 016 A.... "C:\Program Files\Alwil Software\Avast4\ashLogV.exe"
4 Dec 2007 13:59:54 247 160 A.... "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe"
4 Dec 2007 14:00:04 202 104 A.... "C:\Program Files\Alwil Software\Avast4\ashOutXt.dll"
4 Dec 2007 14:00:36 206 200 A.... "C:\Program Files\Alwil Software\Avast4\ashPopWz.exe"
4 Dec 2007 13:53:48 279 928 A.... "C:\Program Files\Alwil Software\Avast4\ashQuick.exe"
4 Dec 2007 14:00:16 140 664 A.... "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
4 Dec 2007 13:53:54 75 128 A.... "C:\Program Files\Alwil Software\Avast4\ashShell.dll"
4 Dec 2007 13:53:30 128 376 A.... "C:\Program Files\Alwil Software\Avast4\ashSimp2.exe"
4 Dec 2007 13:54:24 157 048 A.... "C:\Program Files\Alwil Software\Avast4\ashSimpl.exe"
4 Dec 2007 13:51:52 18 432 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe"
4 Dec 2007 13:51:58 61 440 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPck.exe"
4 Dec 2007 13:48:04 53 248 A.... "C:\Program Files\Alwil Software\Avast4\ashSODBC.dll"
4 Dec 2007 13:48:54 233 472 A.... "C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll"
4 Dec 2007 13:49:00 48 128 A.... "C:\Program Files\Alwil Software\Avast4\ashSXML.dll"
4 Dec 2007 13:48:12 110 592 A.... "C:\Program Files\Alwil Software\Avast4\ashTask.dll"
4 Dec 2007 13:50:40 307 200 A.... "C:\Program Files\Alwil Software\Avast4\ashUInt.dll"
4 Dec 2007 13:48:24 66 936 A.... "C:\Program Files\Alwil Software\Avast4\ashUpd.exe"
4 Dec 2007 13:59:02 345 464 A.... "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe"
4 Dec 2007 13:59:42 118 784 A.... "C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll"
4 Dec 2007 15:35:48 659 456 A.... "C:\Program Files\Alwil Software\Avast4\aswAux.dll"
4 Dec 2007 15:33:02 131 072 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnB.dll"
4 Dec 2007 15:32:54 69 632 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll"
4 Dec 2007 15:33:16 184 320 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnS.dll"
4 Dec 2007 13:47:36 1 204 224 A.... "C:\Program Files\Alwil Software\Avast4\aswEngin.dll"
4 Dec 2007 15:36:28 4 608 A.... "C:\Program Files\Alwil Software\Avast4\aswIdle.dll"
4 Dec 2007 13:47:10 22 528 A.... "C:\Program Files\Alwil Software\Avast4\aswInteg.dll"
4 Dec 2007 15:32:34 143 360 A.... "C:\Program Files\Alwil Software\Avast4\aswRes.dll"
4 Dec 2007 13:46:48 81 920 A.... "C:\Program Files\Alwil Software\Avast4\aswScan.dll"
4 Dec 2007 15:36:34 17 272 A.... "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
4 Dec 2007 15:50:58 106 496 A.... "C:\Program Files\Alwil Software\Avast4\avCommEx.dll"
4 Dec 2007 15:41:36 6 656 A.... "C:\Program Files\Alwil Software\Avast4\AVSSHOOK.dll"
4 Dec 2007 14:03:54 66 936 A.... "C:\Program Files\Alwil Software\Avast4\sched.exe"
4 Dec 2007 13:52:22 66 936 A.... "C:\Program Files\Alwil Software\Avast4\VisthAux.exe"
4 Dec 2007 13:54:10 51 576 A.... "C:\Program Files\Alwil Software\Avast4\VisthLic.exe"
4 Dec 2007 13:53:58 51 576 A.... "C:\Program Files\Alwil Software\Avast4\VisthUpd.exe"
4 Dec 2007 15:45:20 917 504 A.... "C:\Program Files\Alwil Software\Avast4\XT1922.dll"
28 Nov 2007 22:52:32 69 632 A.... "C:\Program Files\DivX\DivX Codec\config.exe"
28 Nov 2007 22:54:00 341 504 A.... "C:\Program Files\DivX\DivX Codec\DivX EKG.exe"
28 Nov 2007 22:54:00 270 336 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1031.dll"
28 Nov 2007 22:54:02 262 144 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1033.dll"
28 Nov 2007 22:54:02 270 336 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1036.dll"
28 Nov 2007 22:54:02 237 568 A.... "C:\Program Files\DivX\DivX Codec\DivXDRA1041.dll"
29 Nov 2007 23:28:00 1 552 384 A.... "C:\Program Files\DivX\DivX Converter\Converter.exe"
29 Nov 2007 23:28:00 61 440 A.... "C:\Program Files\DivX\DivX Converter\dpil100.dll"
29 Nov 2007 23:28:02 1 191 936 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1041.dll"
29 Nov 2007 23:28:00 1 196 032 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1036.dll"
29 Nov 2007 23:28:00 1 040 384 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1033.dll"
29 Nov 2007 23:28:02 1 196 032 A.... "C:\Program Files\DivX\DivX Converter\DSConverter1031.dll"
29 Nov 2007 23:28:02 81 920 A.... "C:\Program Files\DivX\DivX Converter\dvd2divxsub.dll"
29 Nov 2007 23:28:00 895 488 A.... "C:\Program Files\DivX\DivX Converter\libxml2.dll"
29 Nov 2007 23:28:00 122 880 A.... "C:\Program Files\DivX\DivX Converter\xdclm.dll"
29 Nov 2007 23:28:00 1 085 440 A.... "C:\Program Files\DivX\DivX Converter\xdsbp.dll"
29 Nov 2007 23:28:00 479 232 A.... "C:\Program Files\DivX\DivX Converter\xdsbv.dll"
29 Nov 2007 23:27:54 1 933 312 A.... "C:\Program Files\DivX\DivX Content Uploader\ContentUploadCheck.dll"
29 Nov 2007 23:27:54 845 824 A.... "C:\Program Files\DivX\DivX Content Uploader\libxml2.dll"
29 Nov 2007 23:27:54 1 359 872 A.... "C:\Program Files\DivX\DivX Content Uploader\npUpload.dll"
29 Nov 2007 23:31:04 1 933 312 A.... "C:\Program Files\DivX\DivX Player\ContentUploadCheck.dll"
29 Nov 2007 23:28:44 81 920 A.... "C:\Program Files\DivX\DivX Player\ConverterPlugin.dll"
29 Nov 2007 23:28:46 348 160 A.... "C:\Program Files\DivX\DivX Player\DCManager.dll"
29 Nov 2007 23:28:44 1 647 616 A.... "C:\Program Files\DivX\DivX Player\DivX Player.exe"
29 Nov 2007 23:28:42 1 290 240 A.... "C:\Program Files\DivX\DivX Player\DXMBuilderLite.dll"
29 Nov 2007 23:31:06 845 824 A.... "C:\Program Files\DivX\DivX Player\libxml2.dll"
29 Nov 2007 23:28:46 98 304 A.... "C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll"
29 Nov 2007 23:28:46 1 789 952 A.... "C:\Program Files\DivX\DivX Player\PlaybackModule2.dll"
29 Nov 2007 23:30:24 207 608 A.... "C:\Program Files\DivX\DivX Player\primosdk.dll"
29 Nov 2007 23:28:06 1 334 576 A.... "C:\Program Files\DivX\DivX Web Player\npdivx32.dll"
8 Dec 2007 12:56:56 72 704 ..SHR "C:\Program Files\eRightSoft\SUPER\Setup.exe"
2 Jan 2008 6:47:04 929 792 A.... "C:\Program Files\IEPro\modules\adblock.dll"
2 Jan 2008 6:51:30 385 024 A.... "C:\Program Files\IEPro\modules\autoform.dll"
2 Jan 2008 6:50:16 532 480 A.... "C:\Program Files\IEPro\modules\basemod.dll"
2 Jan 2008 6:48:16 139 264 A.... "C:\Program Files\IEPro\modules\downmod.dll"
2 Jan 2008 6:50:36 126 976 A.... "C:\Program Files\IEPro\modules\findbar.dll"
2 Jan 2008 6:47:26 90 112 A.... "C:\Program Files\IEPro\modules\ie6mod.dll"
2 Jan 2008 6:48:48 86 016 A.... "C:\Program Files\IEPro\modules\iecleaner.dll"
2 Jan 2008 6:53:14 634 880 A.... "C:\Program Files\IEPro\modules\iescript.dll"
2 Jan 2008 6:47:58 307 200 A.... "C:\Program Files\IEPro\modules\liveserv.dll"
2 Jan 2008 6:48:30 73 728 A.... "C:\Program Files\IEPro\modules\singleie.dll"
2 Jan 2008 6:52:10 454 656 A.... "C:\Program Files\IEPro\modules\spellchk.dll"
29 Nov 2007 23:28:06 1 334 576 A.... "C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll"
29 Nov 2007 23:28:46 98 304 A.... "C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll"
21 Jan 2008 22:33:00 110 702 300 A.... "C:\Program Files\Navilog1\Backupnavi\backup_registry.dat"
21 Jan 2008 19:44:08 396 288 A.... "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
16 Dec 2007 0:37:56 59 728 A.... "C:\Program Files\Windows Live\Messenger\msimg32.dll"
21 Jan 2008 22:44:40 391 216 A.... "C:\Program Files\Alwil Software\Avast4\DATA\clnr0.dll"
21 Jan 2008 22:44:40 219 192 A.... "C:\Program Files\Alwil Software\Avast4\DATA\dllcc0.dat"
21 Jan 2008 22:44:40 9 080 A.... "C:\Program Files\Alwil Software\Avast4\DATA\exts0.dll"
16 Jan 2008 12:11:26 70 766 A.... "C:\Program Files\Alwil Software\Avast4\DATA\iNews.htm"
4 Dec 2007 15:31:08 98 304 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Base.dll"
4 Dec 2007 15:29:24 17 920 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Boot.dll"
4 Dec 2007 15:31:06 2 560 000 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Lang.dll"
4 Dec 2007 15:31:02 61 440 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\LangMai.dll"
16 Jan 2008 12:11:26 127 024 A.... "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.CRT\msvcr80.dll"
29 Nov 2007 23:31:02 1 101 824 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80.dll"
29 Nov 2007 23:31:02 1 093 120 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfc80u.dll"
29 Nov 2007 23:31:02 69 632 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80.dll"
29 Nov 2007 23:31:02 57 856 A.... "C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\mfcm80u.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.CRT\msvcr80.dll"
29 Nov 2007 23:31:02 1 101 824 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfc80.dll"
29 Nov 2007 23:31:02 1 093 120 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfc80u.dll"
29 Nov 2007 23:31:02 69 632 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80.dll"
29 Nov 2007 23:31:02 57 856 A.... "C:\Program Files\DivX\DivX Player\Microsoft.VC80.MFC\mfcm80u.dll"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcr80.dll"
12 Dec 2007 9:33:52 512 A.... "C:\Program Files\Messenger Plus! Live\Skins\Ev0\DisableAds.reg"
29 Nov 2007 23:31:02 479 232 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcm80.dll"
29 Nov 2007 23:31:02 548 864 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcp80.dll"
29 Nov 2007 23:31:04 626 688 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcr80.dll"
4 Dec 2007 15:49:02 26 624 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\Aavmker4.sys"
4 Dec 2007 15:56:02 93 264 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon.sys"
4 Dec 2007 15:55:46 94 544 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon2.sys"
4 Dec 2007 15:52:16 45 648 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMonFlt.sys"
4 Dec 2007 15:53:40 23 152 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswRdr.sys"
4 Dec 2007 15:51:52 42 912 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswTdi.sys"
4 Dec 2007 15:49:14 24 656 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\Aavmker4.sys"
4 Dec 2007 15:55:58 75 856 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMon2.sys"
4 Dec 2007 15:52:32 55 888 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMonFlt.sys"
4 Dec 2007 15:53:44 27 216 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswRdr.sys"
4 Dec 2007 15:52:00 48 720 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswTdi.sys"
4 Dec 2007 15:52:24 115 792 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswMonFlt.sys"
4 Dec 2007 15:53:48 55 376 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswRdr.sys"
4 Dec 2007 15:52:02 103 504 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswTdi.sys"
Files with hidden attributes:
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,744 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Sat 8 Dec 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Catchme:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 23:05:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail]
"SqmSrvSuccessCount HTTPMail"=dword:0000000b
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 800
Program Folders:
C:\Program Files\
Actual Moon 3D
Adobe
Alwil Software
Anuman Interactive
Auto-IP Publisher
AviSynth 2.5
Black Isle
CCleaner
CIF USB CAMERA
CyberLink
directx
DivX
EA GAMES
EducMedia
Eidos Interactive
Elecard MPEG2 Decoder Package 2.0
eRightSoft
Fichiers communs
Free
FreeGo
Google Video
Hauppauge MediaMVP
Hewlett-Packard
HP
IE7Pro
IEPro
InstallShield Installation Information
Internet Explorer
Inventel
IVT Corporation
Java
Lavasoft
LimeWire
Messenger
Messenger Plus! Live
Micro Application
Microsoft Baseline Security Analyzer 2
Microsoft Encarta
microsoft frontpage
Microsoft Games
Microsoft Office
Microsoft SQL Server Compact Edition
Mindscape
Movie Maker
Mozilla Firefox
MP3 Player Utilities 1.48
MSECache
MSN
MSN Gaming Zone
Musicmatch
Navilog1
Nero
NetMeeting
Outlook Express
Paragon Software
PhotoFiltre
Plus!
QuickTime
RegCleaner
Samsung
Services en ligne
Skype
SoftwarePassport
Spybot - Search & Destroy
Trend Micro
TuneUp Utilities 2006
TZ Connection Booster
Ulead Systems
ultra degrade
UnFREEz
Uninstall Information
VSO
VViewer
Web Media Player
Webshots
WinAVI Video Converter
Windows Desktop Search
Windows Live
Windows Live Toolbar
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinPcap
WinRAR
xerox
C:\Program Files\Fichiers communs\
Adobe
Ahead
Designer
Elecard
InstallShield
Java
Microsoft Shared
MSSoap
Nero
Skype
Softwin
Sony Shared
SpeechEngines
System
Totem Shared
Ulead Systems
Wise Installation Wizard
Xuisoft
Add/Remove Programs:
Browser Optimizer Adssite
Search Assistant Adssite
avast! Antivirus
Baldur's Gate
CCleaner (remove only)
CIF USB CAMERA
Elecard MPEG2 Decoder Package 2.0
FreeGo 3
Hauppauge MediaMVP
HijackThis 2.0.2
hp deskjet 3500 series
hp print screen utility
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
IE7Pro
Samsung USB Driver (MCCI 4.24)
Lara Croft Tomb Raider : L’Ange des Ténèbres
Plus de 200 000 Cliparts et Photos
Samsung PC Studio 2.1
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Language pack for Ad-Aware SE
LimeWire 4.14.10
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Maxi Mah Jong 3D
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 2.0
Microsoft .NET Framework (French) v1.0.3705
Mozilla Firefox (1.5)
Microsoft Compression Client Pack 1.0 for Windows XP
Navilog1 3.4.2
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
OpenMG Limited Patch 3.3-03-09-03-01
Pack Crystal Clear 1.0
Pack Crystal XP 3.0
PhotoFiltre
QuickTime
Browser Optimizer Rightonadz
Intel RSX 3D
Adobe Flash Player 9 ActiveX
Spybot - Search & Destroy 1.4
TZ Connection Booster 2.6
Ultra Degrade 1.0
VIRTUA COP 2
Web Media Player 0.63c
Webshots Desktop
Windows Imaging Component
Windows Live Toolbar
Windows Media Format 11 runtime
Lecteur Windows Media 11
Windows XP Service Pack 2
WinPcap 4.0 alpha1
Archiveur WinRAR
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Office 2000 Professional
MSXML4 Parser
Encyclopédie Microsoft Encarta 2004
Windows Live Toolbar
Extension de Windows Live Toolbar (Windows Live Toolbar)
Menus intelligents (Windows Live Toolbar)
Windows Live installer
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
MSXML 4.0 SP2 (KB927978)
VCRedistSetup
Ulead COOL 360 1.0
Windows Movie Maker 2.0
neroxml
MP3 Player Utilities 1.48
Skype™ 3.2
Nero 8 Demo
OpenMG Secure Module 3.3.01
Paragon Easy CD-DVD Recorder
PowerDVD
Microsoft .NET Framework (French)
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
LSDA Le Retour du Roi tm
Microsoft .NET Framework 2.0
MSXML 4.0 SP2 Parser and SDK
Ulead VideoStudio 7 SE Basic
Samsung USB Driver (MCCI 4.24)
DivX Codec
Microsoft Baseline Security Analyzer 2.0.1
BlueSoleil
TuneUp Utilities 2006
DivX Player
Musicmatch® Jukebox
Module de compatibilité pour Microsoft Office System 2007
Lara Croft Tomb Raider: The Angel Of Darkness
Entraîneur Cérébral 2
Galerie de photos Windows Live
Bloqueur de fenêtres pop-up (Windows Live Toolbar)
Adobe Reader 8.1.1 - Français
DivX Converter
DivX Web Player
Windows Live Messenger
ConvertXtoDVD 2.2.3.258
Visionneuse Microsoft Visio 2002
MSXML 4.0 SP2 (KB936181)
Windows Live Mail
hp deskjet 3500
Assistant de connexion Windows Live
Plus de 200 000 Cliparts et Photos
DivX Content Uploader
Ulead Photo Explorer 8.0 SE Basic
Samsung PC Studio 2.1
HP Photo and Imaging 2.0 - Deskjet Series
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
Microsoft SQL Server 2005 Compact Edition [ENU]
OneCare Advisor (Windows Live Toolbar)
SweetIM For Internet Explorer 3.0b
Realtek AC'97 Audio
Dr. DivX 2.0 OSS
Run Values:
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
"TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2006\\MemOptimizer.exe\" autostart"
"FreeGo"="C:/Program Files/FreeGo/FreeGo3.exe"
Bot Check:
SERVICE_NAME: wscsvc
DISPLAY_NAME : Centre de sécurité
START_TYPE : 2 AUTO_START
SERVICE_NAME: sharedaccess
DISPLAY_NAME : Pare-feu Windows / Partage de connexion Internet
START_TYPE : 2 AUTO_START
SERVICE_NAME: wuauserv
DISPLAY_NAME : Mises à jour automatiques
START_TYPE : 2 AUTO_START
SERVICE_NAME: srservice
DISPLAY_NAME : Service de restauration système
START_TYPE : 2 AUTO_START
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="1000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"SfcScan"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"
ShellExecuteHooks:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=""
Environment:
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
Path REG_EXPAND_SZ %systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD
windir REG_EXPAND_SZ %SystemRoot%
OS REG_SZ Windows_NT
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
LANG REG_SZ fr
SecurityProviders:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Authentication Packages:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Non-Default IFEO Debugger:
Non-Default Installed Components:
Non-Default Safeboot Minimal:
File Associations:
[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*"
[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\https\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"
[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"
[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""
[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"
[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"
Finished!