Virus
Fermé
mmary
Messages postés
5
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
1 février 2008
-
31 janv. 2008 à 13:27
mmary Messages postés 5 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 1 février 2008 - 1 févr. 2008 à 11:39
mmary Messages postés 5 Date d'inscription lundi 21 janvier 2008 Statut Membre Dernière intervention 1 février 2008 - 1 févr. 2008 à 11:39
A voir également:
- Virus
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Produkey virus ✓ - Forum Windows 10
- Vérificateur de lien virus - Guide
2 réponses
mmary
Messages postés
5
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
1 février 2008
31 janv. 2008 à 14:07
31 janv. 2008 à 14:07
ah oui j ai oublie de precser que ma souris parfois ne repond plu...
mmary
Messages postés
5
Date d'inscription
lundi 21 janvier 2008
Statut
Membre
Dernière intervention
1 février 2008
1 févr. 2008 à 11:39
1 févr. 2008 à 11:39
bonjour pensant avoir un virus sur msn j ai telecharger sdfix et voici le rapport mais je ny connais vraiment alors pouvais me dire si il y a un probleme de + jai 2ou3 chevaux de troie sur le pc merci d avance
SDFix: Version 1.135
Run by Arnaud - Lucia on 01/02/2008 at 11:12
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 11:27:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0008f4000527]
"0015b97062af"=hex:72,91,43,1b,b1,10,c6,0f,45,5b,44,f7,16,a8,30,63
"0015a8334430"=hex:f9,36,a5,6f,73,13,e9,37,61,7e,60,67,d9,d7,bc,8c
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:614ee1f2
"s2"=dword:4092f3d7
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e4,64,e7,7f,b1,89,70,3a,fd,69,db,b8,7a,69,7d,1c,4e,a7,07,04,33,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0008f4000527]
"0015b97062af"=hex:72,91,43,1b,b1,10,c6,0f,45,5b,44,f7,16,a8,30,63
"0015a8334430"=hex:f9,36,a5,6f,73,13,e9,37,61,7e,60,67,d9,d7,bc,8c
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e4,64,e7,7f,b1,89,70,3a,fd,69,db,b8,7a,69,7d,1c,4e,a7,07,04,33,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\Documents and Settings\\Matthieu\\Bureau\\emule.exe"="C:\\Documents and Settings\\Matthieu\\Bureau\\emule.exe:*:Disabled:eMule"
"H:\\Matthieu\\SteamApps\\matt29051988\\half-life 2 deathmatch\\hl2.exe"="H:\\Matthieu\\SteamApps\\matt29051988\\half-life 2 deathmatch\\hl2.exe:*:Disabled:hl2"
"C:\\Documents and Settings\\Matthieu\\Bureau\\jeu\\emule.exe"="C:\\Documents and Settings\\Matthieu\\Bureau\\jeu\\emule.exe:*:Disabled:eMule"
"C:\\Program Files\\utorrent\\utorrent.exe"="C:\\Program Files\\utorrent\\utorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds\\Game\\Battlegrounds.exe"="C:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds\\Game\\Battlegrounds.exe:*:Enabled:Star Wars Galactic Battlegrounds"
"C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Enabled:pes6.exe"
"C:\\Doomsday\\Bin\\Doomsday.exe"="C:\\Doomsday\\Bin\\Doomsday.exe:*:Enabled:Doomsday"
"C:\\Program Files\\Roger Wilco\\roger.exe"="C:\\Program Files\\Roger Wilco\\roger.exe:*:Enabled:Roger Wilco"
"C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe"="C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe:*:Enabled:rwbs"
"H:\\Matthieu\\Steam.exe"="H:\\Matthieu\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\magiconline.exe"="C:\\magiconline.exe:*:Enabled:Magic: The Gathering Online"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\DOCUME~1\\Matthieu\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\Matthieu\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Player2"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\85.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\85.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\73.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\73.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\37.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\37.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\16.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\16.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\10.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\10.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\38.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\38.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\18.exe"="C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\18.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\28.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\28.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\23.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\23.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\66.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\66.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\40.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\40.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\88.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\88.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\54.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\54.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\07.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\07.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\86.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\86.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\41.exe"="C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\41.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\60.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\60.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\55.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\55.exe:*:Enabled:@xpsp2res.dll,-22005"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
---------------
Files with Hidden Attributes:
Thu 1 Nov 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Sat 26 Jan 2008 84,992 ..SHR --- "C:\WINDOWS\system32\ppnsvc.exe"
Wed 9 May 2007 18,410,658 A..HR --- "C:\Documents and Settings\All Users\Bureau\WDM_A398.zip"
Sun 13 May 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 15 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT2.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT5.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT9.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT1.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT6.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT8.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT4.tmp"
Sun 13 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT3.tmp"
Fri 5 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d03f71700772ecd1d20bacc33c473cd5\BIT3.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT7.tmp"
Mon 12 Nov 2007 444 ...HR --- "C:\Documents and Settings\Arnaud - Lucia\Application Data\SecuROM\UserData\securom_v7_01.bak"
Mon 16 Jul 2007 444 ...HR --- "C:\Documents and Settings\Matthieu\Application Data\SecuROM\UserData\securom_v7_01.bak"
Finished!
SDFix: Version 1.135
Run by Arnaud - Lucia on 01/02/2008 at 11:12
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 11:27:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0008f4000527]
"0015b97062af"=hex:72,91,43,1b,b1,10,c6,0f,45,5b,44,f7,16,a8,30,63
"0015a8334430"=hex:f9,36,a5,6f,73,13,e9,37,61,7e,60,67,d9,d7,bc,8c
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:614ee1f2
"s2"=dword:4092f3d7
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e4,64,e7,7f,b1,89,70,3a,fd,69,db,b8,7a,69,7d,1c,4e,a7,07,04,33,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0008f4000527]
"0015b97062af"=hex:72,91,43,1b,b1,10,c6,0f,45,5b,44,f7,16,a8,30,63
"0015a8334430"=hex:f9,36,a5,6f,73,13,e9,37,61,7e,60,67,d9,d7,bc,8c
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e4,64,e7,7f,b1,89,70,3a,fd,69,db,b8,7a,69,7d,1c,4e,a7,07,04,33,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\Documents and Settings\\Matthieu\\Bureau\\emule.exe"="C:\\Documents and Settings\\Matthieu\\Bureau\\emule.exe:*:Disabled:eMule"
"H:\\Matthieu\\SteamApps\\matt29051988\\half-life 2 deathmatch\\hl2.exe"="H:\\Matthieu\\SteamApps\\matt29051988\\half-life 2 deathmatch\\hl2.exe:*:Disabled:hl2"
"C:\\Documents and Settings\\Matthieu\\Bureau\\jeu\\emule.exe"="C:\\Documents and Settings\\Matthieu\\Bureau\\jeu\\emule.exe:*:Disabled:eMule"
"C:\\Program Files\\utorrent\\utorrent.exe"="C:\\Program Files\\utorrent\\utorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds\\Game\\Battlegrounds.exe"="C:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds\\Game\\Battlegrounds.exe:*:Enabled:Star Wars Galactic Battlegrounds"
"C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ2\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe:*:Enabled:pes6.exe"
"C:\\Doomsday\\Bin\\Doomsday.exe"="C:\\Doomsday\\Bin\\Doomsday.exe:*:Enabled:Doomsday"
"C:\\Program Files\\Roger Wilco\\roger.exe"="C:\\Program Files\\Roger Wilco\\roger.exe:*:Enabled:Roger Wilco"
"C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe"="C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe:*:Enabled:rwbs"
"H:\\Matthieu\\Steam.exe"="H:\\Matthieu\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\magiconline.exe"="C:\\magiconline.exe:*:Enabled:Magic: The Gathering Online"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\DOCUME~1\\Matthieu\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\Matthieu\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Player2"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\85.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\85.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\73.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\73.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\37.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\37.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\16.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\16.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\10.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\10.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\38.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\38.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\18.exe"="C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\18.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\28.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\28.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\23.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\23.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\66.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\66.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\40.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\40.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\88.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\88.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\54.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\54.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\07.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\07.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\86.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\86.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\41.exe"="C:\\DOCUME~1\\Bernard\\LOCALS~1\\Temp\\41.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\60.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\60.exe:*:Enabled:@xpsp2res.dll,-22005"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\55.exe"="C:\\DOCUME~1\\ARNAUD~1\\LOCALS~1\\Temp\\55.exe:*:Enabled:@xpsp2res.dll,-22005"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
---------------
Files with Hidden Attributes:
Thu 1 Nov 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Sat 26 Jan 2008 84,992 ..SHR --- "C:\WINDOWS\system32\ppnsvc.exe"
Wed 9 May 2007 18,410,658 A..HR --- "C:\Documents and Settings\All Users\Bureau\WDM_A398.zip"
Sun 13 May 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 15 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT2.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT5.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT9.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT1.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT6.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT8.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT4.tmp"
Sun 13 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT3.tmp"
Fri 5 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d03f71700772ecd1d20bacc33c473cd5\BIT3.tmp"
Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT7.tmp"
Mon 12 Nov 2007 444 ...HR --- "C:\Documents and Settings\Arnaud - Lucia\Application Data\SecuROM\UserData\securom_v7_01.bak"
Mon 16 Jul 2007 444 ...HR --- "C:\Documents and Settings\Matthieu\Application Data\SecuROM\UserData\securom_v7_01.bak"
Finished!
