Critical error pour Lyonnais2
Tanzilli
-
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
ReBonjour, alors voici le nouveau topic avec le rapport que tu a désirer, peut tu m'aidez vraiment ?merci
_____________________________________________________________________________________________
Deckard's System Scanner v20071014.68
Run by Tanzilli on 2008-07-09 12:46:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
90: 2008-07-09 10:46:20 UTC - RP129 - Deckard's System Scanner Restore Point
89: 2008-07-08 17:56:08 UTC - RP128 - Installed AVG Free 8.0
88: 2008-07-08 17:34:55 UTC - RP127 - Removed iVocalize Voice Conferencing Client
87: 2008-07-08 17:32:19 UTC - RP126 - Before System Cleanup by Zappit!
86: 2008-07-08 17:30:45 UTC - RP125 - Last known good configuration
-- First Restore Point --
1: 2008-07-08 17:30:06 UTC - RP40 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Tanzilli.exe) --------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:06, on 09/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Tanzilli\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tanzilli.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00A00583-419B-427F-80E8-E0EEEE47EE4D} - C:\WINDOWS\system32\efcATJCT.dll
O2 - BHO: VideoCodec Class - {284AAAD9-FDF9-49A3-93ED-9CAE4AA26805} - C:\WINDOWS\system32\AswBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {73984FE0-9702-4C55-9C7B-9BA3C5861F25} - C:\WINDOWS\system32\awtTMdaY.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {87FD33C2-7891-45D5-ACD1-7935F9AEA26B} - C:\WINDOWS\system32\eps32.dll
O2 - BHO: VideoCodec Class - {926A61C9-5C20-4583-ACA7-ACE21088816E} - C:\WINDOWS\system32\RichVideoCodec.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: sqvgnrpx - {9437C997-89E6-4B84-A745-BEFD3A910FF5} - C:\WINDOWS\sqvgnrpx.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [devenv] C:\WINDOWS\system\smvss.exe /w
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [8cf63ab1] rundll32.exe "C:\WINDOWS\system32\ediidemd.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: awtTMdaY - C:\WINDOWS\SYSTEM32\awtTMdaY.dll
O21 - SSODL: fdxbameg - {522F22DA-5140-48B0-AA2B-6BD1B6BA9C91} - C:\WINDOWS\fdxbameg.dll (file missing)
O21 - SSODL: fsrpknov - {272BC601-EB19-473B-8059-FB1D4E1940BA} - C:\WINDOWS\fsrpknov.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 9235 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
S3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - c:\windows\system32\dnindis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 DSDrv4 - c:\progra~1\k!tv\plugins\s_bt8x8\dsdrv4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
S3 FLEXnet Licensing Service - "c:\program files\fichiers communs\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&23581523&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&23581523&0&00
Service: NVENETFD
-- Scheduled Tasks -------------------------------------------------------------
2008-07-06 18:00:07 414 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-06-09 and 2008-07-09 -----------------------------
2008-07-09 12:44:46 0 d-------- C:\Program Files\Trend Micro
2008-07-09 11:36:19 89088 --a------ C:\WINDOWS\system32\ediidemd.dll
2008-07-09 10:34:34 89088 -----n--- C:\WINDOWS\system32\rwfbdnfj.dll
2008-07-08 20:00:23 0 d--h----- C:\$AVG8.VAULT$
2008-07-08 19:56:17 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-08 19:56:17 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\AVGTOOLBAR
2008-07-08 19:56:08 0 d-------- C:\Program Files\AVG
2008-07-08 19:56:08 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-08 19:45:02 0 d-------- C:\Documents and Settings\Tanzilli\.housecall6.6
2008-07-08 19:32:19 0 dr-h----- C:\Documents and Settings\Tanzilli\Recent
2008-07-08 19:29:55 173165 --ahs---- C:\WINDOWS\system32\TCJTAcfe.ini2
2008-07-08 19:29:47 318208 --a------ C:\WINDOWS\system32\efcATJCT.dll
2008-07-08 19:24:44 29568 --a------ C:\WINDOWS\system32\khfEWNEw.dll
2008-07-08 19:24:44 29568 --a------ C:\WINDOWS\system32\awtTMdaY.dll
2008-07-08 19:24:11 274432 --a------ C:\WINDOWS\fsrpknov.dll
2008-07-08 19:23:57 0 d-------- C:\Program Files\VAV
2008-07-08 19:23:57 0 d-------- C:\Program Files\PCHealthCenter
2008-07-08 19:21:15 22528 --a------ C:\WINDOWS\system32\eps32.dll
2008-07-08 19:21:09 22528 --a------ C:\WINDOWS\system32\epsondrv.dll
2008-07-08 19:21:03 22528 --a------ C:\WINDOWS\system32\epsdrv.dll
2008-07-08 19:20:56 22528 --a------ C:\WINDOWS\system32\epsonbho.dll
2008-07-08 19:18:34 0 d-------- C:\Program Files\RichVideoCodec
2008-07-08 14:32:16 180224 --a------ C:\WINDOWS\system32\AswBHO.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-07-07 23:44:52 0 d-------- C:\Program Files\Kreatives.org
2008-07-07 23:44:14 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\GetRightToGo
2008-07-03 03:40:30 229376 --a------ C:\WINDOWS\system32\RichVideoCodec.dll <Not Verified; IRCodecs; RichVideoCodec>
2008-07-02 11:39:03 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-07-02 11:26:31 0 d-------- C:\Program Files\Rockstar Games
2008-06-29 09:28:24 0 d-------- C:\Program Files\Norton Security Scan
2008-06-26 19:47:13 0 d-------- C:\Documents and Settings\Tanzilli\Start Menu
2008-06-26 19:47:01 0 d-------- C:\Program Files\PacificPoker4
2008-06-23 15:08:52 50 --a------ C:\WINDOWS\system32\bridf05a.dat
2008-06-23 15:08:37 55296 -----n--- C:\WINDOWS\system32\brinsstr.dll <Not Verified; Brother Industries,Ltd.; Brother MFL Pro>
2008-06-23 15:08:36 188416 -----n--- C:\WINDOWS\system32\PDRVINST.DLL <Not Verified; brother; installer>
2008-06-23 15:08:36 65536 -----n--- C:\WINDOWS\system32\BRWEBUP.EXE <Not Verified; brother; brother brwebup>
2008-06-23 15:08:36 81920 -----n--- C:\WINDOWS\system32\BrWebIns.dll <Not Verified; brother; brother BrWebIns>
2008-06-23 15:08:36 0 d-------- C:\Program Files\Brother
2008-06-23 15:08:31 0 d-------- C:\Brother
2008-06-23 15:08:30 147456 -----n--- C:\WINDOWS\brunin03.dll <Not Verified; Brother Industries,Ltd.; Brother MFL-Pro>
2008-06-23 14:56:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Brother
2008-06-22 12:31:59 0 d-------- C:\Program Files\Fichiers communs\xing shared
2008-06-22 12:31:49 0 d-------- C:\Program Files\Real
2008-06-22 12:31:47 0 d-------- C:\Program Files\Fichiers communs\Real
2008-06-22 12:31:46 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\Real
-- Find3M Report ---------------------------------------------------------------
2008-07-09 12:42:52 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\vmntoolbar
2008-07-08 19:35:02 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-08 19:12:35 0 d-------- C:\Program Files\eMule
2008-07-07 23:03:11 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\LimeWire
2008-06-28 22:24:19 0 d-------- C:\Program Files\WarRock
2008-06-23 15:08:36 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-06-22 12:31:59 0 d-------- C:\Program Files\Fichiers communs
2008-06-11 14:10:17 0 d-------- C:\Program Files\World of Warcraft
2008-06-08 13:07:19 0 d-------- C:\Program Files\QuickTime
2008-06-08 13:07:18 0 d-------- C:\Program Files\Xilisoft
2008-06-07 19:28:09 0 d-------- C:\Program Files\Motorola Phone Tools
2008-06-07 19:27:27 0 d-------- C:\Program Files\Common Files
2008-06-07 19:24:55 0 d-------- C:\Program Files\Avanquest update
2008-06-07 10:06:17 0 d-------- C:\Program Files\SecondLife
2008-06-01 12:57:12 1289 --a------ C:\WINDOWS\mozver.dat
2008-06-01 12:57:01 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\Adobe
2008-05-31 14:34:58 0 d-------- C:\Program Files\Fichiers communs\Motorola Shared
2008-05-28 18:18:29 0 d-------- C:\Program Files\vmntoolbar
2008-05-28 18:17:58 0 d-------- C:\Program Files\Visicom Media
2008-05-27 16:37:00 0 d-------- C:\Program Files\Analog Devices
2008-05-27 16:13:05 0 d-------- C:\Program Files\Free Download Manager
2008-05-27 16:02:41 0 d-------- C:\Program Files\ma-config.com
2008-05-13 20:07:10 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\SecondLife
2008-05-12 16:09:33 0 d-------- C:\Program Files\MeuhMeuhTV
2008-05-12 10:44:26 0 d-------- C:\Program Files\Lavasoft
2008-05-12 10:44:06 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-12 10:39:59 0 d-------- C:\Program Files\Zappit
2008-04-24 11:30:32 720896 --a------ C:\WINDOWS\iun6002ev.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-04-19 22:44:23 476620 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-04-19 22:44:23 78346 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-04-19 16:44:00 669184 --a------ C:\WINDOWS\system32\pbsvc.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00A00583-419B-427F-80E8-E0EEEE47EE4D}]
08/07/2008 19:29 318208 --a------ C:\WINDOWS\system32\efcATJCT.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}]
08/07/2008 14:32 180224 --a------ C:\WINDOWS\system32\AswBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{73984FE0-9702-4C55-9C7B-9BA3C5861F25}]
08/07/2008 19:24 29568 --a------ C:\WINDOWS\system32\awtTMdaY.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}]
08/07/2008 19:21 22528 --a------ C:\WINDOWS\system32\eps32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{926A61C9-5C20-4583-ACA7-ACE21088816E}]
03/07/2008 03:40 229376 --a------ C:\WINDOWS\system32\RichVideoCodec.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
08/07/2008 19:56 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [08/07/2008 19:56 2050816]
[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [11/05/2007 00:03]
"nwiz"="nwiz.exe" [11/05/2007 00:03 C:\WINDOWS\system32\nwiz.exe]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [30/10/2006 14:44]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [16/11/2006 11:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [20/09/2007 09:51]
"devenv"="C:\WINDOWS\system\smvss.exe" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [18/12/2006 15:34]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [13/07/2006 07:12]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [11/05/2007 00:03]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [22/06/2008 12:31]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [26/01/2005 18:02]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [17/05/2005 17:42]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [08/07/2008 19:56]
"8cf63ab1"="C:\WINDOWS\system32\ediidemd.dll" [09/07/2008 11:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [19/08/2004 17:09]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [20/09/2007 15:35]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [23/06/2008 15:08:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{73984FE0-9702-4C55-9C7B-9BA3C5861F25}"= C:\WINDOWS\system32\awtTMdaY.dll [08/07/2008 19:24 29568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"fdxbameg"= {522F22DA-5140-48B0-AA2B-6BD1B6BA9C91} - C:\WINDOWS\fdxbameg.dll [ ]
"fsrpknov"= {272BC601-EB19-473B-8059-FB1D4E1940BA} - C:\WINDOWS\fsrpknov.dll [08/07/2008 11:01 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtTMdaY]
awtTMdaY.dll 08/07/2008 19:24 29568 C:\WINDOWS\system32\awtTMdaY.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\efcATJCT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
-- End of Deckard's System Scanner: finished at 2008-07-09 12:47:43 ------------
_____________________________________________________________________________________________
Deckard's System Scanner v20071014.68
Run by Tanzilli on 2008-07-09 12:46:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
90: 2008-07-09 10:46:20 UTC - RP129 - Deckard's System Scanner Restore Point
89: 2008-07-08 17:56:08 UTC - RP128 - Installed AVG Free 8.0
88: 2008-07-08 17:34:55 UTC - RP127 - Removed iVocalize Voice Conferencing Client
87: 2008-07-08 17:32:19 UTC - RP126 - Before System Cleanup by Zappit!
86: 2008-07-08 17:30:45 UTC - RP125 - Last known good configuration
-- First Restore Point --
1: 2008-07-08 17:30:06 UTC - RP40 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Tanzilli.exe) --------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:06, on 09/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Tanzilli\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tanzilli.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00A00583-419B-427F-80E8-E0EEEE47EE4D} - C:\WINDOWS\system32\efcATJCT.dll
O2 - BHO: VideoCodec Class - {284AAAD9-FDF9-49A3-93ED-9CAE4AA26805} - C:\WINDOWS\system32\AswBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {73984FE0-9702-4C55-9C7B-9BA3C5861F25} - C:\WINDOWS\system32\awtTMdaY.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {87FD33C2-7891-45D5-ACD1-7935F9AEA26B} - C:\WINDOWS\system32\eps32.dll
O2 - BHO: VideoCodec Class - {926A61C9-5C20-4583-ACA7-ACE21088816E} - C:\WINDOWS\system32\RichVideoCodec.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: sqvgnrpx - {9437C997-89E6-4B84-A745-BEFD3A910FF5} - C:\WINDOWS\sqvgnrpx.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [devenv] C:\WINDOWS\system\smvss.exe /w
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [8cf63ab1] rundll32.exe "C:\WINDOWS\system32\ediidemd.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: awtTMdaY - C:\WINDOWS\SYSTEM32\awtTMdaY.dll
O21 - SSODL: fdxbameg - {522F22DA-5140-48B0-AA2B-6BD1B6BA9C91} - C:\WINDOWS\fdxbameg.dll (file missing)
O21 - SSODL: fsrpknov - {272BC601-EB19-473B-8059-FB1D4E1940BA} - C:\WINDOWS\fsrpknov.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 9235 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
S3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - c:\windows\system32\dnindis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 DSDrv4 - c:\progra~1\k!tv\plugins\s_bt8x8\dsdrv4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
S3 FLEXnet Licensing Service - "c:\program files\fichiers communs\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&23581523&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&23581523&0&00
Service: NVENETFD
-- Scheduled Tasks -------------------------------------------------------------
2008-07-06 18:00:07 414 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-06-09 and 2008-07-09 -----------------------------
2008-07-09 12:44:46 0 d-------- C:\Program Files\Trend Micro
2008-07-09 11:36:19 89088 --a------ C:\WINDOWS\system32\ediidemd.dll
2008-07-09 10:34:34 89088 -----n--- C:\WINDOWS\system32\rwfbdnfj.dll
2008-07-08 20:00:23 0 d--h----- C:\$AVG8.VAULT$
2008-07-08 19:56:17 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-08 19:56:17 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\AVGTOOLBAR
2008-07-08 19:56:08 0 d-------- C:\Program Files\AVG
2008-07-08 19:56:08 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-08 19:45:02 0 d-------- C:\Documents and Settings\Tanzilli\.housecall6.6
2008-07-08 19:32:19 0 dr-h----- C:\Documents and Settings\Tanzilli\Recent
2008-07-08 19:29:55 173165 --ahs---- C:\WINDOWS\system32\TCJTAcfe.ini2
2008-07-08 19:29:47 318208 --a------ C:\WINDOWS\system32\efcATJCT.dll
2008-07-08 19:24:44 29568 --a------ C:\WINDOWS\system32\khfEWNEw.dll
2008-07-08 19:24:44 29568 --a------ C:\WINDOWS\system32\awtTMdaY.dll
2008-07-08 19:24:11 274432 --a------ C:\WINDOWS\fsrpknov.dll
2008-07-08 19:23:57 0 d-------- C:\Program Files\VAV
2008-07-08 19:23:57 0 d-------- C:\Program Files\PCHealthCenter
2008-07-08 19:21:15 22528 --a------ C:\WINDOWS\system32\eps32.dll
2008-07-08 19:21:09 22528 --a------ C:\WINDOWS\system32\epsondrv.dll
2008-07-08 19:21:03 22528 --a------ C:\WINDOWS\system32\epsdrv.dll
2008-07-08 19:20:56 22528 --a------ C:\WINDOWS\system32\epsonbho.dll
2008-07-08 19:18:34 0 d-------- C:\Program Files\RichVideoCodec
2008-07-08 14:32:16 180224 --a------ C:\WINDOWS\system32\AswBHO.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-07-07 23:44:52 0 d-------- C:\Program Files\Kreatives.org
2008-07-07 23:44:14 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\GetRightToGo
2008-07-03 03:40:30 229376 --a------ C:\WINDOWS\system32\RichVideoCodec.dll <Not Verified; IRCodecs; RichVideoCodec>
2008-07-02 11:39:03 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-07-02 11:26:31 0 d-------- C:\Program Files\Rockstar Games
2008-06-29 09:28:24 0 d-------- C:\Program Files\Norton Security Scan
2008-06-26 19:47:13 0 d-------- C:\Documents and Settings\Tanzilli\Start Menu
2008-06-26 19:47:01 0 d-------- C:\Program Files\PacificPoker4
2008-06-23 15:08:52 50 --a------ C:\WINDOWS\system32\bridf05a.dat
2008-06-23 15:08:37 55296 -----n--- C:\WINDOWS\system32\brinsstr.dll <Not Verified; Brother Industries,Ltd.; Brother MFL Pro>
2008-06-23 15:08:36 188416 -----n--- C:\WINDOWS\system32\PDRVINST.DLL <Not Verified; brother; installer>
2008-06-23 15:08:36 65536 -----n--- C:\WINDOWS\system32\BRWEBUP.EXE <Not Verified; brother; brother brwebup>
2008-06-23 15:08:36 81920 -----n--- C:\WINDOWS\system32\BrWebIns.dll <Not Verified; brother; brother BrWebIns>
2008-06-23 15:08:36 0 d-------- C:\Program Files\Brother
2008-06-23 15:08:31 0 d-------- C:\Brother
2008-06-23 15:08:30 147456 -----n--- C:\WINDOWS\brunin03.dll <Not Verified; Brother Industries,Ltd.; Brother MFL-Pro>
2008-06-23 14:56:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Brother
2008-06-22 12:31:59 0 d-------- C:\Program Files\Fichiers communs\xing shared
2008-06-22 12:31:49 0 d-------- C:\Program Files\Real
2008-06-22 12:31:47 0 d-------- C:\Program Files\Fichiers communs\Real
2008-06-22 12:31:46 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\Real
-- Find3M Report ---------------------------------------------------------------
2008-07-09 12:42:52 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\vmntoolbar
2008-07-08 19:35:02 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-08 19:12:35 0 d-------- C:\Program Files\eMule
2008-07-07 23:03:11 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\LimeWire
2008-06-28 22:24:19 0 d-------- C:\Program Files\WarRock
2008-06-23 15:08:36 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-06-22 12:31:59 0 d-------- C:\Program Files\Fichiers communs
2008-06-11 14:10:17 0 d-------- C:\Program Files\World of Warcraft
2008-06-08 13:07:19 0 d-------- C:\Program Files\QuickTime
2008-06-08 13:07:18 0 d-------- C:\Program Files\Xilisoft
2008-06-07 19:28:09 0 d-------- C:\Program Files\Motorola Phone Tools
2008-06-07 19:27:27 0 d-------- C:\Program Files\Common Files
2008-06-07 19:24:55 0 d-------- C:\Program Files\Avanquest update
2008-06-07 10:06:17 0 d-------- C:\Program Files\SecondLife
2008-06-01 12:57:12 1289 --a------ C:\WINDOWS\mozver.dat
2008-06-01 12:57:01 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\Adobe
2008-05-31 14:34:58 0 d-------- C:\Program Files\Fichiers communs\Motorola Shared
2008-05-28 18:18:29 0 d-------- C:\Program Files\vmntoolbar
2008-05-28 18:17:58 0 d-------- C:\Program Files\Visicom Media
2008-05-27 16:37:00 0 d-------- C:\Program Files\Analog Devices
2008-05-27 16:13:05 0 d-------- C:\Program Files\Free Download Manager
2008-05-27 16:02:41 0 d-------- C:\Program Files\ma-config.com
2008-05-13 20:07:10 0 d-------- C:\Documents and Settings\Tanzilli\Application Data\SecondLife
2008-05-12 16:09:33 0 d-------- C:\Program Files\MeuhMeuhTV
2008-05-12 10:44:26 0 d-------- C:\Program Files\Lavasoft
2008-05-12 10:44:06 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-12 10:39:59 0 d-------- C:\Program Files\Zappit
2008-04-24 11:30:32 720896 --a------ C:\WINDOWS\iun6002ev.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-04-19 22:44:23 476620 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-04-19 22:44:23 78346 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-04-19 16:44:00 669184 --a------ C:\WINDOWS\system32\pbsvc.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00A00583-419B-427F-80E8-E0EEEE47EE4D}]
08/07/2008 19:29 318208 --a------ C:\WINDOWS\system32\efcATJCT.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}]
08/07/2008 14:32 180224 --a------ C:\WINDOWS\system32\AswBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{73984FE0-9702-4C55-9C7B-9BA3C5861F25}]
08/07/2008 19:24 29568 --a------ C:\WINDOWS\system32\awtTMdaY.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}]
08/07/2008 19:21 22528 --a------ C:\WINDOWS\system32\eps32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{926A61C9-5C20-4583-ACA7-ACE21088816E}]
03/07/2008 03:40 229376 --a------ C:\WINDOWS\system32\RichVideoCodec.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
08/07/2008 19:56 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [08/07/2008 19:56 2050816]
[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [11/05/2007 00:03]
"nwiz"="nwiz.exe" [11/05/2007 00:03 C:\WINDOWS\system32\nwiz.exe]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [30/10/2006 14:44]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [16/11/2006 11:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [20/09/2007 09:51]
"devenv"="C:\WINDOWS\system\smvss.exe" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [18/12/2006 15:34]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [13/07/2006 07:12]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [11/05/2007 00:03]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [22/06/2008 12:31]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [26/01/2005 18:02]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [17/05/2005 17:42]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [08/07/2008 19:56]
"8cf63ab1"="C:\WINDOWS\system32\ediidemd.dll" [09/07/2008 11:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [19/08/2004 17:09]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [20/09/2007 15:35]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [23/06/2008 15:08:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{73984FE0-9702-4C55-9C7B-9BA3C5861F25}"= C:\WINDOWS\system32\awtTMdaY.dll [08/07/2008 19:24 29568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"fdxbameg"= {522F22DA-5140-48B0-AA2B-6BD1B6BA9C91} - C:\WINDOWS\fdxbameg.dll [ ]
"fsrpknov"= {272BC601-EB19-473B-8059-FB1D4E1940BA} - C:\WINDOWS\fsrpknov.dll [08/07/2008 11:01 274432]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtTMdaY]
awtTMdaY.dll 08/07/2008 19:24 29568 C:\WINDOWS\system32\awtTMdaY.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\efcATJCT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
-- End of Deckard's System Scanner: finished at 2008-07-09 12:47:43 ------------
Configuration: Windows XP Firefox 2.0.0.15
A voir également:
- Critical error pour Lyonnais2
- A javascript error occurred in the main process - Forum Matériel & Système
- Network error iptv - Forum Réseaux sociaux
- Fan error lenovo - Forum Refroidissement
- Eespt technical error ✓ - Forum TNT / Satellite / Réception
- Pointage antenne ✓ - Forum TNT / Satellite / Réception
