[vista] crash explorer.exe [Résolu/Fermé]

Signaler
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008
-
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
-
Bonjour,
J'ai eu un virus ou un cheval de troie recemment detecté par kasperky , cependant malgré sa suppression je n'ai plus accès au panneau de configuration est impossible (le fenetre s'ouvre puis se referme ) explorateur windows a cessé de fonctionner!
La restauration du système étant désactivée , j'ai effectué une réparation de windows vista avec le dvd d'installation , rien n'y fais toujours la meme erreur , j'ai executé pas mal d'utilitaire de registre sans trouver aucune solution! J'ai donc observer l'observateur d'evenement cependant le appcrash pour explorer.exe me notifie du module unknow.
Je suis desespéré étant donné que je ne peux pas me permettre de formatter
J'ai effetué un hijackthis et voici le rapport ci dessous!
Je vous remercie d'avance de votre aide
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:26, on 12/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\SOUNDMAN.EXE
C:\Windows\vsnpstd3.exe
C:\Windows\System32\oodtray.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conime.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmes\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\YouTube Converter\MoyeaCth.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: gxvpsafm - {6B56C8CA-C94E-4DBA-BF1B-6C07AFCC644E} - (no file)
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ErrorDoctor] C:\Program Files\SoftwareDoctor\ErrorDoctor\ErrorDoctor.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Programmes\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Programmes\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Programmes\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmes\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - http://confidential-flx92i.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: OABXTMG - Sysinternals - www.sysinternals.com - C:\Users\YoYo\AppData\Local\Temp\OABXTMG.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

24 réponses

Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,


Télécharge VundoFix:
http://www.atribune.org/ccount/click.php?id=4

Double-clique VundoFix.exe pour le lancer
lorsque il se lance à nouveau , clique sur [Scan for Vundo]
à la fin du scan , clique sur [Remove Vundo]
il te demandera si tu veux supprimer les fichiers , clique sur [YES]
ton Bureau va disparaitre lors de la suppression des fichiers
ensuite , il va t'annoncer que ton PC va s'éteindre , clique [OK]
Redémarre ton PC

Copie/colle le rapport ( C:\vundofix.txt )
et un nouveau rapport HijackThis

Il est possible que VundoFix ne puisse pas supprimer un fichier ,
dans ce cas, il se relancera au prochain redémarrage ,
il suffit de recommencer à partir de clique sur [Scan for Vundo]
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

Je l'avais déja fais hier car j'ai fais le tour des posts , cependant il n'a trouvé aucun fichier infecté!
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,



Télécharge ComboFix (de sUBs) sur ton Bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

bonsoir ludsfa

pouvez vous m indiqué l infection vundo sur le rapport hijackthis c est pour mes infos perso merci
Messages postés
18206
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
403
Bonsoir ludsfa,

Mais il est ouuu ouuu ouuuu ouuuu ouuuu le vundo a son kiki ?

ha ha`
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

C'est fait , j'en ai marre ca marche toujours pas! , une autre solutioon ?!
Mais lOooooool! T'es trop fort mec , génial ca a marché juste après l'analyse meme pas besoin de redemarrage !
Un grand bravo à Ludsfa et merci à tous

ComboFix 08-07-13.8 - YoYo 2008-07-14 8:39:26.1 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6001.1.1252.1.1036.18.1185 [GMT 2:00]
Endroit: C:\Users\YoYo\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\YoYo\Desktop\SUPER P0RN.url
C:\Windows\system32\Ultra.dll
C:\Windows\system32\vav.cpl

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-14 to 2008-07-14 ))))))))))))))))))))))))))))))))))))
.

2008-07-14 08:35 . 2008-07-14 08:36 <REP> d-------- C:\327882R2FWJFW
2008-07-13 21:13 . 2008-07-13 21:13 2,039,296 --a------ C:\360FW-Toolbox-46.rar.bc!
2008-07-13 21:12 . 2008-07-13 21:12 <REP> d-------- C:\X360 Backup & Firmware ToolBox (02-2008)
2008-07-13 21:00 . 2008-07-13 21:00 <REP> d-------- C:\Windows\System32\360fwtoolbox_30
2008-07-13 20:54 . 2008-07-13 20:54 <REP> d-------- C:\zbin
2008-07-13 20:10 . 2008-07-13 20:10 <REP> d-------- C:\usbfile
2008-07-13 20:08 . 2008-07-13 20:08 <REP> d-------- C:\DriveKey
2008-07-13 19:43 . 2008-07-13 19:43 <REP> d-------- C:\dosflash14b
2008-07-13 15:38 . 2008-07-13 15:48 <REP> d-------- C:\BenQ_TooLs
2008-07-13 15:23 . 2008-07-13 15:23 <REP> d-------- C:\C4EVA_iXTRM-Benq V1.41 Benq iXtreme v1.41
2008-07-13 15:16 . 2008-07-13 15:19 386,647 --a------ C:\C4EVA_iXTRM-Benq V1.41 Benq iXtreme v1.41.rar
2008-07-13 15:07 . 2008-07-13 15:07 <REP> d-------- C:\Program Files\X-Projects
2008-07-13 15:01 . 2008-07-13 15:01 <REP> d--h----- C:\Windows\PIF
2008-07-13 14:43 . 2008-07-13 14:47 <REP> d-------- C:\all.fw.tools.r2c
2008-07-13 14:40 . 2008-07-13 14:40 <REP> d-------- C:\BenQ iXtremev1.1
2008-07-13 14:38 . 2008-07-13 14:38 79,386 --a------ C:\BenQ iXtremev1.1.rar
2008-07-13 14:13 . 2008-07-13 14:13 <REP> d-------- C:\Program Files\AxBx
2008-07-12 21:01 . 2008-07-12 21:01 <REP> d-------- C:\VundoFix Backups
2008-07-12 20:11 . 2008-07-12 20:12 <REP> d-------- C:\Uniblue RegistryBooster 2
2008-07-11 20:56 . 2008-03-12 22:21 678,408 --a------ C:\Windows\System32\gpprefcl.dll
2008-07-11 18:27 . 2008-07-11 18:27 <REP> d-------- C:\Windows\Google Earth Pro 4.2
2008-07-11 18:27 . 2008-07-11 18:29 <REP> d-------- C:\Program Files\Google Earth Pro 4.2
2008-07-11 18:24 . 2008-07-11 18:25 <REP> d-------- C:\Google Earth Pro 4.2
2008-07-10 02:04 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-10 02:04 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-10 02:04 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-07 00:15 . 2007-07-20 01:55 233,888 --a------ C:\Windows\System32\DreamScene.dll
2008-07-06 20:08 . 2008-07-06 20:24 2,367,633 --a------ C:\Error Doctor 2008 v1.5 + serial.rar
2008-07-06 20:02 . 2008-07-06 20:02 <REP> d-------- C:\ErrorDoctor 2008 + serial
2008-07-06 19:57 . 2008-07-06 19:57 3,445,248 --a------ C:\Error Doctor PC Fix 2008.zip.bc!
2008-07-06 19:46 . 2008-07-06 20:05 2,465,006 --a------ C:\Error Doctor 2008 version with serial number.rar.bc!
2008-07-06 19:44 . 2008-07-06 19:44 <REP> d-------- C:\Program Files\SoftwareDoctor
2008-07-06 19:40 . 2008-07-06 19:43 6,214,069 --a------ C:\Error Doctor 2008 v1 5 Fix Your PC.rar
2008-07-06 17:40 . 2008-04-14 19:51 171,136 -rahs---- C:\grldr
2008-07-06 16:09 . 2008-07-06 16:09 <REP> d-------- C:\Program Files\Realtek AC97
2008-07-06 16:07 . 2008-07-06 16:07 <REP> d-------- C:\pilote_audio_realtek_ac97_6.0.1.6251_4321
2008-07-05 18:01 . 2008-07-05 18:01 <REP> dr------- C:\Windows\System32\config\systemprofile\Music
2008-07-05 14:32 . 2008-07-05 14:32 <REP> d-------- C:\Users\All Users\Uniblue
2008-07-05 14:32 . 2008-07-05 14:32 <REP> d-------- C:\ProgramData\Uniblue
2008-07-05 13:02 . 2008-07-05 13:21 <REP> d-------- C:\Program Files\RegCure
2008-07-04 21:41 . 2008-07-04 21:46 47 --a------ C:\Windows\System32\[u]0/u9wutili.sys
2008-07-04 21:39 . 2008-07-04 21:46 <REP> d-------- C:\Program Files\WinUtilities
2008-07-04 21:28 . 2008-07-04 21:28 <REP> d-------- C:\Program Files\CleanUp!
2008-07-04 11:02 . 2008-07-04 11:02 <REP> d-------- C:\!KillBox
2008-07-04 10:33 . 2008-07-04 10:33 <REP> d-------- C:\Users\All Users\ATI
2008-07-04 10:33 . 2008-07-04 10:33 <REP> d-------- C:\ProgramData\ATI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\Users\All Users\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\ProgramData\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\Program Files\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 17,408 --a------ C:\Windows\System32\drivers\pxark.sys
2008-07-04 01:12 . 2008-07-03 22:41 152,576 --a------ C:\Windows\System32\SPWizUI.dll
2008-07-04 01:12 . 2008-07-03 22:41 47,560 --a------ C:\Windows\System32\SPReview.exe
2008-07-04 00:57 . 2008-01-18 23:33 193,024 --a------ C:\Windows\System32\recdisc.exe
2008-07-04 00:57 . 2008-01-18 23:36 6,656 --a------ C:\Windows\System32\sdspres.dll
2008-07-04 00:55 . 2008-01-18 23:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-07-04 00:54 . 2008-01-18 23:38 4,595,712 --a------ C:\Windows\System32\AuthFWSnapin.dll
2008-07-04 00:53 . 2008-01-18 23:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-07-04 00:51 . 2008-01-18 21:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll
2008-07-04 00:48 . 2008-01-18 23:33 44,032 --a------ C:\Windows\System32\cbsra.exe
2008-07-04 00:13 . 2008-07-04 00:13 <REP> d-------- C:\Program Files\Trend Micro
2008-07-04 00:09 . 2008-07-04 00:09 <REP> d-------- C:\Deckard
2008-07-03 22:41 . 2008-07-04 01:17 196,608 --a------ C:\Windows\SPInstall.etl
2008-07-03 19:19 . 2008-07-03 19:19 988,216 --a------ C:\Windows\System32\winload.exe
2008-07-03 19:19 . 2008-07-03 19:19 927,288 --a------ C:\Windows\System32\winresume.exe
2008-07-03 19:19 . 2008-07-03 19:19 615,992 --a------ C:\Windows\System32\ci.dll
2008-07-03 19:19 . 2008-07-03 19:19 378,368 --a------ C:\Windows\System32\srcore.dll
2008-07-03 19:19 . 2008-07-03 19:19 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-07-03 19:19 . 2008-07-03 19:19 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-07-03 19:19 . 2008-07-03 19:19 40,960 --a------ C:\Windows\System32\srclient.dll
2008-07-03 19:19 . 2008-07-03 19:19 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-07-03 19:19 . 2008-07-03 19:19 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-07-03 19:19 . 2008-07-03 19:19 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-07-03 17:46 . 2008-07-03 18:45 <REP> d-------- C:\Users\YoYo\.homeplayer
2008-07-03 17:46 . 2008-07-03 17:47 <REP> d-------- C:\Program Files\HomePlayer
2008-07-03 14:39 . 2008-07-03 14:39 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-07-02 23:43 . 2008-07-02 23:43 1,820 --a------ C:\Windows\System32\rasctrnm.h
2008-07-02 23:34 . 2008-01-18 23:34 15,872 --a------ C:\Windows\System32\hcrstco.dll
2008-07-02 23:34 . 2006-11-02 01:46 8,704 --a------ C:\Windows\System32\hccoin.dll
2008-07-02 23:33 . 2008-07-02 23:33 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-07-02 23:31 . 2008-07-02 23:31 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-07-02 23:31 . 2008-07-02 23:31 14,848 --a------ C:\Windows\System32\wshrm.dll
2008-07-02 23:30 . 2008-07-02 23:30 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-02 23:30 . 2008-07-02 23:30 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-07-02 23:30 . 2008-07-02 23:30 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-07-02 23:29 . 2008-07-02 23:29 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-07-02 23:29 . 2008-07-02 23:29 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-07-02 23:29 . 2008-07-02 23:29 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-07-02 23:29 . 2008-07-02 23:29 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-07-02 23:29 . 2008-07-02 23:29 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-07-02 23:29 . 2008-07-02 23:29 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-07-02 23:01 . 2008-07-02 23:01 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-07-02 23:01 . 2008-07-02 23:01 826,880 --a------ C:\Windows\System32\wininet.dll
2008-07-02 17:05 . 2008-07-03 00:06 <REP> d-------- C:\Windows\Panther
2008-07-02 17:05 . 2006-09-12 21:00 197,632 --a------ C:\Windows\System32\CNMLM7L.DLL
2008-07-02 17:05 . 2006-07-28 08:09 194,048 --a------ C:\Windows\System32\CNCC500.DLL
2008-07-02 17:05 . 2005-05-30 11:47 139,264 --a------ C:\Windows\System32\CNCL500.DLL
2008-07-02 17:05 . 2006-06-29 06:29 106,496 --a------ C:\Windows\System32\cncisco.dll
2008-07-02 17:05 . 2005-12-02 23:49 64,352 --a------ C:\Windows\System32\drivers\ativmc20.cod
2008-07-02 17:05 . 2006-07-28 08:08 37,888 --a------ C:\Windows\System32\CNCI500.DLL
2008-07-02 17:03 . 2008-07-10 02:05 <REP> d-------- C:\Windows\Debug
2008-07-02 16:54 . 2008-07-02 16:54 <REP> d-------- C:\Users\Default\video
2008-07-02 16:45 . 2008-07-02 16:45 <REP> d--h----- C:\$WINDOWS.~Q
2008-07-02 16:34 . 2008-07-02 16:38 <REP> d--h----- C:\$INPLACE.~TR
2008-07-02 16:20 . 2008-07-02 16:53 <REP> dr------- C:\Users\YoYo\Videos
2008-07-02 16:20 . 2008-07-02 16:53 <REP> dr------- C:\Users\YoYo\Saved Games
2008-07-02 16:20 . 2008-07-07 00:04 <REP> dr------- C:\Users\YoYo\Pictures
2008-07-02 16:20 . 2008-07-05 13:21 <REP> dr------- C:\Users\YoYo\Links
2008-07-02 16:20 . 2006-11-02 14:35 <REP> d-------- C:\Users\YoYo\AppData\Roaming\Media Center Programs
2008-07-02 16:20 . 2008-07-02 16:52 <REP> d--h----- C:\Users\YoYo\AppData
2008-07-02 16:20 . 2008-07-06 17:20 <REP> d-------- C:\Users\YoYo
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Videos
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Videos
2008-07-02 16:20 . 2008-07-02 16:50 <REP> d-------- C:\Users\Invité\Saved Games
2008-07-02 16:20 . 2008-07-02 16:50 <REP> d-------- C:\Users\Invité\Saved Games
2008-07-02 16:20 . 2006-11-02 12:23 <REP> dr------- C:\Users\Invité\Pictures
2008-07-02 16:20 . 2006-11-02 12:23 <REP> dr------- C:\Users\Invité\Pictures
2008-07-02 16:20 . 2006-11-02 12:23 <REP> dr------- C:\Users\Invité\Music
2008-07-02 16:20 . 2006-11-02 12:23 <REP> dr------- C:\Users\Invité\Music
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Links
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Links
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Favorites
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Favorites
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Downloads
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Downloads
2008-07-02 16:20 . 2008-07-02 16:50 <REP> dr------- C:\Users\Invité\Documents

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-14 06:38 3,932,160 --sha-w C:\Users\Invité\NTUSER.DAT
2008-07-14 06:38 3,932,160 --sha-w C:\Users\Invité\NTUSER.DAT
2008-07-14 06:36 5,656 --sha-w C:\Windows\system32\drivers\fidbox2.idx
2008-07-13 19:27 10,705,440 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-07-13 19:26 85,764 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-07-13 19:26 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-07-13 19:23 1,048,608 --sha-w C:\Windows\system32\drivers\fidbox2.dat
2008-07-13 18:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-12 21:01 --------- d-----w C:\Program Files\Opera
2008-07-12 20:58 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-07-12 18:10 --------- d-----w C:\Users\YoYo\AppData\Roaming\Uniblue
2008-07-12 18:10 --------- d-----w C:\Program Files\Uniblue
2008-07-12 14:15 --------- d-----w C:\Program Files\Steam
2008-07-11 18:56 --------- d-----w C:\ProgramData\Microsoft Help
2008-07-10 01:06 --------- d-----w C:\Program Files\Windows Mail
2008-07-06 16:56 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-06 15:59 --------- d-----w C:\Program Files\Ubisoft
2008-07-06 15:58 --------- d-----w C:\Program Files\Electronic Arts
2008-07-06 15:54 --------- d-----w C:\Program Files\A123 YouTube FLV to AVI iPod Converter
2008-07-06 14:15 --------- d-----w C:\Program Files\ATI
2008-07-06 13:43 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-05 13:46 --------- d-----w C:\Program Files\Kaspersky Lab
2008-07-04 09:02 4,196 ----a-w C:\Windows\System32\tmp.reg
2008-07-04 08:27 --------- d-----w C:\Program Files\ATI Technologies
2008-07-03 23:47 174 --sha-w C:\Program Files\desktop.ini
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Defender
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Calendar
2008-07-03 23:23 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-07-03 23:22 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-07-02 21:30 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-02 21:30 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-02 21:30 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-02 21:30 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-02 21:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-02 19:29 96,966 ----a-w C:\Windows\system32\drivers\klin.dat
2008-07-02 19:29 88,774 ----a-w C:\Windows\system32\drivers\klick.dat
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Modèles
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Favoris
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Bureau
2008-07-02 15:22 --------- d-sh--w C:\Program Files\Fichiers communs
2008-07-02 14:36 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-07-02 14:35 --------- d-----w C:\ProgramData\Logitech
2008-07-02 14:34 --------- d-----w C:\Program Files\Windows Live
2008-07-02 14:34 --------- d-----w C:\Program Files\Winamp
2008-07-02 14:34 --------- d-----w C:\Program Files\VirtualDJ
2008-07-02 14:34 --------- d-----w C:\Program Files\VideoLAN
2008-07-02 14:34 --------- d-----w C:\Program Files\Video Converter
2008-07-02 14:34 --------- d-----w C:\Program Files\URUSoft
2008-07-02 14:34 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-02 14:34 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-07-02 14:34 --------- d-----w C:\Program Files\SubMagic
2008-07-02 14:34 --------- d-----w C:\Program Files\STOIK Imaging
2008-07-02 14:34 --------- d-----w C:\Program Files\STK014
2008-07-02 14:34 --------- d-----w C:\Program Files\Stardock
2008-07-02 14:34 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-02 14:32 --------- d-----w C:\Program Files\Microsoft Games
2008-07-02 14:31 --------- d-sh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-02 14:27 --------- d--h--w C:\Program Files\CanonBJ
2008-06-05 20:19 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-04 18:19 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-06-03 06:22 3,695,104 ----a-w C:\Windows\system32\drivers\atikmdag.sys
2008-06-03 03:35 413,696 ----a-w C:\Windows\System32\ATIDEMGX.dll
2008-06-03 03:35 327,680 ----a-w C:\Windows\System32\atipdlxx.dll
2008-06-03 03:35 159,744 ----a-w C:\Windows\System32\atitmmxx.dll
2008-06-03 03:34 43,520 ----a-w C:\Windows\System32\ati2edxx.dll
2008-06-03 03:34 266,240 ----a-w C:\Windows\System32\Ati2evxx.dll
2008-06-03 03:34 262,144 ----a-w C:\Windows\System32\Oemdspif.dll
2008-06-03 03:33 684,032 ----a-w C:\Windows\System32\Ati2evxx.exe
2008-06-03 03:19 3,401,216 ----a-w C:\Windows\System32\atiumdag.dll
2008-06-03 03:02 4,398,080 ----a-w C:\Windows\System32\atiumdva.dll
2008-06-03 02:50 49,664 ----a-w C:\Windows\System32\amdpcom32.dll
2008-06-03 02:49 32,256 ----a-w C:\Windows\System32\atiadlxx.dll
2008-06-03 02:48 10,043,392 ----a-w C:\Windows\System32\atioglxx.dll
2008-06-03 02:34 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll
2008-06-01 11:54 --------- d-----w C:\ProgramData\iolo
2008-06-01 10:38 354,560 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-06-01 10:34 14,175,488 ----a-w C:\Windows\System32\TU2008TrialFR.exe
2008-06-01 10:23 74,703 ----a-w C:\Windows\System32\mfc45.dll
2008-06-01 10:22 --------- d-----w C:\Users\YoYo\AppData\Roaming\iolo
2008-05-23 20:24 1,082,880 ----a-w C:\Windows\System32\AutoPartNt.exe
2008-05-23 18:45 99,776 ----a-w C:\Windows\system32\drivers\snapman.sys
2008-05-16 09:58 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2008-05-15 01:20 175,488 ----a-w C:\Windows\system32\drivers\atinavt2.sys
2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll
2008-05-08 21:59 90,112 ----a-w C:\Windows\System32\wshext.dll
2008-05-08 21:59 430,080 ----a-w C:\Windows\System32\vbscript.dll
2008-05-08 21:59 180,224 ----a-w C:\Windows\System32\scrobj.dll
2008-05-08 21:59 172,032 ----a-w C:\Windows\System32\scrrun.dll
2008-05-08 21:59 155,648 ----a-w C:\Windows\System32\wscript.exe
2008-05-08 21:58 135,168 ----a-w C:\Windows\System32\cscript.exe
2008-04-28 06:52 2,121,235 ----a-w C:\Windows\System32\x264vfw.dll
2008-04-26 08:25 3,600,952 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-04-26 08:25 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-04-25 17:22 206,088 ----a-w C:\Windows\System32\klogon.dll
2008-04-18 23:24 2,560 ----a-w C:\Windows\System32\bitcometres.dll
2007-11-13 19:37 842 ----a-w C:\Users\YoYo\AppData\Roaming\waver_2.95.dat
2006-05-03 09:06 163,328 --sha-r C:\Windows\System32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\Windows\System32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 23:33 202240]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 23:33 125952]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:29 220544]
"Uniblue RegistryBooster 2"="c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe" [2008-05-05 13:01 99608]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-18 23:36 2153472 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdc.exe" [2007-01-24 13:21 563080]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"snpstd3"="C:\Windows\vsnpstd3.exe" [2007-05-10 13:18 835584]
"OODefragTray"="C:\Windows\system32\oodtray.exe" [2007-06-28 23:01 2512128]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Launch LGDCore"="C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [2007-04-18 11:55 1132056]
"Launch LCDMon"="C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe" [2007-04-18 11:34 774168]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 19:21 201992]
"SoundMan"="SOUNDMAN.EXE" [2007-03-09 16:28 598016 C:\Windows\SOUNDMAN.EXE]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 56080 C:\Windows\KHALMNPR.Exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-14 15:21:08 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DontDisplayLogonHoursWarnings"= 1 (0x1)
"LogonHoursAction"= 2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
"msacm.l3fhg"= mp3fhg.acm
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.X264"= x264vfw.dll
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
--a------ 2008-04-25 19:21 201992 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{135D8AB3-ACE5-4389-9B40-2772EA33E2DE}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{7971196E-11C8-4FD8-ADEB-AA3067ED05A2}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{09E4FCC6-B8AB-431A-96A5-A63DABD911B7}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{85D76D5F-51A3-482A-B98B-84EF62B432EF}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{A13D2A12-2DBC-40F4-83C2-7FF7BF0AA9EC}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{98BEB660-0E6A-4F4C-BE4F-242C085D3400}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{9B164E68-4D00-42D0-A819-60A21E7B7501}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{437131F0-EBD9-43B3-849C-944F5F296810}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{71A28A76-C9BB-4C03-9D4A-FE13D1554E53}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{0B1923BF-840E-47DF-B976-6403DB20C685}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{A6AD2B90-4607-4270-B3F6-799D3B126486}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{6734EEA1-9AAE-46A5-92D6-9F88430468E0}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{989BB491-619F-4205-AA12-1C10A359D854}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{EE23FF41-3831-4F92-ADA9-67CC1FC1741D}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{45069129-3271-49A9-9E31-2B190A178BD8}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{E61CF6CF-5EF3-4AC9-B321-568E47E696DC}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{F16089B3-2A3A-4F88-93EF-32AB8DC242CD}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{1AED7AFD-BC9D-46F9-9A9F-A6745993DCBC}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{073D913E-B1CE-4453-A484-D2ECEB98700A}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{3E70A04D-B1E6-4159-80A1-37A2F2A3F81B}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{3361D756-F93B-4BAA-8E77-8F24E8B636CF}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{CC1B6C5A-251A-4F5F-B735-4E44BF545BFF}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{1F80D8B3-884E-4083-B0C2-7285339D5758}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{48F79BB4-16CC-4F7A-BD48-CD6CC7F5DB6F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{39777A7F-DAD9-4AF0-BCE2-9A49137800DD}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{30454EC8-A315-44EE-AD63-C49B9DEE66CA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{07F47A02-415C-4861-BEC7-61B493F5D97A}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.321\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"TCP Query User{37851D6C-C2E9-4195-810A-5BAB05198C5B}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.321\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"{FBE87BB8-615D-409E-9C4E-68698D207DBC}"= Disabled:TCP:G:\incredimail_install(3).exe:IncrediMail Installer
"{CF84D3F6-648B-4099-99FC-FB2BCECFD2E1}"= Disabled:UDP:G:\incredimail_install(3).exe:IncrediMail Installer
"{B61838A7-73B8-49C4-B8DF-484B654FFB27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8F583F07-8BF0-4D19-B56A-3B897F4F0EF7}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{64CDC495-843A-44D0-A656-3212E19F9D0B}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{DB0EF69C-E964-4E6D-9ACB-85819E715F83}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{5B8CF2A4-CE84-413C-9031-ECB5A879FE7C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{FE811146-B55E-4F74-B113-43F8D289FED9}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{5F9E0658-52BC-4CDA-9CE4-F0DF9C6FF2ED}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{A405D797-85BB-4B8D-A803-6FC71A15514E}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{553A0253-4AE6-45A7-9EA7-DA525A4C9CCD}"= UDP:50901:Adobe Version Cue CS3 Server
"{0DA8F27D-AB28-4A58-A863-CFC1FC9B8474}"= UDP:50900:Adobe Version Cue CS3 Server
"{7136EA44-6FF3-4B5D-B98D-EDFCB13C5367}"= UDP:3704:Adobe Version Cue CS3 Server
"{0667449A-9061-4356-A862-A524343618A7}"= UDP:3703:Adobe Version Cue CS3 Server
"UDP Query User{95ABAEDE-8F4F-4729-9205-7393F4104FE4}C:\\program files\\gigabyte\\et5\\update.exe"= TCP:C:\program files\gigabyte\et5\update.exe:ftptest
"TCP Query User{A2711FC7-A16D-44C3-A632-D4A727F5A64E}C:\\program files\\gigabyte\\et5\\update.exe"= UDP:C:\program files\gigabyte\et5\update.exe:ftptest
"{5C481AA7-E70D-4FFC-AAE2-4C617C8B1B06}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F12FB478-B603-4FF3-AF5B-77A82D2BF741}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{4C649156-6750-4702-AFBC-E6C739BECFA8}"= TCP:17598:BitComet 17598 UDP
"{0BFB8182-E7BF-4B22-840E-04A05F7CAADF}"= UDP:17598:BitComet 17598 TCP
"{E0D112A2-A226-4449-ADEB-70E8A7EF55D3}"= TCP:11507:BitComet 11507 UDP
"{B67351A4-0750-4B61-A9D5-F6D5E70BC217}"= UDP:11507:BitComet 11507 TCP
"{D7703C8F-AC49-4A1E-8827-4FCC44E91434}"= TCP:11507:BitComet 11507 UDP
"{87E58A77-D1F6-4135-BE85-7AE0F77FF3A2}"= UDP:11507:BitComet 11507 TCP
"{15D5C4BA-09FE-4674-AD86-108445B48F0F}"= TCP:C:\Program Files\Steam\Steam.exe:Steam Client
"{E3451934-F27A-4D1F-81D3-1E3505B9A5CB}"= UDP:C:\Program Files\Steam\Steam.exe:Steam Client
"{7545109D-C36B-4909-B617-37FA22A23BE6}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{5C78FA5D-32AE-4DE7-B7F2-35D4FEE0C288}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9EE7C5F6-0DFD-4F91-85FB-AFA45A27A648}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{17883C27-7B52-4ACC-A695-D6895BBD3E90}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A19D4FF3-47CA-4DC2-B60A-9890B08F6CC9}"= TCP:9375:BitComet 9375 UDP
"{ABD20516-970E-4069-A1A6-B32D24FAEDAF}"= UDP:9375:BitComet 9375 TCP
"{B9577DFE-CA7E-47B1-A88D-F137A833232F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DisabledInterfaces"= {77CC3A99-24E8-432E-8750-125B46242B15},{CCC70AB2-9676-40B2-A47A-4B6A4952C20A}
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 19:29]
R0 pxark;pxark;C:\Windows\system32\drivers\pxark.sys [2008-07-04 10:19]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 13:10]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-03 08:22]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 20:02]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
S2 TimerStop;TimerStop;C:\Windows\system32\timerstop.sys [2007-01-02 19:06]
S2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2008-01-18 23:33]
S3 BTCAMDRV;Mobiola Web Camera driver;C:\Windows\system32\DRIVERS\BTCamDrv.sys [2006-11-01 20:45]
S3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\ET5\markfun.w32 [2007-01-12 18:34]
S3 OABXTMG;OABXTMG;C:\Users\YoYo\AppData\Local\Temp\OABXTMG.exe []
S3 PRODIGY;PRODIGY;C:\Windows\system32\Drivers\PRODIGY.SYS [2006-08-29 16:56]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 11:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 11:33]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-06-15 11:57]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-06-01 12:38]

*Newly Created Service* - AD-WATCH_REGISTRY_FILTER
*Newly Created Service* - CATCHME

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-11 15:16:48 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-07-13 19:25:38 C:\Windows\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-10 01:06:32 C:\Windows\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-05 15:30:31 C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-07-05 11:28:49 C:\Windows\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-07-05 12:37:16 C:\Windows\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
"2008-07-14 00:07:49 C:\Windows\Tasks\User_Feed_Synchronization-{AA6DE61B-8532-452B-BCFC-0B0D05E38307}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-07-14 06:45:00 C:\Windows\Tasks\User_Feed_Synchronization-{F66F6557-DF8E-4E3C-BAA8-EEEA8AE5C498}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-14 08:43:57
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-14 8:45:49
ComboFix-quarantined-files.txt 2008-07-14 06:45:27

Pre-Run: 22,379,503,616 octets libres
Post-Run: 22,191,960,064 octets libres

414 --- E O F --- 2008-07-12 08:07:57
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

Une dernière question au passage , ce log révèlerait t'il d'autres problèmes sous jacents?!
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,


on à pas finit il va falloir faire un script.


reste par la je vais préparer ça.


attention au crak supprime déjà spyware doctor.
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
bien,



séléctionne tout le texte en gras ci-dessous:




file::
C:\Windows\System32\gpprefcl.dll
C:\Windows\System32\DreamScene.dll



folder::
C:\VundoFix Backups
C:\Uniblue RegistryBooster 2
C:\Windows\System32\gpprefcl.dll
C:\Error Doctor 2008 v1.5 + serial.rar
C:\ErrorDoctor 2008 + serial
C:\Error Doctor PC Fix 2008.zip.bc!
C:\Error Doctor 2008 version with serial number.rar.bc!
C:\Program Files\SoftwareDoctor
C:\Error Doctor 2008 v1 5 Fix Your PC.rar
C:\grldr


registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Uniblue RegistryBooster 2-




* Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
* Enregistre le sous sur ton bureau sous le nom de CFScript.txt
* Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

http://i266.photobucket.com/albums/ii277/sUBs_/CFScript.gif

* Cela va relancer Combofix.

un rapport va être créer envois le moi.

salut enleve cette dll du CFScript : C:\Windows\System32\DreamScene.dll

elle est legitime elle sert a mettre des video en fond d ecran

Salut ,

Surtout que le CFScript est incorrect.
Combofix n'est pas le premier outil venu , si tu ne sais pas faire un CFSCript , tu demandes et tu ne fait pas au pif.
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,


quoi???
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

J'ai enlevé dreamscene.dll de la liste , voici le rapport d'analyse ^^
Par contre le pc s'est redemarré tout seul au cours de l'analyse et c'est poursuivie direct au reboot !

ComboFix 08-07-13.8 - YoYo 2008-07-14 13:59:11.2 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6001.1.1252.1.1036.18.1058 [GMT 2:00]
Endroit: C:\Users\YoYo\Desktop\ComboFix.exe
Command switches used :: C:\Users\YoYo\Desktop\CFScript.txt .txt
* Création d'un nouveau point de restauration

FILE ::
C:\Windows\System32\gpprefcl.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Error Doctor 2008 v1 5 Fix Your PC.rar\
C:\Error Doctor 2008 version with serial number.rar.bc!\
C:\Error Doctor PC Fix 2008.zip.bc!\
C:\ErrorDoctor 2008 + serial
C:\ErrorDoctor 2008 + serial\sn.txt.bc!
C:\grldr\
C:\Program Files\SoftwareDoctor
C:\Program Files\SoftwareDoctor\ErrorDoctor\ignore.lst
C:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups\2008-07-06_20-26-33.reg
C:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups\2008-07-06_20-38-19.reg
C:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups\2008-07-06_20-42-28.reg
C:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups\2008-07-06_20-53-25.reg
C:\Uniblue RegistryBooster 2
C:\Uniblue RegistryBooster 2\serial.txt
C:\VundoFix Backups
C:\Windows\System32\gpprefcl.dll\
C:\Windows\System32\gpprefcl.dll . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-14 to 2008-07-14 ))))))))))))))))))))))))))))))))))))
.

2008-07-14 09:49 . 2008-07-14 09:49 <REP> d-------- C:\Windows\System32\Adobe
2008-07-14 08:35 . 2008-07-14 13:58 <REP> d-------- C:\327882R2FWJFW
2008-07-13 21:13 . 2008-07-13 21:13 2,039,296 --a------ C:\360FW-Toolbox-46.rar.bc!
2008-07-13 21:12 . 2008-07-13 21:12 <REP> d-------- C:\X360 Backup & Firmware ToolBox (02-2008)
2008-07-13 21:00 . 2008-07-13 21:00 <REP> d-------- C:\Windows\System32\360fwtoolbox_30
2008-07-13 20:54 . 2008-07-13 20:54 <REP> d-------- C:\zbin
2008-07-13 20:10 . 2008-07-13 20:10 <REP> d-------- C:\usbfile
2008-07-13 20:08 . 2008-07-13 20:08 <REP> d-------- C:\DriveKey
2008-07-13 19:43 . 2008-07-13 19:43 <REP> d-------- C:\dosflash14b
2008-07-13 15:38 . 2008-07-13 15:48 <REP> d-------- C:\BenQ_TooLs
2008-07-13 15:23 . 2008-07-13 15:23 <REP> d-------- C:\C4EVA_iXTRM-Benq V1.41 Benq iXtreme v1.41
2008-07-13 15:16 . 2008-07-13 15:19 386,647 --a------ C:\C4EVA_iXTRM-Benq V1.41 Benq iXtreme v1.41.rar
2008-07-13 15:07 . 2008-07-13 15:07 <REP> d-------- C:\Program Files\X-Projects
2008-07-13 15:01 . 2008-07-13 15:01 <REP> d--h----- C:\Windows\PIF
2008-07-13 14:43 . 2008-07-13 14:47 <REP> d-------- C:\all.fw.tools.r2c
2008-07-13 14:40 . 2008-07-13 14:40 <REP> d-------- C:\BenQ iXtremev1.1
2008-07-13 14:38 . 2008-07-13 14:38 79,386 --a------ C:\BenQ iXtremev1.1.rar
2008-07-11 20:56 . 2008-07-14 14:03 678,408 --a------ C:\Windows\System32\gpprefcl.dll
2008-07-11 18:27 . 2008-07-11 18:27 <REP> d-------- C:\Windows\Google Earth Pro 4.2
2008-07-11 18:27 . 2008-07-11 18:29 <REP> d-------- C:\Program Files\Google Earth Pro 4.2
2008-07-11 18:24 . 2008-07-11 18:25 <REP> d-------- C:\Google Earth Pro 4.2
2008-07-10 02:04 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-10 02:04 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-10 02:04 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-07 00:15 . 2007-07-20 01:55 233,888 --a------ C:\Windows\System32\DreamScene.dll
2008-07-06 20:08 . 2008-07-06 20:24 2,367,633 --a------ C:\Error Doctor 2008 v1.5 + serial.rar
2008-07-06 19:57 . 2008-07-06 19:57 3,445,248 --a------ C:\Error Doctor PC Fix 2008.zip.bc!
2008-07-06 19:46 . 2008-07-06 20:05 2,465,006 --a------ C:\Error Doctor 2008 version with serial number.rar.bc!
2008-07-06 19:40 . 2008-07-06 19:43 6,214,069 --a------ C:\Error Doctor 2008 v1 5 Fix Your PC.rar
2008-07-06 17:40 . 2008-04-14 19:51 171,136 -rahs---- C:\grldr
2008-07-06 16:09 . 2008-07-06 16:09 <REP> d-------- C:\Program Files\Realtek AC97
2008-07-06 16:07 . 2008-07-06 16:07 <REP> d-------- C:\pilote_audio_realtek_ac97_6.0.1.6251_4321
2008-07-05 18:01 . 2008-07-05 18:01 <REP> dr------- C:\Windows\System32\config\systemprofile\Music
2008-07-05 14:32 . 2008-07-05 14:32 <REP> d-------- C:\Users\All Users\Uniblue
2008-07-05 14:32 . 2008-07-05 14:32 <REP> d-------- C:\ProgramData\Uniblue
2008-07-05 13:02 . 2008-07-05 13:21 <REP> d-------- C:\Program Files\RegCure
2008-07-04 21:41 . 2008-07-04 21:46 47 --a------ C:\Windows\System32\[u]0/u9wutili.sys
2008-07-04 21:39 . 2008-07-04 21:46 <REP> d-------- C:\Program Files\WinUtilities
2008-07-04 21:28 . 2008-07-04 21:28 <REP> d-------- C:\Program Files\CleanUp!
2008-07-04 11:02 . 2008-07-04 11:02 <REP> d-------- C:\!KillBox
2008-07-04 10:33 . 2008-07-04 10:33 <REP> d-------- C:\Users\All Users\ATI
2008-07-04 10:33 . 2008-07-04 10:33 <REP> d-------- C:\ProgramData\ATI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\Users\All Users\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\ProgramData\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 <REP> d-------- C:\Program Files\PrevxCSI
2008-07-04 10:19 . 2008-07-04 10:19 17,408 --a------ C:\Windows\System32\drivers\pxark.sys
2008-07-04 01:12 . 2008-07-03 22:41 152,576 --a------ C:\Windows\System32\SPWizUI.dll
2008-07-04 01:12 . 2008-07-03 22:41 47,560 --a------ C:\Windows\System32\SPReview.exe
2008-07-04 00:57 . 2008-01-18 23:33 193,024 --a------ C:\Windows\System32\recdisc.exe
2008-07-04 00:57 . 2008-01-18 23:36 6,656 --a------ C:\Windows\System32\sdspres.dll
2008-07-04 00:55 . 2008-01-18 23:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-07-04 00:54 . 2008-01-18 23:38 4,595,712 --a------ C:\Windows\System32\AuthFWSnapin.dll
2008-07-04 00:53 . 2008-01-18 23:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-07-04 00:51 . 2008-01-18 21:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll
2008-07-04 00:48 . 2008-01-18 23:33 44,032 --a------ C:\Windows\System32\cbsra.exe
2008-07-04 00:13 . 2008-07-04 00:13 <REP> d-------- C:\Program Files\Trend Micro
2008-07-04 00:09 . 2008-07-04 00:09 <REP> d-------- C:\Deckard
2008-07-03 22:41 . 2008-07-04 01:17 196,608 --a------ C:\Windows\SPInstall.etl
2008-07-03 19:19 . 2008-07-03 19:19 988,216 --a------ C:\Windows\System32\winload.exe
2008-07-03 19:19 . 2008-07-03 19:19 927,288 --a------ C:\Windows\System32\winresume.exe
2008-07-03 19:19 . 2008-07-03 19:19 615,992 --a------ C:\Windows\System32\ci.dll
2008-07-03 19:19 . 2008-07-03 19:19 378,368 --a------ C:\Windows\System32\srcore.dll
2008-07-03 19:19 . 2008-07-03 19:19 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-07-03 19:19 . 2008-07-03 19:19 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-07-03 19:19 . 2008-07-03 19:19 40,960 --a------ C:\Windows\System32\srclient.dll
2008-07-03 19:19 . 2008-07-03 19:19 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-07-03 19:19 . 2008-07-03 19:19 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-07-03 19:19 . 2008-07-03 19:19 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-07-03 17:46 . 2008-07-03 18:45 <REP> d-------- C:\Users\YoYo\.homeplayer
2008-07-03 17:46 . 2008-07-03 17:47 <REP> d-------- C:\Program Files\HomePlayer
2008-07-03 14:39 . 2008-07-03 14:39 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-07-02 23:43 . 2008-07-02 23:43 1,820 --a------ C:\Windows\System32\rasctrnm.h
2008-07-02 23:34 . 2008-01-18 23:34 15,872 --a------ C:\Windows\System32\hcrstco.dll
2008-07-02 23:34 . 2006-11-02 01:46 8,704 --a------ C:\Windows\System32\hccoin.dll
2008-07-02 23:33 . 2008-07-02 23:33 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-07-02 23:31 . 2008-07-02 23:31 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-07-02 23:31 . 2008-07-02 23:31 14,848 --a------ C:\Windows\System32\wshrm.dll
2008-07-02 23:30 . 2008-07-02 23:30 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-02 23:30 . 2008-07-02 23:30 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-07-02 23:30 . 2008-07-02 23:30 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-07-02 23:29 . 2008-07-02 23:29 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-07-02 23:29 . 2008-07-02 23:29 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-07-02 23:29 . 2008-07-02 23:29 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-07-02 23:29 . 2008-07-02 23:29 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-07-02 23:29 . 2008-07-02 23:29 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-07-02 23:29 . 2008-07-02 23:29 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-07-02 23:01 . 2008-07-02 23:01 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-07-02 23:01 . 2008-07-02 23:01 826,880 --a------ C:\Windows\System32\wininet.dll
2008-07-02 17:05 . 2008-07-03 00:06 <REP> d-------- C:\Windows\Panther
2008-07-02 17:05 . 2006-09-12 21:00 197,632 --a------ C:\Windows\System32\CNMLM7L.DLL
2008-07-02 17:05 . 2006-07-28 08:09 194,048 --a------ C:\Windows\System32\CNCC500.DLL
2008-07-02 17:05 . 2005-05-30 11:47 139,264 --a------ C:\Windows\System32\CNCL500.DLL
2008-07-02 17:05 . 2006-06-29 06:29 106,496 --a------ C:\Windows\System32\cncisco.dll
2008-07-02 17:05 . 2005-12-02 23:49 64,352 --a------ C:\Windows\System32\drivers\ativmc20.cod
2008-07-02 17:05 . 2006-07-28 08:08 37,888 --a------ C:\Windows\System32\CNCI500.DLL
2008-07-02 17:03 . 2008-07-14 08:57 <REP> d-------- C:\Windows\Debug
2008-07-02 16:54 . 2008-07-02 16:54 <REP> d-------- C:\Users\Default\video
2008-07-02 16:45 . 2008-07-02 16:45 <REP> d--h----- C:\$WINDOWS.~Q
2008-07-02 16:34 . 2008-07-02 16:38 <REP> d--h----- C:\$INPLACE.~TR
2008-07-02 16:20 . 2008-07-14 09:16 <REP> dr------- C:\Users\YoYo\Videos
2008-07-02 16:20 . 2008-07-02 16:53 <REP> dr------- C:\Users\YoYo\Saved Games
2008-07-02 16:20 . 2008-07-14 08:56 <REP> dr------- C:\Users\YoYo\Pictures
2008-07-02 16:20 . 2008-07-05 13:21 <REP> dr------- C:\Users\YoYo\Links
2008-07-02 16:20 . 2006-11-02 14:35 <REP> d-------- C:\Users\YoYo\AppData\Roaming\Media Center Programs
2008-07-02 16:20 . 2008-07-02 16:52 <REP> d--h----- C:\Users\YoYo\AppData
2008-07-02 16:20 . 2008-07-06 17:20 <REP> d-------- C:\Users\YoYo
2008-07-02 16:20 . 2008-07-02 16:50 <REP> d-------- C:\Users\Invit‚
2008-07-02 16:18 . 2008-07-02 16:18 <REP> d--h----- C:\Users\All Users\CanonBJ
2008-07-02 16:18 . 2008-07-02 16:18 <REP> d--h----- C:\ProgramData\CanonBJ
2008-07-02 16:18 . 2008-07-02 16:18 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-07-02 16:17 . 2008-07-02 16:17 0 --a------ C:\Windows\ativpsrm.bin
2008-07-02 16:15 . 2008-07-10 03:00 <REP> d-------- C:\Windows\System32\catroot2
2008-07-01 23:56 . 2008-07-01 23:56 <REP> d-------- C:\Kaspersky AntiVirus 2009 8.0.0.357 + No Blacklist Key
2008-07-01 21:50 . 2008-07-01 21:50 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2008-07-01 19:34 . 2008-07-01 19:36 2,719,575 --a------ C:\Magic ISO Maker 5.4 with serial.rar
2008-07-01 18:51 . 2008-07-01 20:00 <REP> d-------- C:\Adobe After Effects CS3 Professional 2008 PC + Crack
2008-07-01 16:33 . 2008-07-01 16:43 10,353,408 --a------ C:\Spybot_Search_Destroy_1_6_0_beta2.exe
2008-06-27 22:57 . 2008-06-27 22:57 <REP> d-------- C:\deluxe route
2008-06-26 17:36 . 2008-07-05 13:35 <REP> d-------- C:\dede
2008-06-26 17:34 . 2008-06-26 17:34 <REP> d-------- C:\Program Files\TomTom DesktopSuite
2008-06-26 10:25 . 2008-06-27 09:50 <REP> d-------- C:\The.Forbidden.Kingdom.R5.LiNE.x264.AC3-TLo
2008-06-26 10:01 . 2008-07-02 16:35 <REP> d-------- C:\Users\All Users\Lavasoft
2008-06-26 10:01 . 2008-07-02 16:35 <REP> d-------- C:\ProgramData\Lavasoft
2008-06-26 10:01 . 2008-07-02 16:32 <REP> d-------- C:\Program Files\Lavasoft
2008-06-26 09:55 . 2008-06-27 09:39 <REP> d-------- C:\The.Forbidden.Kingdom.R5.REPACK.DVDR-DREAMLiGHT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-14 12:04 85,792 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-07-14 12:04 5,824 --sha-w C:\Windows\system32\drivers\fidbox2.idx
2008-07-14 12:04 10,709,024 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-07-14 12:04 1,081,376 --sha-w C:\Windows\system32\drivers\fidbox2.dat
2008-07-14 07:21 --------- d-----w C:\Program Files\NeoSmart Technologies
2008-07-14 07:06 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-07-14 06:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-14 06:55 --------- d-----w C:\Program Files\Yahoo!
2008-07-12 21:01 --------- d-----w C:\Program Files\Opera
2008-07-12 20:58 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-07-12 18:10 --------- d-----w C:\Users\YoYo\AppData\Roaming\Uniblue
2008-07-12 18:10 --------- d-----w C:\Program Files\Uniblue
2008-07-12 14:15 --------- d-----w C:\Program Files\Steam
2008-07-11 18:56 --------- d-----w C:\ProgramData\Microsoft Help
2008-07-10 01:06 --------- d-----w C:\Program Files\Windows Mail
2008-07-06 16:56 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-06 15:59 --------- d-----w C:\Program Files\Ubisoft
2008-07-06 15:58 --------- d-----w C:\Program Files\Electronic Arts
2008-07-06 15:54 --------- d-----w C:\Program Files\A123 YouTube FLV to AVI iPod Converter
2008-07-06 14:15 --------- d-----w C:\Program Files\ATI
2008-07-06 13:43 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-05 13:46 --------- d-----w C:\Program Files\Kaspersky Lab
2008-07-04 08:27 --------- d-----w C:\Program Files\ATI Technologies
2008-07-03 23:47 174 --sha-w C:\Program Files\desktop.ini
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Defender
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-03 23:30 --------- d-----w C:\Program Files\Windows Calendar
2008-07-02 21:30 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-02 21:30 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-02 21:30 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-02 21:30 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-02 21:30 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-02 19:29 96,966 ----a-w C:\Windows\system32\drivers\klin.dat
2008-07-02 19:29 88,774 ----a-w C:\Windows\system32\drivers\klick.dat
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Modèles
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Favoris
2008-07-02 15:22 --------- d-sh--w C:\ProgramData\Bureau
2008-07-02 15:22 --------- d-sh--w C:\Program Files\Fichiers communs
2008-07-02 14:36 --------- d-----w C:\ProgramData\Yahoo!
2008-07-02 14:35 --------- d-----w C:\ProgramData\Logitech
2008-07-02 14:34 --------- d-----w C:\Program Files\Windows Live
2008-07-02 14:34 --------- d-----w C:\Program Files\Winamp
2008-07-02 14:34 --------- d-----w C:\Program Files\VirtualDJ
2008-07-02 14:34 --------- d-----w C:\Program Files\VideoLAN
2008-07-02 14:34 --------- d-----w C:\Program Files\Video Converter
2008-07-02 14:34 --------- d-----w C:\Program Files\URUSoft
2008-07-02 14:34 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-02 14:34 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-07-02 14:34 --------- d-----w C:\Program Files\SubMagic
2008-07-02 14:34 --------- d-----w C:\Program Files\STOIK Imaging
2008-07-02 14:34 --------- d-----w C:\Program Files\STK014
2008-07-02 14:34 --------- d-----w C:\Program Files\Stardock
2008-07-02 14:34 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-02 14:32 --------- d-----w C:\Program Files\Microsoft Games
2008-07-02 14:31 --------- d-sh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-02 14:27 --------- d--h--w C:\Program Files\CanonBJ
2008-06-05 20:19 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-04 18:19 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-06-03 06:22 3,695,104 ----a-w C:\Windows\system32\drivers\atikmdag.sys
2008-06-03 02:34 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll
2008-06-01 11:54 --------- d-----w C:\ProgramData\iolo
2008-06-01 10:22 --------- d-----w C:\Users\YoYo\AppData\Roaming\iolo
2008-05-23 18:45 99,776 ----a-w C:\Windows\system32\drivers\snapman.sys
2008-05-15 01:20 175,488 ----a-w C:\Windows\system32\drivers\atinavt2.sys
2007-11-13 19:37 842 ----a-w C:\Users\YoYo\AppData\Roaming\waver_2.95.dat
2006-05-03 09:06 163,328 --sha-r C:\Windows\System32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\Windows\System32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2008-07-14_ 8.44.42.69 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-13 19:25:14 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-07-14 12:05:33 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-07-13 19:27:37 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-07-14 12:06:04 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-07-14 12:06:04 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-07-13 19:27:31 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-07-14 12:06:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-07-14 12:06:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
+ 2008-06-17 14:12:42 114,688 ----a-w C:\Windows\System32\Adobe\Director\np32dsw.dll
+ 2008-06-17 14:23:02 202,168 ----a-w C:\Windows\System32\Adobe\Director\SwDir.dll
+ 2008-06-17 14:13:22 487,424 ----a-w C:\Windows\System32\Adobe\Shockwave 11\Control.dll
+ 2008-06-17 13:36:00 1,798,144 ----a-w C:\Windows\System32\Adobe\Shockwave 11\dirapi.dll
+ 2008-06-17 14:13:26 9,216 ----a-w C:\Windows\System32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-06-17 13:25:58 697,344 ----a-w C:\Windows\System32\Adobe\Shockwave 11\gi.dll
+ 2008-06-17 13:26:00 1,145,896 ----a-w C:\Windows\System32\Adobe\Shockwave 11\gt.exe
+ 2008-06-17 13:25:58 52,288 ----a-w C:\Windows\System32\Adobe\Shockwave 11\gtapi.dll
+ 2008-06-17 13:32:18 892,928 ----a-w C:\Windows\System32\Adobe\Shockwave 11\iml32.dll
+ 2008-06-17 14:11:56 253,952 ----a-w C:\Windows\System32\Adobe\Shockwave 11\Plugin.dll
+ 2008-06-17 14:15:00 446,464 ----a-w C:\Windows\System32\Adobe\Shockwave 11\Proj.dll
+ 2008-06-17 14:22:46 439,736 ----a-w C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1100458.exe
+ 2008-06-17 14:15:44 114,688 ----a-w C:\Windows\System32\Adobe\Shockwave 11\SwInit.exe
+ 2008-06-17 14:11:44 94,208 ----a-w C:\Windows\System32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-06-17 13:25:58 50,808 ----a-w C:\Windows\System32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 1999-06-25 08:55:30 149,504 ----a-w C:\Windows\System32\Adobe\Shockwave 11\UNWISE.EXE
+ 2008-07-14 09:30:46 203,537 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin
- 2008-07-10 00:07:21 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-07-14 07:14:35 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-07-10 00:07:21 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-14 07:14:35 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-10 00:07:21 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-07-14 07:14:35 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-07-13 19:31:07 101,052 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-07-14 09:41:42 101,052 ----a-w C:\Windows\System32\perfc009.dat
- 2008-07-13 19:31:07 123,350 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-07-14 09:41:42 123,350 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-07-13 19:31:07 586,980 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-07-14 09:41:42 586,980 ----a-w C:\Windows\System32\perfh009.dat
- 2008-07-13 19:31:07 669,340 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-07-14 09:41:42 669,340 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-07-13 19:27:53 6,880 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3465875824-3392229113-3859714596-1000_UserData.bin
+ 2008-07-14 07:07:51 7,326 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3465875824-3392229113-3859714596-1000_UserData.bin
- 2008-07-13 19:27:52 55,028 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-07-14 07:07:51 55,412 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 23:33 202240]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 23:33 125952]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:29 220544]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-18 23:36 2153472 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdc.exe" [2007-01-24 13:21 563080]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"snpstd3"="C:\Windows\vsnpstd3.exe" [2007-05-10 13:18 835584]
"OODefragTray"="C:\Windows\system32\oodtray.exe" [2007-06-28 23:01 2512128]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Launch LGDCore"="C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" [2007-04-18 11:55 1132056]
"Launch LCDMon"="C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe" [2007-04-18 11:34 774168]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 19:21 201992]
"SoundMan"="SOUNDMAN.EXE" [2007-03-09 16:28 598016 C:\Windows\SOUNDMAN.EXE]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 56080 C:\Windows\KHALMNPR.Exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-14 15:21:08 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DontDisplayLogonHoursWarnings"= 1 (0x1)
"LogonHoursAction"= 2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
"msacm.l3fhg"= mp3fhg.acm
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.X264"= x264vfw.dll
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
--a------ 2008-04-25 19:21 201992 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{135D8AB3-ACE5-4389-9B40-2772EA33E2DE}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{7971196E-11C8-4FD8-ADEB-AA3067ED05A2}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{09E4FCC6-B8AB-431A-96A5-A63DABD911B7}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{85D76D5F-51A3-482A-B98B-84EF62B432EF}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{A13D2A12-2DBC-40F4-83C2-7FF7BF0AA9EC}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{98BEB660-0E6A-4F4C-BE4F-242C085D3400}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{9B164E68-4D00-42D0-A819-60A21E7B7501}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{437131F0-EBD9-43B3-849C-944F5F296810}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{71A28A76-C9BB-4C03-9D4A-FE13D1554E53}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{0B1923BF-840E-47DF-B976-6403DB20C685}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{A6AD2B90-4607-4270-B3F6-799D3B126486}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{6734EEA1-9AAE-46A5-92D6-9F88430468E0}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{989BB491-619F-4205-AA12-1C10A359D854}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{EE23FF41-3831-4F92-ADA9-67CC1FC1741D}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{45069129-3271-49A9-9E31-2B190A178BD8}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{E61CF6CF-5EF3-4AC9-B321-568E47E696DC}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{F16089B3-2A3A-4F88-93EF-32AB8DC242CD}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{1AED7AFD-BC9D-46F9-9A9F-A6745993DCBC}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{073D913E-B1CE-4453-A484-D2ECEB98700A}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{3E70A04D-B1E6-4159-80A1-37A2F2A3F81B}"= UDP:990:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"{3361D756-F93B-4BAA-8E77-8F24E8B636CF}"= UDP:26675:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{CC1B6C5A-251A-4F5F-B735-4E44BF545BFF}"= UDP:999:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{1F80D8B3-884E-4083-B0C2-7285339D5758}"= UDP:5678:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{48F79BB4-16CC-4F7A-BD48-CD6CC7F5DB6F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{39777A7F-DAD9-4AF0-BCE2-9A49137800DD}"= UDP:5721:LocalSubnet:LocalSubnet|IF={BF4AE78D-8C84-4BD2-82D9-028C0D6D40F3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{30454EC8-A315-44EE-AD63-C49B9DEE66CA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"UDP Query User{07F47A02-415C-4861-BEC7-61B493F5D97A}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.321\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"TCP Query User{37851D6C-C2E9-4195-810A-5BAB05198C5B}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.321\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.321\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"{FBE87BB8-615D-409E-9C4E-68698D207DBC}"= Disabled:TCP:G:\incredimail_install(3).exe:IncrediMail Installer
"{CF84D3F6-648B-4099-99FC-FB2BCECFD2E1}"= Disabled:UDP:G:\incredimail_install(3).exe:IncrediMail Installer
"{B61838A7-73B8-49C4-B8DF-484B654FFB27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8F583F07-8BF0-4D19-B56A-3B897F4F0EF7}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{64CDC495-843A-44D0-A656-3212E19F9D0B}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{DB0EF69C-E964-4E6D-9ACB-85819E715F83}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{5B8CF2A4-CE84-413C-9031-ECB5A879FE7C}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{FE811146-B55E-4F74-B113-43F8D289FED9}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{5F9E0658-52BC-4CDA-9CE4-F0DF9C6FF2ED}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{A405D797-85BB-4B8D-A803-6FC71A15514E}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{553A0253-4AE6-45A7-9EA7-DA525A4C9CCD}"= UDP:50901:Adobe Version Cue CS3 Server
"{0DA8F27D-AB28-4A58-A863-CFC1FC9B8474}"= UDP:50900:Adobe Version Cue CS3 Server
"{7136EA44-6FF3-4B5D-B98D-EDFCB13C5367}"= UDP:3704:Adobe Version Cue CS3 Server
"{0667449A-9061-4356-A862-A524343618A7}"= UDP:3703:Adobe Version Cue CS3 Server
"UDP Query User{95ABAEDE-8F4F-4729-9205-7393F4104FE4}C:\\program files\\gigabyte\\et5\\update.exe"= TCP:C:\program files\gigabyte\et5\update.exe:ftptest
"TCP Query User{A2711FC7-A16D-44C3-A632-D4A727F5A64E}C:\\program files\\gigabyte\\et5\\update.exe"= UDP:C:\program files\gigabyte\et5\update.exe:ftptest
"{5C481AA7-E70D-4FFC-AAE2-4C617C8B1B06}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F12FB478-B603-4FF3-AF5B-77A82D2BF741}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{4C649156-6750-4702-AFBC-E6C739BECFA8}"= TCP:17598:BitComet 17598 UDP
"{0BFB8182-E7BF-4B22-840E-04A05F7CAADF}"= UDP:17598:BitComet 17598 TCP
"{E0D112A2-A226-4449-ADEB-70E8A7EF55D3}"= TCP:11507:BitComet 11507 UDP
"{B67351A4-0750-4B61-A9D5-F6D5E70BC217}"= UDP:11507:BitComet 11507 TCP
"{D7703C8F-AC49-4A1E-8827-4FCC44E91434}"= TCP:11507:BitComet 11507 UDP
"{87E58A77-D1F6-4135-BE85-7AE0F77FF3A2}"= UDP:11507:BitComet 11507 TCP
"{15D5C4BA-09FE-4674-AD86-108445B48F0F}"= TCP:C:\Program Files\Steam\Steam.exe:Steam Client
"{E3451934-F27A-4D1F-81D3-1E3505B9A5CB}"= UDP:C:\Program Files\Steam\Steam.exe:Steam Client
"{7545109D-C36B-4909-B617-37FA22A23BE6}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{5C78FA5D-32AE-4DE7-B7F2-35D4FEE0C288}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9EE7C5F6-0DFD-4F91-85FB-AFA45A27A648}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{17883C27-7B52-4ACC-A695-D6895BBD3E90}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A19D4FF3-47CA-4DC2-B60A-9890B08F6CC9}"= TCP:9375:BitComet 9375 UDP
"{ABD20516-970E-4069-A1A6-B32D24FAEDAF}"= UDP:9375:BitComet 9375 TCP
"{B9577DFE-CA7E-47B1-A88D-F137A833232F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DisabledInterfaces"= {77CC3A99-24E8-432E-8750-125B46242B15},{CCC70AB2-9676-40B2-A47A-4B6A4952C20A}
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 19:29]
R0 pxark;pxark;C:\Windows\system32\drivers\pxark.sys [2008-07-04 10:19]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 13:10]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-03 08:22]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 20:02]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S2 TimerStop;TimerStop;C:\Windows\system32\timerstop.sys [2007-01-02 19:06]
S2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2008-01-18 23:33]
S3 BTCAMDRV;Mobiola Web Camera driver;C:\Windows\system32\DRIVERS\BTCamDrv.sys [2006-11-01 20:45]
S3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\ET5\markfun.w32 [2007-01-12 18:34]
S3 OABXTMG;OABXTMG;C:\Users\YoYo\AppData\Local\Temp\OABXTMG.exe []
S3 PRODIGY;PRODIGY;C:\Windows\system32\Drivers\PRODIGY.SYS [2006-08-29 16:56]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 11:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 11:33]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-06-15 11:57]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-06-01 12:38]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-11 15:16:48 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-07-14 12:05:54 C:\Windows\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-10 01:06:32 C:\Windows\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-05 15:30:31 C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-07-05 11:28:49 C:\Windows\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-07-05 12:37:16 C:\Windows\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
"2008-07-14 00:07:49 C:\Windows\Tasks\User_Feed_Synchronization-{AA6DE61B-8532-452B-BCFC-0B0D05E38307}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-07-14 12:10:05 C:\Windows\Tasks\User_Feed_Synchronization-{F66F6557-DF8E-4E3C-BAA8-EEEA8AE5C498}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-14 14:06:09
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\conime.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-14 14:15:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-14 12:14:55
ComboFix2.txt 2008-07-14 06:45:50

Pre-Run: 66,987,909,120 octets libres
Post-Run: 66,828,288,000 octets libres

467 --- E O F --- 2008-07-12 08:07:57
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

le C:\Windows\System32\gpprefcl.dll fais des siennes :p ! il ne veut pas se supprimer selon le rapport :s
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,


Télécharge MalwareByte's Anti-Malware sur ton Bureau.



* Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.


Une fois l'installation et la mise à jour effectuées :
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\


* Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
* Afin de lancer la recherche, clic sur"Rechercher".
* Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.


Aide : Comment utiliser MBAM.
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

Voili voilou par contre le gpprefcl.dll n'a pas été décelé serait ce un fichier saint?!

Malwarebytes' Anti-Malware 1.20
Version de la base de données: 949
Windows 6.0.6001 Service Pack 1

00:18:45 15/07/2008
mbam-log-7-15-2008 (00-18-45).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 327607
Temps écoulé: 45 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 30
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 154

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.bxkn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\YoYo\AppData\Roaming\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\YoYo\AppData\Roaming\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\vav.cpl.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\Desktop\Downloads\up_by_titi59_A_CS3_Keygen_Collection\Adobe CS3 Keygen Collection\Acrobat 8 Pro Keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\AppData\Roaming\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Users\YoYo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT (Rogue.SpywareDestructor) -> Quarantined and deleted successfully.
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
salut,


as tu cracké kaspersky??
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

l'ancien ué mais je l'ai totalement viré , la j'ai juste appliqué un clé de licence , aucun crack sur kasper!
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
re,


Télécharge Navilog (de Il-Mafioso)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe


* Enregistre-le sur ton Bureau.
* Installe-le en double cliquant sur navilog.exe.
* Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.

(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]

* Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.

! N'utilise pas l'option 2, 3 et 4 sans notre accord !

* Patiente jusqu'à l'apparition de ce message :

*** Analyse Termine le ..... ***

* Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
* Poste le rapport généré.


Le rapport se trouve ici : C:\fixnavi.txt

Si tu as Vista, fais ceci avant :
Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

Search Navipromo version 3.6.0 commencé le 15/07/2008 à 1:36:47,65

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "YoYo"

Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "c:\users\yoyo\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\INVIT~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\YoYo\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\YoYo\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\INVIT~1\appdata\roaming" ***


*** Recherche dossiers dans "C:\Users\TEMP\appdata\roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\YoYo\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\YoYo\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\YoYo\AppData\Local" *

* Recherche dans "C:\Users\INVIT~1\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\YoYo\AppData\Local\Microsoft" :


* Dans "C:\Users\YoYo\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\YoYo\AppData\Local" :


* Dans "C:\Users\INVIT~1\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 15/07/2008 à 1:55:21,46 ***
Messages postés
1284
Date d'inscription
dimanche 3 février 2008
Statut
Membre
Dernière intervention
15 janvier 2018
15
re,


Bon de ce coté la ça va .


Télécharge Ccleaner sur ton Bureau
https://filehippo.com/download_ccleaner/


* Clique sur download the latest version.
* Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau.
- Contrôler automatiquement les mises à jour de CCleaner.

* Lance le Nettoyage.
* Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.


Aide : Comment utiliser CCleaner.
http://www.infos-du-net.com/forum/272336-7-Ccleaner-under-construction


ensuite si ton kaspersky est craqué je te conseille fortement de le désinstaller et d'installer un très bon antivirus gratuit.


Télécharge AntiVir sur ton Bureau.
https://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&tag=button&cdlPid=10831109

* Double clique sur l'exécutable téléchargé pour lancer l'installation.
* A la fin de l'installation, clique sur Finish.
* Ouvre Antivir, assure-toi qu’il soit bien à jour !
* Dans l'onglet Local Protection, choisis Scanner.
* Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
* Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
* Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..


Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.
Messages postés
12
Date d'inscription
samedi 12 juillet 2008
Statut
Membre
Dernière intervention
17 juillet 2008

re,
Je fais le ccleaner tout les jours^^
Ce matin ca a été fait vers 6h du mat avt le sport!
Et je le répète kasperky n'est pas cracké