Pchink
-
Compteur de contenus
18 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Pchink
-
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Salut Thanos, JavaRa a planté vers la fin de l'exécution (après avoir installé la dernière version de Java et effacé les anciennes versions) Voici tout de même le contenu (probablement incomplet du log): JavaRa 1.15 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sat Jul 24 15:32:17 2010 Found and removed: C:\Program Files\Java\jre1.6.0_06 Found and removed: C:\Program Files\Java\jre1.6.0_07 Found and removed: C:\Documents and Settings\Louis Huppé\Application Data\Sun\Java\jre1.6.0_11 Found and removed: C:\Documents and Settings\Louis Huppé\Application Data\Sun\Java\jre1.6.0_13 Found and removed: C:\Documents and Settings\Louis Huppé\Application Data\Sun\Java\jre1.6.0_15 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\JavaPlugin.160_06 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_06 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_06 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160060} Found and removed: Software\Classes\JavaPlugin.160_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_06 Found and removed: Software\JavaSoft\Java2D\1.6.0_06 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07 Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610007 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_06.b02\ -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Cool! Un gros merci pour ton aide, c'est très apprécié! -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Alors voilà pour les derniers rapports: ComboFix 10-07-23.02 - Louis Huppé 2010-07-24 0:59.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.3071.2561 [GMT -4:00] Lancé depuis: c:\documents and settings\Louis Huppé\Desktop\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\TEMP\logishrd\LVPrcInj01.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-24 au 2010-07-24 )))))))))))))))))))))))))))))))))))) . 2010-07-24 03:35 . 2010-07-24 03:35 -------- d-----w- c:\program files\Avira 2010-07-24 03:35 . 2010-07-24 03:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-07-24 03:35 . 2010-03-01 14:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-07-24 03:35 . 2010-02-16 18:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-07-24 03:35 . 2009-05-11 16:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-07-24 03:35 . 2009-05-11 16:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-07-22 05:10 . 2010-07-22 05:10 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-07-22 05:01 . 2010-07-22 05:01 -------- d-----w- C:\rsit 2010-07-22 03:31 . 2010-07-22 03:31 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE 2010-07-21 01:23 . 2010-07-21 01:23 -------- d-----w- c:\program files\Trend Micro 2010-07-18 22:12 . 2010-07-19 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor 2010-07-18 22:12 . 2010-07-07 16:25 22600 ----a-w- c:\windows\system32\drivers\OAmon.sys 2010-07-18 22:12 . 2010-07-07 16:25 28232 ----a-w- c:\windows\system32\drivers\OAnet.sys 2010-07-18 22:12 . 2010-07-07 16:25 236104 ----a-w- c:\windows\system32\drivers\OADriver.sys 2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- c:\program files\Emsisoft 2010-07-18 22:04 . 2010-07-24 04:40 -------- d-----w- c:\windows\system32\NtmsData 2010-07-18 18:21 . 2010-07-18 18:22 -------- d-----w- c:\program files\ERUNT 2010-07-18 00:21 . 2010-07-18 17:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-18 00:21 . 2010-07-18 00:23 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-07-17 20:55 . 2010-07-17 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative 2010-07-17 20:55 . 2010-07-17 20:55 -------- d-----w- c:\program files\Common Files\Creative Labs Shared 2010-07-17 19:12 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2010-07-14 02:11 . 2010-07-14 02:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2010-07-11 19:41 . 2010-07-11 19:41 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-07-11 19:41 . 2010-07-11 19:41 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-07-09 01:33 . 2010-07-09 01:33 -------- d-----w- c:\program files\TeamSpeak 3 Client . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-22 04:02 . 2010-01-19 05:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-19 13:59 . 2008-04-12 04:49 -------- d-----w- c:\program files\ESET 2010-07-18 22:25 . 2008-05-04 17:11 -------- d-----w- c:\program files\MagicISO 2010-07-18 00:25 . 2010-04-02 15:50 -------- d-----w- c:\program files\Guitar Pro 6 2010-07-17 21:02 . 2008-04-12 04:21 -------- d-----w- c:\program files\Messenger Plus! Live 2010-07-17 20:55 . 2008-04-12 02:42 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-07-17 20:55 . 2008-05-19 03:27 445016 ----a-w- c:\windows\system32\wrap_oal.dll 2010-07-17 20:55 . 2008-05-19 03:27 109144 ----a-w- c:\windows\system32\OpenAL32.dll 2010-07-11 20:02 . 2008-05-19 03:27 -------- d-----w- c:\program files\Creative 2010-07-11 19:59 . 2008-04-12 04:17 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2010-07-11 19:59 . 2010-06-04 13:20 -------- d-----w- c:\program files\QuickTime 2010-07-11 19:59 . 2008-12-01 00:14 -------- d-----r- c:\program files\Skype 2010-07-11 19:59 . 2008-06-01 22:14 -------- d-----w- c:\program files\MSN Webcam Recorder 2010-07-11 19:59 . 2008-07-03 03:31 -------- d-----w- c:\program files\Winamp 2010-06-14 14:31 . 2008-04-12 02:17 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-07 09:51 . 2008-05-03 03:17 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-04 15:11 . 2010-06-04 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\WindSolutions 2010-06-04 14:23 . 2010-06-04 14:23 16504 ---ha-w- c:\windows\system32\mlfcache.dat 2010-06-04 13:30 . 2009-03-12 20:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2010-06-04 13:22 . 2010-06-04 13:21 -------- d-----w- c:\program files\iTunes 2010-06-04 13:22 . 2010-06-04 13:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-04 13:21 . 2010-06-04 13:21 -------- d-----w- c:\program files\iPod 2010-06-04 13:21 . 2009-03-12 20:05 -------- d-----w- c:\program files\Common Files\Apple 2010-06-04 13:21 . 2010-06-04 13:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2010-06-04 13:19 . 2010-06-04 13:18 -------- d-----w- c:\program files\Apple Software Update 2010-06-04 13:17 . 2010-06-04 13:17 -------- d-----w- c:\program files\Bonjour 2010-05-06 10:41 . 2007-07-27 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 05:22 . 2007-07-27 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys 2010-04-29 19:39 . 2010-01-19 06:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 19:39 . 2010-01-19 06:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-28 19:45 . 2010-04-28 19:45 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2003-12-18 15:33 . 2008-07-20 23:54 20102 ----a-w- c:\program files\Readme.txt 2003-09-03 11:46 . 2008-07-20 23:54 10960 ----a-w- c:\program files\EULA.txt . ((((((((((((((((((((((((((((( SnapShot@2010-07-22_05.16.02 ))))))))))))))))))))))))))))))))))))))))) . + 2010-07-24 03:35 . 2009-05-11 14:12 28520 c:\windows\system32\drivers\ssmdrv.sys + 2008-04-12 02:22 . 2010-07-23 23:21 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-04-12 02:22 . 2010-07-22 05:10 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-04-12 02:22 . 2010-07-23 23:21 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-04-12 02:22 . 2010-07-22 05:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-04-12 02:22 . 2010-07-23 23:21 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-04-12 02:22 . 2010-07-22 05:10 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856] "Google Update"="c:\documents and settings\Louis Huppé\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-28 136176] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "SkyTel"="SkyTel.EXE" [2008-04-07 1826816] "RTHDCPL"="RTHDCPL.EXE" [2008-04-07 16859136] "SoundMan"="SOUNDMAN.EXE" [2008-04-07 86016] "AlcWzrd"="ALCWZRD.EXE" [2008-04-07 2808832] "CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] "CTHelper"="CTHELPER.EXE" [2010-03-18 19456] "@OnlineArmor GUI"="c:\program files\Emsisoft\Online Armor\oaui.exe" [2010-07-07 6854984] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\Emsisoft\ONLINE~1\oaevent.dll" [2010-07-07 924488] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2008-05-02 06:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "MIDI4"=diomidi.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Steam\\steamapps\\common\\x-com terror from the deep\\runme.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "d:\\Steam\\steamapps\\common\\dawn of war gold\\W40k.exe"= "d:\\Steam\\steamapps\\common\\dawn of war gold\\W40kWA.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Steam\\steamapps\\common\\xcom ufo defense\\dosbox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Steam\\steamapps\\common\\mass effect\\Binaries\\MassEffect.exe"= "d:\\Steam\\steamapps\\common\\plants vs zombies\\PlantsVsZombies.exe"= "d:\\Steam\\steamapps\\common\\torchlight\\Torchlight.exe"= "d:\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "d:\\Steam\\steamapps\\common\\defensegridtheawakening\\DefenseGrid.exe"= "d:\\Steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe"= "d:\\Steam\\steamapps\\u_p\\counter-strike source\\hl2.exe"= R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2008-04-12 16384] R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-07-18 236104] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-07-18 22600] R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-07-18 28232] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-07-23 135336] R2 OAcat;Online Armor Helper Service;c:\program files\Emsisoft\Online Armor\oacat.exe [2010-07-18 1283400] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-03-18 99416] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-03-18 555096] R3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [2010-03-18 18904] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-03-18 566360] R3 SvcOnlineArmor;Online Armor;c:\program files\Emsisoft\Online Armor\oasrv.exe [2010-07-18 3364680] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-03-18 99416] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-07-17 79360] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-03-18 555096] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-03-18 100952] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-03-18 100952] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-03-18 566360] S3 dalwdmservice;dal service;c:\windows\system32\drivers\Dalwdm.sys [2008-04-12 109056] S3 DualCoreCenter;DualCoreCenter;\??\c:\program files\ATI Technologies\ATI.ACE\NTGLM7X.sys --> c:\program files\ATI Technologies\ATI.ACE\NTGLM7X.sys [?] S3 MBX2DFU;MBX2DFU;c:\windows\system32\drivers\mbx2dfu.sys [2008-04-12 15488] S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2008-04-12 15232] S3 RushTopDevice2;RushTopDevice2;\??\c:\program files\ATI Technologies\ATI.ACE\RushTop.sys --> c:\program files\ATI Technologies\ATI.ACE\RushTop.sys [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-05-04 717296] . Contenu du dossier 'Tâches planifiées' 2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Louis Huppé\Application Data\Mozilla\Firefox\Profiles\sa9vo2md.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-24 01:09 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTxfiHlp = CTXFIHLP.EXE? CTHelper = CTHELPER.EXE? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,83,9d,00,5e,95,18,4a,a1,9c,7f,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,83,9d,00,5e,95,18,4a,a1,9c,7f,\ [HKEY_USERS\S-1-5-21-1547161642-1336601894-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:11,d6,c5,cc,e5,0b,1a,6b,5c,d8,99,9e,24,0f,cb,8c,5a,3a,07,90,fc,74,3a, 50,63,d6,4e,da,f1,31,f1,75,d1,80,d8,a3,d0,33,1a,32,8a,91,94,36,2d,16,64,8e,\ "??"=hex:ab,67,17,8e,06,b6,50,b2,6f,3c,b5,de,17,fd,8a,58 [HKEY_USERS\S-1-5-21-1547161642-1336601894-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:75,51,ca,8c,79,fe,f8,f7,43,92,77,04,42,07,84,a2,74,14,a5,fd,bd, 7f,77,f7,09,81,f7,b0,a4,56,e4,20,62,2b,e5,9d,cd,74,52,ab,d3,0c,ea,e9,bf,1f,\ "rkeysecu"=hex:7e,41,58,24,fb,73,06,8b,b2,cb,c4,3e,0b,a2,d5,88 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(548) c:\windows\system32\Ati2evxx.dll c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(4812) c:\windows\system32\WININET.dll c:\program files\Logitech\SetPoint\GameHook.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll c:\windows\system32\ctagent.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\windows\SOUNDMAN.EXE c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\windows\system32\CTHELPER.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\Logitech\SetPoint\SetPoint.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe . ************************************************************************** . Heure de fin: 2010-07-24 01:12:30 - La machine a redémarré ComboFix-quarantined-files.txt 2010-07-24 05:12 ComboFix2.txt 2010-07-22 05:17 Avant-CF: 82 117 591 040 bytes free Après-CF: 82 205 347 840 bytes free - - End Of File - - 448F3DA1F083E6BBCBDC861F0084FFD6 MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 \\.\F: --> \\.\PhysicalDrive1 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Windows XP MBR code detected 279 GB \\.\PhysicalDrive1 Windows XP MBR code detected Done! Press ENTER to exit... -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 \\.\F: --> \\.\PhysicalDrive1 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Windows XP MBR code detected 279 GB \\.\PhysicalDrive1 Known-bad MBR code detected (Whistler / Black Internet)! Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit. Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): Available MBR codes: [ 0] Default (Windows XP) [ 1] Windows XP [ 2] Windows Server 2003 [ 3] Windows Vista [ 4] Windows 2008 [ 5] Windows 7 [-1] Cancel Please select the MBR code to write to this drive: Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: Successfully wrote new MBR code! Please reboot your computer to complete the fix. Done! Press ENTER to exit... -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Salut Mark, Merci pour ta réponse, je comprends qu'avec le décalage horraire (je suis basé au Canada et d'après ce que je vois, vous êtes en France ?), je ne m'attendais pas à recevoir de réponse tout de suite Bref, j'ai fais un peu de recherche de mon côté et j'ai trouvé sur un autre forum une solution pour effacer le Whistler bootkit (le programme s'appelle bootkit_remover de esage labs), j'ai roulé le scan du programme, et fixé la mbr de mon disque principal et maintenant tout semble fonctionner normalement (je n'ai plus de fenêtre d'IE qui me balance des pubs et le son ne couple plus). La seule chose qui m'inquiète maintenant est de savoir si la mbr de mon 2e disque dur est aussi infectée (le bootkit_remover que j'ai roulé semble effectuer les tests uniquement sur le drive C). J'ai une question par contre; j'ai trouvé des clés de registre concernant un certain driver catchme.sys et d'après ce que je comprends, ceci est un keylogger ? J'ai regardé le répertoire où une des clés de catchme pointait et le fichier catchme.sys ne s'y trouve pas...est-ce qu'il y a un moyen de vérifier si je suis infecté par ça aussi ? Encore une fois, merci beaucoup pour votre aide! -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 \\.\F: --> \\.\PhysicalDrive1 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)! 279 GB \\.\PhysicalDrive1 Known-bad MBR code detected (Whistler / Black Internet)! Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Press ENTER to exit... -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Voici le contenu demandé: MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 \\.\F: --> \\.\PhysicalDrive1 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black I nternet)! 279 GB \\.\PhysicalDrive1 Known-bad MBR code detected (Whistler / Black I nternet)! Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: y Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit. Enter your choice: 2 Enter the physical disk number to fix (0-99, -1 to cancel): 0 Available MBR codes: [ 0] Default (Windows XP) [ 1] Windows XP [ 2] Windows Server 2003 [ 3] Windows Vista [ 4] Windows 2008 [ 5] Windows 7 [-1] Cancel Please select the MBR code to write to this drive: 1 Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: y Done! Press ENTER to exit... -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Salut thanos, Question avant que je commence: crois-tu que c'est risqué de transférer des documents de mon disque de données sur des dvd ? Par là je veux dire est-ce qu'il y a un risque que l'infection se propage sur les fichiers que je transfère et qu'en faisant ça je vais ramener le virus sur mon disque lorsque je vais remettre mes trucs sur le pc après le nettoyage ? Ou si le virus est confiné dans la mbr de mes disques et va rester là ? Merci d'avance et merci pour ton temps! -
multiples instances d'IE ouvertes pour rien, lenteur, coupure de
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Salut, merci pour la réponse et pour ton aide! Voici les 4 logs demandés: MBRCheck, version 1.1.1 © 2010, AD \\.\C: --> \\.\PhysicalDrive0 \\.\D: --> \\.\PhysicalDrive0 \\.\F: --> \\.\PhysicalDrive1 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)! 279 GB \\.\PhysicalDrive1 Known-bad MBR code detected (Whistler / Black Internet)! Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Press ENTER to exit... Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4337 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 2010-07-22 01:00:19 mbam-log-2010-07-22 (01-00-19).txt Scan type: Full scan (C:\|D:\|F:\|I:\|) Objects scanned: 356117 Time elapsed: 54 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) info.txt logfile of random's system information tool 1.08 2010-07-22 01:01:26 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE} Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Bonjour-->MsiExec.exe /X{8A253629-0511-4854-8B4E-46E57E66005C} Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C} CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} CDex extraction audio-->"D:\CDex_150\uninstall.exe" Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress Counter-Strike: Source-->"D:\Steam\steam.exe" steam://uninstall/240 Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c /remove Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Dawn of War Gold-->"D:\Steam\steam.exe" steam://uninstall/4570 Defense Grid: The Awakening-->"D:\Steam\steam.exe" steam://uninstall/18500 Digidesign Pro Tools LE 7.3.1-->C:\Program Files\InstallShield Installation Information\{EF2F3EF2-A1CC-4ACD-BCAE-92CAC8D5613A}\setup.exe -runfromtemp -l0x0009 -removeonly Digidesign Shared Plug-Ins 7.3-->C:\Program Files\InstallShield Installation Information\{AFE354A5-640F-4A23-94C8-0B441E8967CA}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly DualCoreCenter-->"C:\Program Files\ATI Technologies\ATI.ACE\unins000.exe" ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" Free Bomb Factory Plug-Ins 7.3-->C:\Program Files\InstallShield Installation Information\{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly Guitar Pro 5.0-->"D:\Guitar Pro 5\unins000.exe" Guitar Pro 6-->"C:\Program Files\Guitar Pro 6\unins000.exe" Half-Life 2-->"D:\Steam\steam.exe" steam://uninstall/220 HD Tune 2.54-->"C:\Program Files\HD Tune\unins000.exe" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Louis Huppé\Desktop\HiJackThis\HijackThis.exe" /uninstall HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Homeworld2-->C:\Program Files\Sierra\Homeworld2\uninstall.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" ID3-TagIT 3-->"C:\Program Files\ID3-TagIT 3\unins000.exe" InterLok Driver Kit-->MsiExec.exe /X{A15B3CF2-7FB7-4102-BBC9-9680B7F0825F} iTunes-->MsiExec.exe /I{5ECB3A3C-980B-4D12-9724-25DCB07A1F47} Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02} Java 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Development Kit 6 Update 6-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160060} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} Left 4 Dead 2-->"D:\Steam\steam.exe" steam://uninstall/550 Left 4 Dead-->"D:\Steam\steam.exe" steam://uninstall/500 Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876} Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0009 -removeonly Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mass Effect-->"D:\Steam\steam.exe" steam://uninstall/17460 Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (3.6.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} msxml4-->MsiExec.exe /X{5AE3D9F1-9E9E-4015-8787-E22705AA32C5} Nero 7 Demo-->MsiExec.exe /I{0D9E1F52-CE29-B03B-D79F-8EC434821033} Online Armor 4.0-->"C:\Program Files\Emsisoft\Online Armor\unins000.exe" Plants Vs Zombies Demo-->"D:\Steam\steam.exe" steam://uninstall/3592 Portal-->"D:\Steam\steam.exe" steam://uninstall/400 Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u Quake 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{152B782A-05F3-48EC-9AAC-4D3EB68D9E20} /l1033 Quick Startup 2.6.0.656-->"C:\Program Files\Quick Startup\unins000.exe" QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SimCity 4 Deluxe-->C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe" Torchlight-->"D:\Steam\steam.exe" steam://uninstall/41500 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" VDMSound-->C:\Program Files\VDMSound\uninst.exe VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87} Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" X-COM: Terror from the Deep-->"D:\Steam\steam.exe" steam://uninstall/7650 X-COM: UFO Defense-->"D:\Steam\steam.exe" steam://uninstall/7760 ======Security center information====== AV: Eset NOD32 antivirus system 2.51 FW: Online Armor Firewall (disabled) ======System event log====== Computer Name: LEWISSSH Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 31273 Source Name: Tcpip Time Written: 20100527222058.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 30998 Source Name: W32Time Time Written: 20100520232041.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 30997 Source Name: Tcpip Time Written: 20100520195848.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 30946 Source Name: Tcpip Time Written: 20100518200022.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 30867 Source Name: W32Time Time Written: 20100516004504.000000-240 Event Type: warning User: =====Application event log===== Computer Name: LEWISSSH Event Code: 0 Message: Configuration section system.runtime.serialization already exists in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Record Number: 9899 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20090809155049.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 0 Message: Configuration section system.serviceModel already exists in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Record Number: 9898 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20090809155049.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 0 Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly. If you believe this message is an error, check your IIS installation to make sure it is installed properly. Record Number: 9896 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20090809155049.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 1020 Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i. Record Number: 9878 Source Name: ASP.NET 2.0.50727.0 Time Written: 20090809154920.000000-240 Event Type: warning User: Computer Name: LEWISSSH Event Code: 1000 Message: Faulting application winamp.exe, version 5.5.5.2419, faulting module jscript.dll, version 5.8.6001.18702, fault address 0x0002001a. Record Number: 9669 Source Name: Application Error Time Written: 20090706124638.000000-240 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=2 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\VDMSound;D:\Guitar Pro 5;C:\Program Files\QuickTime\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=1706 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "VDMSPath"=C:\Program Files\VDMSound "windir"=%SystemRoot% "asl.log"=Destination=file;OnFirstLog=command,environment "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.08 (written by random/random) Run by Louis Huppé at 2010-07-22 01:01:20 Microsoft Windows XP Professional Service Pack 3 System drive C: has 79 GB (79%) free of 100 GB Total RAM: 3071 MB (72% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:01:24, on 2010-07-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Emsisoft\Online Armor\OAcat.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Louis Huppé\Desktop\RSIT.exe C:\Program Files\Trend Micro\HiJackThis\Louis Huppé.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\ATI Technologies\ATI.ACE\StartUpDualCoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\OAcat.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\oasrv.exe -- End of file - 8566 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1336601894-725345543-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1336601894-725345543-1003UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2008-04-07 1826816] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-07 16859136] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-04-07 86016] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-04-07 2808832] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2007-04-09 19968] "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120] "CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2010-03-18 19456] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "Google Update"=C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-28 136176] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288] C:\Documents and Settings\All Users\Start Menu\Programs\Startup DualCoreCenter.lnk - C:\Program Files\ATI Technologies\ATI.ACE\StartUpDualCoreCenter.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-05-15 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\Emsisoft\ONLINE~1\oaevent.dll [2010-07-07 924488] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "D:\Steam\steamapps\common\x-com terror from the deep\runme.exe"="D:\Steam\steamapps\common\x-com terror from the deep\runme.exe:*:Enabled:X-COM: Terror from the Deep" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "D:\Steam\steamapps\common\dawn of war gold\W40k.exe"="D:\Steam\steamapps\common\dawn of war gold\W40k.exe:*:Enabled:Dawn of War Gold" "D:\Steam\steamapps\common\dawn of war gold\W40kWA.exe"="D:\Steam\steamapps\common\dawn of war gold\W40kWA.exe:*:Enabled:Dawn of War Gold: Winter Assault" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "D:\Steam\steamapps\common\xcom ufo defense\dosbox.exe"="D:\Steam\steamapps\common\xcom ufo defense\dosbox.exe:*:Enabled:X-COM: UFO Defense" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Steam\steamapps\common\mass effect\Binaries\MassEffect.exe"="D:\Steam\steamapps\common\mass effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect" "D:\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe"="D:\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe:*:Enabled:Plants Vs Zombies" "D:\Steam\steamapps\common\torchlight\Torchlight.exe"="D:\Steam\steamapps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight" "D:\Steam\steamapps\common\left 4 dead\left4dead.exe"="D:\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "D:\Steam\steamapps\common\defensegridtheawakening\DefenseGrid.exe"="D:\Steam\steamapps\common\defensegridtheawakening\DefenseGrid.exe:*:Enabled:Defense Grid: The Awakening" "D:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe"="D:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2" "D:\Steam\steamapps\u_p\counter-strike source\hl2.exe"="D:\Steam\steamapps\u_p\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2010-07-22 01:01:20 ----D---- C:\rsit 2010-07-21 23:05:18 ----D---- C:\WINDOWS\temp 2010-07-21 23:02:38 ----A---- C:\Boot.bak 2010-07-21 23:02:34 ----RASHD---- C:\cmdcons 2010-07-21 22:56:31 ----A---- C:\WINDOWS\zip.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\SWSC.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\SWREG.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\sed.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\PEV.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\NIRCMD.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\MBR.exe 2010-07-21 22:56:31 ----A---- C:\WINDOWS\grep.exe 2010-07-21 22:56:26 ----D---- C:\WINDOWS\ERDNT 2010-07-21 22:56:25 ----SD---- C:\ComboFix 2010-07-21 22:43:36 ----D---- C:\Qoobox 2010-07-20 21:23:08 ----D---- C:\Program Files\Trend Micro 2010-07-18 18:12:28 ----D---- C:\Documents and Settings\Louis Huppé\Application Data\OnlineArmor 2010-07-18 18:12:28 ----D---- C:\Documents and Settings\All Users\Application Data\OnlineArmor 2010-07-18 18:12:13 ----A---- C:\WINDOWS\system32\drivers\OAnet.sys 2010-07-18 18:12:13 ----A---- C:\WINDOWS\system32\drivers\OAmon.sys 2010-07-18 18:12:13 ----A---- C:\WINDOWS\system32\drivers\OADriver.sys 2010-07-18 18:12:09 ----D---- C:\Program Files\Emsisoft 2010-07-18 18:04:24 ----D---- C:\WINDOWS\system32\NtmsData 2010-07-18 14:21:47 ----D---- C:\Program Files\ERUNT 2010-07-17 20:21:29 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-07-17 20:21:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-07-17 16:57:11 ----A---- C:\WINDOWS\{00000005-00000000-00000000-00001102-00000004-10071102}.BAK 2010-07-17 16:55:51 ----D---- C:\Documents and Settings\All Users\Application Data\Creative 2010-07-17 16:55:46 ----D---- C:\Program Files\Common Files\Creative Labs Shared 2010-07-17 15:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-07-17 15:15:23 ----A---- C:\mbam-error.txt 2010-07-08 21:34:05 ----D---- C:\Documents and Settings\Louis Huppé\Application Data\TS3Client 2010-07-08 21:33:49 ----D---- C:\Program Files\TeamSpeak 3 Client ======List of files/folders modified in the last 1 months====== 2010-07-22 00:02:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-22 00:02:30 ----D---- C:\WINDOWS\system32\drivers 2010-07-21 23:33:55 ----RD---- C:\Program Files 2010-07-21 23:33:51 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-21 23:32:01 ----D---- C:\WINDOWS 2010-07-21 23:32:01 ----A---- C:\WINDOWS\ntbtlog.txt 2010-07-21 23:29:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-07-21 23:09:57 ----D---- C:\WINDOWS\system32\drivers\etc 2010-07-21 23:08:03 ----D---- C:\WINDOWS\system32\config 2010-07-21 23:04:14 ----D---- C:\WINDOWS\system32 2010-07-21 23:04:14 ----D---- C:\WINDOWS\AppPatch 2010-07-21 23:04:09 ----D---- C:\Program Files\Common Files 2010-07-21 23:02:38 ----RASH---- C:\boot.ini 2010-07-21 22:44:00 ----D---- C:\WINDOWS\Prefetch 2010-07-21 01:02:08 ----D---- C:\Program Files\Mozilla Firefox 2010-07-20 21:23:14 ----SHD---- C:\WINDOWS\Installer 2010-07-19 22:54:21 ----D---- C:\WINDOWS\WinSxS 2010-07-19 22:53:58 ----D---- C:\Program Files\Adobe 2010-07-19 22:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-07-19 22:22:58 ----D---- C:\WINDOWS\Registration 2010-07-19 09:59:28 ----D---- C:\Program Files\ESET 2010-07-18 18:25:01 ----D---- C:\Program Files\MagicISO 2010-07-18 18:04:24 ----D---- C:\WINDOWS\repair 2010-07-17 20:25:01 ----D---- C:\Program Files\Guitar Pro 6 2010-07-17 17:03:49 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-07-17 17:02:42 ----D---- C:\Program Files\Messenger Plus! Live 2010-07-17 16:56:59 ----D---- C:\WINDOWS\system32\Defaults 2010-07-17 16:55:58 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-17 16:55:16 ----D---- C:\Documents and Settings\Louis Huppé\Application Data\Creative 2010-07-17 16:55:16 ----A---- C:\WINDOWS\system32\wrap_oal.dll 2010-07-17 16:55:16 ----A---- C:\WINDOWS\system32\OpenAL32.dll 2010-07-17 16:55:10 ----D---- C:\WINDOWS\system 2010-07-17 16:55:06 ----D---- C:\WINDOWS\system32\Data 2010-07-17 16:54:45 ----HD---- C:\WINDOWS\inf 2010-07-17 15:58:54 ----D---- C:\Documents and Settings\Louis Huppé\Application Data\vlc 2010-07-17 15:43:35 ----A---- C:\WINDOWS\NeroDigital.ini 2010-07-17 15:14:45 ----HD---- C:\WINDOWS\$hf_mig$ 2010-07-17 15:14:32 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-07-11 16:02:03 ----D---- C:\Program Files\Creative 2010-07-11 15:59:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller 2010-07-11 15:59:48 ----RD---- C:\Program Files\Skype 2010-07-11 15:59:48 ----D---- C:\Program Files\QuickTime 2010-07-11 15:59:48 ----D---- C:\Program Files\MSN Webcam Recorder 2010-07-11 15:59:47 ----D---- C:\Program Files\Windows Media Player 2010-07-11 15:59:47 ----D---- C:\Program Files\Winamp 2010-07-10 12:38:12 ----D---- C:\WINDOWS\Microsoft.NET 2010-07-10 12:38:10 ----RSD---- C:\WINDOWS\assembly 2010-07-10 11:59:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-07-02 23:39:56 ----D---- C:\Documents and Settings\Louis Huppé\Application Data\dvdcss 2010-07-02 15:39:05 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DigiFilter;DigiFilter; C:\WINDOWS\System32\drivers\DigiFilt.sys [2006-11-13 16384] R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-07 43528] R0 TPkd;TPkd; C:\WINDOWS\system32\drivers\TPkd.sys [2006-10-05 72608] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys [] R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys [] R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys [] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-15 4069888] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992] R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [2010-03-18 99416] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2010-03-18 511064] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2010-03-18 528472] R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [2010-03-18 555096] R3 ctgame;Game Port; C:\WINDOWS\system32\DRIVERS\ctgame.sys [2010-03-18 18904] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2010-03-18 14424] R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [2010-03-18 566360] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2010-03-18 157272] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2010-03-18 92760] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2010-03-18 798808] R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2010-03-18 162904] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624] R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2010-03-18 127576] R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-07-26 13848] R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-02-06 90880] R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 catchme;catchme; \??\C:\DOCUME~1\LOUISH~1\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 COMMONFX.DLL;COMMONFX.DLL; C:\WINDOWS\system32\COMMONFX.DLL [] S3 COMMONFX;COMMONFX; C:\WINDOWS\system32\drivers\COMMONFX.SYS [2010-03-18 99416] S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2007-04-12 164608] S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\WINDOWS\system32\CTAUDFX.DLL [] S3 CTAUDFX;CTAUDFX; C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2010-03-18 555096] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2010-03-18 347144] S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\WINDOWS\system32\CTEAPSFX.DLL [2007-04-12 168192] S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\WINDOWS\system32\CTEDSPFX.DLL [2007-04-12 280320] S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\WINDOWS\system32\CTEDSPIO.DLL [2007-04-12 128768] S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\WINDOWS\system32\CTEDSPSY.DLL [2007-04-12 323328] S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\WINDOWS\system32\CTERFXFX.DLL [] S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [2010-03-18 100952] S3 CTERFXFX;CTERFXFX; C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2010-03-18 100952] S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2007-04-12 1317632] S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2007-04-12 66816] S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\WINDOWS\system32\CTSBLFX.DLL [] S3 CTSBLFX;CTSBLFX; C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2010-03-18 566360] S3 dalwdmservice;dal service; C:\WINDOWS\system32\drivers\dalwdm.sys [2006-11-13 109056] S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\ATI Technologies\ATI.ACE\NTGLM7X.sys [] S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [] S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2010-03-18 189528] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-07 4713472] S3 MBX2DFU;MBX2DFU; C:\WINDOWS\SYSTEM32\DRIVERS\MBX2DFU.sys [2006-11-13 15488] S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver; C:\WINDOWS\system32\drivers\mbx2midk.sys [2006-11-13 15232] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\ATI Technologies\ATI.ACE\RushTop.sys [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-16 41472] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-05-04 717296] S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2007-07-27 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-15 602112] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720] R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040] R2 OAcat;Online Armor Helper Service; C:\Program Files\Emsisoft\Online Armor\OAcat.exe [2010-07-07 1283400] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-13 66872] R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-11-13 107832] R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-07-17 79360] S3 digiSPTIService;digiSPTIService; C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe [2006-11-13 122880] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SvcOnlineArmor;Online Armor; C:\Program Files\Emsisoft\Online Armor\oasrv.exe [2010-07-07 3364680] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- -
Bonjour Zebulon Depuis quelques jours, mon pc fait des siennes, je crois avoir chopé un malware quelconque. Symptômes: - Lenteur excessive au démarrage du pc - Le son système est muté après le boot, et ensuite il se met à off tout seul - Lorsque le son est ouvert, j'entend des click (comme si je cliquais sur un folder dans explorer) - Des instances d'IE s'ouvrent et des popups publicitaires apparaissent - En tout temps, j'ai au moins 2 instances d'IE ouvertes dans mon process manager (bien que les fenêtres ne soient pas visibles) Bref, voici un log d'HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:25:45, on 2010-07-19 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Emsisoft\Online Armor\OAcat.exe C:\Program Files\Emsisoft\Online Armor\oasrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Emsisoft\Online Armor\oaui.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Emsisoft\Online Armor\OAhlp.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Louis Huppé\Desktop\HiJackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Emsisoft\Online Armor\oaui.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Louis Huppé\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\ATI Technologies\ATI.ACE\StartUpDualCoreCenter.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Online Armor Helper Service (OAcat) - Emsi Software GmbH - C:\Program Files\Emsisoft\Online Armor\OAcat.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Online Armor (SvcOnlineArmor) - Emsi Software GmbH - C:\Program Files\Emsisoft\Online Armor\oasrv.exe -- End of file - 9632 bytes Merci d'avance!
-
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
All right! mon PC semble clean! Encore une fois merci charles, t'as été d'une grande aide!! P.S. J'ai également été logger mon problème dans l'autre forum -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 22:58:30, on 2006-10-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\svchost.exe C:\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.ex" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lewisssup.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe DiagHelp : C:\WINDOWS\System32\nvapps.xml -->2006-10-23 22:55:23 C:\WINDOWS\System32\vsconfig.xml -->2006-10-23 22:54:10 C:\WINDOWS\System32\settingsbkup.sfm -->2006-10-23 20:59:30 C:\WINDOWS\System32\settings.sfm -->2006-10-23 20:59:30 C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-23 20:59:30 C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-23 20:59:30 C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 20:59:30 C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 20:59:30 C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 20:59:30 C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 20:59:30 C:\WINDOWS\System32\zllictbl.dat -->2006-10-23 19:43:51 C:\WINDOWS\System32\wpa.dbl -->2006-10-22 21:32:04 C:\WINDOWS\System32\Bikini Party 2004.scr -->2006-10-12 20:13:32 C:\WINDOWS\System32\CONFIG.NT -->2006-09-26 21:41:13 C:\WINDOWS\System32\SIntfNT.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf32.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf16.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\perfh00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfh009.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc009.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\vsutil_loc040c.dll -->2006-08-23 23:39:32 C:\WINDOWS\System32\vsdatant.sys -->2006-08-23 23:38:36 C:\WINDOWS\System32\zlcommdb.dll -->2006-08-23 23:38:06 C:\WINDOWS\System32\zlcomm.dll -->2006-08-23 23:38:06 C:\WINDOWS\{00000000-00000000-0000000A-00001102-00000004-10071102}.CDF -->2006-10-23 22:55:31 C:\WINDOWS\wiadebug.log -->2006-10-23 22:54:32 C:\WINDOWS\wiaservc.log -->2006-10-23 22:54:28 C:\WINDOWS\0.log -->2006-10-23 22:53:54 C:\WINDOWS\bootstat.dat -->2006-10-23 22:53:42 C:\WINDOWS\WindowsUpdate.log -->2006-10-23 22:52:46 C:\WINDOWS\ntbtlog.txt -->2006-10-23 22:08:59 C:\WINDOWS\SchedLgU.Txt -->2006-10-23 20:59:26 C:\WINDOWS\setupact.log -->2006-10-22 21:56:31 C:\WINDOWS\War3Unin.dat -->2006-10-16 21:55:00 C:\WINDOWS\win.ini -->2006-10-16 00:05:55 C:\WINDOWS\system.ini -->2006-10-16 00:05:55 C:\WINDOWS\DirectX.log -->2006-10-14 17:59:39 C:\WINDOWS\setupapi.log -->2006-10-13 23:24:23 C:\WINDOWS\QTFont.qfn -->2006-10-09 16:59:29 C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |30/05/2006 03:30:44 C:\WINDOWS\MIDIDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\PSCONV.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\READREG.EXE |Creative Technology Limited |30/05/2006 03:29:00 C:\WINDOWS\twunk_16.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\twunk_32.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\uninst.exe |InstallShield Corporation, Inc. |04/06/2006 02:59:38 C:\WINDOWS\Updreg.EXE |Creative Technology Ltd. |30/05/2006 03:30:42 C:\WINDOWS\War3Unin.exe |Blizzard Entertainment |18/07/2006 00:34:23 C:\WINDOWS\CTCCW.DLL |Creative® Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\CTDCRES.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\CTRES.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\DEVREG.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\INRES.DLL |Creative Technology Limited |30/05/2006 03:29:15 C:\WINDOWS\twain.dll |Groupe de travail Twain |24/08/2001 08:00:00 C:\WINDOWS\twain_32.dll |Groupe de travail Twain |03/08/2004 18:54:44 C:\WINDOWS\system32\append.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\CTHELPER.EXE |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSVCCDA.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\CTSVCCTL.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\debug.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\dosx.exe |COMPANY |03/08/2004 16:51:28 C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ENSDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\exe2bin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\fastopen.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\keystone.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\KILLAPPS.EXE |COMPANY |30/05/2006 03:29:01 C:\WINDOWS\system32\mem.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\mscdexnt.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nlsfunc.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nvappbar.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcolor.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcplui.exe |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdspsch.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvsvc32.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvudisp.exe |NVIDIA Corporation |30/05/2006 03:10:29 C:\WINDOWS\system32\NVUNINST.EXE |NVIDIA Corporation |30/05/2006 03:10:00 C:\WINDOWS\system32\nw16.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nwiz.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\redir.exe |COMPANY |03/08/2004 16:48:48 C:\WINDOWS\system32\REGPLIB.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\system32\setver.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\share.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\vwipxspx.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\a3d.dll |COMPANY |30/05/2006 03:28:55 C:\WINDOWS\system32\AC3API.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\AHQCpURes.dll |Creative Technology Ltd. |30/05/2006 03:28:27 C:\WINDOWS\system32\amstream.dll |COMPANY |03/08/2004 18:54:22 C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |03/08/2004 18:52:50 C:\WINDOWS\system32\atmlib.dll |Adobe Systems |03/08/2004 18:54:22 C:\WINDOWS\system32\cba.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\commonfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\compatUI.dll |COMPANY |03/08/2004 18:54:24 C:\WINDOWS\system32\CTAGENT.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTASIO.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctaudfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTDC0000.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDC0001.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDCIFCE.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDetres.dll |Creative Technology Ltd. |30/05/2006 03:26:21 C:\WINDOWS\system32\CTDPROXY.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctdvda32.dll |Creative Technology Ltd |30/05/2006 03:28:32 C:\WINDOWS\system32\CTEMUPIA.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTMEDENG.DLL |Creative Technology Ltd. |30/05/2006 03:26:19 C:\WINDOWS\system32\CTMERes.DLL |Creative Technology Ltd. |30/05/2006 03:26:18 C:\WINDOWS\system32\CTOSUSER.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\ctsblfx.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTSCAL.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSPKHLP.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTWFLT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\dgsetup.dll |Digi International |30/05/2006 04:40:12 C:\WINDOWS\system32\EAXAC3.DLL |Creative Labs |30/05/2006 03:29:00 C:\WINDOWS\system32\encdec.dll |COMPANY |03/08/2004 18:54:26 C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\eSellerateControl350.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\eSellerateEngine.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |30/05/2006 02:45:39 C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |30/05/2006 02:45:16 C:\WINDOWS\system32\iccvid.dll |Radius Inc. |03/08/2004 18:54:28 C:\WINDOWS\system32\ieencode.dll |COMPANY |03/08/2004 18:54:28 C:\WINDOWS\system32\INETWH32.DLL |Blue Sky Software Corporation. |30/05/2006 03:30:39 C:\WINDOWS\system32\ir32_32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |30/05/2006 02:47:17 C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgdw400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsd400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfcmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:20 C:\WINDOWS\system32\libeay32_0.9.6l.dll |COMPANY |23/10/2006 19:41:33 C:\WINDOWS\system32\loc32vc0.dll |Intel |04/03/1998 12:47:18 C:\WINDOWS\system32\ltdis13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltefx13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltfil13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltimg13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 13:47:06 C:\WINDOWS\system32\msdmo.dll |COMPANY |03/08/2004 18:54:34 C:\WINDOWS\system32\msencode.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\msgsys.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\NavLogon.dll |Symantec Corporation |12/03/2004 15:17:24 C:\WINDOWS\system32\nts.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |30/05/2006 04:42:13 C:\WINDOWS\system32\nvapi.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcod.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcodins.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpl.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpluir.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdisps.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdispsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvexpbar.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgames.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgamesr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvhwvid.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nview.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccsrs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmccssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmctray.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmobls.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmoblsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvnt4cpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvoglnt.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvshell.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvvitvs.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvvitvsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwddi.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwdmcpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwimg.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\OPENAL32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 13:47:16 C:\WINDOWS\system32\pds.dll |Intel® Corporation |09/06/2003 17:21:12 C:\WINDOWS\system32\PIAPROXY.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\px.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxsfs.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\qedwipes.dll |COMPANY |03/08/2004 18:53:42 C:\WINDOWS\system32\S32EVNT1.DLL |Symantec Corporation |26/09/2006 21:42:50 C:\WINDOWS\system32\sbe.dll |COMPANY |03/08/2004 18:54:38 C:\WINDOWS\system32\scriptpw.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\SFCVRT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\sfman32.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SFMS32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SIntf16.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntf32.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntfNT.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |03/08/2004 16:31:44 C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |03/08/2004 18:54:40 C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |24/08/2001 08:00:00 C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |30/05/2006 04:40:12 C:\WINDOWS\system32\SymNeti.dll |Symantec Corporation |11/03/2004 14:58:14 C:\WINDOWS\system32\SymRedir.dll |Symantec Corporation |11/03/2004 14:58:12 C:\WINDOWS\system32\tsd32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\vsdata.dll |Zone Labs, LLC |23/10/2006 19:40:50 C:\WINDOWS\system32\vsinit.dll |Zone Labs, LLC |23/10/2006 19:40:49 C:\WINDOWS\system32\vsmonapi.dll |Zone Labs, LLC |23/10/2006 19:41:20 C:\WINDOWS\system32\vspubapi.dll |Zone Labs, LLC |23/10/2006 19:41:20 C:\WINDOWS\system32\vsregexp.dll |Zone Labs, LLC |23/10/2006 19:41:32 C:\WINDOWS\system32\vsutil.dll |Zone Labs, LLC |23/10/2006 19:40:49 C:\WINDOWS\system32\vsutil_loc040c.dll |Zone Labs Inc. |23/10/2006 19:41:38 C:\WINDOWS\system32\vswmi.dll |Zone Labs, LLC |23/10/2006 19:41:22 C:\WINDOWS\system32\vsxml.dll |Zone Labs, LLC |23/10/2006 19:41:21 C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\win87em.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\zlcomm.dll |Zone Labs, LLC |23/10/2006 19:41:29 C:\WINDOWS\system32\zlcommdb.dll |Zone Labs, LLC |23/10/2006 19:41:29 Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\system32 2004-08-03 18:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 5 450 633 216 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-09-05 22:11 <REP> . 2006-09-05 22:11 <REP> .. 2006-05-30 02:48 65 desktop.ini 2006-06-20 15:44 379 704 MsnPUpld.dll 2006-06-19 14:40 393 MsnPUpld.inf 2006-06-20 15:44 117 560 PURen-us.dll 2002-05-31 09:20 117 328 purfr-ca.dll 2006-03-27 07:00 5 019 swflash.inf 6 fichier(s) 620 069 octets Total des fichiers listés : 6 fichier(s) 620 069 octets 2 Rép(s) 5 450 633 216 octets libres Liste des programmes installes Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Reader 7.0.8 AVG Anti-Spyware 7.5 Azureus BitTorrent 4.24.0 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Creative MediaSource Guitar Pro 5.0 HijackThis 1.99.1 Homeworld2 J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 Kit de développement Microsoft .NET Framework 2.0 SDK - FRA LimeWire 4.10.9 LiveUpdate 2.0 (Symantec Corporation) Macromedia Flash Player 8 Microsoft .NET Framework 2.0 SDK - FRA Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mozilla Firefox (1.5.0.7) NVIDIA Drivers Quake 4 Quake 4 QuickTime QuickTime SimCity 4 Deluxe Sound Blaster Audigy 2 SpeechRedist Spybot - Search & Destroy 1.4 Steam Symantec AntiVirus Tom Clancy's Splinter Cell Chaos Theory Unreal Tournament 2003 Unreal Tournament 2004 VideoLAN VLC media player 0.8.5 WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format Runtime WinISO 5.3 WinRAR archiver WinZip ZoneAlarm Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files 2006-10-23 19:46 <REP> . 2006-10-23 19:46 <REP> .. 2006-07-19 07:56 <REP> Adobe 2006-06-01 03:40 <REP> Azureus 2006-10-09 01:28 <REP> BitTorrent 2006-05-30 02:46 <REP> ComPlus Applications 2006-05-30 03:33 <REP> Creative 2006-10-23 00:15 <REP> Diablo II 2006-10-14 04:08 <REP> directx 2006-10-23 19:58 <REP> Fichiers communs 2006-10-02 23:43 <REP> Graphic Accounts 2006-10-22 21:42 <REP> Grisoft 2006-06-03 22:02 <REP> Guitar Pro 5 2006-08-20 21:07 <REP> id Software 2006-09-12 23:10 <REP> Internet Explorer 2006-06-01 01:29 <REP> Java 2006-05-31 02:08 <REP> Lavasoft 2006-05-31 02:45 <REP> LimeWire 2006-06-04 15:29 <REP> Maxis 2006-05-30 03:55 <REP> Messenger 2006-05-30 02:50 <REP> microsoft frontpage 2006-08-03 22:30 <REP> Microsoft Office 2006-08-03 22:39 <REP> Microsoft Visual Studio 8 2006-08-03 22:30 <REP> Microsoft.NET 2006-05-30 02:47 <REP> Movie Maker 2006-10-23 22:57 <REP> Mozilla Firefox 2006-05-30 02:45 <REP> MSN 2006-05-30 02:45 <REP> MSN Gaming Zone 2006-09-04 20:28 <REP> MSN Messenger 2006-05-30 02:47 <REP> NetMeeting 2006-05-30 02:45 <REP> Online Services 2006-05-30 03:50 <REP> Outlook Express 2006-06-03 21:36 <REP> QuickTime 2006-05-30 02:48 <REP> Services en ligne 2006-10-16 19:35 <REP> Spybot - Search & Destroy 2006-07-17 23:39 <REP> Steam 2006-09-26 21:43 <REP> Symantec 2006-10-23 22:55 <REP> Symantec AntiVirus 2006-08-18 17:03 <REP> Ubisoft 2006-09-28 21:22 <REP> VIA 2006-06-02 00:57 <REP> VideoLAN 2006-10-19 21:46 <REP> Warcraft III 2006-07-17 23:16 <REP> Winamp 2006-06-01 02:48 <REP> Windows Media Player 2006-05-30 02:45 <REP> Windows NT 2006-07-13 18:11 <REP> WinISO 2006-06-03 22:01 <REP> WinRAR 2006-06-03 21:59 <REP> WinZip 2006-05-30 02:50 <REP> xerox 2006-10-23 19:41 <REP> Zone Labs 0 fichier(s) 0 octets 50 Rép(s) 5 450 297 344 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs 2006-10-23 19:58 <REP> . 2006-10-23 19:58 <REP> .. 2006-07-19 07:57 <REP> Adobe 2006-05-30 03:51 <REP> Designer 2006-06-03 21:35 <REP> InstallShield 2006-05-31 02:44 <REP> Java 2006-08-03 22:38 <REP> Microsoft Shared 2006-05-30 02:47 <REP> MSSoap 2006-05-30 04:40 <REP> ODBC 2006-05-30 02:47 <REP> Services 2006-05-30 04:40 <REP> SpeechEngines 2006-09-26 21:43 <REP> Symantec Shared 2006-05-30 03:50 <REP> System 0 fichier(s) 0 octets 13 Rép(s) 5 450 297 344 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 2006-05-30 03:51 <REP> . 2006-05-30 03:51 <REP> .. 2006-05-30 03:51 <REP> 1033 2006-05-30 03:51 <REP> 1036 2001-02-14 23:45 1 318 912 MSONSEXT.DLL 2001-02-13 02:23 58 784 MSOSV.DLL 1999-06-03 06:09 122 937 MSOWS409.DLL 2001-03-07 01:00 127 033 MSOWS40c.DLL 2000-08-06 03:04 401 462 MSVCP60.DLL 2001-01-21 21:25 69 632 PKMAXCTL.DLL 2001-01-21 21:25 872 448 PKMCDO.DLL 2001-01-21 21:25 159 744 PKMCORE.DLL 2001-02-07 03:59 106 496 PKMFORMS.DLL 2001-02-11 22:03 684 032 PKMRES.DLL 2001-01-21 21:25 28 672 PKMSSTLB.DLL 2001-01-21 21:25 40 960 PKMTEMPL.DLL 2001-01-21 21:25 24 576 PKMTRACE.DLL 2001-01-21 21:25 86 016 PKMWS.DLL 2001-01-21 21:25 237 568 PROMDEMO.DLL 2001-01-21 21:25 184 320 SECMGR.DLL 2001-01-21 21:25 323 584 VAIDDMGR.DLL 2001-01-21 21:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 5 450 297 344 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\ 2006-10-19 20:54 826 936 blbeta.exe 1 fichier(s) 826 936 octets 0 Rép(s) 5 450 297 344 octets libres c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-nopack2.exe c:\Documents and Settings\Louis Huppe\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Louis Huppe\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Louis Huppe\Bureau\combofix.exe c:\Documents and Settings\Louis Huppe\Bureau\KillBox.exe c:\Documents and Settings\Louis Huppe\Bureau\VundoFix.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\blbetac.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\Fport.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\grep.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LFiles.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LISTDLLS.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\pslist.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\streams.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Louis Huppe\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll AVG AS : --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 22:51:44 2006-10-23 + Résultat de l'analyse: C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0019020.dll -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport Rapport de Panda ActiveScan : Incident Statut Analyse Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\mjwnjele.exe Virus Eventuel. No Désinfecté C:\!KillBox\pmnll.dll Virus:Bck/Agent.CWB Désinfecté C:\!KillBox\winwea32.dll Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\yrphgrpm.exe Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Louis Huppe\Application Data\Mozilla\Firefox\Profiles\ac0oqqt4.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Louis Huppe\Application Data\Mozilla\Firefox\Profiles\ac0oqqt4.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Louis Huppe\Application Data\Mozilla\Firefox\Profiles\ac0oqqt4.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Louis Huppe\Application Data\Mozilla\Firefox\Profiles\ac0oqqt4.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Louis Huppe\Application Data\Mozilla\Firefox\Profiles\ac0oqqt4.default\cookies.txt[.mediaplex.com/] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Process.exe Virus Eventuel. No Désinfecté C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swsc.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix.zip[smitfraudFix/Process.exe] Virus Eventuel. No Désinfecté C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix.zip[smitfraudFix/swsc.exe] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Louis Huppe\Cookies\louis huppe@atdmt[2].txt Virus Eventuel. No Désinfecté C:\VundoFix Backups\pmnll.dll.bad -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Ok alors voici le rapport ComboFix : Louis Huppe - 06-10-23 19:57:24,15 Service Pack 2 ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Louis Huppe\Bureau" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\components C:\Program Files\Fichiers communs\{E82573E4-07CF-3084-0214-061016020002} ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\Documents and Settings\Louis Huppe\Application Data\STEM~1 C:\QooBox\Purity\WINDOWS\system32\STEM~1 ((((((((((((((((((((((((((((((( Files Created from 2006-09-23 to 2006-10-23 )))))))))))))))))))))))))))))))))) 2006-10-23 19:41 42,920 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll 2006-10-22 21:43 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-10-19 23:12 67,604 --a------ C:\WINDOWS\system32\mjwnjele.exe 2006-10-19 20:54 826,936 --a------ C:\blbeta.exe 2006-10-14 22:43 2 --a------ C:\WINDOWS\system32\wnsintsu.exe 2006-10-12 20:13 3,774,657 C:\WINDOWS\system32Bikini Party 2004.scr 2006-10-02 23:41 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll 2006-10-02 23:41 356,352 --a------ C:\WINDOWS\system32\eSellerateEngine.dll 2006-09-28 21:26 3,328 --a------ C:\WINDOWS\system32\drivers\pciide.sys 2006-09-26 21:42 83,168 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-09-26 21:42 82,832 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-23 19:58 -------- d-------- C:\Program Files\Fichiers communs 2006-10-23 19:51 -------- d-------- C:\Program Files\Mozilla Firefox 2006-10-23 19:46 -------- d-------- C:\Program Files\Symantec AntiVirus 2006-10-23 19:41 -------- d-------- C:\Program Files\Zone Labs 2006-10-23 00:15 -------- d-------- C:\Program Files\Diablo II 2006-10-22 21:42 -------- d-------- C:\Program Files\Grisoft 2006-10-19 23:12 -------- d-------- C:\Documents and Settings\Louis Huppe\Application Data\SearchToolbarCorp 2006-10-19 21:46 -------- d-------- C:\Program Files\Warcraft III 2006-10-14 04:08 -------- d-------- C:\Program Files\directx 2006-10-14 00:22 -------- d---s---- C:\Documents and Settings\Louis Huppe\Application Data\Microsoft 2006-10-12 20:13 3774657 --a------ C:\WINDOWS\system32\Bikini Party 2004.scr 2006-10-09 01:28 -------- d-------- C:\Program Files\BitTorrent 2006-10-02 23:43 -------- d-------- C:\Program Files\Graphic Accounts 2006-09-28 21:22 -------- d-------- C:\Program Files\VIA 2006-09-28 20:48 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-09-26 21:43 -------- d-------- C:\Program Files\Symantec 2006-09-26 21:43 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared 2006-09-13 22:24 21840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2006-09-13 22:24 17212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2006-09-13 22:24 12067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2006-09-12 23:10 -------- d-------- C:\Program Files\Internet Explorer 2006-09-12 23:08 -------- d-------- C:\Documents and Settings\Louis Huppe\Application Data\Dev-Cpp 2006-09-04 20:35 -------- d-------- C:\Documents and Settings\Louis Huppe\Application Data\Apple Computer 2006-09-04 20:28 -------- d-------- C:\Program Files\MSN Messenger 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-19 07:56 869 --a------ C:\Documents and Settings\Louis Huppe\Application Data\AdobeDLM.log 2006-07-19 07:56 0 --a------ C:\Documents and Settings\Louis Huppe\Application Data\dm.ini (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Steam"="\"c:\\program files\\steam\\steam.ex\" -silent" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2\\Surround Mixer\\CTSysVol.exe" "CTDVDDet"="C:\\Program Files\\Creative\\SBAudigy2\\DVDAudio\\CTDVDDet.EXE" "CTHelper"="CTHELPER.EXE" "AsioReg"="REGSVR32.EXE /S CTASIO.DLL" "SBDrvDet"="C:\\Program Files\\Creative\\SB Drive Det\\SBDrvDet.exe /r" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "CTStartup"="\"C:\\Program Files\\Creative\\Splash Screen\\CTEaxSpl.EXE\" /run" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\"" "vptray"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000004 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] @="" "NoDriveTypeAutoRun"=hex:5f,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwea32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20061023-192007-730 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = backup-20061022-215104-743 O4 - HKLM\..\Run: [stjxwek.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stjxwek.dll,rqinabg backup-20061022-215104-963 O4 - HKLM\..\Run: [lqwspfl.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\lqwspfl.dll,vdepmle backup-20061019-203649-688 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php backup-20061019-203649-240 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php Completion time: 06-10-23 19:59:30.76 C:\ComboFix.txt ... 06-10-23 19:59 et voici un nouveau DiagHelp : C:\WINDOWS\System32\nvapps.xml -->2006-10-23 19:47:02 C:\WINDOWS\System32\vsconfig.xml -->2006-10-23 19:46:24 C:\WINDOWS\System32\settingsbkup.sfm -->2006-10-23 19:45:16 C:\WINDOWS\System32\settings.sfm -->2006-10-23 19:45:16 C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-23 19:45:16 C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-23 19:45:16 C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 19:45:16 C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 19:45:16 C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 19:45:16 C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-23 19:45:16 C:\WINDOWS\System32\zllictbl.dat -->2006-10-23 19:43:51 C:\WINDOWS\System32\wpa.dbl -->2006-10-22 21:32:04 C:\WINDOWS\System32\mjwnjele.exe -->2006-10-19 23:12:12 C:\WINDOWS\System32\wnsintsu.exe -->2006-10-14 22:43:44 C:\WINDOWS\System32\Bikini Party 2004.scr -->2006-10-12 20:13:32 C:\WINDOWS\System32\CONFIG.NT -->2006-09-26 21:41:13 C:\WINDOWS\System32\SIntfNT.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf32.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf16.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\perfh00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfh009.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc009.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\vsutil_loc040c.dll -->2006-08-23 23:39:32 C:\WINDOWS\System32\vsdatant.sys -->2006-08-23 23:38:36 C:\WINDOWS\{00000000-00000000-0000000A-00001102-00000004-10071102}.CDF -->2006-10-23 19:47:05 C:\WINDOWS\WindowsUpdate.log -->2006-10-23 19:46:45 C:\WINDOWS\wiadebug.log -->2006-10-23 19:46:36 C:\WINDOWS\wiaservc.log -->2006-10-23 19:46:33 C:\WINDOWS\0.log -->2006-10-23 19:46:10 C:\WINDOWS\bootstat.dat -->2006-10-23 19:46:08 C:\WINDOWS\SchedLgU.Txt -->2006-10-23 19:45:12 C:\WINDOWS\ntbtlog.txt -->2006-10-22 23:06:28 C:\WINDOWS\setupact.log -->2006-10-22 21:56:31 C:\WINDOWS\War3Unin.dat -->2006-10-16 21:55:00 C:\WINDOWS\win.ini -->2006-10-16 00:05:55 C:\WINDOWS\system.ini -->2006-10-16 00:05:55 C:\WINDOWS\DirectX.log -->2006-10-14 17:59:39 C:\WINDOWS\setupapi.log -->2006-10-13 23:24:23 C:\WINDOWS\QTFont.qfn -->2006-10-09 16:59:29 C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |30/05/2006 03:30:44 C:\WINDOWS\MIDIDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\PSCONV.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\READREG.EXE |Creative Technology Limited |30/05/2006 03:29:00 C:\WINDOWS\twunk_16.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\twunk_32.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\uninst.exe |InstallShield Corporation, Inc. |04/06/2006 02:59:38 C:\WINDOWS\Updreg.EXE |Creative Technology Ltd. |30/05/2006 03:30:42 C:\WINDOWS\War3Unin.exe |Blizzard Entertainment |18/07/2006 00:34:23 C:\WINDOWS\CTCCW.DLL |Creative® Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\CTDCRES.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\CTRES.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\DEVREG.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\INRES.DLL |Creative Technology Limited |30/05/2006 03:29:15 C:\WINDOWS\twain.dll |Groupe de travail Twain |24/08/2001 08:00:00 C:\WINDOWS\twain_32.dll |Groupe de travail Twain |03/08/2004 18:54:44 C:\WINDOWS\system32\append.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\CTHELPER.EXE |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSVCCDA.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\CTSVCCTL.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\debug.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\dosx.exe |COMPANY |03/08/2004 16:51:28 C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ENSDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\exe2bin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\fastopen.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\keystone.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\KILLAPPS.EXE |COMPANY |30/05/2006 03:29:01 C:\WINDOWS\system32\mem.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\mjwnjele.exe |COMPANY |19/10/2006 23:12:09 C:\WINDOWS\system32\mscdexnt.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nlsfunc.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nvappbar.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcolor.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcplui.exe |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdspsch.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvsvc32.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvudisp.exe |NVIDIA Corporation |30/05/2006 03:10:29 C:\WINDOWS\system32\NVUNINST.EXE |NVIDIA Corporation |30/05/2006 03:10:00 C:\WINDOWS\system32\nw16.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nwiz.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\redir.exe |COMPANY |03/08/2004 16:48:48 C:\WINDOWS\system32\REGPLIB.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\system32\setver.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\share.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\vwipxspx.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\wnsintsu.exe |COMPANY |14/10/2006 22:43:44 C:\WINDOWS\system32\a3d.dll |COMPANY |30/05/2006 03:28:55 C:\WINDOWS\system32\AC3API.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\AHQCpURes.dll |Creative Technology Ltd. |30/05/2006 03:28:27 C:\WINDOWS\system32\amstream.dll |COMPANY |03/08/2004 18:54:22 C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |03/08/2004 18:52:50 C:\WINDOWS\system32\atmlib.dll |Adobe Systems |03/08/2004 18:54:22 C:\WINDOWS\system32\cba.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\commonfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\compatUI.dll |COMPANY |03/08/2004 18:54:24 C:\WINDOWS\system32\CTAGENT.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTASIO.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctaudfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTDC0000.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDC0001.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDCIFCE.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDetres.dll |Creative Technology Ltd. |30/05/2006 03:26:21 C:\WINDOWS\system32\CTDPROXY.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctdvda32.dll |Creative Technology Ltd |30/05/2006 03:28:32 C:\WINDOWS\system32\CTEMUPIA.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTMEDENG.DLL |Creative Technology Ltd. |30/05/2006 03:26:19 C:\WINDOWS\system32\CTMERes.DLL |Creative Technology Ltd. |30/05/2006 03:26:18 C:\WINDOWS\system32\CTOSUSER.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\ctsblfx.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTSCAL.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSPKHLP.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTWFLT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\dgsetup.dll |Digi International |30/05/2006 04:40:12 C:\WINDOWS\system32\EAXAC3.DLL |Creative Labs |30/05/2006 03:29:00 C:\WINDOWS\system32\encdec.dll |COMPANY |03/08/2004 18:54:26 C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\eSellerateControl350.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\eSellerateEngine.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |30/05/2006 02:45:39 C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |30/05/2006 02:45:16 C:\WINDOWS\system32\iccvid.dll |Radius Inc. |03/08/2004 18:54:28 C:\WINDOWS\system32\ieencode.dll |COMPANY |03/08/2004 18:54:28 C:\WINDOWS\system32\INETWH32.DLL |Blue Sky Software Corporation. |30/05/2006 03:30:39 C:\WINDOWS\system32\ir32_32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |30/05/2006 02:47:17 C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgdw400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsd400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfcmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:20 C:\WINDOWS\system32\libeay32_0.9.6l.dll |COMPANY |23/10/2006 19:41:33 C:\WINDOWS\system32\loc32vc0.dll |Intel |04/03/1998 12:47:18 C:\WINDOWS\system32\ltdis13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltefx13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltfil13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltimg13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 13:47:06 C:\WINDOWS\system32\msdmo.dll |COMPANY |03/08/2004 18:54:34 C:\WINDOWS\system32\msencode.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\msgsys.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\NavLogon.dll |Symantec Corporation |12/03/2004 15:17:24 C:\WINDOWS\system32\nts.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |30/05/2006 04:42:13 C:\WINDOWS\system32\nvapi.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcod.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcodins.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpl.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpluir.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdisps.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdispsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvexpbar.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgames.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgamesr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvhwvid.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nview.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccsrs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmccssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmctray.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmobls.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmoblsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvnt4cpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvoglnt.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvshell.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvvitvs.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvvitvsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwddi.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwdmcpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwimg.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\OPENAL32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 13:47:16 C:\WINDOWS\system32\pds.dll |Intel® Corporation |09/06/2003 17:21:12 C:\WINDOWS\system32\PIAPROXY.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\px.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxsfs.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\qedwipes.dll |COMPANY |03/08/2004 18:53:42 C:\WINDOWS\system32\S32EVNT1.DLL |Symantec Corporation |26/09/2006 21:42:50 C:\WINDOWS\system32\sbe.dll |COMPANY |03/08/2004 18:54:38 C:\WINDOWS\system32\scriptpw.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\SFCVRT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\sfman32.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SFMS32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SIntf16.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntf32.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntfNT.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |03/08/2004 16:31:44 C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |03/08/2004 18:54:40 C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |24/08/2001 08:00:00 C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |30/05/2006 04:40:12 C:\WINDOWS\system32\SymNeti.dll |Symantec Corporation |11/03/2004 14:58:14 C:\WINDOWS\system32\SymRedir.dll |Symantec Corporation |11/03/2004 14:58:12 C:\WINDOWS\system32\tsd32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\vsdata.dll |Zone Labs, LLC |23/10/2006 19:40:50 C:\WINDOWS\system32\vsinit.dll |Zone Labs, LLC |23/10/2006 19:40:49 C:\WINDOWS\system32\vsmonapi.dll |Zone Labs, LLC |23/10/2006 19:41:20 C:\WINDOWS\system32\vspubapi.dll |Zone Labs, LLC |23/10/2006 19:41:20 C:\WINDOWS\system32\vsregexp.dll |Zone Labs, LLC |23/10/2006 19:41:32 C:\WINDOWS\system32\vsutil.dll |Zone Labs, LLC |23/10/2006 19:40:49 C:\WINDOWS\system32\vsutil_loc040c.dll |Zone Labs Inc. |23/10/2006 19:41:38 C:\WINDOWS\system32\vswmi.dll |Zone Labs, LLC |23/10/2006 19:41:22 C:\WINDOWS\system32\vsxml.dll |Zone Labs, LLC |23/10/2006 19:41:21 C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\win87em.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\zlcomm.dll |Zone Labs, LLC |23/10/2006 19:41:29 C:\WINDOWS\system32\zlcommdb.dll |Zone Labs, LLC |23/10/2006 19:41:29 Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\system32 2004-08-03 18:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 5 457 006 592 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-09-05 22:11 <REP> . 2006-09-05 22:11 <REP> .. 2006-05-30 02:48 65 desktop.ini 2006-06-20 15:44 379 704 MsnPUpld.dll 2006-06-19 14:40 393 MsnPUpld.inf 2006-06-20 15:44 117 560 PURen-us.dll 2002-05-31 09:20 117 328 purfr-ca.dll 2006-03-27 07:00 5 019 swflash.inf 6 fichier(s) 620 069 octets Total des fichiers listés : 6 fichier(s) 620 069 octets 2 Rép(s) 5 457 006 592 octets libres Liste des programmes installes Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Reader 7.0.8 AVG Anti-Spyware 7.5 Azureus BitTorrent 4.24.0 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Creative MediaSource Guitar Pro 5.0 HijackThis 1.99.1 Homeworld2 J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 Kit de développement Microsoft .NET Framework 2.0 SDK - FRA LimeWire 4.10.9 LiveUpdate 2.0 (Symantec Corporation) Macromedia Flash Player 8 Microsoft .NET Framework 2.0 SDK - FRA Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mozilla Firefox (1.5.0.7) NVIDIA Drivers Quake 4 Quake 4 QuickTime QuickTime SimCity 4 Deluxe Sound Blaster Audigy 2 SpeechRedist Spybot - Search & Destroy 1.4 Steam Symantec AntiVirus Tom Clancy's Splinter Cell Chaos Theory Unreal Tournament 2003 Unreal Tournament 2004 VideoLAN VLC media player 0.8.5 WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format Runtime WinISO 5.3 WinRAR archiver WinZip ZoneAlarm Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files 2006-10-23 19:46 <REP> . 2006-10-23 19:46 <REP> .. 2006-07-19 07:56 <REP> Adobe 2006-06-01 03:40 <REP> Azureus 2006-10-09 01:28 <REP> BitTorrent 2006-05-30 02:46 <REP> ComPlus Applications 2006-05-30 03:33 <REP> Creative 2006-10-23 00:15 <REP> Diablo II 2006-10-14 04:08 <REP> directx 2006-10-23 19:58 <REP> Fichiers communs 2006-10-02 23:43 <REP> Graphic Accounts 2006-10-22 21:42 <REP> Grisoft 2006-06-03 22:02 <REP> Guitar Pro 5 2006-08-20 21:07 <REP> id Software 2006-09-12 23:10 <REP> Internet Explorer 2006-06-01 01:29 <REP> Java 2006-05-31 02:08 <REP> Lavasoft 2006-05-31 02:45 <REP> LimeWire 2006-06-04 15:29 <REP> Maxis 2006-05-30 03:55 <REP> Messenger 2006-05-30 02:50 <REP> microsoft frontpage 2006-08-03 22:30 <REP> Microsoft Office 2006-08-03 22:39 <REP> Microsoft Visual Studio 8 2006-08-03 22:30 <REP> Microsoft.NET 2006-05-30 02:47 <REP> Movie Maker 2006-10-23 19:59 <REP> Mozilla Firefox 2006-05-30 02:45 <REP> MSN 2006-05-30 02:45 <REP> MSN Gaming Zone 2006-09-04 20:28 <REP> MSN Messenger 2006-05-30 02:47 <REP> NetMeeting 2006-05-30 02:45 <REP> Online Services 2006-05-30 03:50 <REP> Outlook Express 2006-06-03 21:36 <REP> QuickTime 2006-05-30 02:48 <REP> Services en ligne 2006-10-16 19:35 <REP> Spybot - Search & Destroy 2006-07-17 23:39 <REP> Steam 2006-09-26 21:43 <REP> Symantec 2006-10-23 19:46 <REP> Symantec AntiVirus 2006-08-18 17:03 <REP> Ubisoft 2006-09-28 21:22 <REP> VIA 2006-06-02 00:57 <REP> VideoLAN 2006-10-19 21:46 <REP> Warcraft III 2006-07-17 23:16 <REP> Winamp 2006-06-01 02:48 <REP> Windows Media Player 2006-05-30 02:45 <REP> Windows NT 2006-07-13 18:11 <REP> WinISO 2006-06-03 22:01 <REP> WinRAR 2006-06-03 21:59 <REP> WinZip 2006-05-30 02:50 <REP> xerox 2006-10-23 19:41 <REP> Zone Labs 0 fichier(s) 0 octets 50 Rép(s) 5 456 998 400 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs 2006-10-23 19:58 <REP> . 2006-10-23 19:58 <REP> .. 2006-07-19 07:57 <REP> Adobe 2006-05-30 03:51 <REP> Designer 2006-06-03 21:35 <REP> InstallShield 2006-05-31 02:44 <REP> Java 2006-08-03 22:38 <REP> Microsoft Shared 2006-05-30 02:47 <REP> MSSoap 2006-05-30 04:40 <REP> ODBC 2006-05-30 02:47 <REP> Services 2006-05-30 04:40 <REP> SpeechEngines 2006-09-26 21:43 <REP> Symantec Shared 2006-05-30 03:50 <REP> System 0 fichier(s) 0 octets 13 Rép(s) 5 456 998 400 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 2006-05-30 03:51 <REP> . 2006-05-30 03:51 <REP> .. 2006-05-30 03:51 <REP> 1033 2006-05-30 03:51 <REP> 1036 2001-02-14 23:45 1 318 912 MSONSEXT.DLL 2001-02-13 02:23 58 784 MSOSV.DLL 1999-06-03 06:09 122 937 MSOWS409.DLL 2001-03-07 01:00 127 033 MSOWS40c.DLL 2000-08-06 03:04 401 462 MSVCP60.DLL 2001-01-21 21:25 69 632 PKMAXCTL.DLL 2001-01-21 21:25 872 448 PKMCDO.DLL 2001-01-21 21:25 159 744 PKMCORE.DLL 2001-02-07 03:59 106 496 PKMFORMS.DLL 2001-02-11 22:03 684 032 PKMRES.DLL 2001-01-21 21:25 28 672 PKMSSTLB.DLL 2001-01-21 21:25 40 960 PKMTEMPL.DLL 2001-01-21 21:25 24 576 PKMTRACE.DLL 2001-01-21 21:25 86 016 PKMWS.DLL 2001-01-21 21:25 237 568 PROMDEMO.DLL 2001-01-21 21:25 184 320 SECMGR.DLL 2001-01-21 21:25 323 584 VAIDDMGR.DLL 2001-01-21 21:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 5 456 998 400 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\ 2006-10-19 20:54 826 936 blbeta.exe 1 fichier(s) 826 936 octets 0 Rép(s) 5 456 998 400 octets libres c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-nopack2.exe c:\Documents and Settings\Louis Huppe\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Louis Huppe\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Louis Huppe\Bureau\combofix.exe c:\Documents and Settings\Louis Huppe\Bureau\KillBox.exe c:\Documents and Settings\Louis Huppe\Bureau\VundoFix.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\blbetac.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\Fport.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\grep.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LFiles.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LISTDLLS.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\pslist.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\streams.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Louis Huppe\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll Merci encore! -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Voilà mes 2 nouveaux rapports (c'est pas évident se débarasser de ces ****** de spywares!!!) VundoFix V6.2.6 Checking Java version... Java version is 1.5.0.3 Java version is 1.5.0.6 Scan started at 19:21:12 2006-10-23 Listing files found while scanning.... C:\WINDOWS\system32\ndmoxqf.dll C:\WINDOWS\system32\stjxwek.dll C:\WINDOWS\system32\pmnll.dll C:\WINDOWS\system32\llnmp.ini C:\WINDOWS\system32\llnmp.bak2 Beginning removal... Attempting to delete C:\WINDOWS\system32\ndmoxqf.dll C:\WINDOWS\system32\ndmoxqf.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\stjxwek.dll C:\WINDOWS\system32\stjxwek.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\pmnll.dll C:\WINDOWS\system32\pmnll.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\llnmp.ini C:\WINDOWS\system32\llnmp.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\llnmp.bak2 C:\WINDOWS\system32\llnmp.bak2 Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\pmnll.dll C:\WINDOWS\system32\pmnll.dll Has been deleted! Performing Repairs to the registry. Done! Logfile of HijackThis v1.99.1 Scan saved at 19:36:29, on 2006-10-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {07F52DEA-A2B5-42BD-BBB1-8D8A812B02AD} - C:\WINDOWS\system32\pmnll.dll (file missing) O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINDOWS\system32\svnfonnl.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.ex" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lewisssup.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing) O20 - Winlogon Notify: winwea32 - winwea32.dll (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Rebonjour Charles! J'ai suivi toute ta procédure à la lettre et voici mes résulats : Nouveau rapport HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 00:01:28, on 2006-10-23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.ex" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lewisssup.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: MsgPlusLoader.dll O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe ----------------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------- Nouveau rapport DiagHelp : C:\WINDOWS\System32\llnmp.ini -->2006-10-23 00:07:56 C:\WINDOWS\System32\nvapps.xml -->2006-10-22 23:59:24 C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-22 21:46:35 C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-22 21:46:35 C:\WINDOWS\System32\settingsbkup.sfm -->2006-10-22 21:46:34 C:\WINDOWS\System32\settings.sfm -->2006-10-22 21:46:34 C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-22 21:46:34 C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-22 21:46:34 C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-22 21:46:34 C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-22 21:46:34 C:\WINDOWS\System32\wpa.dbl -->2006-10-22 21:32:04 C:\WINDOWS\System32\mjwnjele.exe -->2006-10-19 23:12:12 C:\WINDOWS\System32\stjxwek.dll -->2006-10-18 22:35:55 C:\WINDOWS\System32\ndmoxqf.dll -->2006-10-15 14:49:23 C:\WINDOWS\System32\pmnll.dll -->2006-10-14 23:09:31 C:\WINDOWS\System32\wnsintsu.exe -->2006-10-14 22:43:44 C:\WINDOWS\System32\Bikini Party 2004.scr -->2006-10-12 20:13:32 C:\WINDOWS\System32\CONFIG.NT -->2006-09-26 21:41:13 C:\WINDOWS\System32\SIntfNT.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf32.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\SIntf16.dll -->2006-09-13 22:24:03 C:\WINDOWS\System32\perfh00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfh009.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc00C.dat -->2006-09-12 23:10:22 C:\WINDOWS\System32\perfc009.dat -->2006-09-12 23:10:22 C:\WINDOWS\{00000000-00000000-0000000A-00001102-00000004-10071102}.CDF -->2006-10-22 23:59:43 C:\WINDOWS\wiadebug.log -->2006-10-22 23:58:46 C:\WINDOWS\wiaservc.log -->2006-10-22 23:58:33 C:\WINDOWS\0.log -->2006-10-22 23:57:53 C:\WINDOWS\bootstat.dat -->2006-10-22 23:57:37 C:\WINDOWS\WindowsUpdate.log -->2006-10-22 23:56:43 C:\WINDOWS\ntbtlog.txt -->2006-10-22 23:06:28 C:\WINDOWS\setupact.log -->2006-10-22 21:56:31 C:\WINDOWS\SchedLgU.Txt -->2006-10-22 21:46:31 C:\WINDOWS\War3Unin.dat -->2006-10-16 21:55:00 C:\WINDOWS\win.ini -->2006-10-16 00:05:55 C:\WINDOWS\system.ini -->2006-10-16 00:05:55 C:\WINDOWS\DirectX.log -->2006-10-14 17:59:39 C:\WINDOWS\setupapi.log -->2006-10-13 23:24:23 C:\WINDOWS\QTFont.qfn -->2006-10-09 16:59:29 C:\WINDOWS\DIIUnin.exe |Blizzard Entertainment |13/09/2006 22:17:44 C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |30/05/2006 03:30:44 C:\WINDOWS\MIDIDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\PSCONV.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\READREG.EXE |Creative Technology Limited |30/05/2006 03:29:00 C:\WINDOWS\twunk_16.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\twunk_32.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\uninst.exe |InstallShield Corporation, Inc. |04/06/2006 02:59:38 C:\WINDOWS\Updreg.EXE |Creative Technology Ltd. |30/05/2006 03:30:42 C:\WINDOWS\War3Unin.exe |Blizzard Entertainment |18/07/2006 00:34:23 C:\WINDOWS\CTCCW.DLL |Creative® Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\CTDCRES.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\CTRES.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\DEVREG.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\INRES.DLL |Creative Technology Limited |30/05/2006 03:29:15 C:\WINDOWS\twain.dll |Groupe de travail Twain |24/08/2001 08:00:00 C:\WINDOWS\twain_32.dll |Groupe de travail Twain |03/08/2004 18:54:44 C:\WINDOWS\system32\append.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\CTHELPER.EXE |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSVCCDA.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\CTSVCCTL.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\debug.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\dosx.exe |COMPANY |03/08/2004 16:51:28 C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ENSDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\exe2bin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\fastopen.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\keystone.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\KILLAPPS.EXE |COMPANY |30/05/2006 03:29:01 C:\WINDOWS\system32\mem.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\mjwnjele.exe |COMPANY |19/10/2006 23:12:09 C:\WINDOWS\system32\mscdexnt.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nlsfunc.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nvappbar.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcolor.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcplui.exe |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdspsch.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvsvc32.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvudisp.exe |NVIDIA Corporation |30/05/2006 03:10:29 C:\WINDOWS\system32\NVUNINST.EXE |NVIDIA Corporation |30/05/2006 03:10:00 C:\WINDOWS\system32\nw16.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nwiz.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\redir.exe |COMPANY |03/08/2004 16:48:48 C:\WINDOWS\system32\REGPLIB.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\system32\setver.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\share.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\vwipxspx.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\wnsintsu.exe |COMPANY |14/10/2006 22:43:44 C:\WINDOWS\system32\a3d.dll |COMPANY |30/05/2006 03:28:55 C:\WINDOWS\system32\AC3API.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\AHQCpURes.dll |Creative Technology Ltd. |30/05/2006 03:28:27 C:\WINDOWS\system32\amstream.dll |COMPANY |03/08/2004 18:54:22 C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |03/08/2004 18:52:50 C:\WINDOWS\system32\atmlib.dll |Adobe Systems |03/08/2004 18:54:22 C:\WINDOWS\system32\cba.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\commonfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\compatUI.dll |COMPANY |03/08/2004 18:54:24 C:\WINDOWS\system32\CTAGENT.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTASIO.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctaudfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTDC0000.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDC0001.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDCIFCE.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDetres.dll |Creative Technology Ltd. |30/05/2006 03:26:21 C:\WINDOWS\system32\CTDPROXY.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctdvda32.dll |Creative Technology Ltd |30/05/2006 03:28:32 C:\WINDOWS\system32\CTEMUPIA.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTMEDENG.DLL |Creative Technology Ltd. |30/05/2006 03:26:19 C:\WINDOWS\system32\CTMERes.DLL |Creative Technology Ltd. |30/05/2006 03:26:18 C:\WINDOWS\system32\CTOSUSER.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\ctsblfx.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTSCAL.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSPKHLP.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTWFLT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\dgsetup.dll |Digi International |30/05/2006 04:40:12 C:\WINDOWS\system32\EAXAC3.DLL |Creative Labs |30/05/2006 03:29:00 C:\WINDOWS\system32\encdec.dll |COMPANY |03/08/2004 18:54:26 C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\eSellerateControl350.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\eSellerateEngine.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |30/05/2006 02:45:39 C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |30/05/2006 02:45:16 C:\WINDOWS\system32\iccvid.dll |Radius Inc. |03/08/2004 18:54:28 C:\WINDOWS\system32\ieencode.dll |COMPANY |03/08/2004 18:54:28 C:\WINDOWS\system32\INETWH32.DLL |Blue Sky Software Corporation. |30/05/2006 03:30:39 C:\WINDOWS\system32\ir32_32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |30/05/2006 02:47:17 C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgdw400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsd400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfcmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:20 C:\WINDOWS\system32\loc32vc0.dll |Intel |04/03/1998 12:47:18 C:\WINDOWS\system32\ltdis13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltefx13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltfil13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltimg13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 13:47:06 C:\WINDOWS\system32\msdmo.dll |COMPANY |03/08/2004 18:54:34 C:\WINDOWS\system32\msencode.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\MsgPlusLoader.dll |Patchou |09/06/2006 16:24:22 C:\WINDOWS\system32\msgsys.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\NavLogon.dll |Symantec Corporation |12/03/2004 15:17:24 C:\WINDOWS\system32\ndmoxqf.dll |COMPANY |15/10/2006 14:49:23 C:\WINDOWS\system32\nts.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |30/05/2006 04:42:13 C:\WINDOWS\system32\nvapi.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcod.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcodins.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpl.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpluir.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdisps.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdispsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvexpbar.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgames.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgamesr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvhwvid.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nview.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccsrs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmccssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmctray.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmobls.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmoblsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvnt4cpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvoglnt.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvshell.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvvitvs.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvvitvsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwddi.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwdmcpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwimg.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\OPENAL32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 13:47:16 C:\WINDOWS\system32\pds.dll |Intel® Corporation |09/06/2003 17:21:12 C:\WINDOWS\system32\PIAPROXY.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\pmnll.dll |COMPANY |14/10/2006 23:09:21 C:\WINDOWS\system32\px.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxsfs.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\qedwipes.dll |COMPANY |03/08/2004 18:53:42 C:\WINDOWS\system32\S32EVNT1.DLL |Symantec Corporation |26/09/2006 21:42:50 C:\WINDOWS\system32\sbe.dll |COMPANY |03/08/2004 18:54:38 C:\WINDOWS\system32\scriptpw.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\SFCVRT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\sfman32.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SFMS32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SIntf16.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntf32.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntfNT.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |03/08/2004 16:31:44 C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |03/08/2004 18:54:40 C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |24/08/2001 08:00:00 C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |30/05/2006 04:40:12 C:\WINDOWS\system32\stjxwek.dll |COMPANY |18/10/2006 22:35:55 C:\WINDOWS\system32\SymNeti.dll |Symantec Corporation |11/03/2004 14:58:14 C:\WINDOWS\system32\SymRedir.dll |Symantec Corporation |11/03/2004 14:58:12 C:\WINDOWS\system32\tsd32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\win87em.dll |COMPANY |24/08/2001 08:00:00 Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\system32 2004-08-03 18:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 4 966 461 440 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-09-05 22:11 <REP> . 2006-09-05 22:11 <REP> .. 2006-05-30 02:48 65 desktop.ini 2006-06-20 15:44 379 704 MsnPUpld.dll 2006-06-19 14:40 393 MsnPUpld.inf 2006-06-20 15:44 117 560 PURen-us.dll 2002-05-31 09:20 117 328 purfr-ca.dll 2006-03-27 07:00 5 019 swflash.inf 6 fichier(s) 620 069 octets Total des fichiers listés : 6 fichier(s) 620 069 octets 2 Rép(s) 4 966 461 440 octets libres Liste des programmes installes Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Reader 7.0.8 AVG Anti-Spyware 7.5 Azureus BitTorrent 4.24.0 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Creative MediaSource Diablo II Dungeon Siege Guitar Pro 5.0 HijackThis 1.99.1 Homeworld2 J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 Kit de développement Microsoft .NET Framework 2.0 SDK - FRA LimeWire 4.10.9 LiveUpdate 2.0 (Symantec Corporation) Macromedia Flash Player 8 Messenger Plus! 3 Microsoft .NET Framework 2.0 SDK - FRA Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mozilla Firefox (1.5.0.7) NVIDIA Drivers Quake 4 Quake 4 QuickTime QuickTime SimCity 4 Deluxe Sound Blaster Audigy 2 SpeechRedist Spybot - Search & Destroy 1.4 Steam Symantec AntiVirus Tom Clancy's Splinter Cell Chaos Theory Unreal Tournament 2003 Unreal Tournament 2004 VideoLAN VLC media player 0.8.5 VSToolbar for Internet Explorer WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format Runtime WinISO 5.3 WinRAR archiver WinZip Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files 2006-10-19 23:12 <REP> . 2006-10-19 23:12 <REP> .. 2006-07-19 07:56 <REP> Adobe 2006-06-01 03:40 <REP> Azureus 2006-10-09 01:28 <REP> BitTorrent 2006-05-30 02:46 <REP> ComPlus Applications 2006-05-30 03:33 <REP> Creative 2006-10-11 00:58 <REP> Diablo II 2006-10-14 04:08 <REP> directx 2006-10-15 23:13 <REP> Fichiers communs 2006-10-02 23:43 <REP> Graphic Accounts 2006-10-22 21:42 <REP> Grisoft 2006-06-03 22:02 <REP> Guitar Pro 5 2006-08-20 21:07 <REP> id Software 2006-09-12 23:10 <REP> Internet Explorer 2006-06-01 01:29 <REP> Java 2006-05-31 02:08 <REP> Lavasoft 2006-05-31 02:45 <REP> LimeWire 2006-06-04 15:29 <REP> Maxis 2006-05-30 03:55 <REP> Messenger 2006-06-01 03:57 <REP> MessengerPlus! 3 2006-05-30 02:50 <REP> microsoft frontpage 2006-08-03 22:30 <REP> Microsoft Office 2006-08-03 22:39 <REP> Microsoft Visual Studio 8 2006-08-03 22:30 <REP> Microsoft.NET 2006-05-30 02:47 <REP> Movie Maker 2006-10-23 00:02 <REP> Mozilla Firefox 2006-05-30 02:45 <REP> MSN 2006-05-30 02:45 <REP> MSN Gaming Zone 2006-09-04 20:28 <REP> MSN Messenger 2006-05-30 02:47 <REP> NetMeeting 2006-05-30 02:45 <REP> Online Services 2006-05-30 03:50 <REP> Outlook Express 2006-06-03 21:36 <REP> QuickTime 2006-05-30 02:48 <REP> Services en ligne 2006-10-16 19:35 <REP> Spybot - Search & Destroy 2006-07-17 23:39 <REP> Steam 2006-09-26 21:43 <REP> Symantec 2006-10-22 23:58 <REP> Symantec AntiVirus 2006-08-18 17:03 <REP> Ubisoft 2006-09-28 21:22 <REP> VIA 2006-06-02 00:57 <REP> VideoLAN 2006-10-19 23:12 <REP> VSToolbar 2006-10-19 21:46 <REP> Warcraft III 2006-07-17 23:16 <REP> Winamp 2006-06-01 02:48 <REP> Windows Media Player 2006-05-30 02:45 <REP> Windows NT 2006-07-13 18:11 <REP> WinISO 2006-06-03 22:01 <REP> WinRAR 2006-06-03 21:59 <REP> WinZip 2006-05-30 02:50 <REP> xerox 0 fichier(s) 0 octets 51 Rép(s) 4 966 432 768 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs 2006-10-15 23:13 <REP> . 2006-10-15 23:13 <REP> .. 2006-07-19 07:57 <REP> Adobe 2006-05-30 03:51 <REP> Designer 2006-06-03 21:35 <REP> InstallShield 2006-05-31 02:44 <REP> Java 2006-08-03 22:38 <REP> Microsoft Shared 2006-05-30 02:47 <REP> MSSoap 2006-05-30 04:40 <REP> ODBC 2006-05-30 02:47 <REP> Services 2006-05-30 04:40 <REP> SpeechEngines 2006-09-26 21:43 <REP> Symantec Shared 2006-05-30 03:50 <REP> System 2006-10-22 23:55 <REP> {E82573E4-07CF-3084-0214-061016020002} 0 fichier(s) 0 octets 14 Rép(s) 4 966 432 768 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 2006-05-30 03:51 <REP> . 2006-05-30 03:51 <REP> .. 2006-05-30 03:51 <REP> 1033 2006-05-30 03:51 <REP> 1036 2001-02-14 23:45 1 318 912 MSONSEXT.DLL 2001-02-13 02:23 58 784 MSOSV.DLL 1999-06-03 06:09 122 937 MSOWS409.DLL 2001-03-07 01:00 127 033 MSOWS40c.DLL 2000-08-06 03:04 401 462 MSVCP60.DLL 2001-01-21 21:25 69 632 PKMAXCTL.DLL 2001-01-21 21:25 872 448 PKMCDO.DLL 2001-01-21 21:25 159 744 PKMCORE.DLL 2001-02-07 03:59 106 496 PKMFORMS.DLL 2001-02-11 22:03 684 032 PKMRES.DLL 2001-01-21 21:25 28 672 PKMSSTLB.DLL 2001-01-21 21:25 40 960 PKMTEMPL.DLL 2001-01-21 21:25 24 576 PKMTRACE.DLL 2001-01-21 21:25 86 016 PKMWS.DLL 2001-01-21 21:25 237 568 PROMDEMO.DLL 2001-01-21 21:25 184 320 SECMGR.DLL 2001-01-21 21:25 323 584 VAIDDMGR.DLL 2001-01-21 21:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 4 966 432 768 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\ 2006-10-19 20:54 826 936 blbeta.exe 1 fichier(s) 826 936 octets 0 Rép(s) 4 966 432 768 octets libres c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-nopack2.exe c:\Documents and Settings\Louis Huppe\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Louis Huppe\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Louis Huppe\Bureau\KillBox.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\blbetac.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\Fport.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\grep.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LFiles.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LISTDLLS.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\pslist.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\streams.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\DAMN_NFO_Viewer_v2.10.0031.RC3_Setup.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\WinZip.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\WZ-Keygen.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Setup022051\Setup.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Louis Huppe\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll ----------------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 23:55:15 2006-10-22 + Résultat de l'analyse: HKU\S-1-5-21-1659004503-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A43385F0-7113-496D-96D7-B9B550E3FCCA} -> Adware.Isearch : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP103\A0017896.dll -> Adware.Searchcolours : Aucune action entreprise. C:\Program Files\Fichiers communs\{E82573E4-07CF-3084-0214-061016020002}\services.dll -> Adware.Softomate : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP102\A0017656.dll -> Adware.Softomate : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP102\A0017865.exe -> Adware.Softomate : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP102\A0017638.exe -> Downloader.Zlob.apx : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP102\A0017841.exe -> Downloader.Zlob.apx : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP103\A0018921.exe -> Downloader.Zlob.apx : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP103\A0018932.exe -> Downloader.Zlob.aqj : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0018956.exe -> Downloader.Zlob.aqj : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0018965.exe -> Downloader.Zlob.aqj : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0019013.exe -> Downloader.Zlob.aqj : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0019014.exe -> Downloader.Zlob.aqj : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP102\A0017840.dll -> Not-A-Virus.Hoax.Win32.Renos.ds : Aucune action entreprise. C:\System Volume Information\_restore{AFAA1C52-D3B3-434E-B7CC-A3B80AA74F54}\RP104\A0019017.dll -> Not-A-Virus.Hoax.Win32.Renos.ds : Aucune action entreprise. Fin du rapport ----------------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------- Rapport SmitFraudFix SmitFraudFix v2.112 Rapport fait à 21:53:35,28, 2006-10-22 Executé à partir de C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\ishost.exe supprimé C:\WINDOWS\system32\ismini.exe supprimé C:\WINDOWS\system32\issearch.exe supprimé C:\WINDOWS\system32\ot.ico supprimé C:\WINDOWS\system32\components\flx?.dll supprimé C:\DOCUME~1\LOUISH~1\Favoris\Antivirus Test Online.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Merci beaucoup pour ton temps!! -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Merci beaucoup charles, je suis au bureau pour l'instant mais je vais essayer ça en revenant à la maison et je t'en redonne des nouvelles très bientôt! Bon, voilà, j'ai fait le scan avec Smithfraud et voici le résultat : SmitFraudFix v2.112 Rapport fait à 16:16:20,17, 2006-10-20 Executé à partir de C:\Documents and Settings\Louis Huppe\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\ishost.exe PRESENT ! C:\WINDOWS\system32\ismini.exe PRESENT ! C:\WINDOWS\system32\issearch.exe PRESENT ! C:\WINDOWS\system32\ot.ico PRESENT ! C:\WINDOWS\system32\components\flx?.dll PRESENT ! C:\WINDOWS\system32\components\flx??.dll PRESENT ! C:\WINDOWS\system32\components\flx???.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Louis Huppe »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Louis Huppe\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT ! C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LOUISH~1\Favoris C:\DOCUME~1\LOUISH~1\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="MsgPlusLoader.dll" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin -
demande d'analyse de rapporty HijackThis
Pchink a répondu à un(e) sujet de Pchink dans Analyses et éradication malwares
Wow, c'est très rapide comme réponse merci beaucoup!!! Le rootkit remover n'a rien trouvé, mais voici le contenu du rapport juste au cas où : 10/19/06 20:54:25 [info]: BlackLight Engine 1.0.47 initialized 10/19/06 20:54:25 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/19/06 20:54:25 [Note]: 7019 4 10/19/06 20:54:25 [Note]: 7005 0 10/19/06 20:54:32 [Note]: 7006 0 10/19/06 20:54:32 [Note]: 7011 1716 10/19/06 20:54:32 [Note]: 7026 0 10/19/06 20:54:32 [Note]: 7026 0 10/19/06 20:54:40 [Note]: FSRAW library version 1.7.1020 10/19/06 20:58:41 [Note]: 2000 1012 10/19/06 20:58:48 [Note]: 7007 0 Et voici l'autre rapport (DiagHelp) : C:\WINDOWS\System32\llnmp.ini -->2006-10-19 21:00:09 C:\WINDOWS\System32\nvapps.xml -->2006-10-19 19:03:23 C:\WINDOWS\System32\ismini.exe -->2006-10-19 19:03:19 C:\WINDOWS\System32\settingsbkup.sfm -->2006-10-18 23:52:02 C:\WINDOWS\System32\settings.sfm -->2006-10-18 23:52:02 C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-18 23:52:02 C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000A-00001102-00000004-10071102}.dat -->2006-10-18 23:52:02 C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-18 23:52:02 C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-18 23:52:02 C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-18 23:52:02 C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000A-00001102-00000004-10071102}.rfx -->2006-10-18 23:52:02 C:\WINDOWS\System32\llnmp.bak2 -->2006-10-18 23:11:58 C:\WINDOWS\System32\stjxwek.dll -->2006-10-18 22:35:55 C:\WINDOWS\System32\kslwhic.dll -->2006-10-18 22:35:55 C:\WINDOWS\System32\ishost.exe -->2006-10-18 22:35:51 C:\WINDOWS\System32\wpa.dbl -->2006-10-18 22:23:48 C:\WINDOWS\System32\mcrh.tmp -->2006-10-15 23:12:03 C:\WINDOWS\System32\ot.ico -->2006-10-15 14:54:51 C:\WINDOWS\System32\issearch.exe -->2006-10-15 14:54:42 C:\WINDOWS\System32\ndmoxqf.dll -->2006-10-15 14:49:23 C:\WINDOWS\System32\lqwspfl.dll -->2006-10-15 14:49:23 C:\WINDOWS\System32\svnfonnl.dll -->2006-10-14 23:11:31 C:\WINDOWS\System32\yrphgrpm.exe -->2006-10-14 23:11:21 C:\WINDOWS\System32\llnmp.bak1 -->2006-10-14 23:11:11 C:\WINDOWS\System32\pmnll.dll -->2006-10-14 23:09:31 C:\WINDOWS\{00000000-00000000-0000000A-00001102-00000004-10071102}.CDF -->2006-10-19 19:03:27 C:\WINDOWS\WindowsUpdate.log -->2006-10-19 19:03:06 C:\WINDOWS\wiadebug.log -->2006-10-19 19:03:03 C:\WINDOWS\wiaservc.log -->2006-10-19 19:02:59 C:\WINDOWS\0.log -->2006-10-19 19:02:42 C:\WINDOWS\bootstat.dat -->2006-10-19 19:02:32 C:\WINDOWS\SchedLgU.Txt -->2006-10-18 23:52:00 C:\WINDOWS\War3Unin.dat -->2006-10-16 21:55:00 C:\WINDOWS\win.ini -->2006-10-16 00:05:55 C:\WINDOWS\system.ini -->2006-10-16 00:05:55 C:\WINDOWS\DirectX.log -->2006-10-14 17:59:39 C:\WINDOWS\setupapi.log -->2006-10-13 23:24:23 C:\WINDOWS\setupact.log -->2006-10-13 23:24:16 C:\WINDOWS\QTFont.qfn -->2006-10-09 16:59:29 C:\WINDOWS\iis6.log -->2006-10-01 23:03:59 C:\WINDOWS\DIIUnin.exe |Blizzard Entertainment |13/09/2006 22:17:44 C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |30/05/2006 03:30:44 C:\WINDOWS\MIDIDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\PSCONV.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\READREG.EXE |Creative Technology Limited |30/05/2006 03:29:00 C:\WINDOWS\twunk_16.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\twunk_32.exe |Twain Working Group |24/08/2001 08:00:00 C:\WINDOWS\uninst.exe |InstallShield Corporation, Inc. |04/06/2006 02:59:38 C:\WINDOWS\Updreg.EXE |Creative Technology Ltd. |30/05/2006 03:30:42 C:\WINDOWS\War3Unin.exe |Blizzard Entertainment |18/07/2006 00:34:23 C:\WINDOWS\CTCCW.DLL |Creative® Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\CTDCRES.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\CTRES.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\DEVREG.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\INRES.DLL |Creative Technology Limited |30/05/2006 03:29:15 C:\WINDOWS\twain.dll |Groupe de travail Twain |24/08/2001 08:00:00 C:\WINDOWS\twain_32.dll |Groupe de travail Twain |03/08/2004 18:54:44 C:\WINDOWS\system32\append.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\CTHELPER.EXE |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSVCCDA.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\CTSVCCTL.EXE |Creative Technology Ltd |30/05/2006 03:26:21 C:\WINDOWS\system32\debug.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\dosx.exe |COMPANY |03/08/2004 16:51:28 C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 13:47:34 C:\WINDOWS\system32\edlin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ENSDEF.EXE |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\exe2bin.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\fastopen.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ishost.exe |COMPANY |18/10/2006 22:35:51 C:\WINDOWS\system32\ismini.exe |COMPANY |15/10/2006 14:49:18 C:\WINDOWS\system32\issearch.exe |COMPANY |15/10/2006 14:54:42 C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |01/06/2006 01:29:44 C:\WINDOWS\system32\keystone.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\KILLAPPS.EXE |COMPANY |30/05/2006 03:29:01 C:\WINDOWS\system32\mem.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\mscdexnt.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nlsfunc.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nvappbar.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcolor.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcplui.exe |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdspsch.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvsvc32.exe |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvudisp.exe |NVIDIA Corporation |30/05/2006 03:10:29 C:\WINDOWS\system32\NVUNINST.EXE |NVIDIA Corporation |30/05/2006 03:10:00 C:\WINDOWS\system32\nw16.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\nwiz.exe |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\redir.exe |COMPANY |03/08/2004 16:48:48 C:\WINDOWS\system32\REGPLIB.EXE |COMPANY |30/05/2006 03:29:00 C:\WINDOWS\system32\setver.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\share.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 13:47:48 C:\WINDOWS\system32\vwipxspx.exe |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\wnsintsu.exe |COMPANY |14/10/2006 22:43:44 C:\WINDOWS\system32\yrphgrpm.exe |COMPANY |14/10/2006 23:11:16 C:\WINDOWS\system32\a3d.dll |COMPANY |30/05/2006 03:28:55 C:\WINDOWS\system32\AC3API.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\AHQCpURes.dll |Creative Technology Ltd. |30/05/2006 03:28:27 C:\WINDOWS\system32\amstream.dll |COMPANY |03/08/2004 18:54:22 C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |03/08/2004 18:52:50 C:\WINDOWS\system32\atmlib.dll |Adobe Systems |03/08/2004 18:54:22 C:\WINDOWS\system32\cba.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\commonfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\compatUI.dll |COMPANY |03/08/2004 18:54:24 C:\WINDOWS\system32\CTAGENT.DLL |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTASIO.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctaudfx.dll |Creative Technology Ltd |30/05/2006 03:29:00 C:\WINDOWS\system32\CTDC0000.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDC0001.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDCIFCE.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\CTDetres.dll |Creative Technology Ltd. |30/05/2006 03:26:21 C:\WINDOWS\system32\CTDPROXY.DLL |Creative Technology Ltd |30/05/2006 03:28:56 C:\WINDOWS\system32\ctdvda32.dll |Creative Technology Ltd |30/05/2006 03:28:32 C:\WINDOWS\system32\CTEMUPIA.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTMEDENG.DLL |Creative Technology Ltd. |30/05/2006 03:26:19 C:\WINDOWS\system32\CTMERes.DLL |Creative Technology Ltd. |30/05/2006 03:26:18 C:\WINDOWS\system32\CTOSUSER.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\ctsblfx.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\CTSCAL.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTSPKHLP.DLL |Creative Technology Ltd |30/05/2006 03:28:59 C:\WINDOWS\system32\CTWFLT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\dgsetup.dll |Digi International |30/05/2006 04:40:12 C:\WINDOWS\system32\EAXAC3.DLL |Creative Labs |30/05/2006 03:29:00 C:\WINDOWS\system32\encdec.dll |COMPANY |03/08/2004 18:54:26 C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |30/05/2006 04:40:12 C:\WINDOWS\system32\eSellerateControl350.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\eSellerateEngine.dll |eSellerate Inc. |02/10/2006 23:41:55 C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |30/05/2006 02:45:39 C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |30/05/2006 02:45:16 C:\WINDOWS\system32\iccvid.dll |Radius Inc. |03/08/2004 18:54:28 C:\WINDOWS\system32\ieencode.dll |COMPANY |03/08/2004 18:54:28 C:\WINDOWS\system32\INETWH32.DLL |Blue Sky Software Corporation. |30/05/2006 03:30:39 C:\WINDOWS\system32\ir32_32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |03/08/2004 18:54:30 C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |30/05/2006 02:47:17 C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgdw400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsd400.dll |America Online |24/08/2001 08:00:00 C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |24/08/2001 08:00:00 C:\WINDOWS\system32\kslwhic.dll |COMPANY |18/10/2006 22:35:55 C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfcmp13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:20 C:\WINDOWS\system32\loc32vc0.dll |Intel |04/03/1998 12:47:18 C:\WINDOWS\system32\lqwspfl.dll |COMPANY |15/10/2006 14:49:23 C:\WINDOWS\system32\ltdis13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltefx13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltfil13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltimg13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |05/09/2006 22:11:18 C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 13:47:06 C:\WINDOWS\system32\msdmo.dll |COMPANY |03/08/2004 18:54:34 C:\WINDOWS\system32\msencode.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\MsgPlusLoader.dll |Patchou |09/06/2006 16:24:22 C:\WINDOWS\system32\msgsys.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\NavLogon.dll |Symantec Corporation |12/03/2004 15:17:24 C:\WINDOWS\system32\ndmoxqf.dll |COMPANY |15/10/2006 14:49:23 C:\WINDOWS\system32\nts.dll |Intel® Corporation |09/06/2003 17:21:10 C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |30/05/2006 04:42:13 C:\WINDOWS\system32\nvapi.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcod.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcodins.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpl.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvcpluir.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdisps.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvdispsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvexpbar.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgames.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvgamesr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvhwvid.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nview.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccsrs.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmccss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmccssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmctray.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvmobls.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvmoblsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvnt4cpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvoglnt.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvshell.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvvitvs.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvvitvsr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwddi.dll |NVIDIA Corporation |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwdmcpl.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwimg.dll |COMPANY |09/03/2006 09:29:00 C:\WINDOWS\system32\nvwss.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\nvwssr.dll |NVIDIA Corporation |01/06/2006 17:22:00 C:\WINDOWS\system32\OPENAL32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 13:47:16 C:\WINDOWS\system32\pds.dll |Intel® Corporation |09/06/2003 17:21:12 C:\WINDOWS\system32\PIAPROXY.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\pmnll.dll |COMPANY |14/10/2006 23:09:21 C:\WINDOWS\system32\px.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxsfs.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\qedwipes.dll |COMPANY |03/08/2004 18:53:42 C:\WINDOWS\system32\S32EVNT1.DLL |Symantec Corporation |26/09/2006 21:42:50 C:\WINDOWS\system32\sbe.dll |COMPANY |03/08/2004 18:54:38 C:\WINDOWS\system32\scriptpw.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\SFCVRT32.DLL |Creative Technology Ltd. |30/05/2006 03:30:39 C:\WINDOWS\system32\sfman32.dll |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SFMS32.DLL |Creative Technology Ltd |30/05/2006 03:29:01 C:\WINDOWS\system32\SIntf16.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntf32.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\SIntfNT.dll |COMPANY |13/09/2006 22:18:42 C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |03/08/2004 16:31:44 C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |03/08/2004 18:54:40 C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |24/08/2001 08:00:00 C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 13:47:18 C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |30/05/2006 04:40:12 C:\WINDOWS\system32\stjxwek.dll |COMPANY |18/10/2006 22:35:55 C:\WINDOWS\system32\svnfonnl.dll |COMPANY |14/10/2006 23:11:26 C:\WINDOWS\system32\SymNeti.dll |Symantec Corporation |11/03/2004 14:58:14 C:\WINDOWS\system32\SymRedir.dll |Symantec Corporation |11/03/2004 14:58:12 C:\WINDOWS\system32\tsd32.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 13:47:20 C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |01/06/2006 02:48:17 C:\WINDOWS\system32\win87em.dll |COMPANY |24/08/2001 08:00:00 C:\WINDOWS\system32\winwea32.dll |COMPANY |14/10/2006 22:42:43 Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\system32 2004-08-03 18:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 4 891 070 464 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\WINDOWS\Downloaded Program Files 2006-09-05 22:11 <REP> . 2006-09-05 22:11 <REP> .. 2006-05-30 02:48 65 desktop.ini 2006-06-20 15:44 379 704 MsnPUpld.dll 2006-06-19 14:40 393 MsnPUpld.inf 2006-06-20 15:44 117 560 PURen-us.dll 2002-05-31 09:20 117 328 purfr-ca.dll 2006-03-27 07:00 5 019 swflash.inf 6 fichier(s) 620 069 octets Total des fichiers listés : 6 fichier(s) 620 069 octets 2 Rép(s) 4 891 070 464 octets libres Liste des programmes installes Ad-Aware SE Personal Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Reader 7.0.8 Azureus BitTorrent 4.24.0 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Creative MediaSource Diablo II Guitar Pro 5.0 HijackThis 1.99.1 Homeworld2 J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 Kit de développement Microsoft .NET Framework 2.0 SDK - FRA LimeWire 4.10.9 LiveUpdate 2.0 (Symantec Corporation) Macromedia Flash Player 8 Messenger Plus! 3 Microsoft .NET Framework 2.0 SDK - FRA Microsoft Office XP Professional avec FrontPage Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mozilla Firefox (1.5.0.7) NVIDIA Drivers Quake 4 Quake 4 QuickTime QuickTime SimCity 4 Deluxe Sound Blaster Audigy 2 SpeechRedist Spybot - Search & Destroy 1.4 Steam Symantec AntiVirus Tom Clancy's Splinter Cell Chaos Theory Unreal Tournament 2003 Unreal Tournament 2004 VideoLAN VLC media player 0.8.5 WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Media Format Runtime WinISO 5.3 WinRAR archiver WinZip Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files 2006-10-19 20:34 <REP> . 2006-10-19 20:34 <REP> .. 2006-07-19 07:56 <REP> Adobe 2006-06-01 03:40 <REP> Azureus 2006-10-09 01:28 <REP> BitTorrent 2006-05-30 02:46 <REP> ComPlus Applications 2006-05-30 03:33 <REP> Creative 2006-10-11 00:58 <REP> Diablo II 2006-10-14 04:08 <REP> directx 2006-10-15 23:13 <REP> Fichiers communs 2006-10-02 23:43 <REP> Graphic Accounts 2006-05-30 03:47 <REP> Grisoft 2006-06-03 22:02 <REP> Guitar Pro 5 2006-08-20 21:07 <REP> id Software 2006-09-12 23:10 <REP> Internet Explorer 2006-06-01 01:29 <REP> Java 2006-05-31 02:08 <REP> Lavasoft 2006-05-31 02:45 <REP> LimeWire 2006-06-04 15:29 <REP> Maxis 2006-05-30 03:55 <REP> Messenger 2006-06-01 03:57 <REP> MessengerPlus! 3 2006-05-30 02:50 <REP> microsoft frontpage 2006-08-03 22:30 <REP> Microsoft Office 2006-08-03 22:39 <REP> Microsoft Visual Studio 8 2006-08-03 22:30 <REP> Microsoft.NET 2006-05-30 02:47 <REP> Movie Maker 2006-10-19 20:22 <REP> Mozilla Firefox 2006-05-30 02:45 <REP> MSN 2006-05-30 02:45 <REP> MSN Gaming Zone 2006-09-04 20:28 <REP> MSN Messenger 2006-05-30 02:47 <REP> NetMeeting 2006-05-30 02:45 <REP> Online Services 2006-05-30 03:50 <REP> Outlook Express 2006-06-03 21:36 <REP> QuickTime 2006-05-30 02:48 <REP> Services en ligne 2006-10-16 19:35 <REP> Spybot - Search & Destroy 2006-07-17 23:39 <REP> Steam 2006-09-26 21:43 <REP> Symantec 2006-10-19 19:03 <REP> Symantec AntiVirus 2006-08-18 17:03 <REP> Ubisoft 2006-09-28 21:22 <REP> VIA 2006-06-02 00:57 <REP> VideoLAN 2006-10-18 22:49 <REP> Warcraft III 2006-07-17 23:16 <REP> Winamp 2006-06-01 02:48 <REP> Windows Media Player 2006-05-30 02:45 <REP> Windows NT 2006-07-13 18:11 <REP> WinISO 2006-06-03 22:01 <REP> WinRAR 2006-06-03 21:59 <REP> WinZip 2006-05-30 02:50 <REP> xerox 0 fichier(s) 0 octets 50 Rép(s) 4 891 025 408 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs 2006-10-15 23:13 <REP> . 2006-10-15 23:13 <REP> .. 2006-07-19 07:57 <REP> Adobe 2006-05-30 03:51 <REP> Designer 2006-06-03 21:35 <REP> InstallShield 2006-05-31 02:44 <REP> Java 2006-08-03 22:38 <REP> Microsoft Shared 2006-05-30 02:47 <REP> MSSoap 2006-05-30 04:40 <REP> ODBC 2006-05-30 02:47 <REP> Services 2006-05-30 04:40 <REP> SpeechEngines 2006-09-26 21:43 <REP> Symantec Shared 2006-05-30 03:50 <REP> System 2006-10-15 23:25 <REP> {E82573E4-07CF-3084-0214-061016020002} 0 fichier(s) 0 octets 14 Rép(s) 4 891 025 408 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 2006-05-30 03:51 <REP> . 2006-05-30 03:51 <REP> .. 2006-05-30 03:51 <REP> 1033 2006-05-30 03:51 <REP> 1036 2001-02-14 23:45 1 318 912 MSONSEXT.DLL 2001-02-13 02:23 58 784 MSOSV.DLL 1999-06-03 06:09 122 937 MSOWS409.DLL 2001-03-07 01:00 127 033 MSOWS40c.DLL 2000-08-06 03:04 401 462 MSVCP60.DLL 2001-01-21 21:25 69 632 PKMAXCTL.DLL 2001-01-21 21:25 872 448 PKMCDO.DLL 2001-01-21 21:25 159 744 PKMCORE.DLL 2001-02-07 03:59 106 496 PKMFORMS.DLL 2001-02-11 22:03 684 032 PKMRES.DLL 2001-01-21 21:25 28 672 PKMSSTLB.DLL 2001-01-21 21:25 40 960 PKMTEMPL.DLL 2001-01-21 21:25 24 576 PKMTRACE.DLL 2001-01-21 21:25 86 016 PKMWS.DLL 2001-01-21 21:25 237 568 PROMDEMO.DLL 2001-01-21 21:25 184 320 SECMGR.DLL 2001-01-21 21:25 323 584 VAIDDMGR.DLL 2001-01-21 21:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 4 891 025 408 octets libres Le volume dans le lecteur C s'appelle Lewisss Le numéro de série du volume est E825-73E4 Répertoire de C:\ 2006-10-19 20:54 826 936 blbeta.exe 2006-10-19 20:27 1 158 670 sarsfx.exe 2005-10-31 11:56 700 416 StubInstaller.exe 3 fichier(s) 2 686 022 octets 0 Rép(s) 4 891 025 408 octets libres c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\Louis Huppe\.limewire\.NetworkShare\LimeWireWin4.12.6-nopack2.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\blbetac.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\FilesInfoCmd.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\Fport.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\grep.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LFiles.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\LISTDLLS.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\pslist.exe c:\Documents and Settings\Louis Huppe\Bureau\diaghelp\streams.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\AutoRun.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\b122.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\BitTorrent-4.20.6.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\BitTorrent-4.20.7.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\BitTorrent-4.20.9.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\BitTorrent-4.24.0.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\d2l_Install.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\d2l_PlayD2.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Setup.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\war3_Install.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\win1D.tmp.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\win22.tmp.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\DAMN_NFO_Viewer_v2.10.0031.RC3_Setup.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\WinZip.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Répertoire temporaire 1 pour WINZIP.ZIP\WZ-Keygen.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temp\Setup022051\Setup.exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\496ZS1QF\L2[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\496ZS1QF\srvbua[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\496ZS1QF\srvltu[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\C16JK5A3\FOYGq2JV9B[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\OPQF4TIJ\l11[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\SXMFCX23\srvwio[1].exe c:\Documents and Settings\Louis Huppe\Local Settings\Temporary Internet Files\Content.IE5\SXMFCX23\srvwti[1].exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\Louis Huppe\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll -
demande d'analyse de rapporty HijackThis
Pchink a posté un sujet dans Analyses et éradication malwares
Bonjour, J'ai attrapé le spyware WinAntivirus Pro 2006 et surement quelques autres car je reçois très souvent des popups publicitaires depuis quelques jours, j'ai analysé mon pc avec HijackThis et voici le résultat : Logfile of HijackThis v1.99.1 Scan saved at 20:37:12, on 2006-10-19 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ishost.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\ismini.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [lqwspfl.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\lqwspfl.dll,vdepmle O4 - HKLM\..\Run: [stjxwek.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\stjxwek.dll,rqinabg O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.ex" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lewisssup.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: MsgPlusLoader.dll O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - (no file) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe Merci à l'avance pour votre réponse!