Aller au contenu

flowstylz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    114

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par flowstylz

  1. flowstylz
    bonjour, oui je demande le transfert ticlou! comme j'avais un doute avant de poster sur le forum j'ai effectuer une analyse avec MBAM juste avant, sauf que celu-ci et un examen complet dont voici le log! aucune menaces détectés apparament Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3053 Windows 6.0.6002 Service Pack 2 30/10/2009 12:45:39 mbam-log-2009-10-30 (12-45-39).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 173049 Temps écoulé: 2 hour(s), 19 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  2. flowstylz
    bonjour j'ai un petit souci avec mon pc portable sous vista il ralentit énormément au démarrage et lors de l'arrêt j'ai enlever quelques programmes au démarrage je mets un hijackthis au cas où vous verriez d'autres programmes et tout autre conseil d'optimisation et le bienvenu merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:08:44, on 30/10/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Acer\Empowering Technology\eDataSecurity\x86\MsnVane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O13 - Gopher Prefix: O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 6805 bytes
  3. flowstylz
    salut j'ai essayer hélas ça ne fonctionne pas non plus!
  4. flowstylz
    j'ai les mises à jour sur le pc! mais ça fonctionne pas! j'ai essayé avec windows update et en téléchargeant directement le sp1 sur le site de microsoft merci de ton aide
  5. flowstylz
    rebonjour! le problème c'est que tous les points de restauration sont datés d'aujourd'hui et il n'y en a pas un seul avant l'installation du sp1, il y'en a un seulement au moment de l'installation merci
  6. flowstylz
    bonjour récemment j'ai voulu installer le sp2 de vista, ayant remarquer qu'il n'arrivait pas à s'installer j'avais un code d'erreur à la fin! je me suis dit que cela venait peut être du sp1 j'ai alors désinstaller le sp1! j'ai donc voulu tenter un réinstallation du sp1 par la suite le souci c'est que le sp1 ne veut plus s'installer et j'ai un message qui me dit que le sp1 n'a pas pu s'installer avec ce code d'erreur 0x8000FFFF merci d'avance pour votre aide
  7. flowstylz
    sachant que je veux juste une connexion internet, donc si je pouvais éviter peut être d'installer le cd d'installation de la livebox ce serait pas plus mal non plus merci
  8. flowstylz
    bonjour je vous explique le probléme! j'ai reformater mon pc, le probléme c'est que dés que j'essaye d'installer le cd d'installation livebox ça me mets l'installation a échoué vérifiez que vous disposez bien d'une carte ethernet que celle ci soit reconnu un truc du genre! sachant qu'elle est reconnue dans gestionnaire de périphériques! puisqu'il n'y a pas de points d'exclamation ni d'interrogations devant! que puis je faire? ps : je suis sous xp merci
  9. flowstylz
    dsl pour l'attente tout va bien maintenant merci falkra!
  10. flowstylz
    voici le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:51:27, on 2009-04-28 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\netdde.exe E:\Program Files\COMODO\Firewall\cmdagent.exe E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\IoctlSvc.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\dmadmin.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\Program Files\COMODO\Firewall\cfp.exe E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\Windows Live\Contacts\wlcomm.exe E:\Documents and Settings\florent\Bureau\HijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-21-1614895754-343818398-725345543-1009\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'Cindy_2') O4 - HKUS\S-1-5-21-1614895754-343818398-725345543-1009\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Cindy_2') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe -- End of file - 7198 bytes
  11. flowstylz
    bonjour voilà j'ai tout protéger! je fais quoi maintenant?
  12. flowstylz
    bonjour voici le rapport OTMoveIt ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\autorun.inf moved successfully. File/Folder D:\autorun.inf not found. File/Folder E:\autorun.inf not found. C:\Love.exe moved successfully. File/Folder C:\RECYCLER\S-1-5-21-1614895754-343818398-725345543-1006\Dc1.exe not found. E:\Love.exe moved successfully. E:\WINDOWS\system32\Amoumain.exe moved successfully. E:\WINDOWS\system32\Love.exe moved successfully. File/Folder E:\WINDOWS\Prefetch\Amoumain.pf not found. File/Folder E:\WINDOWS\Prefetch\love.pf not found. ========== COMMANDS ========== Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created
  13. flowstylz
    j'ai refait une analyse et je me suis aperçu que les fichiers love.exe sont de retour C:\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB C:\RECYCLER\S-1-5-21-1614895754-343818398-725345543-1006\Dc1.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\WINDOWS\system32\Amoumain.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\WINDOWS\system32\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB Je n'ai pas trouvé amoumain.exe dans system32 le seul endroit ou je l'ai trouvé c'est dans : E:\WINDOWS\Prefetch je me demande si ce n'est pas en tapant le chemin E:\WINDOWS\system32\Amoumain.exe qui a fait revenir les love.exe en tout cas je n'ai pas et je n'ai jamais eu de souris sans fil donc c'est un processus suspect merci pour ton aide
  14. flowstylz
    j'ai refait une analyse en ligne avc bitdefender et les seuls fichiers love.exe qu'il me trouve sont dans ot move it ce qui me semble normal je pense! par contre j'ai remarqué que amounmain.exe ne tourner plus dans les processus! mais bitdefender en ligne l'a encore détecté dans system32 voila merci beaucoup pour ton aide j'ai essayer de me débrouiller par moi même pour l'enlever mais ça a été plus compliqué que je pensais! maintenant je peux restaurer la resto système?
  15. flowstylz
    Cain & Abel est légal, je sais qu'il peut être utilisé à de mauvaises fins! je voulais voir à quoi ressemblait le soft et ce qu'il pouvait faire! Cain fonctionne sous réseau local et je ne suis pas en réseau voilà le rapport! ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== E:\CoFix moved successfully. E:\32788R22FWJFW.1.tmp\N_ moved successfully. E:\32788R22FWJFW.1.tmp\License moved successfully. E:\32788R22FWJFW.1.tmp moved successfully. E:\32788R22FWJFW.0.tmp\N_ moved successfully. E:\32788R22FWJFW.0.tmp\License moved successfully. E:\32788R22FWJFW.0.tmp moved successfully. E:\WINDOWS\system32\tmp.txt moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\\ deleted successfully. ========== SERVICES/DRIVERS ========== Service\Driver PSEXESVC deleted successfully. ========== COMMANDS ========== Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04232009_150754 merci pour ton aide
  16. flowstylz
    info.txt logfile of random's system information tool 1.06 2009-04-23 11:58:25 ======Uninstall list====== -->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->E:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->E:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->E:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->E:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->E:\WINDOWS\UNNeroVision.exe /UNINSTALL -->E:\WINDOWS\UNRecode.exe /UNINSTALL -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {957E4620-59C2-4D3E-9B6D-5F024803E7D8} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Adobe Flash Player 10 Plugin-->E:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player 11.5-->E:\WINDOWS\system32\Adobe\uninstaller.exe aMSN 0.97.2-->E:\Program Files\aMSN\uninstall.exe AnyDVD-->"E:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="E:\Program Files\SlySoft\AnyDVD" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Athlon 64 Processor Driver-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c Bibliothèques GTK+ 2.12.8 rev a (supprimer uniquement)-->E:\Program Files\Fichiers communs\GTK\2.0\uninst.exe Cain & Abel v4.9.7-->E:\PROGRA~1\Cain\UNINSTAL.EXE E:\PROGRA~1\Cain\Install.log CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} COMODO Firewall Pro-->E:\Program Files\COMODO\Firewall\cfpconfg.exe -u Correctif pour Windows Internet Explorer 7 (KB947864)-->"E:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Counter-Strike: Source-->"E:\Program Files\Steam\steam.exe" steam://uninstall/240 DivX Codec-->E:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->E:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->E:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->E:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EasyCleaner-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly Free Download Manager 3.0-->"E:\Program Files\Free Download Manager\unins000.exe" GIMP 2.6.4-->"E:\Program Files\GIMP-2.0\setup\unins000.exe" HijackThis 2.0.2-->"E:\Documents and Settings\florent\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->E:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} HP Customer Participation Program 7.0-->E:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC} HP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB} Installation Windows Live-->E:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Japanese Fonts Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-900000000003} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} Kaspersky Online Scanner-->E:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe Lecteur Windows Media 11-->"E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall livebox-->E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly Logiciel QuickCam de Logitech-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c Logitech Desktop Messenger-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL Logitech Print Service-->E:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE E:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"E:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"E:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"E:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"E:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"E:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"E:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"E:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"E:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"E:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->E:\WINDOWS\system32\MacroMed\Flash\genuinst.exe E:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->e:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe Mozilla Firefox (3.0.9)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN Polygamy 8.1-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{952DEE45-7C0B-4CDF-80B3-D14BE6B02678}\Setup.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D} Nero 7 Premium-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NOD32 Antivirus System-->E:\Program Files\Eset\Setup\setup.exe /UNINSTALL NOD32 FiX-->"E:\Program Files\Eset\unins000.exe" Notepad++-->E:\Program Files\Notepad++\uninstall.exe NVIDIA Drivers-->E:\WINDOWS\system32\nvuninst.exe UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PhotoFiltre-->"E:\Program Files\PhotoFiltre\Uninst.exe" Programme de gestion Camera de Logitech®-->"E:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT Realtek AC'97 Audio-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly SAMSUNG Mobile Composite Device Software-->E:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe SAMSUNG Mobile Modem Driver Set-->E:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->E:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->E:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->E:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"E:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"E:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} Software Informer 1.0 BETA-->"E:\Program Files\Software Informer\unins000.exe" Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673} Spybot - Search & Destroy-->"E:\Program Files\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} System Requirements Lab-->E:\Program Files\SystemRequirementsLab\Uninstall.exe TomTom HOME-->E:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C} VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} VLC media player 0.9.8a-->E:\Program Files\VideoLAN\VLC\uninstall.exe Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live OneCare safety scanner-->RunDll32.exe "E:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836} Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPcap 4.0.2-->E:\Program Files\WinPcap\uninstall.exe WinRAR archiver-->E:\Program Files\WinRar\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"E:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Xvid 1.1.3 final uninstall-->"E:\Program Files\Xvid\unins000.exe" =====HijackThis Backups===== O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-01-13] O4 - HKCU\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2009-01-13] O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe" [2009-01-13] O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe" [2009-01-13] O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2009-01-13] O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-01-13] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 [2009-01-14] O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com [2009-01-14] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 [2009-01-14] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 [2009-01-14] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe [2009-01-14] R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris [2009-01-14] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost [2009-01-14] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe [2009-01-14] O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab [2009-01-14] O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe" [2009-01-18] O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-01-18] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup [2009-01-18] O4 - Startup: Outil de notification Live Search.lnk = E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-01-18] O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe [2009-01-18] O4 - HKUS\.DEFAULT\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'Default user') [2009-01-18] O4 - HKUS\S-1-5-18\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SYSTEM') [2009-01-18] O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe" [2009-01-19] O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe" [2009-01-20] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com [2009-04-13] F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\system32\Amoumain.exe [2009-04-22] O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - E:\Documents and Settings\florent\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing) [2009-04-22] O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe" [2009-04-22] ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: ESET NOD32 antivirus system 2.70 FW: COMODO Firewall Pro ======System event log====== Computer Name: INTEGRA Event Code: 206 Message: L'écoute a échoué : 15: Record Number: 362 Source Name: NetDDE Time Written: 20090224113257.000000+060 Event Type: erreur User: Computer Name: INTEGRA Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{428C57B4-15BD-4570-B36A-E56FF8477C09} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 361 Source Name: Tcpip Time Written: 20090224113253.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 8033 Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{428C57B4-15BD-4570-B36A-E56FF8477C09} car un maître explorateur a été arrêté. Record Number: 360 Source Name: BROWSER Time Written: 20090224113223.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 206 Message: L'écoute a échoué : 23: Le membre ncb_lana_num ne spécifiait pas un numéro de réseau valide. Record Number: 359 Source Name: NetDDE Time Written: 20090224113223.000000+060 Event Type: erreur User: Computer Name: INTEGRA Event Code: 4202 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{428C57B4-15BD-4570-B36A-E56FF8477C09} était déconnectée du réseau, et la configuration réseau de la carte a été abandonnée. Si la carte réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement. Contactez le fabricant pour des pilotes mis à jour. Record Number: 358 Source Name: Tcpip Time Written: 20090224113223.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: INTEGRA Event Code: 301 Message: msnmsgr (3108) \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\fsr01089.log. Record Number: 4459 Source Name: ESENT Time Written: 20090318115804.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 301 Message: msnmsgr (3108) \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\fsr01088.log. Record Number: 4458 Source Name: ESENT Time Written: 20090318115803.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 300 Message: msnmsgr (3108) \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\dfsr.db: Le moteur de base de données initialise la procédure de récupération. Record Number: 4457 Source Name: ESENT Time Written: 20090318115803.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 102 Message: msnmsgr (3108) \\.\E:\Documents and Settings\florent\Local Settings\Application Data\Microsoft\Messenger\god_save_hard-core@hotmail.fr\SharingMetadata\Working\database_E34_BD23_34BD_F29\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 4456 Source Name: ESENT Time Written: 20090318115802.000000+060 Event Type: Informations User: Computer Name: INTEGRA Event Code: 100 Message: msnmsgr (3108) Le moteur de base de données 5.01.2600.5512 est démarré. Record Number: 4455 Source Name: ESENT Time Written: 20090318115802.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;E:\Program Files\Samsung\Samsung PC Studio 3;E:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  17. flowstylz
    voila le premier rapport log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by florent at 2009-04-23 12:11:50 Microsoft Windows XP Professionnel Service Pack 3 System drive E: has 6 GB (12%) free of 53 GB Total RAM: 447 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:12:05, on 2009-04-23 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\netdde.exe E:\Program Files\COMODO\Firewall\cmdagent.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\IoctlSvc.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\dmadmin.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\Program Files\COMODO\Firewall\cfp.exe E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\Eset\nod32kui.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\Free Download Manager\fdm.exe E:\Program Files\Windows Live\Contacts\wlcomm.exe E:\Documents and Settings\florent\Bureau\RSIT.exe E:\Documents and Settings\florent\Bureau\florent.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Free Download Manager] "E:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsExec (PSEXESVC) - Unknown owner - E:\WINDOWS\PSEXESVC.EXE (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe -- End of file - 7274 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - E:\Program Files\Java\jre6\bin\ssv.dll [2009-01-11 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - E:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-11 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "COMODO Firewall Pro"=E:\Program Files\COMODO\Firewall\cfp.exe [2005-11-04 1655552] "LVCOMSX"=E:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184] "nod32kui"=E:\Program Files\Eset\nod32kui.exe [2008-12-08 949376] "NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144] "Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=E:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "MsnMsgr"=E:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-03-27 3885408] "Free Download Manager"=E:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] E:\Program Files\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-12 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] E:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] E:\Program Files\MSN Messenger\msnmsgr.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] E:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] E:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Piratrax] E:\Program Files\Piratrax\piratrax_launch.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] E:\WINDOWS\SOUNDMAN.EXE [2005-09-22 90112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] E:\Program Files\Steam\Steam.exe [2009-01-29 1410296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] E:\Program Files\Java\jre6\bin\jusched.exe [2009-01-11 136600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] E:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] E:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2008-09-12 450560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^florent^Menu Démarrer^Programmes^Démarrage^IMVU.lnk] E:\DOCUME~1\florent\APPLIC~1\IMVUCL~1\IMVUCL~1.EXE --startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Nero BackItUp Scheduler 3"=2 "iPod Service"=3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] E:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= "ConsentPromptBehaviorAdmin"=0 "PromptOnSecureDesktop"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "E:\Program Files\eMule\eMule.exe"="E:\Program Files\eMule\eMule.exe:*:Enabled:eMule" "E:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="E:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1" "E:\Program Files\Messenger\msmsgs.exe"="E:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "E:\Program Files\MSN Messenger\livecall.exe"="E:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "E:\Program Files\xchat\xchat.exe"="E:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client" "E:\Program Files\BitTorrent\bittorrent.exe"="E:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "E:\Program Files\MSN Messenger\msncall.exe"="E:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\Program Files\MSN Messenger\livecall.exe"="E:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "E:\Program Files\MSN Messenger\msncall.exe"="E:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .scr - config - "%1" /S ======List of files/folders created in the last 1 months====== 2009-04-23 11:56:52 ----D---- E:\rsit 2009-04-22 22:02:32 ----D---- E:\_OTMoveIt 2009-04-22 16:12:39 ----D---- E:\Program Files\The Cleaner Free 2009-04-22 13:22:23 ----SHD---- E:\RECYCLER 2009-04-22 13:12:25 ----D---- E:\WINDOWS\temp 2009-04-22 13:12:23 ----A---- E:\ComboFix.txt 2009-04-22 13:06:04 ----D---- E:\CoFix 2009-04-22 12:58:16 ----D---- E:\32788R22FWJFW.1.tmp 2009-04-22 12:56:41 ----D---- E:\32788R22FWJFW.0.tmp 2009-04-22 12:30:15 ----A---- E:\WINDOWS\ntbtlog.txt 2009-04-21 17:48:27 ----SH---- E:\WINDOWS\system32\Amoumain.exe 2009-04-17 11:28:22 ----D---- E:\Documents and Settings\florent\Application Data\Software Informer 2009-04-17 11:28:00 ----D---- E:\Program Files\Software Informer 2009-04-17 11:27:33 ----D---- E:\Documents and Settings\florent\Application Data\Free Download Manager 2009-04-17 11:27:16 ----D---- E:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG 2009-04-17 11:27:06 ----D---- E:\Program Files\Free Download Manager 2009-04-15 12:55:28 ----D---- E:\Documents and Settings\florent\Application Data\Download Manager 2009-04-13 14:26:51 ----A---- E:\WINDOWS\system32\TubeFinder.exe 2009-04-13 14:26:45 ----A---- E:\WINDOWS\system32\VB6STKIT.DLL 2009-04-13 14:26:45 ----A---- E:\WINDOWS\system32\VB6FR.DLL 2009-04-13 14:26:45 ----A---- E:\WINDOWS\system32\PCCLPFR.DLL 2009-04-13 14:26:45 ----A---- E:\WINDOWS\system32\MSCMCFR.DLL 2009-04-13 14:26:44 ----A---- E:\WINDOWS\system32\CMDLGFR.DLL 2009-04-13 14:08:17 ----A---- E:\WINDOWS\system32\devil.dll 2009-04-13 14:08:14 ----A---- E:\WINDOWS\system32\avisynth.dll 2009-04-13 14:08:11 ----A---- E:\WINDOWS\system32\AVSredirect.dll 2009-04-13 14:08:10 ----A---- E:\WINDOWS\system32\yv12vfw.dll 2009-04-13 14:08:09 ----A---- E:\WINDOWS\system32\i420vfw.dll 2009-04-13 14:08:08 ----D---- E:\Program Files\AviSynth 2.5 2009-04-13 13:18:02 ----D---- E:\Downloads 2009-04-13 13:17:53 ----D---- E:\Documents and Settings\florent\Application Data\GrabPro 2009-04-13 13:17:39 ----D---- E:\Documents and Settings\florent\Application Data\Orbit 2009-03-29 02:11:54 ----D---- E:\WINDOWS\system32\Kaspersky Lab 2009-03-26 20:53:47 ----D---- E:\Program Files\Microsoft 2009-03-26 20:43:07 ----A---- E:\WINDOWS\eSellerateEngine.dll 2009-03-26 20:41:25 ----D---- E:\Program Files\MSN Content Plus Inc ======List of files/folders modified in the last 1 months====== 2009-04-23 11:56:58 ----D---- E:\WINDOWS\Prefetch 2009-04-23 11:52:12 ----D---- E:\Program Files\Mozilla Firefox 2009-04-22 22:19:13 ----D---- E:\WINDOWS\system32\CatRoot2 2009-04-22 22:02:53 ----D---- E:\WINDOWS\system32 2009-04-22 18:11:46 ----D---- E:\WINDOWS\BDOSCAN8 2009-04-22 18:06:09 ----AD---- E:\WINDOWS 2009-04-22 17:59:51 ----A---- E:\WINDOWS\SchedLgU.Txt 2009-04-22 17:57:00 ----SHD---- E:\WINDOWS\Installer 2009-04-22 17:57:00 ----HD---- E:\Config.Msi 2009-04-22 17:55:56 ----D---- E:\Documents and Settings\All Users\Application Data\Adobe 2009-04-22 17:55:48 ----D---- E:\Program Files\Fichiers communs\Adobe 2009-04-22 16:14:11 ----D---- E:\WINDOWS\system32\drivers 2009-04-22 16:12:39 ----D---- E:\Program Files 2009-04-22 15:23:40 ----SHD---- E:\System Volume Information 2009-04-22 15:23:40 ----D---- E:\WINDOWS\system32\Restore 2009-04-22 14:32:46 ----SD---- E:\WINDOWS\Downloaded Program Files 2009-04-22 14:32:12 ----HD---- E:\WINDOWS\inf 2009-04-22 13:10:18 ----D---- E:\QooBox 2009-04-22 13:09:51 ----A---- E:\WINDOWS\system.ini 2009-04-22 13:08:50 ----D---- E:\WINDOWS\AppPatch 2009-04-22 13:08:49 ----D---- E:\Program Files\Fichiers communs 2009-04-22 12:50:34 ----D---- E:\WINDOWS\Minidump 2009-04-22 12:48:48 ----A---- E:\rapport.txt 2009-04-22 12:44:51 ----A---- E:\WINDOWS\system32\tmp.txt 2009-04-21 22:37:23 ----D---- E:\Documents and Settings\florent\Application Data\uTorrent 2009-04-21 20:30:43 ----D---- E:\Program Files\Unlocker 2009-04-21 09:58:08 ----AC---- E:\WINDOWS\VFind.exe 2009-04-20 20:28:56 ----D---- E:\Program Files\Steam 2009-04-18 18:36:36 ----D---- E:\WINDOWS\system32\LogFiles 2009-04-18 18:36:34 ----D---- E:\WINDOWS\Debug 2009-04-18 18:25:45 ----D---- E:\Program Files\Cain 2009-04-18 18:25:21 ----RSHDC---- E:\WINDOWS\system32\dllcache 2009-04-17 11:20:52 ----AC---- E:\WINDOWS\system32\PerfStringBackup.INI 2009-04-17 03:08:21 ----D---- E:\WINDOWS\system32\wbem 2009-04-17 03:06:15 ----D---- E:\WINDOWS\system32\fr-fr 2009-04-17 03:06:15 ----D---- E:\Program Files\Internet Explorer 2009-04-17 03:05:58 ----D---- E:\WINDOWS\ie7updates 2009-04-17 03:03:02 ----HD---- E:\WINDOWS\$hf_mig$ 2009-04-17 03:02:34 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-04-14 11:40:12 ----D---- E:\Program Files\Malwarebytes' Anti-Malware 2009-04-13 23:01:47 ----D---- E:\WINDOWS\system32\Adobe 2009-04-13 21:13:35 ----AC---- E:\WINDOWS\NeroDigital.ini 2009-04-13 15:51:44 ----D---- E:\Documents and Settings 2009-04-13 15:08:58 ----D---- E:\Program Files\Common Files 2009-04-13 14:07:47 ----RSD---- E:\WINDOWS\Fonts 2009-04-06 16:57:24 ----AC---- E:\WINDOWS\system32\MRT.exe 2009-04-04 14:25:05 ----D---- E:\Documents and Settings\florent\Application Data\dvdcss 2009-03-29 02:07:46 ----D---- E:\Program Files\Mozilla Firefox Bonus 2009-03-26 20:54:04 ----D---- E:\WINDOWS\WinSxS 2009-03-26 20:53:02 ----D---- E:\Program Files\Windows Live 2009-03-26 20:41:25 ----HD---- E:\Program Files\InstallShield Installation Information 2009-03-26 14:05:54 ----DC---- E:\WINDOWS\system32\DRVSTORE 2009-03-26 12:59:52 ----D---- E:\Program Files\Messenger Plus! Live 2009-03-26 09:41:54 ----D---- E:\Documents and Settings\florent\Application Data\Image Zone Express ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; E:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; E:\WINDOWS\System32\DRIVERS\cmdguard.sys [2005-11-04 87056] R1 cmdHlp;COMODO Firewall Pro Helper Driver; E:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2005-11-04 24208] R1 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-12-31 24872] R1 FileDisk;FileDisk; E:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928] R1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 nod32drv;nod32drv; E:\WINDOWS\system32\drivers\nod32drv.sys [2008-12-08 15424] R1 ssmdrv;ssmdrv; E:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 StarOpen;StarOpen; E:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-09 5632] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; E:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 AMON;AMON; E:\WINDOWS\system32\drivers\amon.sys [2008-12-08 512096] R2 tmcomm;tmcomm; \??\E:\WINDOWS\system32\drivers\tmcomm.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-22 3727680] R3 AnyDVD;AnyDVD; E:\WINDOWS\System32\Drivers\AnyDVD.sys [2008-12-31 103360] R3 HidUsb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016] R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048] R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928] R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152] R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-13 32128] S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\E:\Program Files\CyberLink\PowerDVD\000.fcl [] S3 BT;Bluetooth PAN Network Adapter; E:\WINDOWS\system32\DRIVERS\btnetdrv.sys [] S3 btaudio;Périphérique audio Bluetooth; E:\WINDOWS\system32\drivers\btaudio.sys [] S3 BTDriver;Pilote de communications virtuelles Bluetooth; E:\WINDOWS\system32\DRIVERS\btport.sys [] S3 BTKRNL;Enumérateur de bus Bluetooth; E:\WINDOWS\system32\DRIVERS\btkrnl.sys [] S3 btnetBUs;Bluetooth PAN Bus Service; E:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; E:\WINDOWS\system32\DRIVERS\btwdndis.sys [] S3 btwhid;btwhid; E:\WINDOWS\system32\DRIVERS\btwhid.sys [] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; E:\WINDOWS\System32\Drivers\btwusb.sys [] S3 catchme;catchme; \??\E:\DOCUME~1\florent\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568] S3 IvtBtBUs;IVT Bluetooth Bus Service; E:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248] S3 MS1000;MS1000; E:\WINDOWS\System32\DRIVERS\MS1000.sys [2009-04-22 5376] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; E:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; E:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\E:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\E:\WINDOWS\system32\PCANDIS5.SYS [] S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); E:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; E:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; E:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); E:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; E:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; E:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704] S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 VClone;VClone; E:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184] S3 VComm;Virtual Serial port driver; E:\WINDOWS\system32\DRIVERS\VComm.sys [] S3 VcommMgr;Bluetooth VComm Manager Service; E:\WINDOWS\System32\Drivers\VcommMgr.sys [] S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; E:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 cmdAgent;COMODO Firewall Pro Helper Service; E:\Program Files\COMODO\Firewall\cmdagent.exe [2005-11-04 519936] R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-01-11 152984] R2 MDM;Machine Debug Manager; E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208] R2 NOD32krn;NOD32 Kernel Service; E:\Program Files\Eset\nod32krn.exe [2008-12-08 552064] R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; E:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] R2 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S3 aspnet_state;Service d'état ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 NBService;NBService; E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040] S3 NMIndexingService;NMIndexingService; E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752] S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PSEXESVC;PsExec; E:\WINDOWS\PSEXESVC.EXE [] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF-----------------
  18. flowstylz
    ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\Documents and Settings\florent\Bureau\Love.exe moved successfully. C:\Documents and Settings\Love.exe moved successfully. C:\Love.exe moved successfully. E:\Documents and Settings\florent\Bureau\Crack\Love.exe moved successfully. E:\Love.exe moved successfully. E:\WINDOWS\system32\Love.exe moved successfully. ========== COMMANDS ========== Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04222009_220232 love.exe s'est mis dans le fichier maintenant E:\_OTMoveIt\MovedFiles\
  19. flowstylz
    je ne trouve plus amounmain.exe bizarrement je sais pas si je l'ai vire avc hijackthis en faisant fix checked taleur je pense pourtant il se trouve dans les processus encore! jcomprends pas?! lol
  20. flowstylz
    en fait dans le fichier crack il n'y avait rien jusque là c'est à chaque fois que je vais dans un dossier il apparait dans celui ci! je l'avais passé à virustotal pour être que c'était un trojan je le repasse pour te montrer et concernant nod32 il ne m'a rien trouvé c'est pour ça que j'ai fait une analyse bitdefender en ligne! Fichier Love.exe reçu le 2009.04.22 21:06:54 (CET) Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.22 Gen.Trojan!IK AhnLab-V3 5.0.0.2 2009.04.22 - AntiVir 7.9.0.148 2009.04.22 TR/Agent.adsyb Antiy-AVL 2.0.3.1 2009.04.22 Trojan/Win32.Regrun Authentium 5.1.2.4 2009.04.22 - Avast 4.8.1335.0 2009.04.22 Win32:Trojan-gen {Other} AVG 8.5.0.287 2009.04.22 - BitDefender 7.2 2009.04.22 Gen:Trojan.Heur.2011EECBCB CAT-QuickHeal 10.00 2009.04.22 - ClamAV 0.94.1 2009.04.22 - Comodo 1127 2009.04.22 - DrWeb 4.44.0.09170 2009.04.22 - eSafe 7.0.17.0 2009.04.21 - eTrust-Vet 31.6.6440 2009.04.20 - F-Prot 4.4.4.56 2009.04.22 - F-Secure 8.0.14470.0 2009.04.22 - Fortinet 3.117.0.0 2009.04.22 - GData 19 2009.04.22 Gen:Trojan.Heur.2011EECBCB Ikarus T3.1.1.49.0 2009.04.22 Gen.Trojan K7AntiVirus 7.10.710 2009.04.21 - Kaspersky 7.0.0.125 2009.04.22 - McAfee 5592 2009.04.22 - McAfee+Artemis 5592 2009.04.22 Generic!Artemis McAfee-GW-Edition 6.7.6 2009.04.22 Trojan.Agent.adsyb Microsoft 1.4602 2009.04.22 - NOD32 4028 2009.04.22 - Norman 6.00.06 2009.04.22 - nProtect 2009.1.8.0 2009.04.22 Trojan/W32.Regrun.45237 Panda 10.0.0.14 2009.04.22 - PCTools 4.4.2.0 2009.04.21 - Prevx1 V2 2009.04.22 - Rising 21.26.24.00 2009.04.22 - Sophos 4.40.0 2009.04.22 - Sunbelt 3.2.1858.2 2009.04.22 - Symantec 1.4.4.12 2009.04.22 - TheHacker 6.3.4.0.312 2009.04.22 Trojan/Regrun.bet TrendMicro 8.700.0.1004 2009.04.22 - VBA32 3.12.10.2 2009.04.21 - ViRobot 2009.4.22.1704 2009.04.22 - VirusBuster 4.6.5.0 2009.04.22 - Information additionnelle File size: 45161 bytes MD5...: f6d988401a5f76a37b5e6f27cb2be5bb SHA1..: d39cd3b6016242fc2cd896a0a23f1f010bbdc108 SHA256: 0db973c6326fb4a816388190ba5ea0f56ec2d6465520c90c386e6934d3a484de SHA512: 93953f5125a43f3b363f682dd93c82c080817a9f95539058737a2b315ebc4470<br>d2803dddeea0cc6d04032526c869be87af74783394554bdb59f417bf9f679073 ssdeep: 768:4lzgs65RU4T09ioZsuVN1i3/TPH+Hqhz/HI:4lz7RL9iQNMHI<br> PEiD..: - TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x1184<br>timedatestamp.....: 0x49e37878 (Mon Apr 13 17:38:00 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x8788 0x9000 4.99 0ba81e3c482fe25aac16a9dceb24ea20<br>.data 0xa000 0xf34 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rsrc 0xb000 0x670 0x1000 1.49 47ecaa000f52263961f1b6c706269a1f<br><br>( 1 imports ) <br>> MSVBVM60.DLL: -, MethCallEngine, -, -, -, -, -, -, -, -, -, -, -, EVENT_SINK_AddRef, -, DllFunctionCall, EVENT_SINK_Release, EVENT_SINK_QueryInterface, __vbaExceptHandler, -, -, -, -, -, -, ProcCallEngine, -, -, -, -, -, -, -, -, -, -, -, -<br><br>( 0 exports ) <br> PDFiD.: - RDS...: NSRL Reference Data Set<br>- Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.101 2009.04.22 Gen.Trojan!IK AhnLab-V3 5.0.0.2 2009.04.22 - AntiVir 7.9.0.148 2009.04.22 TR/Agent.adsyb Antiy-AVL 2.0.3.1 2009.04.22 Trojan/Win32.Regrun Authentium 5.1.2.4 2009.04.22 - Avast 4.8.1335.0 2009.04.22 Win32:Trojan-gen {Other} AVG 8.5.0.287 2009.04.22 - BitDefender 7.2 2009.04.22 Gen:Trojan.Heur.2011EECBCB CAT-QuickHeal 10.00 2009.04.22 - ClamAV 0.94.1 2009.04.22 - Comodo 1127 2009.04.22 - DrWeb 4.44.0.09170 2009.04.22 - eSafe 7.0.17.0 2009.04.21 - eTrust-Vet 31.6.6440 2009.04.20 - F-Prot 4.4.4.56 2009.04.22 - F-Secure 8.0.14470.0 2009.04.22 - Fortinet 3.117.0.0 2009.04.22 - GData 19 2009.04.22 Gen:Trojan.Heur.2011EECBCB Ikarus T3.1.1.49.0 2009.04.22 Gen.Trojan K7AntiVirus 7.10.710 2009.04.21 - Kaspersky 7.0.0.125 2009.04.22 - McAfee 5592 2009.04.22 - McAfee+Artemis 5592 2009.04.22 Generic!Artemis McAfee-GW-Edition 6.7.6 2009.04.22 Trojan.Agent.adsyb Microsoft 1.4602 2009.04.22 - NOD32 4028 2009.04.22 - Norman 6.00.06 2009.04.22 - nProtect 2009.1.8.0 2009.04.22 Trojan/W32.Regrun.45237 Panda 10.0.0.14 2009.04.22 - PCTools 4.4.2.0 2009.04.21 - Prevx1 V2 2009.04.22 - Rising 21.26.24.00 2009.04.22 - Sophos 4.40.0 2009.04.22 - Sunbelt 3.2.1858.2 2009.04.22 - Symantec 1.4.4.12 2009.04.22 - TheHacker 6.3.4.0.312 2009.04.22 Trojan/Regrun.bet TrendMicro 8.700.0.1004 2009.04.22 - VBA32 3.12.10.2 2009.04.21 - ViRobot 2009.4.22.1704 2009.04.22 - VirusBuster 4.6.5.0 2009.04.22 - Information additionnelle File size: 45161 bytes MD5...: f6d988401a5f76a37b5e6f27cb2be5bb SHA1..: d39cd3b6016242fc2cd896a0a23f1f010bbdc108 SHA256: 0db973c6326fb4a816388190ba5ea0f56ec2d6465520c90c386e6934d3a484de SHA512: 93953f5125a43f3b363f682dd93c82c080817a9f95539058737a2b315ebc4470<br>d2803dddeea0cc6d04032526c869be87af74783394554bdb59f417bf9f679073 ssdeep: 768:4lzgs65RU4T09ioZsuVN1i3/TPH+Hqhz/HI:4lz7RL9iQNMHI<br> PEiD..: - TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x1184<br>timedatestamp.....: 0x49e37878 (Mon Apr 13 17:38:00 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x8788 0x9000 4.99 0ba81e3c482fe25aac16a9dceb24ea20<br>.data 0xa000 0xf34 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rsrc 0xb000 0x670 0x1000 1.49 47ecaa000f52263961f1b6c706269a1f<br><br>( 1 imports ) <br>> MSVBVM60.DLL: -, MethCallEngine, -, -, -, -, -, -, -, -, -, -, -, EVENT_SINK_AddRef, -, DllFunctionCall, EVENT_SINK_Release, EVENT_SINK_QueryInterface, __vbaExceptHandler, -, -, -, -, -, -, ProcCallEngine, -, -, -, -, -, -, -, -, -, -, -, -<br><br>( 0 exports ) <br> PDFiD.: - RDS...: NSRL Reference Data Set<br>- merci pour ton aide!
  21. flowstylz
    bonsoir j'ai un probléme de trojan rien ne me le détecte ni malwarebytes ni nod32 j'ai donc effectué un scan en ligne avc bitdefender qui m'a détecter des fichiers! voici mon rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:32:54, on 2009-04-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.exe E:\WINDOWS\system32\netdde.exe E:\WINDOWS\system32\Amoumain.exe E:\Program Files\COMODO\Firewall\cfp.exe E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\Eset\nod32kui.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\Free Download Manager\fdm.exe E:\Program Files\COMODO\Firewall\cmdagent.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\IoctlSvc.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\dmadmin.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\Windows Live\Contacts\wlcomm.exe E:\Documents and Settings\florent\Bureau\HijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Free Download Manager] "E:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://E:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - E:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsExec (PSEXESVC) - Unknown owner - E:\WINDOWS\PSEXESVC.EXE (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe -- End of file - 7306 bytes voici le rapport bitdefender C:\Documents and Settings\florent\Bureau\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB C:\Documents and Settings\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB C:\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\Documents and Settings\florent\Bureau\Crack\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\WINDOWS\system32\Amoumain.exe Infecté par: Gen:Trojan.Heur.2011EECBCB E:\WINDOWS\system32\Love.exe Infecté par: Gen:Trojan.Heur.2011EECBCB sachant qu'il y'en avait dans les fichiers restore j'ai donc désactivé la resto du systéme! merci de votre aide
  22. flowstylz
    ça y'est j'ai fait ce que tu m'a demandé merci pour tes conseils
  23. flowstylz
    bonjour je vous explique la situation! j'aimerais optimiser mon pc de façon à ce qu'il soit un peu plus rapide et performant! il n'est pas lent c'est pas ce que je dit mais je veux l'optimiser un max! - sachant que j'ai suvi le tutoriel speedweb pour désactiver les services inutiles windows! - j'ai commencer aussi à faire un peu de tri avec hijackthis - j'ai supprimer des applications au démarrage avec msconfig - nettoyage des fichiers temporaires et fichier inutiles avec easycleaner et ccleaner - j'ai également alléger le démarrage d'XP en allant dans le registre: - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction valeur Enable --> Remplacez la valeur Y par N alors je voudrais votre avis concernant mon rapport hijackthis si je peux encore virer des trucs Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:59, on 2009-01-18 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\netdde.exe E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe E:\Program Files\COMODO\Firewall\cmdagent.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\COMODO\Firewall\cfp.exe E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\Eset\nod32kui.exe E:\Program Files\Java\jre6\bin\jusched.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\IoctlSvc.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\dmadmin.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\MSN Messenger\msnmsgr.exe E:\Program Files\MSN Messenger\usnsvc.exe E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Documents and Settings\florent\Bureau\HijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKUS\S-1-5-18\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe -- End of file - 7062 bytes et si vous avez d'autres conseils concernant l'optimisation ça ne peut être que le bienvenue merci d'avance!!
  24. flowstylz
    non plus de probléme particulier! merci pour tes conseils d'optimisation ça marche super maintenant
  25. flowstylz
    voici mon rapport MBAM Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1637 Windows 5.1.2600 Service Pack 3 2009-01-11 12:27:34 mbam-log-2009-01-11 (12-27-34).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 183682 Temps écoulé: 1 hour(s), 13 minute(s), 3 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Et voici mon hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:55, on 2009-01-11 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe E:\Program Files\COMODO\Firewall\cmdagent.exe E:\Program Files\Java\jre6\bin\jqs.exe E:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe E:\Program Files\Eset\nod32krn.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\IoctlSvc.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.EXE E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\Program Files\COMODO\Firewall\cfp.exe E:\WINDOWS\system32\LVCOMSX.EXE E:\Program Files\Eset\nod32kui.exe E:\Program Files\Java\jre6\bin\jusched.exe E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\MSN Messenger\msnmsgr.exe E:\Program Files\MSN Messenger\usnsvc.exe E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Documents and Settings\florent\Bureau\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Free Download Manager] E:\Program Files\Free Download Manager\fdm.exe -autorun (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = E:\Documents and Settings\florent\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program Files\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{428C57B4-15BD-4570-B36A-E56FF8477C09}: NameServer = 80.10.246.2,80.10.246.129 O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - E:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe -- End of file - 8267 bytes merci de ton aide c'est cool
×
×
  • Créer...