Aller au contenu

max2610

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    64

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par max2610

  1. max2610
    ha oui dsl
  2. max2610
    dac on fait quoi maintenant
  3. max2610
    norton il été deja installé mais je crois que je les déjà désinstallé
  4. max2610
    elle ne veut pas partir j'ai essayer 3 fois :s
  5. max2610
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:12:29, on 17/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\Toshiba.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\pspvideo9\pspVideo9.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE C:\Program Files\Uniblue\LocalCooling\localcooling2.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/maxime cottin/Local Settings/Application Data/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ie_48481682.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Videoraptor_WebRipPlugin Class - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files\RapidSolution\Videoraptor\VR_WebRipIePlugin.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Download Video - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra 'Tools' menuitem: Download Video on This Page - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - Winlogon Notify: byxuuvv - byxuuvv.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 15014 bytes
  6. max2610
    non sa va déjà mieux pour ma ligne c'est bon je les trouver
  7. max2610
    et maintenant??
  8. max2610
    a si c'est bon
  9. max2610
    voila mes celui la :O20 - Winlogon Notify: byxuuvv - byxuuvv.dll (file missing) n'est pas dans la liste
  10. max2610
    SDFix: Version 1.216 Run by Administrateur on 17/08/2008 at 16:26 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Default Desktop Wallpaper Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\lphc1h5j0er2n.exe - Deleted C:\WINDOWS\system32\pphc1h5j0er2n.exe - Deleted C:\WINDOWS\SYSTEM32\PPHC1H~1.EXE - Deleted C:\WINDOWS\SYSTEM32\PHC1H5~1.BMP - Deleted C:\X.DAT - Deleted C:\Temp\1cb\syscheck.log - Deleted C:\Temp\sanR24\lDii.log - Deleted C:\n.bat - Deleted C:\WINDOWS\system32\a.exe - Deleted C:\x.dat - Deleted C:\z.dat - Deleted C:\WINDOWS\system32\pac.txt - Deleted C:\WINDOWS\system32\real.txt - Deleted x.dat and z.dat data copied to \SDFix\Data.txt Folder C:\Program Files\rhc5h5j0er2n - Removed Folder C:\Temp\1cb - Removed Folder C:\Temp\sanR24 - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-17 16:35:23 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwClose scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMuleMorphXT" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" "C:\\Program Files\\Controle Parental\\bin\\optproxy.exe"="C:\\Program Files\\Controle Parental\\bin\\optproxy.exe:*:Disabled:Contr“le Parental" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\Documents and Settings\\maxime cottin\\Mes documents\\metin\\metin2.bin"="C:\\Documents and Settings\\maxime cottin\\Mes documents\\metin\\metin2.bin:*:Enabled:metin2" "C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Disabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic" "C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon" "C:\\Program Files\\Piolet\\Piolet.exe"="C:\\Program Files\\Piolet\\Piolet.exe:*:Enabled:Piolet" "C:\\Program Files\\SHARE 1.0 EX2\\Share.exe"="C:\\Program Files\\SHARE 1.0 EX2\\Share.exe:*:Enabled:Share" "C:\\Program Files\\JYK Technologies\\PeerFolders\\PeerFolders.exe"="C:\\Program Files\\JYK Technologies\\PeerFolders\\PeerFolders.exe:*:Enabled:PeerFolders" "C:\\Program Files\\Wormux\\wormux.exe"="C:\\Program Files\\Wormux\\wormux.exe:*:Enabled:Wormux is a convivial mass murder game." "C:\\Program Files\\RapidSolution\\Videoraptor\\VideoRaptor.exe"="C:\\Program Files\\RapidSolution\\Videoraptor\\VideoRaptor.exe:*:Disabled:Videoraptor" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Free Music Zilla\\FMZilla.exe"="C:\\Program Files\\Free Music Zilla\\FMZilla.exe:*:Enabled:FMZilla Module" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Sun 16 Mar 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Wed 30 Jul 2008 173 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti2EE.tmp" Mon 9 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP100\A0102834.sys" Mon 9 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP100\A0102860.sys" Tue 10 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP100\A0103863.sys" Tue 10 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP102\A0103927.sys" Wed 11 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP102\A0104930.sys" Wed 11 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP102\A0105930.sys" Thu 12 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP103\A0106052.sys" Thu 12 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP103\A0107038.sys" Thu 12 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP103\A0107071.sys" Fri 13 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP103\A0107159.sys" Sat 14 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP103\A0107194.sys" Sat 14 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP104\A0107302.sys" Sun 15 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0107901.sys" Sun 15 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0107935.sys" Mon 16 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0108938.sys" Mon 16 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0108963.sys" Tue 17 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0108987.sys" Tue 17 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0109987.sys" Tue 17 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0110004.sys" Wed 18 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0110016.sys" Wed 18 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP105\A0110032.sys" Wed 18 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP106\A0111033.sys" Thu 19 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP106\A0114032.sys" Mon 21 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP106\A0114041.sys" Wed 23 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP107\A0114115.sys" Thu 24 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP107\A0114155.sys" Thu 24 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP110\A0114303.sys" Fri 25 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP110\A0114334.sys" Fri 25 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP110\A0115334.sys" Fri 25 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP111\A0115474.sys" Sat 26 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP111\A0116477.sys" Sat 26 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP111\A0116494.sys" Wed 30 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP112\A0117494.sys" Wed 30 Jul 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP113\A0117522.sys" Sat 2 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP116\A0118526.sys" Sat 2 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP116\A0118555.sys" Sun 3 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP117\A0119555.sys" Mon 4 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP117\A0119595.sys" Tue 5 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP117\A0119619.sys" Tue 5 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP117\A0119634.sys" Tue 5 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP117\A0119646.sys" Wed 6 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP118\A0119703.sys" Sat 9 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP119\A0119993.sys" Sun 10 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP119\A0120034.sys" Mon 11 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP120\A0120122.sys" Tue 12 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP120\A0120179.sys" Tue 12 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP120\A0120210.sys" Wed 13 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP120\A0121211.sys" Wed 13 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP120\A0121225.sys" Wed 13 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP121\A0121297.sys" Thu 14 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP121\A0122297.sys" Thu 14 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0122456.sys" Fri 15 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0122479.sys" Fri 15 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0122550.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0123550.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0124550.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0125550.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP122\A0125566.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125600.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125619.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125634.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125645.sys" Sat 16 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125658.sys" Sun 17 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125668.sys" Sun 17 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP123\A0125688.sys" Sun 17 Aug 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP124\A0125718.sys" Mon 19 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP93\A0093672.sys" Tue 20 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP93\A0093685.sys" Tue 20 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP93\A0093698.sys" Tue 20 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0093724.sys" Wed 21 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0093735.sys" Wed 21 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0094738.sys" Wed 21 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0094768.sys" Thu 22 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0094786.sys" Thu 22 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0094807.sys" Fri 23 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0095807.sys" Fri 23 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0095835.sys" Sat 24 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0095861.sys" Sun 25 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0096865.sys" Sun 25 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0096916.sys" Mon 26 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0096926.sys" Mon 26 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0096938.sys" Mon 26 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP94\A0097109.sys" Tue 27 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP95\A0097137.sys" Wed 28 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP95\A0099137.sys" Wed 28 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP95\A0099160.sys" Thu 29 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099179.sys" Thu 29 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099206.sys" Fri 30 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099249.sys" Sat 31 May 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099297.sys" Sun 1 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099340.sys" Mon 2 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099355.sys" Mon 2 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0099368.sys" Mon 2 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0100371.sys" Mon 2 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0100409.sys" Tue 3 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP96\A0101409.sys" Tue 3 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP97\A0101451.sys" Wed 4 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP97\A0101486.sys" Thu 5 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP98\A0101521.sys" Fri 6 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP98\A0101558.sys" Fri 6 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP99\A0101606.sys" Sat 7 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP99\A0101641.sys" Sat 7 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP99\A0101759.sys" Sun 8 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP99\A0102759.sys" Sun 8 Jun 2008 84 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP99\A0102807.sys" Sun 16 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Sun 17 Aug 2008 84 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys" Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT19.tmp" Sat 16 Aug 2008 524,288 A..H. --- "C:\Documents and Settings\maxime cottin\Local Settings\Temp\axcrypt\axx489.tmp" Finished! le raport de SDfix Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:51:34, on 17/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\Toshiba.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\pspvideo9\pspVideo9.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE C:\Program Files\Uniblue\LocalCooling\localcooling2.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/maxime cottin/Local Settings/Application Data/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ie_48481682.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Videoraptor_WebRipPlugin Class - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files\RapidSolution\Videoraptor\VR_WebRipIePlugin.dll O2 - BHO: (no name) - {40FDED66-1A61-4590-97B7-D596CF01AE1E} - (no file) O2 - BHO: (no name) - {4C30E05D-4A6A-4A8A-9EC9-9671E71AAA0D} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {5DB6DA0B-1863-4219-83C3-9CC5E2C3644A} - (no file) O2 - BHO: (no name) - {63DFE523-84E7-4747-B340-EF87B738C761} - (no file) O2 - BHO: (no name) - {672947BB-04F3-4CC6-80DA-61ADB58AF076} - (no file) O2 - BHO: (no name) - {6C915BBB-2834-4197-BA35-4BED7616B552} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {9714A10A-FBC6-4427-BA95-8409A403D1EF} - (no file) O2 - BHO: (no name) - {A139D0C7-15D1-4E93-A5AB-6205A3861AF5} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O2 - BHO: (no name) - {BE498D20-8C9B-4807-9A96-4B82CCDCD447} - (no file) O2 - BHO: (no name) - {CDEF4C29-E984-4288-B986-DAAF0D0BEEFB} - (no file) O2 - BHO: (no name) - {DED850BF-D100-49B5-BE85-A2C67C9EA7D2} - (no file) O2 - BHO: (no name) - {EA8251CA-E9BD-4DC4-9E4E-7E185407E247} - (no file) O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Download Video - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra 'Tools' menuitem: Download Video on This Page - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - Winlogon Notify: byxuuvv - byxuuvv.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 15976 bytes rapport hijackthis
  11. max2610
    vous voulez le raport de SDfix???
  12. max2610
    voila c'est fait et maintenant??
  13. max2610
    merci
  14. max2610
    MERCI mais mon principal probleme est 1 virus qui reaparait a chaque démarage de mon pc "malware-gen sera t'i suprimer par l'operation que vous m'avez dit de fair??
  15. max2610
    bonjour a tous, depuis deux jours j'ai attrapé 1 malware-gen que je supprime mais qui revient a chaque démarrage de mon PC on ma dit de prendre hijackthis donc j'ai fait 1 scan avec ce dernier mais je ne sais pas quoi supprimer Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:06:44, on 17/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Synaptics\SynTP\Toshiba.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\pspvideo9\pspVideo9.exe C:\WINDOWS\system32\lphc1h5j0er2n.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\Uniblue\LocalCooling\localcooling2.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\maxime cottin\Bureau\HiJackThis.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/maxime cottin/Local Settings/Application Data/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ie_48481682.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Videoraptor_WebRipPlugin Class - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files\RapidSolution\Videoraptor\VR_WebRipIePlugin.dll O2 - BHO: (no name) - {40FDED66-1A61-4590-97B7-D596CF01AE1E} - (no file) O2 - BHO: (no name) - {4C30E05D-4A6A-4A8A-9EC9-9671E71AAA0D} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {5DB6DA0B-1863-4219-83C3-9CC5E2C3644A} - (no file) O2 - BHO: (no name) - {63DFE523-84E7-4747-B340-EF87B738C761} - (no file) O2 - BHO: (no name) - {672947BB-04F3-4CC6-80DA-61ADB58AF076} - (no file) O2 - BHO: (no name) - {6C915BBB-2834-4197-BA35-4BED7616B552} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {9714A10A-FBC6-4427-BA95-8409A403D1EF} - (no file) O2 - BHO: (no name) - {A139D0C7-15D1-4E93-A5AB-6205A3861AF5} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O2 - BHO: (no name) - {BE498D20-8C9B-4807-9A96-4B82CCDCD447} - (no file) O2 - BHO: (no name) - {CDEF4C29-E984-4288-B986-DAAF0D0BEEFB} - (no file) O2 - BHO: (no name) - {DED850BF-D100-49B5-BE85-A2C67C9EA7D2} - (no file) O2 - BHO: (no name) - {EA8251CA-E9BD-4DC4-9E4E-7E185407E247} - (no file) O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t O4 - HKLM\..\Run: [lphc1h5j0er2n] C:\WINDOWS\system32\lphc1h5j0er2n.exe O4 - HKLM\..\Run: [sMrhc5h5j0er2n] C:\Program Files\rhc5h5j0er2n\rhc5h5j0er2n.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: LocalCooling.lnk = C:\Program Files\Uniblue\LocalCooling\localcooling2.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htm O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Download Video - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra 'Tools' menuitem: Download Video on This Page - {B53C7980-9F20-48BB-8FC3-5A1CC9660C48} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - Winlogon Notify: byxuuvv - byxuuvv.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 15629 bytes pouvez vous me dire quoi supprimer ou faire pour enlever tout mes virus merci
×
×
  • Créer...