Aller au contenu

Kazuma

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Kazuma

  1. Kazuma
    Vla le rapprot combofix ComboFix 08-08-26.03 - Administrateur 2008-08-28 15:29:58.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.219 [GMT 2:00] Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrateur\Application Data\addon.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AUTO_HOTKEY_POLLER ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-28 to 2008-08-28 )))))))))))))))))))))))))))))))))))) . 2008-08-28 14:44 . 2008-08-28 14:44 <REP> d-------- C:\Program Files\Trend Micro 2008-08-28 13:52 . 2008-08-28 14:29 <REP> d-------- C:\Program Files\Spyware Terminator 2008-08-28 13:52 . 2008-08-28 13:52 <REP> d-------- C:\Program Files\Crawler 2008-08-28 13:52 . 2008-08-28 14:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-08-28 13:52 . 2008-08-28 15:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Spyware Terminator 2008-08-28 13:52 . 2008-08-28 13:52 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-08-28 13:33 . 2008-08-28 13:33 <REP> d-------- C:\Program Files\Yahoo! 2008-08-28 13:32 . 2008-08-28 13:33 <REP> d-------- C:\Program Files\CCleaner 2008-08-26 01:22 . 2008-08-26 01:22 230 --a------ C:\WINDOWS\system32\spupdsvc.inf 2008-08-26 00:15 . 2008-08-26 00:21 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-08-26 00:15 . 2008-08-26 00:15 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-08-26 00:14 . 2008-08-26 00:14 <REP> d-------- C:\Program Files\Kaspersky Lab 2008-08-26 00:14 . 2008-08-28 15:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-08-26 00:14 . 2008-08-28 15:31 4,906,528 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-08-26 00:14 . 2008-08-28 15:31 434,208 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-08-26 00:14 . 2008-08-28 15:31 41,508 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-08-26 00:14 . 2008-08-28 15:31 4,660 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-08-26 00:13 . 2008-08-26 00:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-08-25 18:51 . 2008-08-25 18:51 173 --a------ C:\WINDOWS\RtlRack.ini 2008-08-24 23:17 . 2008-04-13 20:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-08-24 23:17 . 2008-04-13 20:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-08-24 22:24 . 2008-08-24 23:14 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Image Zone Express 2008-08-24 22:23 . 2008-08-24 22:23 <REP> d-------- C:\Program Files\Fichiers communs\HP 2008-08-24 22:23 . 2008-08-24 22:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP 2008-08-24 22:22 . 2008-08-24 22:22 <REP> d-------- C:\Program Files\Hewlett-Packard 2008-08-24 22:19 . 2008-08-24 22:23 <REP> d-------- C:\Program Files\HP 2008-08-24 22:14 . 2008-08-24 22:23 91,828 --a------ C:\WINDOWS\hpiins01.dat 2008-08-24 22:14 . 2005-11-23 01:51 0 --------- C:\WINDOWS\hpimdl01.dat 2008-08-23 15:06 . 2008-08-25 10:26 318 --a------ C:\WINDOWS\wpe_0delay.INI 2008-08-23 12:07 . 2008-06-23 18:28 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-08-23 12:07 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-08-23 12:07 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-08-23 12:07 . 2008-06-23 18:28 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-08-23 12:07 . 2008-06-23 18:28 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-08-23 12:07 . 2008-06-23 18:28 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-08-23 12:07 . 2008-06-23 18:28 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-08-23 12:07 . 2008-06-23 18:28 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-08-23 12:07 . 2008-06-23 11:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-08-23 11:38 . 2008-08-26 01:23 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-08-23 11:38 . 2008-08-23 11:38 <REP> d-------- C:\WINDOWS\system32\fr 2008-08-23 11:38 . 2008-08-23 11:38 <REP> d-------- C:\WINDOWS\system32\bits 2008-08-23 11:38 . 2008-08-23 11:38 <REP> d-------- C:\WINDOWS\l2schemas 2008-08-23 11:35 . 2008-08-23 11:39 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-08-18 17:35 . 2008-08-18 17:40 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-18 03:41 . 2008-08-26 00:23 <REP> d--h----- C:\WINDOWS\system32\NewServer 2008-08-17 23:01 . 2008-08-17 23:01 <REP> d-------- C:\Program Files\Alwil Software 2008-08-17 23:01 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-08-17 23:01 . 2003-03-18 21:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2008-08-17 23:01 . 2003-02-21 05:42 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2008-08-17 15:14 . 2004-08-04 00:38 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-08-17 14:22 . 2008-08-18 20:28 <REP> d-------- C:\Program Files\Valve 2008-08-17 13:31 . 2008-06-14 19:33 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-08-17 13:31 . 2008-06-14 19:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-08-17 13:30 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-08-17 13:28 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-17 13:21 . 2008-08-23 12:09 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-08-17 13:21 . 2007-08-10 08:18 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-08-17 13:00 . 2008-08-28 15:33 <REP> d-------- C:\Program Files\DNA 2008-08-17 13:00 . 2008-08-17 13:00 <REP> d-------- C:\Program Files\BitTorrent 2008-08-17 13:00 . 2008-08-28 15:33 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DNA 2008-08-17 13:00 . 2008-08-17 13:21 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\BitTorrent 2008-08-16 23:32 . 2008-08-16 23:32 <REP> d--h----- C:\WINDOWS\PIF 2008-08-15 19:23 . 2008-08-15 19:23 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData 2008-08-15 19:23 . 2008-08-15 19:23 268 --ah----- C:\sqmdata04.sqm 2008-08-15 19:23 . 2008-08-15 19:23 244 --ah----- C:\sqmnoopt04.sqm 2008-08-15 12:21 . 2008-08-15 12:21 33,280 --a------ C:\WINDOWS\system32\winvex32.dll.ren 2008-08-15 12:11 . 2008-08-15 12:19 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts 2008-08-15 11:09 . 2008-08-15 11:09 21,275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2008-08-15 11:09 . 2008-08-15 11:09 268 --ah----- C:\sqmdata03.sqm 2008-08-15 11:09 . 2008-08-15 11:09 244 --ah----- C:\sqmnoopt03.sqm 2008-08-15 11:08 . 2006-05-04 19:02 380,928 --a------ C:\WINDOWS\system32\drivers\rt61.sys 2008-08-15 11:08 . 2005-12-15 10:38 315,392 --a------ C:\WINDOWS\system32\AegisI5.exe 2008-08-15 11:08 . 2006-05-15 16:25 295,028 --a------ C:\WINDOWS\system32\Install6x.dll 2008-08-15 11:08 . 2006-04-06 13:15 8,192 --a------ C:\WINDOWS\system32\drivers\RT2661.bin 2008-08-15 11:08 . 2006-04-06 13:15 8,192 --a------ C:\WINDOWS\system32\drivers\RT2561s.bin 2008-08-15 11:08 . 2006-04-06 13:15 8,192 --a------ C:\WINDOWS\system32\drivers\RT2561.bin 2008-08-15 11:08 . 2006-03-10 15:33 78 --a------ C:\WINDOWS\filespec6x 2008-08-15 11:07 . 2008-08-15 11:07 <REP> d-------- C:\Program Files\RALINK 2008-08-15 07:52 . 2008-08-15 07:52 268 --ah----- C:\sqmdata02.sqm 2008-08-15 07:52 . 2008-08-15 07:52 244 --ah----- C:\sqmnoopt02.sqm 2008-08-15 07:52 . 2008-08-15 07:52 0 --a------ C:\WINDOWS\nsreg.dat 2008-08-15 05:03 . 2008-08-15 05:03 <REP> d-------- C:\Program Files\VideoLAN 2008-08-15 05:03 . 2008-08-15 05:03 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\vlc 2008-08-15 05:00 . 2008-08-15 11:09 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-08-15 05:00 . 2008-08-23 11:51 <REP> d-------- C:\Program Files\MSN Messenger 2008-07-29 20:21 . 2008-07-29 20:21 218,376 --a------ C:\WINDOWS\system32\klogon.dll 2008-07-29 20:20 . 2008-07-29 20:20 24,774 --a------ C:\WINDOWS\system32\drivers\klopp.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-15 09:07 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-15 04:27 --------- d-----w C:\Program Files\S3 2008-08-15 04:15 --------- d-----w C:\Program Files\VIA 2008-08-15 04:12 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-08-15 04:07 --------- d-----w C:\Program Files\Realtek Sound Manager 2008-08-15 04:07 --------- d-----w C:\Program Files\Realtek AC97 2008-08-15 04:07 --------- d-----w C:\Program Files\AvRack 2008-08-15 02:52 --------- d-----w C:\Program Files\microsoft frontpage 2008-08-15 02:50 --------- d-----w C:\Program Files\Services en ligne 2008-07-21 16:34 121,872 ----a-w C:\WINDOWS\system32\drivers\kl1.sys 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 15:10 670,208 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 04:34 1695232] "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-08-17 13:00 342336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-09-24 00:08 49152] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-28 13:52 1783808] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 20:20 206088] "SoundMan"="SOUNDMAN.EXE" [2006-08-02 23:12 577536 C:\WINDOWS\soundman.exe] "VTTimer"="VTTimer.exe" [2005-03-07 21:33 53248 C:\WINDOWS\system32\VTTimer.exe] "VTTrayp"="VTtrayp.exe" [2006-04-11 10:06 176128 C:\WINDOWS\system32\VTTrayp.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 04:33 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\WINDOWS\\system32\\winver.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "D:\\Malmsteen\\CS 1.6\\hl.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6121:TCP"= 6121:TCP:*:Disabled:char-server "5121:TCP"= 5121:TCP:*:Disabled:map-server "6900:TCP"= 6900:TCP:*:Disabled:login-server R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29] R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 05:38] R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-08-28 13:52] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 18:06] S3 itztehhack;itztehhack;C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\itztehhack.sys [] S3 npkycryp;npkycryp;D:\Malmsteen\Mastela RO\npkycryp.sys [] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 20:45] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 20:45] . - - - - ORPHANS REMOVED - - - - Notify-winvex32 - winvex32.dll . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\817uuoz2.default\ . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-28 15:33:41 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\verclsid.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-28 15:36:03 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-28 13:35:58 Pre-Run: 31,447,728,128 octets libres Post-Run: 31,402,807,296 octets libres 206 --- E O F --- 2008-08-24 10:23:33
  2. Kazuma
    J'ai toujours le même problème x)
  3. Kazuma
    J'ai ce problème environ un mois,pour les fichier endommagés depuis ce matin. Voiçi le contenue de Log.txt Logfile of random's system information tool (written by random/random) Run by Administrateur at 2008-09-02 22:07:14 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 29 GB (72%) free of 40 GB Total RAM: 446 MB (19% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:07:47, on 02/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\usnsvc.exe D:\Malmsteen\ValhollRO\RO\Valholl.exe C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Bureau\RSIT.exe C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Bureau\Administrateur.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [A-ToolBar] C:\Program Files\A-ToolBar\AToolBar.exe s O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- End of file - 5116 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-07-29 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}] FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248] "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2006-04-11 176128] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-09-24 49152] "A-ToolBar"=C:\Program Files\A-ToolBar\AToolBar.exe s [] "Flashget"=C:\Program Files\FlashGet\FlashGet.exe [2007-09-25 2007088] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-07-29 206088] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-07-29 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Disabled:winver" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Disabled:Half-Life Launcher" "D:\Malmsteen\CS 1.6\hl.exe"="D:\Malmsteen\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher" "C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" List of files/folders created in the last three months 2008-09-02 22:07:14 ----D---- C:\rsit 2008-09-02 15:13:25 ----D---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\Macromedia 2008-09-02 15:13:25 ----D---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\Adobe 2008-09-02 14:10:39 ----SHD---- C:\found.000 2008-09-02 12:48:50 ----D---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\Mozilla 2008-09-02 12:41:30 ----D---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\Identities 2008-09-02 12:41:30 ----A---- C:\WINDOWS\OEWABLog.txt 2008-09-02 12:41:15 ----ASH---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\desktop.ini 2008-09-02 12:41:11 ----SD---- C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Application Data\Microsoft 2008-08-31 19:37:27 ----D---- C:\Downloads 2008-08-31 19:35:37 ----D---- C:\Program Files\FlashGet 2008-08-29 00:12:18 ----D---- C:\WINDOWS\ERUNT 2008-08-29 00:07:49 ----A---- C:\WINDOWS\ntbtlog.txt 2008-08-29 00:06:12 ----D---- C:\SDFix 2008-08-28 21:47:30 ----A---- C:\TB.txt 2008-08-28 21:46:28 ----D---- C:\ToolBar SD 2008-08-28 16:23:55 ----D---- C:\Program Files\A-ToolBar 2008-08-28 16:17:20 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-08-28 15:49:59 ----SHD---- C:\RECYCLER 2008-08-28 15:36:12 ----D---- C:\WINDOWS\temp 2008-08-28 15:36:04 ----A---- C:\ComboFix.txt 2008-08-28 15:29:42 ----D---- C:\WINDOWS\erdnt 2008-08-28 15:29:09 ----D---- C:\QooBox 2008-08-28 15:29:08 ----A---- C:\WINDOWS\zip.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\VFind.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\swxcacls.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\swsc.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\swreg.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\sed.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\Nircmd.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\grep.exe 2008-08-28 15:29:08 ----A---- C:\WINDOWS\fdsv.exe 2008-08-28 14:44:36 ----D---- C:\Program Files\Trend Micro 2008-08-28 13:33:00 ----D---- C:\Program Files\Yahoo! 2008-08-26 14:13:55 ----D---- C:\WINDOWS\system32\appmgmt 2008-08-26 00:14:42 ----D---- C:\Program Files\Kaspersky Lab 2008-08-26 00:14:42 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-08-26 00:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-08-25 18:51:49 ----A---- C:\WINDOWS\RtlRack.ini 2008-08-24 22:23:35 ----D---- C:\Documents and Settings\All Users\Application Data\HP 2008-08-24 22:23:13 ----D---- C:\Program Files\Fichiers communs\HP 2008-08-24 22:22:33 ----D---- C:\Program Files\Hewlett-Packard 2008-08-24 22:19:06 ----D---- C:\Program Files\HP 2008-08-23 15:06:24 ----A---- C:\WINDOWS\wpe_0delay.INI 2008-08-23 12:07:51 ----D---- C:\WINDOWS\ie7updates 2008-08-23 12:06:23 ----D---- C:\WINDOWS\WBEM 2008-08-23 12:03:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-08-23 12:03:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-08-23 11:49:51 ----D---- C:\WINDOWS\Prefetch 2008-08-23 11:38:44 ----D---- C:\WINDOWS\system32\fr-fr 2008-08-23 11:38:43 ----D---- C:\WINDOWS\l2schemas 2008-08-23 11:38:42 ----D---- C:\WINDOWS\system32\fr 2008-08-23 11:38:42 ----D---- C:\WINDOWS\system32\bits 2008-08-23 11:35:37 ----D---- C:\WINDOWS\ServicePackFiles 2008-08-23 11:33:15 ----D---- C:\WINDOWS\network diagnostic 2008-08-23 11:28:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-08-23 11:24:22 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-08-22 21:23:20 ----A---- C:\WINDOWS\system32\MRT.exe 2008-08-18 17:35:40 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-18 03:50:33 ----D---- C:\WINDOWS\Minidump 2008-08-18 03:41:09 ----HD---- C:\WINDOWS\system32\NewServer 2008-08-17 23:01:55 ----A---- C:\WINDOWS\system32\MSVCR71.dll 2008-08-17 23:01:55 ----A---- C:\WINDOWS\system32\MSVCP71.dll 2008-08-17 23:01:55 ----A---- C:\WINDOWS\system32\MFC71.dll 2008-08-17 23:01:53 ----D---- C:\Program Files\Alwil Software 2008-08-17 14:22:28 ----D---- C:\Program Files\Valve 2008-08-17 13:21:42 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-08-17 13:21:42 ----D---- C:\WINDOWS\system32\PreInstall 2008-08-17 13:21:42 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-08-17 13:21:40 ----HD---- C:\WINDOWS\$hf_mig$ 2008-08-17 13:09:25 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-08-17 13:00:24 ----D---- C:\Program Files\DNA 2008-08-17 13:00:24 ----D---- C:\Program Files\BitTorrent 2008-08-16 23:32:35 ----HD---- C:\WINDOWS\PIF 2008-08-15 12:21:51 ----A---- C:\WINDOWS\system32\winvex32.dll.ren 2008-08-15 12:19:58 ----D---- C:\WINDOWS\RegisteredPackages 2008-08-15 11:08:39 ----A---- C:\WINDOWS\system32\Install6x.dll 2008-08-15 11:08:39 ----A---- C:\WINDOWS\system32\AegisI5.exe 2008-08-15 11:07:21 ----D---- C:\Program Files\RALINK 2008-08-15 06:42:55 ----A---- C:\WINDOWS\system32\h323log.txt 2008-08-15 06:38:22 ----A---- C:\WINDOWS\system32\usbui.dll 2008-08-15 06:37:07 ----SHD---- C:\WINDOWS\Installer 2008-08-15 06:37:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-08-15 06:37:06 ----D---- C:\Program Files\Fichiers communs\ODBC 2008-08-15 06:37:06 ----A---- C:\WINDOWS\ODBCINST.INI 2008-08-15 06:37:03 ----RD---- C:\Program Files 2008-08-15 06:37:03 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2008-08-15 06:37:03 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-08-15 06:37:03 ----D---- C:\Program Files\Fichiers communs 2008-08-15 06:37:00 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-08-15 06:37:00 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-08-15 06:37:00 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-08-15 06:36:58 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-08-15 06:36:57 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-08-15 06:36:56 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-08-15 06:36:56 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-08-15 06:36:56 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-08-15 06:36:56 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-08-15 06:36:55 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-08-15 06:36:54 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-08-15 06:36:52 ----A---- C:\WINDOWS\system32\irclass.dll 2008-08-15 06:36:52 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-08-15 06:36:52 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-08-15 06:36:51 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-08-15 06:36:51 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-08-15 06:36:50 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-08-15 06:36:50 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-08-15 06:36:50 ----A---- C:\WINDOWS\system32\batt.dll 2008-08-15 06:36:49 ----A---- C:\WINDOWS\notepad.exe 2008-08-15 06:36:48 ----A---- C:\WINDOWS\system32\storprop.dll 2008-08-15 06:36:39----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-08-15 06:36:35 ----RA---- C:\WINDOWS\SET8.tmp 2008-08-15 06:36:32 ----RA---- C:\WINDOWS\SET4.tmp 2008-08-15 06:36:31 ----RA---- C:\WINDOWS\SET3.tmp 2008-08-15 06:36:25 ----D---- C:\WINDOWS\system32\CatRoot2 2008-08-15 06:36:25 ----D---- C:\WINDOWS\system32\CatRoot 2008-08-15 06:36:19 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-08-15 06:35:57 ----D---- C:\Documents and Settings 2008-08-15 06:35:56 ----SHD---- C:\System Volume Information 2008-08-15 06:34:58 ----SH---- C:\boot.ini 2008-08-15 06:28:36 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-08-15 06:28:36 ----RSD---- C:\WINDOWS\Fonts 2008-08-15 06:28:36 ----RD---- C:\WINDOWS\Web 2008-08-15 06:28:36 ----HD---- C:\WINDOWS\inf 2008-08-15 06:28:36 ----D---- C:\WINDOWS\WinSxS 2008-08-15 06:28:36 ----D---- C:\WINDOWS\twain_32 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\wins 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\wbem 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\usmt 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\spool 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\ShellExt 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\Setup 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\ras 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\oobe 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\npp 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\mui 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\inetsrv 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\IME 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\icsxml 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\ias 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\export 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\drivers 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\dhcp 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\config 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\3com_dmi 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\3076 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\2052 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1054 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1042 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1041 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1037 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1036 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1033 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1031 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1028 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32\1025 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system32 2008-08-15 06:28:36 ----D---- C:\WINDOWS\system 2008-08-15 06:28:36 ----D---- C:\WINDOWS\security 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Resources 2008-08-15 06:28:36 ----D---- C:\WINDOWS\repair 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Provisioning 2008-08-15 06:28:36 ----D---- C:\WINDOWS\PeerNet 2008-08-15 06:28:36 ----D---- C:\WINDOWS\pchealth 2008-08-15 06:28:36 ----D---- C:\WINDOWS\mui 2008-08-15 06:28:36 ----D---- C:\WINDOWS\msapps 2008-08-15 06:28:36 ----D---- C:\WINDOWS\msagent 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Media 2008-08-15 06:28:36 ----D---- C:\WINDOWS\java 2008-08-15 06:28:36 ----D---- C:\WINDOWS\ime 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Help 2008-08-15 06:28:36 ----D---- C:\WINDOWS\ehome 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Driver Cache 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Debug 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Cursors 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Connection Wizard 2008-08-15 06:28:36 ----D---- C:\WINDOWS\Config 2008-08-15 06:28:36 ----D---- C:\WINDOWS\AppPatch 2008-08-15 06:28:36 ----D---- C:\WINDOWS\addins 2008-08-15 06:28:36 ----D---- C:\WINDOWS 2008-08-15 06:26:36 ----D---- C:\Program Files\S3 2008-08-15 06:14:30 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-08-15 06:13:10 ----D---- C:\Program Files\VIA 2008-08-15 06:08:12 ----R---- C:\WINDOWS\system32\ChCfg.exe 2008-08-15 06:07:39 ----R---- C:\WINDOWS\system32\RTLCPL.exe 2008-08-15 06:07:39 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll 2008-08-15 06:07:38 ----R---- C:\WINDOWS\soundman.exe 2008-08-15 06:07:36 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-08-15 06:07:29 ----D---- C:\Program Files\Realtek Sound Manager 2008-08-15 06:07:22 ----R---- C:\WINDOWS\avrack.ini 2008-08-15 06:07:22 ----D---- C:\Program Files\AvRack 2008-08-15 06:07:07 ----D---- C:\Program Files\Realtek AC97 2008-08-15 06:06:44 ----RA---- C:\WINDOWS\Alcrmv.exe 2008-08-15 06:06:44 ----R---- C:\WINDOWS\alcupd.exe 2008-08-15 06:06:43 ----HD---- C:\Program Files\InstallShield Installation Information 2008-08-15 06:06:11 ----D---- C:\Program Files\Fichiers communs\InstallShield 2008-08-15 05:03:22 ----D---- C:\Program Files\WinRAR 2008-08-15 05:03:05 ----D---- C:\Program Files\VideoLAN 2008-08-15 05:00:34 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-08-15 05:00:28 ----D---- C:\Program Files\MSN Messenger 2008-08-15 04:59:50 ----D---- C:\Program Files\Mozilla Firefox 2008-08-15 04:57:19 ----HD---- C:\Program Files\Uninstall Information 2008-08-15 04:57:03 ----D---- C:\WINDOWS\SoftwareDistribution 2008-08-15 04:57:00 ----SD---- C:\WINDOWS\system32\Microsoft 2008-08-15 04:57:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-08-15 04:52:54 ----D---- C:\WINDOWS\system32\xircom 2008-08-15 04:52:54 ----D---- C:\Program Files\xerox 2008-08-15 04:52:54 ----D---- C:\Program Files\microsoft frontpage 2008-08-15 04:52:31 ----A---- C:\WINDOWS\control.ini 2008-08-15 04:52:31 ----A---- C:\AUTOEXEC.BAT 2008-08-15 04:52:10 ----A---- C:\WINDOWS\system32\mapi32.dll 2008-08-15 04:51:03 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-08-15 04:51:03 ----RD---- C:\WINDOWS\Offline Web Pages 2008-08-15 04:51:03 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-15 04:50:55 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-08-15 04:50:50 ----HD---- C:\Program Files\WindowsUpdate 2008-08-15 04:50:45 ----D---- C:\Program Files\Services en ligne 2008-08-15 04:50:29 ----D---- C:\WINDOWS\system32\DirectX 2008-08-15 04:50:12 ----A---- C:\WINDOWS\system32\atrace.dll 2008-08-15 04:50:10 ----A---- C:\WINDOWS\system32\desktop.ini 2008-08-15 04:50:10 ----A---- C:\WINDOWS\desktop.ini 2008-08-15 04:50:05 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-08-15 04:50:04 ----D---- C:\Program Files\Fichiers communs\Services 2008-08-15 04:50:04 ----A---- C:\WINDOWS\system32\acctres.dll 2008-08-15 04:50:02 ----SD---- C:\WINDOWS\Tasks 2008-08-15 04:50:02 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-08-15 04:50:01 ----D---- C:\Program Files\Fichiers communs\MSSoap 2008-08-15 04:49:58 ----D---- C:\WINDOWS\srchasst 2008-08-15 04:49:57 ----D---- C:\WINDOWS\system32\Macromed 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wups.dll 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-08-15 04:49:55 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-08-15 04:49:54 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-08-15 04:49:51 ----D---- C:\Program Files\Movie Maker 2008-08-15 04:49:48 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-08-15 04:49:48 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-08-15 04:49:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-08-15 04:49:48 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-08-15 04:49:45 ----A---- C:\WINDOWS\system32\fltmc.exe 2008-08-15 04:49:45 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-08-15 04:49:44 ----D---- C:\WINDOWS\system32\Restore 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\srclient.dll 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-08-15 04:49:44 ----A---- C:\WINDOWS\system32\ils.dll 2008-08-15 04:49:43 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-08-15 04:49:43 ----A---- C:\WINDOWS\system32\msconf.dll 2008-08-15 04:49:43 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-08-15 04:49:41 ----D---- C:\Program Files\NetMeeting 2008-08-15 04:49:41 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-08-15 04:49:41 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-08-15 04:49:40 ----A---- C:\WINDOWS\system32\inetres.dll 2008-08-15 04:49:40 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-08-15 04:49:39 ----D---- C:\Program Files\Outlook Express 2008-08-15 04:49:39 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-08-15 04:49:39 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-08-15 04:49:39 ----A---- C:\WINDOWS\system32\mstask.dll 2008-08-15 04:49:38 ----A---- C:\WINDOWS\system32\isign32.dll 2008-08-15 04:49:38 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-08-15 04:49:38 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-08-15 04:49:38 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-08-15 04:49:33 ----D---- C:\Program Files\Fichiers communs\System 2008-08-15 04:49:32 ----D---- C:\Program Files\Internet Explorer 2008-08-15 04:48:52 ----D---- C:\Program Files\ComPlus Applications 2008-08-15 04:48:49 ----A---- C:\WINDOWS\vbaddin.ini 2008-08-15 04:48:49 ----A---- C:\WINDOWS\vb.ini 2008-08-15 04:48:44 ----D---- C:\WINDOWS\Registration 2008-08-15 04:48:35 ----D---- C:\Program Files\Windows Media Player 2008-08-15 04:48:35 ----D---- C:\Program Files\Online Services 2008-08-15 04:48:29 ----D---- C:\Program Files\Messenger 2008-08-15 04:48:26 ----D---- C:\Program Files\MSN Gaming Zone 2008-08-15 04:48:26 ----A---- C:\WINDOWS\system32\write.exe 2008-08-15 04:48:18 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-08-15 04:48:18 ----A---- C:\WINDOWS\system32\hticons.dll 2008-08-15 04:48:18 ----A---- C:\WINDOWS\system32\avwav.dll 2008-08-15 04:48:18 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-08-15 04:48:18 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-08-15 04:48:17 ----A---- C:\WINDOWS\system32\winchat.exe 2008-08-15 04:48:12 ----A---- C:\WINDOWS\system32\getuname.dll 2008-08-15 04:48:12 ----A---- C:\WINDOWS\system32\charmap.exe 2008-08-15 04:48:12 ----A---- C:\WINDOWS\system32\calc.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\winmine.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\tskill.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\sol.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\reset.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-08-15 04:48:11 ----A---- C:\WINDOWS\system32\freecell.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\tscon.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\shadow.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\regini.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\msg.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\logoff.exe 2008-08-15 04:48:10 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\stclient.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-08-15 04:48:09 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-08-15 04:48:08 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-08-15 04:48:04 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-08-15 04:47:57 ----D---- C:\Program Files\MSN 2008-08-15 04:47:56 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-08-15 04:47:56 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-08-15 04:47:56 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-08-15 04:47:55 ----D---- C:\Program Files\Windows NT 2008-08-15 04:47:55 ----A---- C:\WINDOWS\system32\spider.exe 2008-08-15 04:47:55 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-08-15 04:47:55 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-08-15 04:47:55 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-08-15 04:47:54 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-08-15 04:47:53 ----D---- C:\WINDOWS\system32\MsDtc 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-08-15 04:47:53 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-08-15 04:47:52 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-08-15 04:47:51 ----D---- C:\WINDOWS\system32\Com 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\colbact.dll 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-08-15 04:47:51 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-08-15 04:47:50 ----A---- C:\WINDOWS\system32\comuid.dll 2008-08-15 04:47:50 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-08-15 04:47:45 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-08-15 04:47:45 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-08-15 04:47:45 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-08-15 04:47:45 ----A---- C:\WINDOWS\system32\cmprops.dll 2008-07-29 20:21:42 ----A---- C:\WINDOWS\system32\klogon.dll 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-03 11:42:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll List of drivers R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-07-18 213008] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-15 21275] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-11-06 4024832] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496] R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416] S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [] S3 itztehhack;itztehhack; \??\C:\Documents and Settings\Administrateur\Bureau\Nouveau dossier\itztehhack.sys [] S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] S3 npkcrypt;npkcrypt; \??\C:\Program Files\Gravity\RO\npkcrypt.sys [] S3 npkycryp;npkycryp; \??\D:\Malmsteen\Mastela RO\npkycryp.sys [] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] List of services R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-07-29 206088] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] -----------------EOF----------------- Le contenue du fichier info.txt info.txt logfile of random's system information tool 2008-09-02 22:08:08 Uninstall list -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe Guitar Pro 5.2-->"D:\Malmsteen\Guitar Pro\Guitar Pro 5\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HP Appareils photos Photosmart 6.0-->C:\Program Files\HP\Digital Imaging\{FB172CE8-F5C0-4731-92FF-E93A0B075A7C}\setup\hpzscr01.exe -datfile hpiscr01.dat HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE} HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93} HP Solution Center and Imaging Support Tools 6.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9 -removeonly Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x40c -removeonly Valholl-->"D:\Malmsteen\ValhollRO\RO\unins000.exe" VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA/S3G Display Driver 6.14.10.0297-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe Hosts File 127.0.0.1 localhost Security center information AV: Kaspersky Anti-Virus Environment variables "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0303 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Voilà merci encore pour ton aide !
  4. Kazuma
    Puis-je avoir une réponse s'il vous plait?
  5. Kazuma
    Bonjour, Après avoir réparé mon problème d'auto redémarrage de PC,j'ai eu un nouveau problème,quand j'allume le PC je dois inséré le CD Windows et redémarré pas mal de fois(manuellement),ce matin je voulais faire la même chose comme d'habitude,mais la quand j'ouvre MSN, Error fichier endomagé,tout le PC est endomagé, voiçi le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:53:25, on 02/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\FlashGet\FlashGet.exe C:\WINDOWS\system32\CTFMON.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur.MALMSTEEN-AMINE\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [A-ToolBar] C:\Program Files\A-ToolBar\AToolBar.exe s O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- End of file - 4406 bytes Merci d'avance !
  6. Kazuma
    Voilà finis !! Voici Le Rapport de SDFiX : SDFix: Version 1.219 Run by Administrateur on 29/08/2008 at 00:14 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-29 00:38:39 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\WINDOWS\\system32\\winver.exe"="C:\\WINDOWS\\system32\\winver.exe:*:Disabled:winver" "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Disabled:Half-Life Launcher" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)" "D:\\Malmsteen\\CS 1.6\\hl.exe"="D:\\Malmsteen\\CS 1.6\\hl.exe:*:Enabled:Half-Life Launcher" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : Files with Hidden Attributes : Finished! ________________________ Et la le rapport de hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:41:07, on 29/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DNA\btdna.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [A-ToolBar] C:\Program Files\A-ToolBar\AToolBar.exe s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Mastela RO Patcher.lnk = D:\Malmsteen\Mastela RO\Mastela RO Patcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 4696 bytes Et merci encore ton aide !
  7. Kazuma
    Bon bah merci quand même x))
  8. Kazuma
    Quelqu'un pourrait me repondre s'il vous plait? ^^'
  9. Kazuma
    Bonjour, Alors voiçi mon problème, quand je veux allumer mon pc j'ai toujours ''Insert Disk Boot'' (Je peux pas allumer mon pc sans cd boot) et ensuite je dois le reboot plein de fois avant qu'il marche,l'autre problème,quand je veux éteindre mon pc il se redemarre,je suis obligé de l'éteindre manuelement... j'ai fais un scan HijackThis j'ai eu ça : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:44:46, on 28/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DNA\btdna.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\RALINK\Common\RaUI.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Mastela RO Patcher.lnk = D:\Malmsteen\Mastela RO\Mastela RO Patcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O20 - Winlogon Notify: winvex32 - winvex32.dll (file missing) O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 5687 bytes Merci d'avance pour votre aide !
×
×
  • Créer...