Aller au contenu

nico52

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par nico52

  1. nico52
    ComboFix 08-10-04.07 - Commun 2008-10-05 15:27:17.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.312 [GMT 2:00] Lancé depuis: C:\Users\Commun\Desktop\Combo-Fix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\InfoSat.txt C:\Users\Commun\AppData\Roaming\m C:\Users\Commun\AppData\Roaming\m\data.oct C:\Users\Commun\AppData\Roaming\m\flec006.exe C:\Users\Commun\AppData\Roaming\m\list.oct C:\Users\Commun\AppData\Roaming\m\shared\ABC_Amber_Lotus_Notes_Converter_4.01.zip C:\Users\Commun\AppData\Roaming\m\shared\ActiveResize_Control_3.3_Patch.zip C:\Users\Commun\AppData\Roaming\m\shared\Advanced_ZIP_Password_Recovery_4.0.24.zip C:\Users\Commun\AppData\Roaming\m\shared\Age_of_Empires_II_The_Conquerors_-_Shipwreck_map.zip C:\Users\Commun\AppData\Roaming\m\shared\Age_of_Mythology_-_Theris_scenario.zip C:\Users\Commun\AppData\Roaming\m\shared\Altdo_Apple_TV_Video_Converter_1.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Animated_MSN_Emoticons_Set_1_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\antivirus.kaspersky.2006.+.nod.32.saba.ok.zip C:\Users\Commun\AppData\Roaming\m\shared\ARulesXL_2.0.6_(Crack).zip C:\Users\Commun\AppData\Roaming\m\shared\Australia_Ashes_Screensaver_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Autumn_XP_Falls_Screensaver_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Axialis_MediaBrowser_4.01_KeyGen.zip C:\Users\Commun\AppData\Roaming\m\shared\Big_Mountain_4.39_(Patch).zip C:\Users\Commun\AppData\Roaming\m\shared\Birth_Alert_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\BoliGego_Mediaplayer_3.04.zip C:\Users\Commun\AppData\Roaming\m\shared\BrowserBob_Professional_Edition_4.1.3.zip C:\Users\Commun\AppData\Roaming\m\shared\BudgetKel_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Calc_360_1.2.2.zip C:\Users\Commun\AppData\Roaming\m\shared\Call_of_Duty_Nuenen_Map.zip C:\Users\Commun\AppData\Roaming\m\shared\CD_FrontEnd_Lite_3.0_[KeyGen].zip C:\Users\Commun\AppData\Roaming\m\shared\Click'n_Design_3D_5.1.4.zip C:\Users\Commun\AppData\Roaming\m\shared\Collmate_1.36_[KeyGen].zip C:\Users\Commun\AppData\Roaming\m\shared\Colorado_Web_Cams_1.1.zip C:\Users\Commun\AppData\Roaming\m\shared\ContactsCollector_1.10_[Patch].zip C:\Users\Commun\AppData\Roaming\m\shared\Cool_MP3_Burner_6.0_[Key].zip C:\Users\Commun\AppData\Roaming\m\shared\Crocodiles_Screensaver2_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Csmith_2.8.zip C:\Users\Commun\AppData\Roaming\m\shared\DB_Organizer_Deluxe_2.8.zip C:\Users\Commun\AppData\Roaming\m\shared\dbSuite_Admin_Tool_for_MySQL_1.2.zip C:\Users\Commun\AppData\Roaming\m\shared\DealSucker_Alerts_1.4.zip C:\Users\Commun\AppData\Roaming\m\shared\Debt_Analyzer_3.5_Key.zip C:\Users\Commun\AppData\Roaming\m\shared\Disney's_Animal_Kingdom_Screensaver_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\DJ_Boo_Boo_2.0.8.zip C:\Users\Commun\AppData\Roaming\m\shared\DotNetPanel_2.1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\DUNDUP_1.20_beta_1.zip C:\Users\Commun\AppData\Roaming\m\shared\DynamicMagic_4.0_[Patch].zip C:\Users\Commun\AppData\Roaming\m\shared\Easy_Favorite_1.zip C:\Users\Commun\AppData\Roaming\m\shared\Easy_Login_1.1.5.zip C:\Users\Commun\AppData\Roaming\m\shared\EasyBMPtoAVI_Movie_Creator_0.51.zip C:\Users\Commun\AppData\Roaming\m\shared\EBRclock_1.2.zip C:\Users\Commun\AppData\Roaming\m\shared\EditCNC_3.0.2.9_[With_Crack].zip C:\Users\Commun\AppData\Roaming\m\shared\Email_Manager_1_revision_4.zip C:\Users\Commun\AppData\Roaming\m\shared\FantasyCodec_2.9_Build_1018.zip C:\Users\Commun\AppData\Roaming\m\shared\FCOPY_1.12.zip C:\Users\Commun\AppData\Roaming\m\shared\FileAssurity_OpenPGP_2.02_build_263_[serial].zip C:\Users\Commun\AppData\Roaming\m\shared\Flady_1.0.4.zip C:\Users\Commun\AppData\Roaming\m\shared\FlowChartX_control_4.1.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Grand_Theft_Auto_Vice_City_1967_Ford_Shelby_Mustang_GT500_Model.zip C:\Users\Commun\AppData\Roaming\m\shared\Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.zip C:\Users\Commun\AppData\Roaming\m\shared\Hotbasic_Debugger_2.2.zip C:\Users\Commun\AppData\Roaming\m\shared\i.Vista_Panorama_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\ICE_iMap_Image_Mapper_1.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Inside_Website_Logger_2.2.zip C:\Users\Commun\AppData\Roaming\m\shared\InvesTraK_3.0.4.2_Patch.zip C:\Users\Commun\AppData\Roaming\m\shared\JobPro_Central_2.6.zip C:\Users\Commun\AppData\Roaming\m\shared\Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.zip C:\Users\Commun\AppData\Roaming\m\shared\Kernel_Palm_PDB_4.03.zip C:\Users\Commun\AppData\Roaming\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Serbian_1.1.17_(Key+Serial).zip C:\Users\Commun\AppData\Roaming\m\shared\LingvoSoft_Suite_2007_English_-_Polish_2.0.23_(Serial).zip C:\Users\Commun\AppData\Roaming\m\shared\Little_Big_League_Baseball_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Log_researcher_1.0_(Serial).zip C:\Users\Commun\AppData\Roaming\m\shared\Look_It_Up_1.0.7_(With_Crack).zip C:\Users\Commun\AppData\Roaming\m\shared\Magic_DeskX_3.2.zip C:\Users\Commun\AppData\Roaming\m\shared\Magic_Ellipses_1.3.zip C:\Users\Commun\AppData\Roaming\m\shared\Magic_Sharpener_1.5.zip C:\Users\Commun\AppData\Roaming\m\shared\MeGaSearch_1.2.zip C:\Users\Commun\AppData\Roaming\m\shared\Microsoft_Windows_Malicious_Software_Removal_Tool_1.12.zip C:\Users\Commun\AppData\Roaming\m\shared\Mighty_Ticker_1.1.4.zip C:\Users\Commun\AppData\Roaming\m\shared\Miro_0.9.8.1_Public_Preview_1.zip C:\Users\Commun\AppData\Roaming\m\shared\Moon_3D_Space_Tour_1.1_(Cracked).zip C:\Users\Commun\AppData\Roaming\m\shared\mp3-Arranger_6.2-1.zip C:\Users\Commun\AppData\Roaming\m\shared\MP3_Audio_Converter_3.06.zip C:\Users\Commun\AppData\Roaming\m\shared\MP3_CD_Ripper_2.53.zip C:\Users\Commun\AppData\Roaming\m\shared\MP3_to_CD_Burners_2.50_Key.zip C:\Users\Commun\AppData\Roaming\m\shared\My_Command_Button_ActiveX_4.02.zip C:\Users\Commun\AppData\Roaming\m\shared\My_Reminder_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Natural_Resources_Database_NRDB_Pro_2.2.2.zip C:\Users\Commun\AppData\Roaming\m\shared\Netsticker_1.0_(Cracked).zip C:\Users\Commun\AppData\Roaming\m\shared\NHL_2002_demo.zip C:\Users\Commun\AppData\Roaming\m\shared\Optenet_PC_Parental_Control_Software_9.4.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Optimizer_Rx_1.01.zip C:\Users\Commun\AppData\Roaming\m\shared\Panda_TruPrevent_Personal_2006_Promotional_Version_3.zip C:\Users\Commun\AppData\Roaming\m\shared\Paraben's_AdStopper_6.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Paraben's_Icon_Builder_7.02.zip C:\Users\Commun\AppData\Roaming\m\shared\Password_Retriever_5.3.4.zip C:\Users\Commun\AppData\Roaming\m\shared\PDF_Split-Merge_2.2_Cracked.zip C:\Users\Commun\AppData\Roaming\m\shared\Perf'Control_Personal_Edition_1.1.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Pixel_Grease_-_Easy_Image_Editor_2.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Projects_Manager_1.0.2.zip C:\Users\Commun\AppData\Roaming\m\shared\PUB_SMOOTH_1.0_KeyGen.zip C:\Users\Commun\AppData\Roaming\m\shared\Quicken_Password_Recovery_Key_8.0_build_2514.zip C:\Users\Commun\AppData\Roaming\m\shared\Renamer_1.6_Build_80.zip C:\Users\Commun\AppData\Roaming\m\shared\Repair_Tool_for_Outlook_Express_1.6.zip C:\Users\Commun\AppData\Roaming\m\shared\Restore_Deleted_from_Outlook_Express_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\RideWay_2.2.zip C:\Users\Commun\AppData\Roaming\m\shared\Robo-Logan_Adventure_2_1.zip C:\Users\Commun\AppData\Roaming\m\shared\SageTV_Media_Center_6.1.9_[Crack].zip C:\Users\Commun\AppData\Roaming\m\shared\SASA_ADSL_Statistics_Analyser_0.16.zip C:\Users\Commun\AppData\Roaming\m\shared\Save_Message_Action_for_InboxRULES_2.10_Cracked.zip C:\Users\Commun\AppData\Roaming\m\shared\Scancat-Gold_8.50_Serial.zip C:\Users\Commun\AppData\Roaming\m\shared\Scenic_Drive_-_Alexandria_to_Johnstown_in_the_Rain_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\SCWebCam_3.5.14.zip C:\Users\Commun\AppData\Roaming\m\shared\Secrets_Protector_Pro_2006_3.09_[Key].zip C:\Users\Commun\AppData\Roaming\m\shared\Security_Explorer_5.3.1.zip C:\Users\Commun\AppData\Roaming\m\shared\SF_Giants_Screensaver_2001.zip C:\Users\Commun\AppData\Roaming\m\shared\Sid_Meier's_Alpha_Centauri_Nod_mod.zip C:\Users\Commun\AppData\Roaming\m\shared\Snap_Font_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Soccer_Assistant_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Soft_Sea_Drop-Down_Menu_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Speaking_Calendar_6.6.8.zip C:\Users\Commun\AppData\Roaming\m\shared\StarOffice_IFilter_1.2_Serial.zip C:\Users\Commun\AppData\Roaming\m\shared\SubTool_2.6.zip C:\Users\Commun\AppData\Roaming\m\shared\SWF_'n_Slide_Pro_for_Mac_1.017.zip C:\Users\Commun\AppData\Roaming\m\shared\TeachWord_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\The_Washington_Memorial_ScreenSaver_5.07_[Patch].zip C:\Users\Commun\AppData\Roaming\m\shared\TourGroup_Manager_3.00.10.zip C:\Users\Commun\AppData\Roaming\m\shared\TrayDay_7.02.zip C:\Users\Commun\AppData\Roaming\m\shared\uCertify_-_MCSA_Practice_Test_for_Exam_N10-002_-_192+_Questions_6.10.05.zip C:\Users\Commun\AppData\Roaming\m\shared\Uninstaller_for_Total_Commander_1.7.3d.zip C:\Users\Commun\AppData\Roaming\m\shared\UninstallKing2005_2.18_Cracked.zip C:\Users\Commun\AppData\Roaming\m\shared\Unreal_Tournament_2003_-_No_Contest_map.zip C:\Users\Commun\AppData\Roaming\m\shared\urlStart_1.0.2.1.zip C:\Users\Commun\AppData\Roaming\m\shared\Visual_File_Downloader_1.4_(KeyGen).zip C:\Users\Commun\AppData\Roaming\m\shared\Weaverslave_Syntax_Editor_1.0.zip C:\Users\Commun\AppData\Roaming\m\shared\Web_Explorer_2.3.zip C:\Users\Commun\AppData\Roaming\m\shared\Windows_2000_Protected_Store_Key_Length_Vulnerability_Patch.zip C:\Users\Commun\AppData\Roaming\m\shared\WinInstallDate_1.41.zip C:\Users\Commun\AppData\Roaming\m\shared\WishBin_RC8.zip C:\Users\Commun\AppData\Roaming\m\shared\XPTS_1.2_release_3.zip C:\Users\Commun\AppData\Roaming\m\srvlist.oct C:\Windows\system32\ban_list.txt C:\Windows\system32\drivers\downld C:\Windows\system32\drivers\downld\136046.exe C:\Windows\system32\drivers\downld\140765.exe C:\Windows\system32\drivers\downld\158765.exe C:\Windows\system32\drivers\downld\164296.exe C:\Windows\system32\drivers\downld\165375.exe C:\Windows\system32\drivers\downld\169843.exe C:\Windows\system32\drivers\downld\172156.exe C:\Windows\system32\drivers\downld\174640.exe C:\Windows\system32\drivers\downld\174859.exe C:\Windows\system32\drivers\downld\186203.exe C:\Windows\system32\drivers\downld\191250.exe C:\Windows\system32\drivers\downld\193609.exe C:\Windows\system32\drivers\downld\194281.exe C:\Windows\system32\drivers\downld\195656.exe C:\Windows\system32\drivers\downld\196625.exe C:\Windows\system32\drivers\downld\207734.exe C:\Windows\system32\drivers\downld\207984.exe C:\Windows\system32\drivers\downld\211375.exe C:\Windows\system32\drivers\downld\237203.exe C:\Windows\system32\drivers\downld\252078.exe C:\Windows\system32\drivers\downld\252156.exe C:\Windows\system32\drivers\downld\257312.exe C:\Windows\system32\drivers\downld\259015.exe C:\Windows\system32\drivers\downld\263234.exe C:\Windows\system32\drivers\downld\264453.exe C:\Windows\system32\drivers\downld\271984.exe C:\Windows\system32\drivers\downld\308031.exe C:\Windows\system32\drivers\downld\44411406.exe C:\Windows\system32\drivers\downld\44412734.exe C:\Windows\system32\drivers\downld\44427593.exe C:\Windows\system32\drivers\hldrrr.exe C:\Windows\system32\mdelk.exe C:\Windows\system32\MSINET.oca C:\Windows\system32\rtl60.bpl . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_srosa ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-05 au 2008-10-05 )))))))))))))))))))))))))))))))))))) . 2008-10-05 15:20 . 2008-10-05 15:25 <REP> d-------- C:\32788R22FWJFW 2008-10-05 13:56 . 2008-10-05 14:02 49 --a------ C:\Windows\NeroDigital.ini 2008-10-05 13:19 . 2008-10-05 13:20 <REP> d-------- C:\Program Files\Trend Micro 2008-10-05 13:01 . 2008-10-05 13:04 <REP> d-------- C:\Users\Commun\AppData\Roaming\Spyware Terminator 2008-10-05 13:01 . 2008-10-05 15:15 <REP> d-------- C:\Users\All Users\Spyware Terminator 2008-10-05 13:01 . 2008-10-05 13:04 <REP> d-------- C:\Program Files\Spyware Terminator 2008-10-05 13:01 . 2008-10-05 15:15 <REP> d-------- C:\PROGRA~2\Spyware Terminator 2008-10-05 13:01 . 2008-10-05 13:01 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys 2008-10-05 12:49 . 2008-10-05 12:49 <REP> d-------- C:\Muestras 2008-10-04 23:23 . 2008-10-04 23:25 <REP> d-------- C:\Users\All Users\Lavasoft 2008-10-04 23:23 . 2008-10-04 23:23 <REP> d-------- C:\Program Files\Lavasoft 2008-10-04 23:23 . 2008-10-04 23:25 <REP> d-------- C:\PROGRA~2\Lavasoft 2008-10-04 23:15 . 2008-10-05 11:36 68,382 --a------ C:\Windows\System32\wintems.exe.ren 2008-10-04 13:29 . 2008-10-04 13:29 <REP> d-------- C:\Program Files\TerraGame 2008-10-04 13:29 . 2008-10-04 13:29 <REP> d-------- C:\Program Files\Paprikari 2008-10-04 13:29 . 1999-12-17 09:13 86,016 --a------ C:\Windows\unvise32.exe 2008-09-27 11:17 . 2008-09-27 11:17 <REP> d-------- C:\Users\Commun\AppData\Roaming\Thunderbird 2008-09-27 11:17 . 2008-09-27 11:17 <REP> d-------- C:\Program Files\Mozilla Thunderbird 2008-09-18 09:48 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-09-18 09:48 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-09-18 09:48 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-09-18 09:48 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll 2008-09-18 09:47 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-09-18 09:47 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-09-18 09:47 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-09-18 09:47 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll 2008-09-18 09:47 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-09-14 21:36 . 2008-09-14 21:36 <REP> d-------- C:\Program Files\Apple Software Update 2008-09-13 10:32 . 2008-09-13 10:32 <REP> d-------- C:\Program Files\Hercules 2008-09-13 10:31 . 2007-01-31 17:01 256,000 --a------ C:\Windows\System32\drivers\netr73.sys 2008-09-11 20:10 . 2008-09-11 20:11 <REP> d-------- C:\Users\Commun\AppData\Roaming\SPORE 2008-09-11 18:55 . 2008-09-11 18:55 <REP> d-------- C:\Users\Commun\SPORE 2008-09-10 17:11 . 2008-09-10 17:11 <REP> d-------- C:\Users\Commun\AppData\Roaming\SolidWorks 2008-09-10 17:10 . 2008-09-10 17:10 <REP> d-------- C:\Users\Commun\AppData\Roaming\DWGeditor 2008-09-10 17:10 . 2008-09-10 17:10 <REP> d-------- C:\Program Files\DWGeditor 2008-09-10 17:09 . 2008-09-10 17:09 <REP> d-------- C:\Program Files\Common Files\eDrawings2006 2008-09-10 17:08 . 2004-11-05 11:08 670,208 --a------ C:\Windows\System32\drivers\hardlock.sys 2008-09-10 17:07 . 2004-05-10 14:19 639,052 --a------ C:\Windows\System32\BBPDFPortMon.dll 2008-09-10 17:07 . 2008-09-10 17:07 23 --ah----- C:\Windows\yacht.xws 2008-09-10 17:03 . 2008-09-10 17:21 <REP> d-------- C:\Program Files\Common Files\Bluebeam Software 2008-09-10 16:59 . 2008-09-10 17:22 <REP> d-------- C:\Program Files\SolidWorks 2008-09-10 16:59 . 2008-09-10 16:59 <REP> d-------- C:\Program Files\Common Files\Solidworks Data 2008-09-10 16:55 . 2008-09-10 16:55 42 --a------ C:\Windows\trailer.xws 2008-09-10 11:17 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll 2008-09-10 11:17 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys 2008-09-10 11:17 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll 2008-09-10 11:17 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll 2008-09-10 11:17 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys 2008-09-10 11:17 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys 2008-09-10 11:17 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll 2008-09-10 11:17 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll 2008-09-10 11:17 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll 2008-09-06 18:32 . 2008-09-06 18:32 <REP> d-------- C:\Users\All Users\WindowsSearch 2008-09-06 18:32 . 2008-09-06 18:32 <REP> d-------- C:\PROGRA~2\WindowsSearch 2008-09-06 18:32 . 2002-09-28 20:09 505,104 --a------ C:\Windows\System32\msxml.dll 2008-09-06 18:32 . 2002-09-28 20:09 115,016 --a------ C:\Windows\System32\MSINET.OCX . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-05 13:23 --------- d-----w C:\Program Files\Transcode360 2008-10-05 13:15 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-10-05 11:11 --------- d-----w C:\Program Files\eMule 2008-10-05 11:11 --------- d-----w C:\PROGRA~2\eMule 2008-10-05 10:57 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy 2008-10-04 21:22 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-10-03 12:49 --------- d-----w C:\PROGRA~2\lx_cats 2008-10-01 12:11 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-10-01 12:11 --------- d-----w C:\Program Files\Red Storm Entertainment 2008-09-28 18:48 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-09-23 16:48 --------- d-----w C:\Program Files\DivX 2008-09-21 08:23 --------- d-----w C:\Program Files\Neuf 2008-09-14 13:27 139,600 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-09-14 13:26 111,928 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-09-11 17:46 --------- d-----w C:\Program Files\Electronic Arts 2008-09-11 07:26 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-08-30 17:50 --------- d-----w C:\Program Files\id Software 2008-08-30 16:07 --------- d-----w C:\Program Files\EA GAMES 2008-08-28 13:12 --------- d-----w C:\Program Files\Ubi Soft 2008-08-28 13:02 89,360 ----a-w C:\Windows\System32\VB5DB.DLL 2008-08-28 13:02 69,632 ----a-w C:\Windows\System32\xmltok.dll 2008-08-28 13:02 36,864 ----a-w C:\Windows\System32\xmlparse.dll 2008-08-28 13:02 28,432 ----a-w C:\Windows\System32\msxmlr.dll 2008-08-28 13:02 26,064 ----a-w C:\Windows\System32\xmlinst.exe 2008-08-28 13:02 24,576 ----a-w C:\Windows\System32\msxml3a.dll 2008-08-28 09:17 --------- d-----w C:\Program Files\Windows Mail 2008-08-14 17:00 98,304 ----a-w C:\Windows\System32\CmdLineExt.dll 2008-08-14 16:59 --------- d-----w C:\Program Files\Microsoft Games 2008-08-14 15:15 --------- d-----w C:\Program Files\Steam 2008-08-13 17:58 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-08 10:05 --------- d-----w C:\Program Files\Sun 2008-08-08 10:05 --------- d-----w C:\Program Files\Java 2008-08-06 17:19 --------- d-----w C:\Program Files\Max Payne 2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-07-25 08:36 524,288 ----a-w C:\Windows\System32\DivXsm.exe 2008-07-23 16:50 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll 2008-07-23 16:48 200,704 ----a-w C:\Windows\System32\ssldivx.dll 2008-07-23 16:48 1,044,480 ----a-w C:\Windows\System32\libdivx.dll 2008-07-23 16:46 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll 2008-07-19 11:49 174 --sha-w C:\Program Files\desktop.ini 2008-07-19 11:16 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-07-19 11:16 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll 2008-07-14 14:45 35,332 ----a-w C:\Windows\uninst.exe 2008-03-01 09:03 31,744 ----a-w C:\Users\All Users\webcam.exe 2008-03-01 09:03 31,744 ----a-w C:\PROGRA~2\webcam.exe 2008-02-03 11:34 22,328 ----a-w C:\Users\Commun\AppData\Roaming\PnkBstrK.sys 2007-12-25 18:31 71,696 ----a-w C:\Users\Commun\AxDecrypt.exe 2007-10-20 09:42 382,352 ----a-w C:\Users\Commun\jre-6u3-windows-i586-p-iftw.exe 2007-10-14 14:39 1,271,557 ----a-w C:\Users\Commun\wrar371fr.exe 2007-10-09 07:02 24,536,608 ----a-w C:\Users\Commun\AdbeRdr810_fr_FR.exe 2008-07-04 19:37 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2008-07-04 19:37 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2008-07-04 19:37 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 2006-05-03 09:06 163,328 --sh--r C:\Windows\System32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r C:\Windows\System32\msfDX.dll 2008-03-16 12:30 216,064 --sh--r C:\Windows\System32\nbDX.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-10-05 2156368] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 37376] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-02-16 90112] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 385024] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 267048] "lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 435120] "lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480] "FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 312240] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-23 185896] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-16 13535776] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-16 92704] "Transcode360"="C:\Program Files\Transcode360\Transcode360Tray.exe" [2006-12-10 196608] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe [2008-09-13 98304] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.i420"= i420vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiSpywareOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2249935324-959544306-317576264-1000] "EnableNotificationsRef"=dword:00000004 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{0530733A-5BE3-4F88-87A7-3ADAC4651491}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "{46E9F6F1-FDD9-4BB4-9B81-B746EE440428}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "TCP Query User{33477EA5-7780-4479-A5F1-4AC62A3EEBA2}C:\\program files\\ea games\\battlefield 2\\bf2_w32ded.exe"= UDP:C:\program files\ea games\battlefield 2\bf2_w32ded.exe:Bf2_w32ded "UDP Query User{2DC8C0C3-FD20-4A80-A0C2-EAF7AA32BA4C}C:\\program files\\ea games\\battlefield 2\\bf2_w32ded.exe"= TCP:C:\program files\ea games\battlefield 2\bf2_w32ded.exe:Bf2_w32ded "{862239C0-7EFB-4341-BE90-B09AB02B48AD}"= UDP:C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe:Battlefield 2 "{B58259D7-D440-4559-A9B8-1BD61AFC68E4}"= TCP:C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe:Battlefield 2 "TCP Query User{0651CEAF-D90B-4F7F-89B4-C6B042F0860E}C:\\program files\\club-internet\\assistance\\updatehitachi\\maj_hitachi.exe"= UDP:C:\program files\club-internet\assistance\updatehitachi\maj_hitachi.exe:Firmware Upgrader Hitachi "UDP Query User{3AD65A66-CA17-4A76-A151-933C586DE207}C:\\program files\\club-internet\\assistance\\updatehitachi\\maj_hitachi.exe"= TCP:C:\program files\club-internet\assistance\updatehitachi\maj_hitachi.exe:Firmware Upgrader Hitachi "TCP Query User{BF22745A-973A-4EC3-BC48-0DCAC76FC9C3}C:\\program files\\steam\\steamapps\\lloyd_banks03\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\lloyd_banks03\counter-strike source\hl2.exe:hl2 "UDP Query User{8708D067-430F-431A-BDA7-A668BB3AC0AE}C:\\program files\\steam\\steamapps\\lloyd_banks03\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\lloyd_banks03\counter-strike source\hl2.exe:hl2 "TCP Query User{8DEE5377-2167-48BB-BA43-2BCBAE7BE67D}C:\\users\\commun\\appdata\\local\\temp\\wzse0.tmp\\b\\wpadvisor.exe"= UDP:C:\users\commun\appdata\local\temp\wzse0.tmp\b\wpadvisor.exe:wpadvisor.exe "UDP Query User{2D860630-357C-4037-B7F4-A4ACD241E5E6}C:\\users\\commun\\appdata\\local\\temp\\wzse0.tmp\\b\\wpadvisor.exe"= TCP:C:\users\commun\appdata\local\temp\wzse0.tmp\b\wpadvisor.exe:wpadvisor.exe "TCP Query User{1DAB892D-99BC-4062-9412-70E828D0E6E9}C:\\program files\\blue coat systems\\winproxy 6\\proxylog.exe"= UDP:C:\program files\blue coat systems\winproxy 6\proxylog.exe:proxylog "UDP Query User{19D65F80-8C34-4BDC-9293-2249B1A1323F}C:\\program files\\blue coat systems\\winproxy 6\\proxylog.exe"= TCP:C:\program files\blue coat systems\winproxy 6\proxylog.exe:proxylog "TCP Query User{0F7C7FF2-2A6A-4C46-97A1-15F7E6AF64D4}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader "UDP Query User{2AF2F1FA-BC16-4D55-B7ED-71B02E89FED9}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader "TCP Query User{BB5D958D-4F80-4C8C-978C-BBE9DCC0AEC2}C:\\windows\\temp\\navbrowser.exe"= UDP:C:\windows\temp\navbrowser.exe:navbrowser.exe "UDP Query User{E59C87F0-144D-46BC-88CD-D66FD2AEB9FB}C:\\windows\\temp\\navbrowser.exe"= TCP:C:\windows\temp\navbrowser.exe:navbrowser.exe "TCP Query User{C535DAF0-1FD7-42E3-AC32-644B7EAE04FF}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{2CB45351-D3D4-4176-8759-B002936136D1}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "{538B6813-6186-4351-A856-816F5406B4AA}"= UDP:80:80 "{C10CABB9-0516-4544-BA69-D4086CDFA8C1}"= UDP:8080:8080 "{8A2FB675-985C-4B8F-B4D5-2DD6D60ED284}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{7AC3B0DB-3F95-4076-81E7-806584523B0D}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{FC340B5B-5230-4B8B-A243-0F9916A596E5}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{8AA56FFF-F508-4DC0-AD11-1600BDEC0A35}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{C31379E9-C1FF-4C1B-AB23-0486C4B57DDC}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{14909CF3-7F4A-482D-BA4C-72FE0B29837E}"= UDP:C:\Program Files\Midway Home Entertainment\Stranglehold Demo\Binaries\Retail-Stranglehold.exe:Stranglehold Demo "{A51A47C9-F21C-41A1-A825-883DCB5AE1FC}"= TCP:C:\Program Files\Midway Home Entertainment\Stranglehold Demo\Binaries\Retail-Stranglehold.exe:Stranglehold Demo "TCP Query User{F1CC3B73-C3CD-4356-9B10-BE6E9A6524BC}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{2AD2F90C-233B-42D2-917F-10B071440D96}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "TCP Query User{69C31266-9C52-44AB-B946-2852D4B67114}C:\\program files\\world of warcraft\\repair.exe"= UDP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility "UDP Query User{5CC41231-C660-4330-BA07-63E265DB7A91}C:\\program files\\world of warcraft\\repair.exe"= TCP:C:\program files\world of warcraft\repair.exe:Blizzard Repair Utility "TCP Query User{6E98FF91-F74A-43D8-AFA1-A885AF3A0EE9}C:\\users\\commun\\appdata\\local\\temp\\_pa274\\repairtoto.exe"= UDP:C:\users\commun\appdata\local\temp\_pa274\repairtoto.exe:repairtoto.exe "UDP Query User{BE674C25-B08C-4061-9A8D-DE3AF7B038D6}C:\\users\\commun\\appdata\\local\\temp\\_pa274\\repairtoto.exe"= TCP:C:\users\commun\appdata\local\temp\_pa274\repairtoto.exe:repairtoto.exe "TCP Query User{0BFA50DF-0BEB-4DC8-B3B9-95FE08279417}C:\\program files\\steam\\steam.exe"= UDP:C:\program files\steam\steam.exe:Steam "UDP Query User{6750A368-11C6-43F5-9729-DB9284C14EA2}C:\\program files\\steam\\steam.exe"= TCP:C:\program files\steam\steam.exe:Steam "TCP Query User{9F684172-FF99-47C9-A14F-14E398B4941F}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{D6B697C2-4888-4851-A5BE-CADF899DDB28}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{C7D0E959-179D-4EEE-A70B-4E03DF20EF4B}"= UDP:C:\Program Files\DreamCatcher\Painkiller Overdose Demo\Bin\OverdoseDemo.exe:Painkiller Overdose Demo "{D5B576FC-A51D-4B51-840A-7B2A946DB946}"= TCP:C:\Program Files\DreamCatcher\Painkiller Overdose Demo\Bin\OverdoseDemo.exe:Painkiller Overdose Demo "{CF760DBA-24F9-40BC-9881-2B490307F06D}"= UDP:3724:Blizzard Downloader: 3724 "TCP Query User{09F85533-E997-4AD4-9985-A54EE9E36C90}C:\\users\\commun\\desktop\\core\\core\\mangosd.exe"= UDP:C:\users\commun\desktop\core\core\mangosd.exe:mangosd.exe "UDP Query User{A9C082E5-6D57-4BB3-B358-E9CB6916DF6B}C:\\users\\commun\\desktop\\core\\core\\mangosd.exe"= TCP:C:\users\commun\desktop\core\core\mangosd.exe:mangosd.exe "TCP Query User{AA461569-ACF3-4B24-A123-21C65D280122}C:\\program files\\america's army\\system\\armyops.exe"= UDP:C:\program files\america's army\system\armyops.exe:ArmyOps "UDP Query User{2E07DB1F-1883-4AB6-9EE2-EBA7A016EEB9}C:\\program files\\america's army\\system\\armyops.exe"= TCP:C:\program files\america's army\system\armyops.exe:ArmyOps "{89BCD43F-0AE7-4496-A0EA-5272CC95EE2B}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{779333E5-176F-42AF-B325-73575928300B}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{5E27F897-0ABD-4337-86FB-390145DD4782}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{9D0DA76D-564F-457B-9E01-EC25C1AD40BC}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{0A3BCE20-47C3-4DB7-AA99-092531D812A7}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{C6FBD172-A868-4EEA-B36C-D976E532CAB6}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{C02876E4-87E0-45FB-A4F6-AE1CC7E5BAB4}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{D8B634B1-6C9A-4126-AFFA-9D23282D7DF0}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "TCP Query User{DE4FB1B7-4B4B-4821-B6A0-C6108F602F89}C:\\program files\\id software\\quake 4 multiplayer demo\\quake4.exe"= UDP:C:\program files\id software\quake 4 multiplayer demo\quake4.exe:Quake 4 "UDP Query User{BA6BCA79-8AD4-42DB-BC36-C52EB6A0C374}C:\\program files\\id software\\quake 4 multiplayer demo\\quake4.exe"= TCP:C:\program files\id software\quake 4 multiplayer demo\quake4.exe:Quake 4 "TCP Query User{2E8FF36C-9B12-4027-AB1B-291FAEEA25C8}C:\\program files\\id software\\quake 4 demo\\quake4.exe"= UDP:C:\program files\id software\quake 4 demo\quake4.exe:Quake 4 "UDP Query User{D04375D0-8EF7-4595-A67C-D8C953F1434C}C:\\program files\\id software\\quake 4 demo\\quake4.exe"= TCP:C:\program files\id software\quake 4 demo\quake4.exe:Quake 4 "TCP Query User{96DF4F7C-0861-42FC-98E7-6B19F93B9B33}C:\\program files\\pinnacle\\mediacenter\\pmc.exe"= UDP:C:\program files\pinnacle\mediacenter\pmc.exe: "UDP Query User{111A6560-0F4E-427E-AC79-7C4508C1A9C8}C:\\program files\\pinnacle\\mediacenter\\pmc.exe"= TCP:C:\program files\pinnacle\mediacenter\pmc.exe: "{4B8C2550-D974-49AC-88E6-675BDB3C67CF}"= UDP:C:\Users\Commun\Downloads\eMule\Incoming\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{86A90D70-9C14-4B3D-93A2-60415B03410C}"= TCP:C:\Users\Commun\Downloads\eMule\Incoming\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "TCP Query User{05EFE469-E82B-418F-9ACD-9DA77E653558}C:\\users\\commun\\downloads\\emule\\incoming\\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:C:\users\commun\downloads\emule\incoming\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\call of duty 4 - modern warfare\iw3mp.exe:iw3mp.exe "UDP Query User{1AD83CEF-BE25-4F24-8E54-FDE050D11244}C:\\users\\commun\\downloads\\emule\\incoming\\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:C:\users\commun\downloads\emule\incoming\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\call of duty 4 - modern warfare\iw3mp.exe:iw3mp.exe "{059A51F9-AEFA-4CA7-869F-DA962CB852A5}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{1D5A3733-8F89-4EC5-BA70-BEAEE3567F7F}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{A8B4F0B9-BC43-4418-831F-12D467BF8F94}"= UDP:C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat:La Bataille pour la Terre du Milieu "{E1006043-ABC4-47A2-897C-B3ECFB30B2A5}"= TCP:C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu\game.dat:La Bataille pour la Terre du Milieu "{40621493-D470-4A91-84D6-ABA0B6D8F7C2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{95CCA3BA-4253-4CB2-A369-05664D8E446F}"= UDP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II "{55E01552-FCFE-47A5-95A8-9C7FC2FAF8DA}"= TCP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II "{D5764C06-F744-4EE0-8F9B-11F40FF7DBC8}"= UDP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System "{91EA1527-2CDC-41CC-8D6C-4729913CBBA7}"= TCP:C:\Windows\System32\lxdicoms.exe:Lexmark Communications System "{11154FC6-A497-4FB5-9784-7D334FA52BDC}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor "{C0F4A6FF-BD95-4DED-8DBC-AE72433BD9BD}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor "{D7A3C12B-0963-4DA3-BA8D-720C930EEB4F}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio "{E9099265-E1BF-49C5-9DB3-F642CB4FAB1B}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio "{6A6E36D3-9833-4674-A23C-E8F12E7ED835}"= UDP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader "{37EB0E45-91F1-4269-B0E2-E0EA5B9462FF}"= TCP:C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader "{EA99108B-E23F-457A-AD8F-F42175A66C40}"= UDP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software "{1BDAC1A6-F8CE-4A1F-909F-46815BE93089}"= TCP:C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:Fax software "{00DE48B2-B8EB-4B6A-A3E1-FDBD8D47183F}"= UDP:C:\Users\Commun\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe: "{FD1DE1A6-042F-4C72-8335-79E9762B92A7}"= TCP:C:\Users\Commun\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe: "{52D220B8-DF76-498D-A17F-703E7A04D81C}"= UDP:C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor "{0F71D672-3FF5-4FF6-A0BC-144E1D1C6E7F}"= TCP:C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor "TCP Query User{D7D83E7F-5DA7-42C1-BF07-6E33DEE0E0A5}C:\\windows\\system32\\electricsheep.scr"= UDP:C:\windows\system32\electricsheep.scr:ElectricSheep "UDP Query User{08799F94-85CB-4D58-AA11-2998EEBFC762}C:\\windows\\system32\\electricsheep.scr"= TCP:C:\windows\system32\electricsheep.scr:ElectricSheep "TCP Query User{6E1198CF-AE5C-4556-9BCC-877ED7DE4BBD}C:\\program files\\qq\\africa2003\\qq.exe"= UDP:C:\program files\qq\africa2003\qq.exe:QQ "UDP Query User{38620135-8B9F-4560-8C7D-2224D33D594C}C:\\program files\\qq\\africa2003\\qq.exe"= TCP:C:\program files\qq\africa2003\qq.exe:QQ "TCP Query User{EB37AC30-076E-4F8D-B884-2183F98B5010}L:\\nicolas\\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:L:\nicolas\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\call of duty 4 - modern warfare\iw3mp.exe:iw3mp "UDP Query User{CFE23F75-FD32-424F-9F91-9FD569772D36}L:\\nicolas\\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:L:\nicolas\call.of.duty.4.modern.warfare.full.rip-skullptura.[jackpot]\call of duty 4 - modern warfare\iw3mp.exe:iw3mp "TCP Query User{8A634B6F-9B6D-4DEF-A79D-E2F1600272D0}C:\\program files\\popcap games\\zuma deluxe\\zuma.exe"= UDP:C:\program files\popcap games\zuma deluxe\zuma.exe:Zuma "UDP Query User{C74CE05E-A214-4922-8AAD-CDD1835A8DB8}C:\\program files\\popcap games\\zuma deluxe\\zuma.exe"= TCP:C:\program files\popcap games\zuma deluxe\zuma.exe:Zuma "TCP Query User{F1869A28-B58F-4750-8997-8CDCA12E859F}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer "UDP Query User{57C376BF-67D4-4B36-9684-D68F7AB72CC6}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer "TCP Query User{ADF5B7A3-8856-487B-AB3A-94BCA8BBFB72}C:\\program files\\tmnationsforever\\tmforever.exe"= UDP:C:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{F7B96102-FE31-4EE3-8B7D-0E0D169DB04B}C:\\program files\\tmnationsforever\\tmforever.exe"= TCP:C:\program files\tmnationsforever\tmforever.exe:TmForever "TCP Query User{CF866959-C503-4EF6-96FC-DD7E118D2F50}C:\\program files\\steam\\steamapps\\lloyd_banks03\\source sdk base\\hl2.exe"= UDP:C:\program files\steam\steamapps\lloyd_banks03\source sdk base\hl2.exe:hl2 "UDP Query User{5AD244FE-B54A-40B9-B4DD-1DCF7B6C6C32}C:\\program files\\steam\\steamapps\\lloyd_banks03\\source sdk base\\hl2.exe"= TCP:C:\program files\steam\steamapps\lloyd_banks03\source sdk base\hl2.exe:hl2 "TCP Query User{08B04179-B5A2-4F9C-87C4-CC026329125B}C:\\program files\\electronic arts\\eadm\\core.exe"= UDP:C:\program files\electronic arts\eadm\core.exe:EA Download Manager "UDP Query User{3F0FA018-024F-42C2-849C-071D057499F2}C:\\program files\\electronic arts\\eadm\\core.exe"= TCP:C:\program files\electronic arts\eadm\core.exe:EA Download Manager "TCP Query User{F8A06FBE-D1B6-4256-9145-9F2ACC52A61A}C:\\program files\\steam\\steamapps\\lloyd_banks03\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\lloyd_banks03\day of defeat source\hl2.exe:hl2 "UDP Query User{BFF6ECF5-E2B8-41F6-9C66-A5D392B1A1B6}C:\\program files\\steam\\steamapps\\lloyd_banks03\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\lloyd_banks03\day of defeat source\hl2.exe:hl2 "{D56E7153-A47C-4D9D-ACC2-7FC29713CEA2}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{8E54999B-201C-40B4-9860-EC8B400DA370}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{1FE9714B-5599-47E3-B050-E425F2ACE04F}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{F1768EEA-FA39-48A3-BEF7-8615DA6E05F1}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{F2897429-F435-45C6-B4D3-C3810608952A}"= UDP:6869:emule "{E5FFD668-21E3-4B22-A6E7-7BDAB590A058}"= TCP:6879:emule 2 "TCP Query User{74EEE8D2-9A49-4FAD-A64D-D62E48126DC4}C:\\program files\\steam\\steamapps\\lloyd_banks03\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\program files\steam\steamapps\lloyd_banks03\half-life 2 deathmatch\hl2.exe:hl2 "UDP Query User{64D8ED86-9DB2-4316-936B-AAFF416F99EA}C:\\program files\\steam\\steamapps\\lloyd_banks03\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\program files\steam\steamapps\lloyd_banks03\half-life 2 deathmatch\hl2.exe:hl2 "TCP Query User{4E7518F7-455B-4724-90B1-DEA82D7C9668}C:\\program files\\transcode360\\transcode360tray.exe"= UDP:C:\program files\transcode360\transcode360tray.exe: "UDP Query User{04548152-65B1-4E04-8A83-BA5F0EDE8E0A}C:\\program files\\transcode360\\transcode360tray.exe"= TCP:C:\program files\transcode360\transcode360tray.exe: "TCP Query User{6AFF27F3-7832-4274-BAA6-E4030CBFD018}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= UDP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II "UDP Query User{79B156BD-FC1D-4AC0-81A7-09BF46053C53}C:\\program files\\microsoft games\\age of empires ii\\empires2.exe"= TCP:C:\program files\microsoft games\age of empires ii\empires2.exe:Age of Empires II "TCP Query User{9FC0A562-9239-40BE-B03A-9572EF01FA31}C:\\program files\\transcode360\\transcode360tray.exe"= UDP:C:\program files\transcode360\transcode360tray.exe: "UDP Query User{81594CAD-9A72-498E-92B7-E3104B953D87}C:\\program files\\transcode360\\transcode360tray.exe"= TCP:C:\program files\transcode360\transcode360tray.exe: "{1DB18A16-821F-4DC2-BED3-6A0B39E8326F}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "{DA154C0F-AD2F-40A6-82CE-021CE8826AF1}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2 "{886EC92A-28E4-418F-BE60-9B95DA808508}"= UDP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) "{4804556A-D6A6-467D-9D09-7BF1D908EDE3}"= TCP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) "TCP Query User{243067FD-DB6B-4675-AE78-93DD020305B1}C:\\program files\\neuf\\media center\\httpd\\httpd.exe"= UDP:C:\program files\neuf\media center\httpd\httpd.exe:Apache HTTP Server "UDP Query User{0FCD4248-78FA-4059-9043-C1DD415C779E}C:\\program files\\neuf\\media center\\httpd\\httpd.exe"= TCP:C:\program files\neuf\media center\httpd\httpd.exe:Apache HTTP Server R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280] R2 lxdi_device;lxdi_device;C:\Windows\system32\lxdicoms.exe [2007-04-26 517040] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296] S2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-04-26 99248] S3 3xHybrid;Philips SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-08 1136600] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 576680] S3 netr73;Hercules Wireless USB Dongle Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000] S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680] S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568] S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-01 87288] S3 UMPass;Pilote Microsoft UMPass;C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680] S3 USB28xxBGA;PCTV Hybrid Pro* Stick;C:\Windows\system32\DRIVERS\emBDA.sys [2006-02-08 217216] S3 USB28xxOEM;USB 28xx OEM Filter;C:\Windows\system32\DRIVERS\emOEM.sys [2006-02-08 17792] S3 wampapache;wampapache;c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe [2007-09-05 24635] S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \shell\AutoRun\command - I:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17bbe61d-c8e2-11dc-91c8-0019db531394}] \shell\AutoRun\command - setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50b3d3ba-11d1-11dd-b6c0-0019db531394}] \shell\AutoRun\command - J:\setupSNK.exe . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-eMuleAutoStart - C:\Program Files\eMule\emule.exe . ------- Examen supplémentaire ------- . FireFox -: Profile - C:\Users\Commun\AppData\Roaming\Mozilla\Firefox\Profiles\i5rncyji.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/ FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll FF -: plugin - C:\Program Files\Neuf\TV_PC\VLC\npvlc.dll FF -: plugin - C:\Users\Commun\AppData\Roaming\Mozilla\Firefox\Profiles\i5rncyji.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-05 15:43:20 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\Windows\System32\nvvsvc.exe C:\Windows\System32\audiodg.exe C:\Windows\System32\rundll32.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Windows\System32\PnkBstrA.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Windows\System32\WUDFHost.exe C:\Windows\System32\conime.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Heure de fin: 2008-10-05 15:50:21 - La machine a redémarré [Commun] ComboFix-quarantined-files.txt 2008-10-05 13:50:14 Avant-CF: 37,483,937,792 octets libres Après-CF: 40,087,203,840 octets libres 548 --- E O F --- 2008-10-03 06:54:42 Je me retrouve avec ça? C'est bon signe ?
  2. nico52
    Bonjour à tous. Voila depuis ce matin je me suis aperçu que j'ai été le cible du virus bagle. J'ai essayé plusieurs méthodes comme ELIBAGLA, Combofix mais sa ne marche pas. J'ai aussi voulut lancer HijackThis mais le message C:\Commun\Users\Desktop\HijackThis.exe n'est pas une application Win32 valide". Pourriez vous m'aider s'il vous plait. Merci
×
×
  • Créer...