Aller au contenu

frozz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    16

  • Inscription

  • Dernière visite

Contact Methods

  • MSN
    Frozz656@hotmail.com

Autres informations

  • Mes langues
    Francais

frozz's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. frozz
    Voici le rapport du premier scan, je m occupe a l instant du prochain : ComboFix 09-03-01.01 - erdt 2009-03-02 21:11:05.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.756 [GMT 1:00] Lancé depuis: c:\documents and settings\erdt\Bureau\101010.exe Commutateurs utilisés :: c:\documents and settings\erdt\Mes documents\CFScript.txt AV: Norton AntiVirus *On-access scanning disabled* (Updated) FW: Norton AntiVirus *enabled* * Un nouveau point de restauration a été créé FILE :: c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\d3d9caps.dat . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Bonjour c:\program files\Bonjour\About Bonjour.rtf c:\program files\Bonjour\mdnsNSP.dll c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\AutoRun.inf c:\windows\system32\d3d9caps.dat . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-02 au 2009-03-02 )))))))))))))))))))))))))))))))))))) . 2009-03-02 19:09 . 2009-03-02 19:09 <REP> d-------- c:\documents and settings\erdt\Application Data\HP 2009-03-02 19:03 . 2009-03-02 19:03 <REP> d-------- c:\documents and settings\All Users\Application Data\HPSSUPPLY 2009-03-02 19:01 . 2009-03-02 19:01 <REP> d-------- c:\documents and settings\All Users\Application Data\HP Product Assistant 2009-03-02 19:01 . 2009-03-02 19:02 <REP> d-------- c:\documents and settings\All Users\Application Data\HP 2009-03-02 19:00 . 2009-03-02 19:00 <REP> d-------- c:\program files\Fichiers communs\HP 2009-03-02 18:54 . 2009-03-02 17:25 132,529 --------- c:\windows\hpoins14.dat.temp 2009-03-02 18:54 . 2007-09-21 12:59 1,996 --------- c:\windows\hpomdl14.dat.temp 2009-03-02 18:00 . 2009-03-02 18:00 <REP> d---s---- c:\documents and settings\NetworkService\Favoris 2009-03-02 17:34 . 2009-03-02 17:34 <REP> d----c--- C:\erdt 2009-03-02 17:29 . 2009-03-02 17:32 <REP> d----c--- C:\ComboFix 2009-03-02 17:28 . 2009-03-02 17:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-03-02 17:24 . 2009-03-02 17:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-03-02 17:24 . 2007-03-28 14:01 117,760 --a------ c:\windows\system32\hpzll5ha.dll 2009-03-02 17:20 . 2009-03-02 17:20 <REP> d-------- c:\program files\Hewlett-Packard 2009-03-02 17:19 . 2009-03-02 17:19 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard 2009-03-02 17:17 . 2007-03-18 07:11 675,840 --a------ c:\windows\system32\hpowiax3.dll 2009-03-02 17:17 . 2007-03-18 07:11 569,344 --a------ c:\windows\system32\hpotscl3.dll 2009-03-02 17:17 . 2007-03-18 07:11 303,104 --a------ c:\windows\system32\hpovst10.dll 2009-03-02 17:17 . 2007-03-31 06:07 267,864 --a------ c:\windows\system32\hpzids01.dll 2009-03-02 17:16 . 2009-03-02 19:04 <REP> d-------- c:\program files\HP 2009-03-02 17:15 . 2009-03-02 19:09 160,115 --a------ c:\windows\hpoins14.dat 2009-03-02 17:15 . 2007-09-21 11:48 2,000 --------- c:\windows\hpomdl14.dat 2009-03-01 12:52 . 2009-03-01 12:52 <REP> d-------- c:\documents and settings\erdt\Application Data\XemiComputers 2009-03-01 11:28 . 2009-03-01 11:31 <REP> d-------- c:\program files\TGTSoft 2009-03-01 11:28 . 2009-03-01 11:28 88 --a------ c:\windows\StyleBuilder.INI 2009-02-28 20:52 . 2009-02-28 20:52 <REP> d----c--- C:\Dell 2009-02-28 20:49 . 2009-02-28 20:49 <REP> d-------- c:\windows\OPTIONS 2009-02-28 00:42 . 2009-02-28 01:27 <REP> d-------- c:\documents and settings\erdt\Application Data\Ventrilo 2009-02-28 00:40 . 2009-02-28 01:33 <REP> d-------- c:\program files\VentSrv 2009-02-28 00:39 . 2009-02-28 01:33 <REP> d-------- c:\program files\Ventrilo 2009-02-28 00:38 . 2009-02-28 00:39 262 --a------ c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2009-02-28 00:37 . 2009-02-28 00:39 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2009-02-27 09:27 . 2009-02-27 09:33 <REP> d--h-c--- c:\windows\ie8 2009-02-27 00:57 . 2009-02-27 00:58 <REP> d-------- c:\documents and settings\erdt\Application Data\dvdcss 2009-02-27 00:56 . 2009-02-27 11:40 <REP> d-------- c:\documents and settings\erdt\Application Data\vlc 2009-02-27 00:54 . 2009-02-27 00:54 <REP> d-------- c:\program files\VideoLAN 2009-02-27 00:18 . 2009-02-27 00:18 <REP> d-------- c:\program files\Safari 2009-02-26 17:15 . 2009-02-26 17:15 <REP> d-------- c:\program files\MzRam 2009-02-25 20:53 . 2006-08-22 21:05 520,192 --------- c:\windows\system32\ati2sgag.exe 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\Driver 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\ACE 2009-02-25 20:51 . 2006-08-23 09:05 1,686,484 --a--c--- C:\data1.cab 2009-02-25 20:51 . 2009-02-25 20:51 1,529,216 --a--c--- C:\GenuineCheck.exe 2009-02-25 20:51 . 2006-08-23 09:05 512 --a--c--- C:\data2.cab 2009-02-25 20:45 . 2009-02-25 20:47 45,490,823 --a--c--- C:\ati catalyst-mobility-6.9-all-kxp.exe 2009-02-25 15:50 . 2009-02-25 15:50 <REP> d----c--- C:\DirectX10 RC2 Fix 3-Pre-Final 2009-02-25 15:50 . 2009-02-28 23:57 716,153 --a------ c:\windows\system32\unins000.exe 2009-02-25 15:50 . 2008-03-05 16:03 329,224 --a------ c:\windows\system32\DXErr.exe 2009-02-25 15:50 . 2008-03-05 16:03 209,416 --a------ c:\windows\system32\dxcpl.exe 2009-02-25 15:50 . 2009-02-28 23:57 12,731 --a------ c:\windows\system32\unins000.dat 2009-02-25 15:48 . 2009-02-25 15:49 4,764,495 --a--c--- C:\DirectX10_RC2_Fix_3-Pre-Final.zip 2009-02-25 15:22 . 2009-02-25 15:33 26,699,048 --a--c--- C:\SafariSetup.exe 2009-02-23 17:10 . 2009-03-01 12:51 <REP> d-------- c:\program files\Teamspeak2_RC2 2009-02-23 16:42 . 2009-02-23 16:42 1,657,659 --a--c--- C:\ts2_server_rc2_202319.exe 2009-02-23 16:39 . 2009-02-23 16:39 <REP> d-------- c:\documents and settings\erdt\Application Data\teamspeak2 2009-02-23 16:38 . 2009-02-23 16:38 5,862,994 --a--c--- C:\ts2_client_rc2_2032.exe 2009-02-23 16:38 . 2009-02-23 16:38 34,064 --a------ c:\windows\system32\lhacm.acm 2009-02-22 19:49 . 2009-02-22 19:49 <REP> d-------- c:\program files\TaskSwitchXP 2009-02-22 19:40 . 2009-02-27 17:09 <REP> d--h----- c:\windows\NiwradSoft Shell Pack 2009-02-22 16:49 . 2009-02-22 16:49 <REP> d--hs---- c:\windows\ftpcache 2009-02-22 16:48 . 2009-02-22 16:50 <REP> d-------- c:\program files\iSpeed 2009-02-22 14:48 . 2003-06-25 16:05 266,360 --a------ c:\windows\system32\TweakUI.exe 2009-02-22 14:48 . 2002-06-21 15:09 160,217 --a------ c:\windows\system32\PowerToysLicense.rtf 2009-02-22 00:42 . 2009-02-22 00:42 <REP> d-------- c:\documents and settings\erdt\Application Data\dBpoweramp 2009-02-21 12:24 . 2009-01-24 15:30 219,648 --a------ c:\windows\system32\uxtheme.dll.backup 2009-02-20 18:31 . 2003-08-03 15:31 90,624 --a------ c:\program files\tclock2.exe 2009-02-19 12:03 . 2009-02-19 12:03 579,464 --a------ c:\windows\system32\SymNeti.dll 2009-02-19 12:03 . 2009-02-19 12:03 207,240 --a------ c:\windows\system32\SymRedir.dll 2009-02-19 11:31 . 2009-02-19 11:31 184,496 --a------ c:\windows\system32\drivers\symtdi.sys 2009-02-19 11:31 . 2009-02-19 11:31 96,560 --a------ c:\windows\system32\drivers\symfw.sys 2009-02-19 11:31 . 2009-02-19 11:31 41,008 --a------ c:\windows\system32\drivers\symndisv.sys 2009-02-19 11:31 . 2009-02-19 11:31 38,576 --a------ c:\windows\system32\drivers\symids.sys 2009-02-19 11:31 . 2009-02-19 11:31 37,424 --a------ c:\windows\system32\drivers\symndis.sys 2009-02-19 11:31 . 2009-02-19 11:31 31,280 --a------ c:\windows\system32\drivers\SymIM.sys 2009-02-19 11:31 . 2009-02-19 11:31 22,320 --a------ c:\windows\system32\drivers\symredrv.sys 2009-02-19 11:31 . 2009-02-19 11:31 13,616 --a------ c:\windows\system32\drivers\symdns.sys 2009-02-19 11:31 . 2009-02-19 11:31 9,844 --a------ c:\windows\system32\drivers\SymRedir.cat 2009-02-19 11:31 . 2009-02-19 11:31 1,611 --a------ c:\windows\system32\drivers\SymRedir.inf 2009-02-18 19:42 . 2009-02-18 19:42 <REP> d-------- c:\documents and settings\erdt\Application Data\River Past G5 2009-02-18 19:42 . 2009-02-22 19:15 <REP> d-------- c:\documents and settings\All Users\Application Data\River Past G5 2009-02-18 18:16 . 2009-02-18 18:16 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.bmp 2009-02-18 18:16 . 2009-02-18 18:16 2,180 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat 2009-02-18 18:08 . 2009-02-18 18:08 <REP> d-------- c:\documents and settings\erdt\Application Data\AccurateRip 2009-02-18 18:07 . 2009-02-18 18:07 <REP> d-------- c:\program files\Illustrate 2009-02-18 18:07 . 2009-02-18 18:16 167,936 --a------ c:\windows\system32\SpoonUninstall.exe 2009-02-18 18:07 . 2009-02-18 18:07 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2009-02-18 18:07 . 2009-02-18 18:07 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-02-17 23:16 . 2009-02-17 23:16 <REP> d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT 2009-02-17 23:16 . 2002-01-05 15:37 344,064 --a------ c:\windows\system32\msvcr70.dll 2009-02-16 22:35 . 2009-02-16 23:06 <REP> d-------- c:\documents and settings\erdt\Application Data\LimeWire 2009-02-16 22:31 . 2009-02-16 22:35 <REP> d-------- c:\program files\LimeWire 2009-02-15 18:43 . 2009-02-27 11:57 <REP> d----c--- C:\Nexon 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys 2009-02-15 14:39 . 2009-02-15 14:39 22,200 --ah----- c:\windows\system32\mlfcache.dat 2009-02-14 20:57 . 2009-02-14 21:09 <REP> d-------- c:\program files\CleanUp! 2009-02-14 17:56 . 2009-02-14 17:59 <REP> d----c--- C:\rsit 2009-02-14 17:46 . 2008-04-13 19:34 230,912 --a------ c:\windows\system32\dllcache\regedit.exe.exe.exe 2009-02-14 17:44 . 2009-02-14 17:44 543 --a------ c:\windows\Raccourci vers regedit.exe.exe.lnk 2009-02-14 15:52 . 2009-02-14 21:14 4,411 --a------ c:\windows\pop.htm 2009-02-14 15:33 . 2009-02-14 15:33 <REP> d--hs---- c:\documents and settings\erdt\PrivacIE 2009-02-14 15:32 . 2009-02-14 15:32 <REP> d--hs---- c:\documents and settings\erdt\IECompatCache 2009-02-14 15:31 . 2009-02-14 15:31 <REP> d--hs---- c:\documents and settings\erdt\IETldCache 2009-02-14 13:47 . 2009-02-14 13:47 4,158 --a------ c:\program files\hijackthis.vbs 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-14 12:14 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-14 11:15 . 2009-02-14 11:15 401,720 --a--c--- c:\program files\Karcher.exe 2009-02-14 11:13 . 2009-02-27 09:34 <REP> d-------- c:\windows\ie8updates 2009-02-14 10:48 . 2009-01-11 06:00 79,360 --------- c:\windows\system32\dllcache\iecompat.dll 2009-02-14 10:15 . 2009-02-14 10:57 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-02-14 10:05 . 2009-02-14 10:14 <REP> d-------- c:\program files\Navilog1 2009-02-14 08:57 . 2009-02-14 08:57 <REP> d-------- c:\program files\Lavasoft 2009-02-14 08:57 . 2009-02-14 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-02-13 22:07 . 2009-02-13 22:07 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39 . 2009-02-13 20:40 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-13 20:39 . 2009-02-22 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\program files\SpywareBlaster 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\documents and settings\All Users\Application Data\TEMP 2009-02-12 18:11 . 2009-02-23 23:44 <REP> d-------- c:\program files\eMule 2009-02-12 17:24 . 2009-02-13 20:26 <REP> d-------- c:\program files\Steam . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-02 17:48 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-03-01 10:23 --------- d-----w c:\documents and settings\erdt\Application Data\uTorrent 2009-02-28 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 19:48 164,864 ----a-w c:\windows\system32\drivers\RTL8180.sys 2009-02-27 08:14 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-02-25 21:42 64,061 ----a-w c:\program files\AUG2007_d3dx9_35_x64.cab 2009-02-25 19:52 --------- d-----w c:\program files\ATI Technologies 2009-02-21 18:18 --------- d-----w c:\program files\ViStart 2009-02-21 01:32 --------- d-----w c:\program files\Windows Live 2009-02-17 15:34 --------- d-----w c:\program files\SQLyog Community 2009-02-17 15:34 --------- d-----w c:\documents and settings\erdt\Application Data\SQLyog 2009-02-14 16:59 --------- d-----w c:\program files\Trend Micro 2009-02-14 10:20 9,502 ----a-w c:\program files\hijackthis.log 2009-02-07 19:08 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment 2009-01-31 22:42 --------- d-----w c:\documents and settings\erdt\Application Data\Apple Computer 2009-01-31 20:33 --------- d-----w c:\program files\iTunes 2009-01-31 20:33 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 20:32 --------- d-----w c:\program files\iPod 2009-01-31 20:32 --------- d-----w c:\program files\Fichiers communs\Apple 2009-01-31 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2009-01-31 20:31 --------- d-----w c:\program files\QuickTime 2009-01-28 20:31 --------- d-----w c:\program files\MySQL 2009-01-28 20:15 --------- d-----w c:\documents and settings\erdt\Application Data\Grisoft 2009-01-28 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft 2009-01-28 15:24 --------- d-----w c:\program files\No-IP 2009-01-28 15:19 --------- d-----w c:\program files\DIFX 2009-01-27 21:10 --------- d-----w c:\program files\SystemRequirementsLab 2009-01-27 21:10 --------- d-----w c:\documents and settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 17:32 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-01-27 16:44 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-01-27 16:44 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-01-27 16:44 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-01-27 16:44 --------- d-----w c:\program files\Symantec 2009-01-27 13:27 --------- d-----w c:\documents and settings\All Users\Application Data\Nokia 2009-01-27 13:24 --------- d-----w c:\program files\Nokia 2009-01-27 13:23 --------- d-----w c:\program files\Fichiers communs\Nokia 2009-01-27 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-26 20:44 --------- d-----w c:\program files\OpenOffice.org 3 2009-01-26 20:44 --------- d-----w c:\program files\JRE 2009-01-26 20:43 --------- d-----w c:\program files\Java 2009-01-26 20:39 --------- d-----w c:\program files\Fichiers communs\Java 2009-01-26 20:02 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-01-25 17:02 --------- d-----w c:\program files\Reference Assemblies 2009-01-25 17:02 --------- d-----w c:\program files\MSBuild 2009-01-25 16:55 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 11:43 --------- d-----w c:\program files\Cacheman 2009-01-25 11:21 --------- d-----w c:\program files\GlobFX Technologies 2009-01-25 02:29 --------- d-----w c:\program files\Full Speed 2009-01-25 01:59 --------- d-----w c:\documents and settings\All Users\Application Data\NexonEU 2009-01-25 01:43 --------- d-----w c:\program files\CCleaner 2009-01-25 00:58 --------- d-----w c:\program files\Act 3d 2009-01-25 00:57 --------- d-----w c:\program files\Apple Software Update 2009-01-25 00:57 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-01-25 00:10 --------- d---a-w c:\program files\TrueTransparency 2009-01-25 00:05 --------- d-----w c:\program files\Stardock 2009-01-25 00:05 --------- d-----w c:\program files\Fichiers communs\Stardock 2009-01-24 23:49 --------- d-----w c:\program files\TB 2009-01-24 23:41 --------- d-----w c:\program files\wallpaper 2009-01-24 23:41 --------- d-----w c:\program files\UNRAR 2009-01-24 23:41 --------- d-----w c:\program files\shadow 2009-01-24 23:41 --------- d-----w c:\program files\msstyles 2009-01-24 23:41 --------- d-----w c:\program files\image 2009-01-24 23:41 --------- d-----w c:\documents and settings\erdt\Application Data\Styler 2009-01-24 23:31 --------- d-----w c:\program files\Vista Styler 2009-01-24 15:12 --------- d-----w c:\program files\Microsoft Silverlight 2009-01-24 15:11 --------- d-----w c:\program files\Microsoft 2009-01-24 15:05 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-24 14:56 --------- d-----w c:\program files\WinCustomize 2009-01-24 14:47 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-01-24 14:44 --------- d-----w c:\program files\Norton AntiVirus 2009-01-24 14:41 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-24 14:37 --------- d-----w c:\program files\uTorrent 2009-01-24 14:33 --------- d-----w c:\program files\Fichiers communs\Windows Live 2009-01-24 14:32 --------- d-----w c:\program files\Windows Sidebar 2009-01-24 14:30 64,026 ----a-w c:\windows\BricoPackUninst.cmd 2009-01-24 14:30 6,112 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2009-01-24 14:29 --------- d-----w c:\documents and settings\erdt\Application Data\ViStart 2009-01-24 14:16 --------- d-----w c:\program files\Google 2009-01-24 12:18 --------- d-----w c:\documents and settings\erdt\Application Data\Symantec 2009-01-24 12:14 --------- d-----w c:\program files\Opera 2009-01-24 10:38 --------- d-----w c:\program files\CyberLink 2009-01-24 10:38 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2009-01-24 10:34 --------- d-----w c:\program files\Virtual CD v4 SDK 2009-01-24 10:30 --------- d-----w c:\program files\Real 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\xing shared 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\Real 2009-01-24 10:30 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-24 10:27 --------- d-----w c:\documents and settings\erdt\Application Data\InterTrust 2009-01-24 10:27 --------- d-----w c:\documents and settings\Administrateur\Application Data\InterTrust 2009-01-24 10:20 --------- d-----w c:\program files\Synaptics 2009-01-24 10:19 --------- d-----w c:\program files\VIA 2008-10-27 09:37 696,881 ----a-w c:\program files\APR2007_d3dx10_33_x86.cab 2008-10-27 09:37 196,782 ----a-w c:\program files\APR2007_XACT_x64.cab 2008-10-27 09:37 183,919 ----a-w c:\program files\AUG2006_XACT_x64.cab 2008-10-27 09:37 180,149 ----a-w c:\program files\Apr2006_XACT_x64.cab 2008-10-27 09:37 152,241 ----a-w c:\program files\APR2007_XACT_x86.cab 2008-10-27 09:37 139,033 ----a-w c:\program files\OCT2006_XACT_x86.cab 2008-10-27 09:37 138,251 ----a-w c:\program files\AUG2006_XACT_x86.cab . ------- Sigcheck ------- 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\Backup\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\TempFiles\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\ServicePackFiles\i386\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\user32.dll 2005-03-02 19:10 578048 0df75fb73f705b011630159a43d7c354 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\user32.dll 2005-03-02 19:20 578048 c34920eb988ce98910bd6b0417f334eb c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\user32.dll 2002-08-30 13:00 561152 0abf2f5280940d32d1d52bd3500b0c37 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\dllcache\user32.dll 2008-08-14 19:26 2068096 755b50949d0dbc0f0136b0db58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\Driver Cache\i386\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\TempFiles\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe 2004-10-28 02:27 1959424 939a0369e78bfb0bd342302e86390a09 c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntkrnlpa.exe 2005-03-02 19:17 1959424 d0a4b5f428873b73a75178605b6db10d c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntkrnlpa.exe 2005-03-02 19:07 2058880 73fa9c95d235844a36968c7852c7dbdd c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntkrnlpa.exe 2005-03-02 19:13 2059008 5311776074b6c13f983dc75baeac9c0c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntkrnlpa.exe 2003-02-05 11:28 1951872 c43bd608a00e80d499a660ae103f0fe3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\dllcache\ntkrnlpa.exe 2008-08-14 19:26 2191232 d79210549bbf09b7638e860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\Driver Cache\i386\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\TempFiles\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\ServicePackFiles\i386\ntoskrnl.exe 2004-10-28 02:27 2092032 a8a188ac824aac564048c3a61a94ab9c c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntoskrnl.exe 2005-03-02 19:17 2044416 131b4b0968e429b4221a7f0d8f0a26c7 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntoskrnl.exe 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntoskrnl.exe 2002-08-29 11:42 2045824 f58b3ce36566d6061a496dc595a8aaa3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\dllcache\ntoskrnl.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\TempFiles\explorer.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\ServicePackFiles\i386\explorer.exe 2002-08-30 13:00 1008128 82fe0d400cb1ac937234467b927b867a c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\explorer.exe . ((((((((((((((((((((((((((((( SnapShot@2009-03-02_17.46.02.45 ))))))))))))))))))))))))))))))))))))))))) . + 2009-03-02 18:02:33 65,536 ----a-r c:\windows\Installer\{10E1E87C-656C-4D08-86D6-5443D28583BE}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe + 2009-03-02 18:04:01 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\ARPPRODUCTICON.exe + 2009-03-02 18:04:01 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\hpqSSupply.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\ARPPRODUCTICON.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\NewShortcut1_8389382B53BA4A87885491E3D80A5AC7.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\NewShortcut2_8389382B53BA4A87885491E3D80A5AC7.exe + 2009-03-02 18:04:34 65,536 ----a-r c:\windows\Installer\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}\ARPPRODUCTICON.exe + 2009-03-02 18:04:34 689,720 ----a-r c:\windows\Installer\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe + 2009-03-02 18:05:08 25,214 ----a-r c:\windows\Installer\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}\ARPPRODUCTICON.exe + 2007-04-23 19:11:18 287,256 ----a-r c:\windows\system32\AbaleZip.dll + 2003-03-18 18:05:50 89,088 ----a-w c:\windows\system32\atl71.dll + 2007-03-11 20:24:52 1,645,320 ----a-w c:\windows\system32\gdiplus.dll + 2007-03-11 20:24:50 190,072 ----a-w c:\windows\system32\Macromed\Flash\FlashUtil9b.exe + 2009-03-02 20:17:42 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_2a8.dat + 2007-03-11 20:32:42 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll + 2007-03-11 20:32:42 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll + 2007-03-11 20:32:42 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll + 2007-03-11 20:32:42 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll + 2007-03-11 20:32:42 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll + 2007-03-11 20:32:42 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-01-24 151597] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-10-17 51048] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe] c:\documents and settings\erdt\Menu D‚marrer\Programmes\D‚marrage\ Teamspeak RC2.lnk - c:\program files\Teamspeak2_RC2\TeamSpeak.exe [2003-08-29 1436160] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\nexon\Combat Arms EU\CombatArms.exe"= c:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms EU\Engine.exe"= c:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms EU\\NMService.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "e:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8080:TCP"= 8080:TCP:accès au serveur web "8085:TCP"= 8085:TCP:Royaume 1 "8084:TCP"= 8084:TCP:Royaume 2 "80:TCP"= 80:TCP:O "3306:TCP"= 3306:TCP:connexion à la db de mangos "3427:TCP"= 3427:TCP:PO "3724:TCP"= 3724:TCP:connexion à la base Realmd "3306:UDP"= 3306:UDP:tnw "8767:TCP"= 8767:TCP:ts "8767:UDP"= 8767:UDP:tS "3784:TCP"= 3784:TCP:ca "3784:UDP"= 3784:UDP:combatarms R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [2009-01-24 49232] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Fichiers communs\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [2009-01-24 139264] R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [1980-01-01 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 101936] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-01-24 164864] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-03-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] 2009-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-03-02 c:\windows\Tasks\HDReg.job - c:\apps\HDReg\HDRegRem.exe [2002-10-02 11:57] 2009-03-02 c:\windows\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job - c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 07:05] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 2.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 3.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-02 21:19:15 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1504) c:\windows\system32\SETUPAPI.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1572) c:\windows\system32\SETUPAPI.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe c:\windows\system32\msiexec.exe c:\windows\system32\notepad.exe . ************************************************************************** . Heure de fin: 2009-03-02 21:27:14 - La machine a redémarré [erdt] ComboFix-quarantined-files.txt 2009-03-02 20:27:08 ComboFix2.txt 2009-03-02 16:47:59 Avant-CF: 28,622,307,328 octets libres Après-CF: 29,207,154,688 octets libres 452 --- E O F --- 2009-02-25 20:27:49
  2. frozz
    Bonjour, désolé pour le grand retard milles excuses, voici le rapport: ComboFix 09-03-01.01 - erdt 2009-03-02 17:41:22.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.576 [GMT 1:00] Lancé depuis: c:\documents and settings\erdt\Bureau\101010.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) FW: Norton AntiVirus *enabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\setup.exe c:\windows\system32\_002951_.tmp.dll c:\windows\system32\_002952_.tmp.dll c:\windows\system32\_002953_.tmp.dll c:\windows\system32\advapi32new.dll c:\windows\system32\apphelpnew.dll c:\windows\system32\AutoRun.inf c:\windows\system32\crypt32new.dll c:\windows\system32\d3d10core.dll c:\windows\system32\kernel32new.dll c:\windows\system32\MabryObj.dll c:\windows\system32\msvcrtnew.dll c:\windows\system32\ntdsapinew.dll c:\windows\system32\powrprofnew.dll c:\windows\system32\Process.exe c:\windows\system32\secur32new.dll c:\windows\system32\user32new.dll c:\windows\system32\winstanew.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-02 au 2009-03-02 )))))))))))))))))))))))))))))))))))) . 2009-03-02 17:34 . 2009-03-02 17:34 <REP> d----c--- C:\erdt 2009-03-02 17:29 . 2009-03-02 17:32 <REP> d----c--- C:\ComboFix 2009-03-02 17:28 . 2009-03-02 17:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-03-02 17:24 . 2009-03-02 17:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-03-02 17:24 . 2007-03-28 14:01 117,760 --a------ c:\windows\system32\hpzll5ha.dll 2009-03-02 17:20 . 2009-03-02 17:20 <REP> d-------- c:\program files\Hewlett-Packard 2009-03-02 17:19 . 2009-03-02 17:19 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard 2009-03-02 17:17 . 2009-03-02 17:38 <REP> d-------- c:\windows\LastGood 2009-03-02 17:17 . 2007-03-18 07:11 675,840 --a------ c:\windows\system32\hpowiax3.dll 2009-03-02 17:17 . 2007-03-18 07:11 569,344 --a------ c:\windows\system32\hpotscl3.dll 2009-03-02 17:17 . 2007-03-18 07:11 303,104 --a------ c:\windows\system32\hpovst10.dll 2009-03-02 17:17 . 2007-03-31 06:07 267,864 --a------ c:\windows\system32\hpzids01.dll 2009-03-02 17:16 . 2009-03-02 17:16 <REP> d-------- c:\program files\HP 2009-03-02 17:15 . 2009-03-02 17:25 132,529 --a------ c:\windows\hpoins14.dat 2009-03-02 17:15 . 2007-09-21 12:59 1,996 --------- c:\windows\hpomdl14.dat 2009-03-01 12:52 . 2009-03-01 12:52 <REP> d-------- c:\documents and settings\erdt\Application Data\XemiComputers 2009-03-01 11:28 . 2009-03-01 11:31 <REP> d-------- c:\program files\TGTSoft 2009-03-01 11:28 . 2009-03-01 11:28 88 --a------ c:\windows\StyleBuilder.INI 2009-02-28 20:52 . 2009-02-28 20:52 <REP> d----c--- C:\Dell 2009-02-28 20:49 . 2009-02-28 20:49 <REP> d-------- c:\windows\OPTIONS 2009-02-28 00:42 . 2009-02-28 01:27 <REP> d-------- c:\documents and settings\erdt\Application Data\Ventrilo 2009-02-28 00:40 . 2009-02-28 01:33 <REP> d-------- c:\program files\VentSrv 2009-02-28 00:39 . 2009-02-28 01:33 <REP> d-------- c:\program files\Ventrilo 2009-02-28 00:38 . 2009-02-28 00:39 262 --a------ c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2009-02-28 00:37 . 2009-02-28 00:39 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2009-02-27 09:27 . 2009-02-27 09:33 <REP> d--h-c--- c:\windows\ie8 2009-02-27 00:57 . 2009-02-27 00:58 <REP> d-------- c:\documents and settings\erdt\Application Data\dvdcss 2009-02-27 00:56 . 2009-02-27 11:40 <REP> d-------- c:\documents and settings\erdt\Application Data\vlc 2009-02-27 00:54 . 2009-02-27 00:54 <REP> d-------- c:\program files\VideoLAN 2009-02-27 00:18 . 2009-02-27 00:18 <REP> d-------- c:\program files\Safari 2009-02-27 00:17 . 2009-02-27 00:17 <REP> d-------- c:\program files\Bonjour 2009-02-26 17:15 . 2009-02-26 17:15 <REP> d-------- c:\program files\MzRam 2009-02-25 22:32 . 2009-02-28 13:37 3,688 --a------ c:\windows\system32\d3d9caps.dat 2009-02-25 20:53 . 2006-08-22 21:05 520,192 --------- c:\windows\system32\ati2sgag.exe 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\Driver 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\ACE 2009-02-25 20:51 . 2006-08-23 09:05 1,686,484 --a--c--- C:\data1.cab 2009-02-25 20:51 . 2009-02-25 20:51 1,529,216 --a--c--- C:\GenuineCheck.exe 2009-02-25 20:51 . 2006-08-23 09:05 512 --a--c--- C:\data2.cab 2009-02-25 20:45 . 2009-02-25 20:47 45,490,823 --a--c--- C:\ati catalyst-mobility-6.9-all-kxp.exe 2009-02-25 15:50 . 2009-02-25 15:50 <REP> d----c--- C:\DirectX10 RC2 Fix 3-Pre-Final 2009-02-25 15:50 . 2009-02-28 23:57 716,153 --a------ c:\windows\system32\unins000.exe 2009-02-25 15:50 . 2008-03-05 16:03 329,224 --a------ c:\windows\system32\DXErr.exe 2009-02-25 15:50 . 2008-03-05 16:03 209,416 --a------ c:\windows\system32\dxcpl.exe 2009-02-25 15:50 . 2009-02-28 23:57 12,731 --a------ c:\windows\system32\unins000.dat 2009-02-25 15:48 . 2009-02-25 15:49 4,764,495 --a--c--- C:\DirectX10_RC2_Fix_3-Pre-Final.zip 2009-02-25 15:22 . 2009-02-25 15:33 26,699,048 --a--c--- C:\SafariSetup.exe 2009-02-23 17:10 . 2009-03-01 12:51 <REP> d-------- c:\program files\Teamspeak2_RC2 2009-02-23 16:42 . 2009-02-23 16:42 1,657,659 --a--c--- C:\ts2_server_rc2_202319.exe 2009-02-23 16:39 . 2009-02-23 16:39 <REP> d-------- c:\documents and settings\erdt\Application Data\teamspeak2 2009-02-23 16:38 . 2009-02-23 16:38 5,862,994 --a--c--- C:\ts2_client_rc2_2032.exe 2009-02-23 16:38 . 2009-02-23 16:38 34,064 --a------ c:\windows\system32\lhacm.acm 2009-02-22 19:49 . 2009-02-22 19:49 <REP> d-------- c:\program files\TaskSwitchXP 2009-02-22 19:40 . 2009-02-27 17:09 <REP> d--h----- c:\windows\NiwradSoft Shell Pack 2009-02-22 16:49 . 2009-02-22 16:49 <REP> d--hs---- c:\windows\ftpcache 2009-02-22 16:48 . 2009-02-22 16:50 <REP> d-------- c:\program files\iSpeed 2009-02-22 14:48 . 2003-06-25 16:05 266,360 --a------ c:\windows\system32\TweakUI.exe 2009-02-22 14:48 . 2002-06-21 15:09 160,217 --a------ c:\windows\system32\PowerToysLicense.rtf 2009-02-22 00:42 . 2009-02-22 00:42 <REP> d-------- c:\documents and settings\erdt\Application Data\dBpoweramp 2009-02-21 12:24 . 2009-01-24 15:30 219,648 --a------ c:\windows\system32\uxtheme.dll.backup 2009-02-20 18:31 . 2003-08-03 15:31 90,624 --a------ c:\program files\tclock2.exe 2009-02-19 12:03 . 2009-02-19 12:03 579,464 --a------ c:\windows\system32\SymNeti.dll 2009-02-19 12:03 . 2009-02-19 12:03 207,240 --a------ c:\windows\system32\SymRedir.dll 2009-02-19 11:31 . 2009-02-19 11:31 184,496 --a------ c:\windows\system32\drivers\symtdi.sys 2009-02-19 11:31 . 2009-02-19 11:31 96,560 --a------ c:\windows\system32\drivers\symfw.sys 2009-02-19 11:31 . 2009-02-19 11:31 41,008 --a------ c:\windows\system32\drivers\symndisv.sys 2009-02-19 11:31 . 2009-02-19 11:31 38,576 --a------ c:\windows\system32\drivers\symids.sys 2009-02-19 11:31 . 2009-02-19 11:31 37,424 --a------ c:\windows\system32\drivers\symndis.sys 2009-02-19 11:31 . 2009-02-19 11:31 31,280 --a------ c:\windows\system32\drivers\SymIM.sys 2009-02-19 11:31 . 2009-02-19 11:31 22,320 --a------ c:\windows\system32\drivers\symredrv.sys 2009-02-19 11:31 . 2009-02-19 11:31 13,616 --a------ c:\windows\system32\drivers\symdns.sys 2009-02-19 11:31 . 2009-02-19 11:31 9,844 --a------ c:\windows\system32\drivers\SymRedir.cat 2009-02-19 11:31 . 2009-02-19 11:31 1,611 --a------ c:\windows\system32\drivers\SymRedir.inf 2009-02-18 19:42 . 2009-02-18 19:42 <REP> d-------- c:\documents and settings\erdt\Application Data\River Past G5 2009-02-18 19:42 . 2009-02-22 19:15 <REP> d-------- c:\documents and settings\All Users\Application Data\River Past G5 2009-02-18 18:16 . 2009-02-18 18:16 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.bmp 2009-02-18 18:16 . 2009-02-18 18:16 2,180 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat 2009-02-18 18:08 . 2009-02-18 18:08 <REP> d-------- c:\documents and settings\erdt\Application Data\AccurateRip 2009-02-18 18:07 . 2009-02-18 18:07 <REP> d-------- c:\program files\Illustrate 2009-02-18 18:07 . 2009-02-18 18:16 167,936 --a------ c:\windows\system32\SpoonUninstall.exe 2009-02-18 18:07 . 2009-02-18 18:07 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2009-02-18 18:07 . 2009-02-18 18:07 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-02-17 23:16 . 2009-02-17 23:16 <REP> d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT 2009-02-17 23:16 . 2002-01-05 15:37 344,064 --a------ c:\windows\system32\msvcr70.dll 2009-02-16 22:35 . 2009-02-16 23:06 <REP> d-------- c:\documents and settings\erdt\Application Data\LimeWire 2009-02-16 22:31 . 2009-02-16 22:35 <REP> d-------- c:\program files\LimeWire 2009-02-15 18:43 . 2009-02-27 11:57 <REP> d----c--- C:\Nexon 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys 2009-02-15 14:39 . 2009-02-15 14:39 22,200 --ah----- c:\windows\system32\mlfcache.dat 2009-02-14 20:57 . 2009-02-14 21:09 <REP> d-------- c:\program files\CleanUp! 2009-02-14 17:56 . 2009-02-14 17:59 <REP> d----c--- C:\rsit 2009-02-14 17:46 . 2008-04-13 19:34 230,912 --a------ c:\windows\system32\dllcache\regedit.exe.exe.exe 2009-02-14 17:44 . 2009-02-14 17:44 543 --a------ c:\windows\Raccourci vers regedit.exe.exe.lnk 2009-02-14 15:52 . 2009-02-14 21:14 4,411 --a------ c:\windows\pop.htm 2009-02-14 15:33 . 2009-02-14 15:33 <REP> d--hs---- c:\documents and settings\erdt\PrivacIE 2009-02-14 15:32 . 2009-02-14 15:32 <REP> d--hs---- c:\documents and settings\erdt\IECompatCache 2009-02-14 15:31 . 2009-02-14 15:31 <REP> d--hs---- c:\documents and settings\erdt\IETldCache 2009-02-14 13:47 . 2009-02-14 13:47 4,158 --a------ c:\program files\hijackthis.vbs 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-14 12:14 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-14 11:15 . 2009-02-14 11:15 401,720 --a--c--- c:\program files\Karcher.exe 2009-02-14 11:13 . 2009-02-27 09:34 <REP> d-------- c:\windows\ie8updates 2009-02-14 10:48 . 2009-01-11 06:00 79,360 --------- c:\windows\system32\dllcache\iecompat.dll 2009-02-14 10:15 . 2009-02-14 10:57 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-02-14 10:05 . 2009-02-14 10:14 <REP> d-------- c:\program files\Navilog1 2009-02-14 08:57 . 2009-02-14 08:57 <REP> d-------- c:\program files\Lavasoft 2009-02-14 08:57 . 2009-02-14 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-02-13 22:07 . 2009-02-13 22:07 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39 . 2009-02-13 20:40 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-13 20:39 . 2009-02-22 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\program files\SpywareBlaster 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\documents and settings\All Users\Application Data\TEMP 2009-02-12 18:11 . 2009-02-23 23:44 <REP> d-------- c:\program files\eMule 2009-02-12 17:24 . 2009-02-13 20:26 <REP> d-------- c:\program files\Steam 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\XP 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\NeXT 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Language 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Digital 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Default . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-01 20:14 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-03-01 10:23 --------- d-----w c:\documents and settings\erdt\Application Data\uTorrent 2009-02-28 20:20 413,696 ----a-w c:\windows\system32\wrap_oal.dll 2009-02-28 20:20 110,592 ----a-w c:\windows\system32\OpenAL32.dll 2009-02-28 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 19:48 164,864 ----a-w c:\windows\system32\drivers\RTL8180.sys 2009-02-27 08:14 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-02-25 21:42 64,061 ----a-w c:\program files\AUG2007_d3dx9_35_x64.cab 2009-02-25 19:52 --------- d-----w c:\program files\ATI Technologies 2009-02-22 18:40 219,648 ----a-w c:\windows\system32\uxtheme.dll 2009-02-21 18:18 --------- d-----w c:\program files\ViStart 2009-02-21 01:32 --------- d-----w c:\program files\Windows Live 2009-02-17 15:34 --------- d-----w c:\program files\SQLyog Community 2009-02-17 15:34 --------- d-----w c:\documents and settings\erdt\Application Data\SQLyog 2009-02-14 16:59 --------- d-----w c:\program files\Trend Micro 2009-02-14 10:20 9,502 ----a-w c:\program files\hijackthis.log 2009-02-07 19:08 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment 2009-01-31 22:42 --------- d-----w c:\documents and settings\erdt\Application Data\Apple Computer 2009-01-31 20:33 --------- d-----w c:\program files\iTunes 2009-01-31 20:33 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 20:32 --------- d-----w c:\program files\iPod 2009-01-31 20:32 --------- d-----w c:\program files\Fichiers communs\Apple 2009-01-31 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2009-01-31 20:31 --------- d-----w c:\program files\QuickTime 2009-01-28 20:31 --------- d-----w c:\program files\MySQL 2009-01-28 20:15 --------- d-----w c:\documents and settings\erdt\Application Data\Grisoft 2009-01-28 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft 2009-01-28 15:24 --------- d-----w c:\program files\No-IP 2009-01-28 15:19 --------- d-----w c:\program files\DIFX 2009-01-27 21:10 --------- d-----w c:\program files\SystemRequirementsLab 2009-01-27 21:10 --------- d-----w c:\documents and settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 17:32 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-01-27 16:44 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-01-27 16:44 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL 2009-01-27 16:44 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-01-27 16:44 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-01-27 16:44 --------- d-----w c:\program files\Symantec 2009-01-27 13:27 --------- d-----w c:\documents and settings\All Users\Application Data\Nokia 2009-01-27 13:24 --------- d-----w c:\program files\Nokia 2009-01-27 13:23 --------- d-----w c:\program files\Fichiers communs\Nokia 2009-01-27 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-26 20:44 --------- d-----w c:\program files\OpenOffice.org 3 2009-01-26 20:44 --------- d-----w c:\program files\JRE 2009-01-26 20:43 --------- d-----w c:\program files\Java 2009-01-26 20:39 --------- d-----w c:\program files\Fichiers communs\Java 2009-01-26 20:02 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-01-26 19:59 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-01-25 17:02 --------- d-----w c:\program files\Reference Assemblies 2009-01-25 17:02 --------- d-----w c:\program files\MSBuild 2009-01-25 16:55 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 11:43 --------- d-----w c:\program files\Cacheman 2009-01-25 11:21 --------- d-----w c:\program files\GlobFX Technologies 2009-01-25 02:29 --------- d-----w c:\program files\Full Speed 2009-01-25 01:59 --------- d-----w c:\documents and settings\All Users\Application Data\NexonEU 2009-01-25 01:43 --------- d-----w c:\program files\CCleaner 2009-01-25 00:58 --------- d-----w c:\program files\Act 3d 2009-01-25 00:57 --------- d-----w c:\program files\Apple Software Update 2009-01-25 00:57 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-01-25 00:10 --------- d---a-w c:\program files\TrueTransparency 2009-01-25 00:08 5,650,944 ----a-w c:\windows\system32\logonuiX.exe 2009-01-25 00:05 --------- d-----w c:\program files\Stardock 2009-01-25 00:05 --------- d-----w c:\program files\Fichiers communs\Stardock 2009-01-24 23:49 --------- d-----w c:\program files\TB 2009-01-24 23:41 --------- d-----w c:\program files\wallpaper 2009-01-24 23:41 --------- d-----w c:\program files\UNRAR 2009-01-24 23:41 --------- d-----w c:\program files\shadow 2009-01-24 23:41 --------- d-----w c:\program files\msstyles 2009-01-24 23:41 --------- d-----w c:\program files\image 2009-01-24 23:41 --------- d-----w c:\documents and settings\erdt\Application Data\Styler 2009-01-24 23:31 --------- d-----w c:\program files\Vista Styler 2009-01-24 15:15 193,220 ----a-w c:\windows\Web\Wallpaper\uninstall_Vista_Wallpapers.exe 2009-01-24 15:12 --------- d-----w c:\program files\Microsoft Silverlight 2009-01-24 15:11 --------- d-----w c:\program files\Microsoft 2009-01-24 15:05 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-24 14:56 --------- d-----w c:\program files\WinCustomize 2009-01-24 14:47 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-01-24 14:44 --------- d-----w c:\program files\Norton AntiVirus 2009-01-24 14:41 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-24 14:37 --------- d-----w c:\program files\uTorrent 2009-01-24 14:33 --------- d-----w c:\program files\Fichiers communs\Windows Live 2009-01-24 14:32 --------- d-----w c:\program files\Windows Sidebar 2009-01-24 14:30 64,026 ----a-w c:\windows\BricoPackUninst.cmd 2009-01-24 14:30 6,112 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2009-01-24 14:29 --------- d-----w c:\documents and settings\erdt\Application Data\ViStart 2009-01-24 14:16 --------- d-----w c:\program files\Google 2009-01-24 12:18 --------- d-----w c:\documents and settings\erdt\Application Data\Symantec 2009-01-24 12:14 --------- d-----w c:\program files\Opera 2009-01-24 10:38 --------- d-----w c:\program files\CyberLink 2009-01-24 10:38 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2009-01-24 10:34 --------- d-----w c:\program files\Virtual CD v4 SDK 2009-01-24 10:30 --------- d-----w c:\program files\Real 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\xing shared 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\Real 2009-01-24 10:30 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-24 10:27 --------- d-----w c:\documents and settings\erdt\Application Data\InterTrust 2009-01-24 10:27 --------- d-----w c:\documents and settings\Administrateur\Application Data\InterTrust 2009-01-24 10:20 --------- d-----w c:\program files\Synaptics 2009-01-24 10:19 --------- d-----w c:\program files\VIA . ------- Sigcheck ------- 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\Backup\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\TempFiles\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\ServicePackFiles\i386\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\user32.dll 2005-03-02 19:10 578048 0df75fb73f705b011630159a43d7c354 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\user32.dll 2005-03-02 19:20 578048 c34920eb988ce98910bd6b0417f334eb c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\user32.dll 2002-08-30 13:00 561152 0abf2f5280940d32d1d52bd3500b0c37 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\dllcache\user32.dll 2008-08-14 19:26 2068096 755b50949d0dbc0f0136b0db58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\Driver Cache\i386\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\TempFiles\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe 2004-10-28 02:27 1959424 939a0369e78bfb0bd342302e86390a09 c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntkrnlpa.exe 2005-03-02 19:17 1959424 d0a4b5f428873b73a75178605b6db10d c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntkrnlpa.exe 2005-03-02 19:07 2058880 73fa9c95d235844a36968c7852c7dbdd c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntkrnlpa.exe 2005-03-02 19:13 2059008 5311776074b6c13f983dc75baeac9c0c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntkrnlpa.exe 2003-02-05 11:28 1951872 c43bd608a00e80d499a660ae103f0fe3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\dllcache\ntkrnlpa.exe 2008-08-14 19:26 2191232 d79210549bbf09b7638e860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\Driver Cache\i386\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\TempFiles\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\ServicePackFiles\i386\ntoskrnl.exe 2004-10-28 02:27 2092032 a8a188ac824aac564048c3a61a94ab9c c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntoskrnl.exe 2005-03-02 19:17 2044416 131b4b0968e429b4221a7f0d8f0a26c7 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntoskrnl.exe 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntoskrnl.exe 2002-08-29 11:42 2045824 f58b3ce36566d6061a496dc595a8aaa3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\dllcache\ntoskrnl.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\TempFiles\explorer.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\ServicePackFiles\i386\explorer.exe 2002-08-30 13:00 1008128 82fe0d400cb1ac937234467b927b867a c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-01-24 151597] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-10-17 51048] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe] c:\documents and settings\erdt\Menu D‚marrer\Programmes\D‚marrage\ Teamspeak RC2.lnk - c:\program files\Teamspeak2_RC2\TeamSpeak.exe [2003-08-29 1436160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\nexon\Combat Arms EU\CombatArms.exe"= c:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms EU\Engine.exe"= c:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms EU\\NMService.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "e:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8080:TCP"= 8080:TCP:accès au serveur web "8085:TCP"= 8085:TCP:Royaume 1 "8084:TCP"= 8084:TCP:Royaume 2 "80:TCP"= 80:TCP:O "3306:TCP"= 3306:TCP:connexion à la db de mangos "3427:TCP"= 3427:TCP:PO "3724:TCP"= 3724:TCP:connexion à la base Realmd "3306:UDP"= 3306:UDP:tnw "8767:TCP"= 8767:TCP:ts "8767:UDP"= 8767:UDP:tS "3784:TCP"= 3784:TCP:ca "3784:UDP"= 3784:UDP:combatarms R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [2009-01-24 49232] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Fichiers communs\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [2009-01-24 139264] R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [1980-01-01 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 101936] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-01-24 164864] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - NET_DRIVER_HPZ12 *NewlyCreated* - PML_DRIVER_HPZ12 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-02-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] 2009-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-01-24 c:\windows\Tasks\HDReg.job - c:\apps\HDReg\HDRegRem.exe [2002-10-02 11:57] 2009-01-24 c:\windows\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job - c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 07:05] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 2.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 3.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-Active Desktop Calendar - c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-02 17:44:59 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1504) c:\windows\system32\SETUPAPI.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1568) c:\windows\system32\SETUPAPI.dll . Heure de fin: 2009-03-02 17:47:57 ComboFix-quarantined-files.txt 2009-03-02 16:47:46 Avant-CF: 29,182,623,744 octets libres Après-CF: 29,581,676,544 octets libres 422 --- E O F --- 2009-02-25 20:27:49
  3. frozz
    j'ai pas de fichier combofix dans C:\ j'ai un dossier combofix
  4. frozz
    Lorsque je lance combofix (installé sur mon bureau ) j'ai une erreur : -Windows ne parvient pas à accéder au périphérique, au chemin d'accès ou au fichier spécifié. Vous ne disposez peut etre pas des autorisations appropriées pour avoir accès à l'élément.
  5. frozz
    Bonjour, En cherchant le mode recuperation , j'ai trouvé (F8) mode avec les dernies parametres fonctionnels j'ai cliqué desse et miracle tout marche comme avant plus de pub intempestives. Savez-vous comment serait ce possible et dois je faire un scan complet (si oui avec quel logiciel me conseillez vous?)
  6. frozz
    La console de récupération je sait pas comment l installer Je suis sous xp Home, navigateur: Opera
  7. frozz
    Merci je test ca de suite bonne nuit et a demain =) PS: Vos liens fonctionnent ?
  8. frozz
    Comment? Merci d'avance Edit: ok falkra désolé pour le dérangement occasionné j'ai envoyé un message privé =)
  9. frozz
    et voici le INFO: info.txt logfile of random's system information tool 1.05 2009-02-14 17:59:39 ======Uninstall list====== -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{09B44E78-A988-4BC0-962F-63ECD3333708} /l1036 -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {8855FF30-19CE-4CB1-A654-87B38369CCE1} -->C:\WINDOWS\System32\UNESB.exe -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE -->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean -->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Act 3d Silex Screensaver-->C:\Program Files\Act 3d\Silex Screensaver\uninstall.exe Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2} AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Cacheman 5.50-->C:\PROGRA~1\Cacheman\UNWISE.EXE C:\PROGRA~1\Cacheman\install.dat ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Combat Arms EU-->"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:50340359 -locale:EU Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09} Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5} eMule-->"C:\Program Files\eMule\Uninstall.exe" Eraser-->"C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE Eraser-->C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe Full Speed-->"C:\WINDOWS\Full Speed\uninstall.exe" "/U:C:\Program Files\Full Speed\Uninstall\uninstall.xml" Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C} GlobFX Space Travel-->"C:\Program Files\GlobFX Technologies\SpaceTravel\Uninstall.exe" Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0} iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate" LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} LogonStudio-->C:\PROGRA~1\WINCUS~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\WINCUS~1\LOGONS~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC} Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MySQL Server 5.0-->MsiExec.exe /I{DBACBFE4-F79E-4AFB-A7C3-463555B8446B} Navilog1 3.7.3-->"C:\Program Files\Navilog1\unins000.exe" No-IP.com DUC (remove only)-->"C:\Program Files\No-IP\DUC20.exe" -uninstall Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625} Nokia Flashing Cable Driver-->MsiExec.exe /X{D99C322D-C21B-40C7-AE71-EE51AA096B6E} Nokia Software Updater-->MsiExec.exe /X{59367F7E-D7C1-4629-8AEC-71AA24A68F31} Norton AntiVirus (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_5_0_23\Setup.exe" /X Norton AntiVirus Help-->MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8} Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2} Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB} OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33} Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe PhoenixRC-->MsiExec.exe /X{14D7BE12-B66C-4510-8FC0-4DD306625C0C} PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\SETUP.EXE" -uninstall QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Safari-->MsiExec.exe /X{582D2A53-F426-4C5E-A2E6-43C1AB36B907} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sonic RecordNow DX-->MsiExec.exe /I{8855FF30-19CE-4CB1-A654-87B38369CCE1} SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Styler-->MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941} Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Tweak Up 1.9a-->C:\Program Files\Tweak Up 1.9a\uninstal.exe Tweak-XP Pro 4-->C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini" Vista Wallpapers-->C:\WINDOWS\Web\Wallpaper\uninstall_Vista_Wallpapers.exe ViStart-->C:\Program Files\ViStart\KillMe.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" WampServer 2.0-->"c:\wamp\unins000.exe" Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Norton AntiVirus FW: Norton AntiVirus System event log Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1864 Source Name: DCOM Time Written: 20090125170116.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1863 Source Name: DCOM Time Written: 20090125170056.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 1862 Source Name: DCOM Time Written: 20090125170042.000000+060 Event Type: error User: SN232000140121\Administrateur Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 1861 Source Name: DCOM Time Written: 20090125170041.000000+060 Event Type: error User: SN232000140121\Administrateur Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1860 Source Name: DCOM Time Written: 20090125170023.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Application event log Computer Name: SN232000140121 Event Code: 35 Message: Le service 'LiveUpdate Notice' a démarré. Record Number: 640 Source Name: ccSvcHst Time Written: 20090125182837.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 34 Message: Le service 'LiveUpdate Notice' démarre. Record Number: 639 Source Name: ccSvcHst Time Written: 20090125182834.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 35 Message: Le service 'ccEvtMgr' a démarré. Record Number: 638 Source Name: ccSvcHst Time Written: 20090125182834.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 34 Message: Le service 'ccEvtMgr' démarre. Record Number: 637 Source Name: ccSvcHst Time Written: 20090125182831.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 35 Message: Le service 'ccSetMgr' a démarré. Record Number: 636 Source Name: ccSvcHst Time Written: 20090125182831.000000+060 Event Type: information User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\TVNAVI~1;C:\Program Files\QuickTime\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 8, AuthenticAMD "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0408 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  10. frozz
    Voici le LOG ,pour le registre j'ai trouver la solution en renomant regedit.exe en regedit.exe.exe et ca fonctionne : Logfile of random's system information tool 1.05 (written by random/random) Run by erdt at 2009-02-14 17:56:34 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 35 GB (64%) free of 55 GB Total RAM: 1023 MB (40% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:59, on 2009-02-14 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\ESB.exe C:\WINDOWS\System32\4mtcsb.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\jwtch32.exe C:\Program Files\spooler.exe C:\PROGRA~1\Cacheman\Cacheman.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Styler.exe C:\Program Files\TrueTransparency\TrueTransparency.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Opera\opera.exe C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Program Files\Hamachi\hamachi.exe C:\Documents and Settings\erdt\Bureau\RSIT.exe C:\Program Files\trend micro\erdt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\TB\StylerTB.dll O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe O4 - HKLM\..\Run: [4mtcsb] C:\WINDOWS\System32\4mtcsb.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Microsoft netswitch] C:\WINDOWS\system32\jwtch32.exe O4 - HKLM\..\Run: [Printspooler] C:\Program Files\spooler.exe O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\Cacheman\Cacheman.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 4\transtask.exe" O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe" O4 - Global Startup: Raccourci vers Styler.lnk = C:\Program Files\Styler.exe O4 - Global Startup: Raccourci vers TrueTransparency.lnk = C:\Program Files\TrueTransparency\TrueTransparency.exe O4 - Global Startup: Raccourci vers ViStart OneStep.lnk = E:\ViStart OneStep.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9286 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\HDReg.job C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job C:\WINDOWS\tasks\Rappel d'enregistrement 2.job C:\WINDOWS\tasks\Rappel d'enregistrement 3.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-12-02 73040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll [2009-01-24 116088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-26 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-26 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-26 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\TB\StylerTB.dll [2006-05-02 102400] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ESB"=C:\WINDOWS\System32\ESB.exe [2003-08-04 282624] "4mtcsb"=C:\WINDOWS\System32\4mtcsb.exe [2002-11-29 32768] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-03-27 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-03-27 634880] "ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2008-10-17 51048] "osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2008-02-06 718704] "LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-24 151597] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-26 136600] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "Microsoft netswitch"=C:\WINDOWS\system32\jwtch32.exe [2009-02-12 25071] "Printspooler"=C:\Program Files\spooler.exe [2009-02-12 6144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Cacheman"=C:\PROGRA~1\Cacheman\Cacheman.exe [2003-07-31 1290752] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "TransTask"=C:\Program Files\Tweak-XP Pro 4\transtask.exe [2005-01-15 121856] "Tweak-XP Pro"=C:\Program Files\Tweak-XP Pro 4\autostart.exe [2004-09-28 16896] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Raccourci vers Styler.lnk - C:\Program Files\Styler.exe Raccourci vers TrueTransparency.lnk - C:\Program Files\TrueTransparency\TrueTransparency.exe Raccourci vers ViStart OneStep.lnk - E:\ViStart OneStep.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoColorChoice"=0 "NoDispCPL"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 "NoVisualStyleChoice"=0 "NoSizeChoice"=0 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoSMBalloonTip"=1 "NoDriveTypeAutoRun"=149 "MemCheckBoxInRunDlg"=0 "NoClose"=0 "NoAutoTrayNotify"=0 "NoResolveTrack"=0 "NoResolveSearch"=1 "NoWelcomeScreen"=1 "NoRecentDocsNetHood"=1 "NoDesktopCleanupWizard"=1 "NoSharedDocuments"=1 "NoThemesTab"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "NoDriveAutoRun"= "NoStrCmpLogical"= "NoClose"= "NoResolveSearch"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine" "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core" "E:\T6NW\ZMWS\ZazouMiniWebServerMonitor.exe"="E:\T6NW\ZMWS\ZazouMiniWebServerMonitor.exe:*:Enabled:ZazouMiniWebServerMonitor" "E:\T6NW\ZMWS\mysql\bin\mysqld.exe"="E:\T6NW\ZMWS\mysql\bin\mysqld.exe:*:Enabled:mysqld" "E:\T6NW\realmd\TrinityRealm.exe"="E:\T6NW\realmd\TrinityRealm.exe:*:Enabled:TrinityRealm" "E:\T6NW\royaume1\TrinityCore.exe"="E:\T6NW\royaume1\TrinityCore.exe:*:Enabled:TrinityCore" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "E:\TNW\ZMWS\ZazouMiniWebServerMonitor.exe"="E:\TNW\ZMWS\ZazouMiniWebServerMonitor.exe:*:Enabled:ZazouMiniWebServerMonitor" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "E:\World of Warcraft\Launcher.exe"="E:\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft" "E:\World of Warcraft\Wow.exe"="E:\World of Warcraft\Wow.exe:LocalSubNet:Enabled:Wow" "C:\Program Files\spooler.exe"="C:\Program Files\spooler.exe:*:Enabled:otmspr" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fc6070f-ea03-11dd-a5ae-806d6172696f}] shell\AutoRun\command - D:\install.exe /AUTORUN shell\configure\command - D:\install.exe shell\install\command - D:\install.exe ======List of files/folders created in the last 1 months====== 2009-02-14 17:56:34 ----DC---- C:\rsit 2009-02-14 17:44:07 ----A---- C:\WINDOWS\Raccourci vers regedit.exe.exe.lnk 2009-02-14 17:31:24 ----D---- C:\WINDOWS\LastGood 2009-02-14 16:03:09 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-14 13:47:23 ----A---- C:\Program Files\hijackthis.vbs 2009-02-14 12:14:50 ----D---- C:\Documents and Settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-14 12:14:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-02-14 11:15:32 ----AC---- C:\Program Files\Karcher.exe 2009-02-14 11:13:13 ----D---- C:\WINDOWS\ie8updates 2009-02-14 11:11:24 ----A---- C:\WINDOWS\imsins.BAK 2009-02-14 11:04:19 ----HDC---- C:\WINDOWS\ie8 2009-02-14 10:15:51 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-02-14 10:14:13 ----AC---- C:\cleannavi.txt 2009-02-14 10:14:13 ----A---- C:\WINDOWS\system32\Process.exe 2009-02-14 10:07:45 ----AC---- C:\fixnavi.txt 2009-02-14 10:05:06 ----D---- C:\Program Files\Navilog1 2009-02-14 08:58:30 ----HDC---- C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0} 2009-02-14 08:57:47 ----D---- C:\Program Files\Lavasoft 2009-02-14 08:57:47 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-02-13 22:20:36 ----A---- C:\WINDOWS\SWREG.exe 2009-02-13 22:20:36 ----A---- C:\WINDOWS\NIRCMD.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\zip.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\VFIND.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\SWSC.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\sed.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\grep.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\fdsv.exe 2009-02-13 22:20:13 ----D---- C:\WINDOWS\ERDNT 2009-02-13 22:20:12 ----DC---- C:\Qoobox 2009-02-13 22:20:11 ----DC---- C:\ComboFix 2009-02-13 22:20:07 ----A---- C:\WINDOWS\system32\CF8079.exe 2009-02-13 22:19:28 ----AC---- C:\Bug.txt 2009-02-13 22:18:53 ----DC---- C:\32788R22FWJFW 2009-02-13 22:07:45 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39:58 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-13 20:39:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32:23 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-02-13 20:32:09 ----D---- C:\Program Files\SpywareBlaster 2009-02-12 20:55:22 ----A---- C:\WINDOWS\system32\jwtch32.exe 2009-02-12 20:55:22 ----A---- C:\Program Files\spooler.exe 2009-02-12 18:11:14 ----D---- C:\Program Files\eMule 2009-02-12 17:24:00 ----D---- C:\Program Files\Steam 2009-02-11 17:55:58 ----D---- C:\Program Files\WinRoll 2009-02-11 17:50:17 ----D---- C:\Program Files\XP 2009-02-11 17:50:17 ----D---- C:\Program Files\NeXT 2009-02-11 17:50:17 ----D---- C:\Program Files\Language 2009-02-11 17:50:17 ----D---- C:\Program Files\Digital 2009-02-11 17:50:17 ----D---- C:\Program Files\Default 2009-02-11 17:50:17 ----A---- C:\Program Files\SkinTrash.ini 2009-02-11 17:44:37 ----D---- C:\Program Files\Themes 2009-02-11 17:44:37 ----D---- C:\Program Files\Languages 2009-02-11 17:44:37 ----A---- C:\Program Files\YzToolBar.dll 2009-02-10 20:09:52 ----D---- C:\Documents and Settings\erdt\Application Data\codeblocks 2009-02-10 20:08:49 ----D---- C:\Program Files\CodeBlocks 2009-02-09 11:12:25 ----D---- C:\WINDOWS\ie7updates 2009-02-09 11:06:57 ----D---- C:\WINDOWS\WBEM 2009-02-09 11:02:17 ----HDC---- C:\WINDOWS\ie7 2009-02-09 10:30:20 ----D---- C:\Program Files\MSXML 4.0 2009-02-09 10:29:20 ----A---- C:\WINDOWS\system32\wmpns.dll 2009-02-09 10:14:53 ----A---- C:\WINDOWS\system32\MRT.exe 2009-02-09 09:51:40 ----D---- C:\Documents and Settings\erdt\Application Data\Help 2009-02-04 20:15:05 ----D---- C:\Program Files\WinShut XP 2009-02-04 20:14:29 ----N---- C:\WINDOWS\Setup1.exe 2009-02-04 20:14:22 ----A---- C:\WINDOWS\ST6UNST.EXE 2009-02-04 17:05:51 ----D---- C:\WINDOWS\Minidump 2009-02-04 16:15:47 ----D---- C:\Documents and Settings\erdt\Application Data\Hamachi 2009-02-04 16:14:17 ----D---- C:\Program Files\Hamachi 2009-02-02 18:33:58 ----A---- C:\WINDOWS\iun6002.exe 2009-02-02 18:33:44 ----D---- C:\Program Files\Tweak-XP Pro 4 2009-02-02 18:29:17 ----D---- C:\Program Files\Tweak Up 1.9a 2009-01-31 22:42:54 ----A---- C:\WINDOWS\system32\ptpusb.dll 2009-01-31 22:42:52 ----A---- C:\WINDOWS\system32\ptpusd.dll 2009-01-31 22:10:23 ----D---- C:\Documents and Settings\erdt\Application Data\SQLyog 2009-01-31 22:10:13 ----D---- C:\Program Files\SQLyog Community 2009-01-31 21:33:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-01-31 21:32:52 ----D---- C:\Program Files\iPod 2009-01-31 21:32:46 ----D---- C:\Program Files\iTunes 2009-01-31 21:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 21:30:35 ----D---- C:\Program Files\QuickTime 2009-01-31 21:30:33 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-01-31 21:29:38 ----D---- C:\Program Files\Fichiers communs\Apple 2009-01-31 20:23:52 ----DC---- C:\wamp 2009-01-28 21:31:02 ----D---- C:\Program Files\MySQL 2009-01-28 21:15:36 ----D---- C:\Documents and Settings\erdt\Application Data\Grisoft 2009-01-28 21:15:19 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2009-01-28 21:15:13 ----D---- C:\Program Files\Grisoft 2009-01-28 19:18:19 ----DC---- C:\Logs 2009-01-28 16:28:08 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment 2009-01-28 16:21:35 ----DC---- C:\CABS 2009-01-28 16:19:13 ----D---- C:\Program Files\DIFX 2009-01-28 15:52:56 ----D---- C:\Program Files\No-IP 2009-01-27 22:10:21 ----D---- C:\Program Files\SystemRequirementsLab 2009-01-27 22:10:18 ----D---- C:\Documents and Settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 21:12:27 ----HT---- C:\WINDOWS\system32\48aa529.dll 2009-01-27 21:12:27 ----HT---- C:\WINDOWS\system32\38682e8.dll 2009-01-27 14:27:22 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia 2009-01-27 14:23:55 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-01-27 14:23:54 ----A---- C:\WINDOWS\system32\nmwcdcls.dll 2009-01-27 14:23:12 ----D---- C:\Program Files\Fichiers communs\Nokia 2009-01-27 14:23:11 ----D---- C:\Program Files\Nokia 2009-01-27 14:22:05 ----D---- C:\Documents and Settings\All Users\Application Data\Installations 2009-01-26 21:44:18 ----D---- C:\Program Files\JRE 2009-01-26 21:44:07 ----D---- C:\Program Files\OpenOffice.org 3 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\javaws.exe 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\javaw.exe 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\java.exe 2009-01-26 21:39:54 ----D---- C:\Program Files\Fichiers communs\Java 2009-01-26 21:00:17 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-01-26 20:59:47 ----D---- C:\Program Files\Java 2009-01-26 20:59:21 ----D---- C:\Documents and Settings\erdt\Application Data\Sun 2009-01-25 21:36:15 ----D---- C:\Program Files\PhoenixRC 2009-01-25 18:36:10 ----D---- C:\WINDOWS\pss 2009-01-25 18:02:24 ----D---- C:\Program Files\MSBuild 2009-01-25 18:02:15 ----D---- C:\WINDOWS\system32\XPSViewer 2009-01-25 18:02:05 ----D---- C:\WINDOWS\system32\en-us 2009-01-25 18:02:05 ----D---- C:\Program Files\Reference Assemblies 2009-01-25 18:01:13 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-01-25 17:59:46 ----D---- C:\Program Files\Trend Micro 2009-01-25 17:55:13 ----HD---- C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 16:38:42 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2009-01-25 16:38:42 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2009-01-25 16:38:41 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2009-01-25 16:38:38 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2009-01-25 16:38:37 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2009-01-25 16:38:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2009-01-25 16:38:35 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2009-01-25 16:38:33 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2009-01-25 16:38:33 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2009-01-25 16:38:32 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2009-01-25 16:38:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2009-01-25 16:38:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2009-01-25 16:38:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2009-01-25 16:38:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2009-01-25 16:38:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2009-01-25 16:38:25 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2009-01-25 16:38:22 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2009-01-25 16:38:20 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2009-01-25 16:38:20 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2009-01-25 16:38:19 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2009-01-25 16:38:17 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2009-01-25 16:38:15 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2009-01-25 16:38:13 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2009-01-25 16:38:11 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2009-01-25 16:38:09 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2009-01-25 16:38:06 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2009-01-25 16:38:04 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2009-01-25 16:38:02 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2009-01-25 16:37:57 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2009-01-25 16:37:57 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2009-01-25 16:37:52 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2009-01-25 16:37:46 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2009-01-25 16:37:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2009-01-25 16:37:25 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2009-01-25 16:37:24 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2009-01-25 16:37:23 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2009-01-25 16:37:22 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2009-01-25 16:37:22 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2009-01-25 16:37:21 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2009-01-25 16:37:18 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2009-01-25 16:37:17 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2009-01-25 16:37:10 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2009-01-25 16:35:36 ----D---- C:\WINDOWS\Logs 2009-01-25 12:42:29 ----D---- C:\Program Files\Cacheman 2009-01-25 12:21:52 ----D---- C:\Program Files\GlobFX Technologies 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\muweb.dll 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-01-25 03:32:59 ----A---- C:\WINDOWS\ssaver.ini 2009-01-25 03:32:59 ----A---- C:\WINDOWS\Orage.INI 2009-01-25 03:29:11 ----D---- C:\WINDOWS\Full Speed 2009-01-25 03:29:10 ----D---- C:\Program Files\Full Speed 2009-01-25 02:43:22 ----D---- C:\Program Files\CCleaner 2009-01-25 01:58:42 ----D---- C:\Documents and Settings\erdt\Application Data\Apple Computer 2009-01-25 01:58:12 ----D---- C:\Program Files\Act 3d 2009-01-25 01:57:35 ----D---- C:\Program Files\Safari 2009-01-25 01:57:12 ----D---- C:\Program Files\Bonjour 2009-01-25 01:57:01 ----D---- C:\Program Files\Apple Software Update 2009-01-25 01:57:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-01-25 01:24:11 ----A---- C:\Program Files\VisualToolTip.exe 2009-01-25 01:05:45 ----D---- C:\Program Files\Stardock 2009-01-25 00:57:34 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-01-25 00:41:33 ----D---- C:\Program Files\wallpaper 2009-01-25 00:41:33 ----D---- C:\Program Files\msstyles 2009-01-25 00:41:33 ----D---- C:\Documents and Settings\erdt\Application Data\Styler 2009-01-25 00:41:22 ----D---- C:\Program Files\UNRAR 2009-01-25 00:41:22 ----D---- C:\Program Files\shadow 2009-01-25 00:41:22 ----D---- C:\Program Files\image 2009-01-25 00:41:21 ----D---- C:\Program Files\TB 2009-01-25 00:31:21 ----D---- C:\Program Files\Vista Styler 2009-01-25 00:29:48 ----AD---- C:\Program Files\TrueTransparency 2009-01-25 00:10:03 ----D---- C:\Documents and Settings\All Users\Application Data\NexonEU 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\winstanew.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\user32new.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\setupapinew.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\secur32new.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\rpcrt4new.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\powrprofnew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\Nucleus.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\ntdsapinew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\ntdllnew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\msvcrtnew.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\M2000Twn.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\kernel32new.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\dxgi.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\dwmapi.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_37.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3d10core.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3d10.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\crypt32new.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\apphelpnew.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\advapi32new.dll 2009-01-24 16:29:23 ----DC---- C:\download 2009-01-24 16:28:53 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe 2009-01-24 16:15:13 ----D---- C:\WINDOWS\data 2009-01-24 16:12:12 ----D---- C:\Program Files\Microsoft Silverlight 2009-01-24 16:06:18 ----D---- C:\Program Files\Microsoft 2009-01-24 16:05:50 ----D---- C:\Program Files\Windows Live SkyDrive 2009-01-24 15:57:19 ----A---- C:\WINDOWS\LogonStudio.ini 2009-01-24 15:56:39 ----A---- C:\WINDOWS\system32\JPGUtils.dll 2009-01-24 15:56:37 ----D---- C:\Program Files\WinCustomize 2009-01-24 15:56:37 ----D---- C:\Program Files\Fichiers communs\Stardock 2009-01-24 15:49:45 ----RSD---- C:\WINDOWS\assembly 2009-01-24 15:48:48 ----D---- C:\WINDOWS\Microsoft.NET 2009-01-24 15:48:01 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2009-01-24 15:47:11 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-01-24 15:43:43 ----D---- C:\Program Files\Windows Live 2009-01-24 15:41:20 ----D---- C:\Program Files\Windows Media Connect 2 2009-01-24 15:37:16 ----D---- C:\Program Files\uTorrent 2009-01-24 15:37:13 ----D---- C:\Documents and Settings\erdt\Application Data\uTorrent 2009-01-24 15:36:11 ----D---- C:\WINDOWS\system32\LogFiles 2009-01-24 15:34:39 ----D---- C:\Documents and Settings\erdt\Application Data\Macromedia 2009-01-24 15:33:30 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-01-24 15:32:06 ----D---- C:\Program Files\Windows Sidebar 2009-01-24 15:32:05 ----D---- C:\Program Files\Norton AntiVirus 2009-01-24 15:31:21 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2009-01-24 15:31:08 ----D---- C:\Program Files\Symantec 2009-01-24 15:31:08 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-01-24 15:30:24 ----A---- C:\WINDOWS\BricoPackUninst.cmd 2009-01-24 15:28:48 ----D---- C:\Documents and Settings\erdt\Application Data\ViStart 2009-01-24 15:28:44 ----D---- C:\Program Files\ViStart 2009-01-24 15:26:18 ----A---- C:\WINDOWS\BricoPackUninst.txt 2009-01-24 15:26:18 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd 2009-01-24 15:25:21 ----D---- C:\WINDOWS\BricoPacks 2009-01-24 15:22:27 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-01-24 15:17:34 ----D---- C:\WINDOWS\Prefetch 2009-01-24 14:39:42 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-01-24 14:39:42 ----N---- C:\WINDOWS\system32\msxml6.dll 2009-01-24 14:38:55 ----N---- C:\WINDOWS\system32\proxycfg.exe 2009-01-24 14:38:55 ----N---- C:\WINDOWS\system32\logman.exe 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bthserv.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bthci.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\blastcln.exe 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\azroles.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\auditusr.exe 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\credssp.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\cmsetacl.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\btpanui.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\fltmc.exe 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\fltlib.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\extmgr.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\httpapi.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\fwcfg.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\fsquirt.exe 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdsmsno.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdno1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmlt48.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmlt47.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmaori.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinmal.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinben.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinbe1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdfi1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\kbdukx.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2009-01-24 14:38:20 ----N---- C:\WINDOWS\system32\msdadiag.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napstat.exe 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\mssha.dll 2009-01-24 14:38:17 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pnetsh.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pgraph.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pgasvc.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2p.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\onex.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qutil.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qagent.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\powercfg.exe 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\pnrpnsp.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\p2psvc.dll 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\setupn.exe 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\sdhcinst.dll 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\s3gnb.dll 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\smbinst.exe 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\slrundll.exe 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\slcoinst.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\verclsid.exe 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\twext.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\strmfilt.dll 2009-01-24 14:38:11 ----A---- C:\WINDOWS\system32\xpsp2res.dll 2009-01-24 14:38:10 ----N---- C:\WINDOWS\system32\w3ssl.dll 2009-01-24 14:38:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2009-01-24 14:38:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wshbth.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wscsvc.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wscntfy.exe 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wmphoto.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\winshfhc.dll 2009-01-24 14:38:06 ----N---- C:\WINDOWS\system32\xmlprov.dll 2009-01-24 14:38:06 ----A---- C:\WINDOWS\system32\xmllite.dll 2009-01-24 14:38:05 ----N---- C:\WINDOWS\system32\xmlprovi.dll 2009-01-24 14:38:04 ----D---- C:\WINDOWS\system32\fr-fr 2009-01-24 14:38:03 ----D---- C:\WINDOWS\provisioning 2009-01-24 14:37:53 ----D---- C:\WINDOWS\l2schemas 2009-01-24 14:37:51 ----D---- C:\WINDOWS\system32\fr 2009-01-24 14:37:49 ----D---- C:\WINDOWS\peernet 2009-01-24 14:36:10 ----D---- C:\Documents and Settings\erdt\Application Data\WinRAR 2009-01-24 14:35:36 ----D---- C:\Program Files\WinRAR 2009-01-24 14:30:56 ----D---- C:\WINDOWS\ServicePackFiles 2009-01-24 14:19:35 ----D---- C:\WINDOWS\network diagnostic 2009-01-24 14:09:15 ----D---- C:\WINDOWS\EHome 2009-01-24 14:06:14 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-01-24 13:41:48 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2009-01-24 13:41:47 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2009-01-24 13:41:47 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2009-01-24 13:41:45 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2009-01-24 13:41:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2009-01-24 13:41:44 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2009-01-24 13:41:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2009-01-24 13:41:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2009-01-24 13:38:55 ----A---- C:\WINDOWS\system32\wstdecod.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\psisdecd.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\msyuv.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\msvidctl.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\qdvd.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\qdv.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\dmusic.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dxdiagn.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dxdiag.exe 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dmime.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\d3d9.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\d3d8.dll 2009-01-24 13:38:48 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dsound.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dpwsockx.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dplayx.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\ddraw.dll 2009-01-24 13:38:14 ----A---- C:\WINDOWS\system32\wrap_oal.dll 2009-01-24 13:38:13 ----A---- C:\WINDOWS\system32\OpenAL32.dll 2009-01-24 13:27:42 ----D---- C:\WINDOWS\system32\bits 2009-01-24 13:25:18 ----D---- C:\WINDOWS\system32\PreInstall 2009-01-24 13:24:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-01-24 13:24:54 ----HD---- C:\WINDOWS\$hf_mig$ 2009-01-24 13:24:05 ----N---- C:\WINDOWS\system32\bitsprx3.dll 2009-01-24 13:24:05 ----N---- C:\WINDOWS\system32\bitsprx2.dll 2009-01-24 13:24:05 ----A---- C:\WINDOWS\system32\winhttp.dll 2009-01-24 13:24:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-01-24 13:19:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-01-24 13:18:26 ----D---- C:\WINDOWS\SoftwareDistribution 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wups.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-01-24 13:18:05 ----D---- C:\Documents and Settings\erdt\Application Data\Symantec 2009-01-24 13:15:07 ----D---- C:\Documents and Settings\erdt\Application Data\Opera 2009-01-24 13:14:52 ----D---- C:\Program Files\Opera 2009-01-24 13:13:29 ----D---- C:\Documents and Settings\erdt\Application Data\Google 2009-01-24 13:07:49 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-01-24 13:07:45 ----D---- C:\Program Files\Google 2009-01-24 12:11:10 ----AC---- C:\MCDLOG.TXT 2009-01-24 12:11:10 ----AC---- C:\DWNLOG.TXT 2009-01-24 12:08:06 ----HD---- C:\PNP 2009-01-24 12:06:12 ----HD---- C:\DRIVERS 2009-01-24 12:06:06 ----D---- C:\APPS 2009-01-24 12:05:40 ----HD---- C:\DIVTOOLS 2009-01-24 12:05:38 ----D---- C:\ACTIVDOC 2009-01-24 11:56:40 ----ASH---- C:\Documents and Settings\erdt\Application Data\desktop.ini 2009-01-24 11:56:39 ----SD---- C:\Documents and Settings\erdt\Application Data\Microsoft 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Real 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\InterTrust 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Identities 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Adobe 2009-01-24 11:54:30 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt 2009-01-24 11:40:25 ----SHD---- C:\RECYCLER 2009-01-24 11:40:24 ----A---- C:\WINDOWS\smscfg.ini 2009-01-24 11:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2009-01-24 11:38:17 ----D---- C:\Program Files\CyberLink 2009-01-24 11:37:49 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL 2009-01-24 11:34:46 ----D---- C:\Program Files\Virtual CD v4 SDK 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsscsi.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsenv.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcscomm.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsapi.dll 2009-01-24 11:34:37 ----A---- C:\WINDOWS\ODBC.INI 2009-01-24 11:32:49 ----D---- C:\WINDOWS\ShellNew 2009-01-24 11:32:41 ----D---- C:\Program Files\Microsoft Visual Studio 2009-01-24 11:32:41 ----D---- C:\Program Files\Fichiers communs\Designer 2009-01-24 11:31:31 ----D---- C:\Program Files\Microsoft Office 2009-01-24 11:30:54 ----D---- C:\Program Files\Fichiers communs\xing shared 2009-01-24 11:30:49 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-01-24 11:30:45 ----D---- C:\Program Files\Real 2009-01-24 11:30:45 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-01-24 11:30:45 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-01-24 11:30:44 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-01-24 11:30:43 ----D---- C:\Program Files\Fichiers communs\Real 2009-01-24 11:29:54 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime 2009-01-24 11:29:38 ----D---- C:\Program Files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 11:28:30 ----A---- C:\WINDOWS\HDReg.ini 2009-01-24 11:27:56 ----D---- C:\WINDOWS\Profiles 2009-01-24 11:27:55 ----D---- C:\WINDOWS\system32\Adobe 2009-01-24 11:27:55 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-01-24 11:26:48 ----SHC---- C:\BOOT.BAK 2009-01-24 11:26:38 ----RSHD---- C:\cmdcons 2009-01-24 11:26:38 ----A---- C:\WINDOWS\UPGRADE.TXT 2009-01-24 11:23:26 ----A---- C:\WINDOWS\Wmfkbpok.ini 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpui.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpshell.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmploc.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpdxm.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpcore.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpcd.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpasf.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmp.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmerror.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\asferror.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\mswmdm.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\msscp.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\mspmsnsv.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmvdmod.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMVCore.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmsdmod.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMNetmgr.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmidx.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmasf.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMADMOE.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMADMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\qasf.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MP43DMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\logagent.exe 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\LAPRXY.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\wmdmps.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\wmdmlog.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\mspmsp.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\msnetobj.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmv2clt.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmstor.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmclien.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\cewmdm.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\blackbox.dll 2009-01-24 11:22:59 ----A---- C:\WINDOWS\system32\OEMINFO.INI 2009-01-24 11:22:41 ----D---- C:\WINDOWS\RegisteredPackages 2009-01-24 11:20:53 ----D---- C:\Program Files\Synaptics 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPFcs.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPCoI.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPAPI.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynCtrl.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynCOM.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\slmh.exe 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\SLLights.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\minirec.exe 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\amr_cpl.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\SmCfg.exe 2009-01-24 11:20:41 ----D---- C:\WINDOWS\Modio 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\slserv.exe 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\SLGen.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\slextspk.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\coinst.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\slrundll.exe 2009-01-24 11:20:20 ----A---- C:\WINDOWS\system32\Audio3D.dll 2009-01-24 11:20:20 ----A---- C:\WINDOWS\system32\a3d.dll 2009-01-24 11:20:20 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2009-01-24 11:20:20 ----A---- C:\WINDOWS\alcupd.exe 2009-01-24 11:20:20 ----A---- C:\WINDOWS\alcrmv.exe 2009-01-24 11:19:12 ----HD---- C:\Program Files\InstallShield Installation Information 2009-01-24 11:19:12 ----D---- C:\Program Files\ATI Technologies 2009-01-24 11:19:09 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-01-24 11:19:07 ----D---- C:\Program Files\VIA 2009-01-24 11:19:07 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-01-24 11:19:05 ----A---- C:\WINDOWS\IsUninst.exe 2009-01-24 11:17:52 ----A---- C:\WINDOWS\system32\xpsp1hfm.exe 2009-01-24 11:15:39 ----A---- C:\WINDOWS\system32\hccoin.dll 2009-01-24 11:15:31 ----A---- C:\WINDOWS\system32\usbui.dll 2009-01-15 02:22:08 ----N---- C:\WINDOWS\system32\msrating.dll.mui 2009-01-15 02:21:46 ----N---- C:\WINDOWS\system32\mshta.exe.mui 2009-01-15 02:19:36 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui 2009-01-15 02:19:08 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui ======List of files/folders modified in the last 1 months====== 2009-02-14 17:59:24 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-02-14 17:58:29 ----D---- C:\WINDOWS\system32 2009-02-14 17:55:50 ----D---- C:\WINDOWS 2009-02-14 17:53:14 ----D---- C:\Program Files\Outlook Express 2009-02-14 17:51:47 ----D---- C:\WINDOWS\system32\usmt 2009-02-14 16:55:11 ----D---- C:\WINDOWS\Temp 2009-02-14 16:13:21 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-14 14:59:09 ----HD---- C:\WINDOWS\inf 2009-02-14 14:59:09 ----D---- C:\WINDOWS\Media 2009-02-14 14:59:09 ----D---- C:\WINDOWS\Help 2009-02-14 14:59:09 ----D---- C:\Program Files\Internet Explorer 2009-02-14 13:47:23 ----RD---- C:\Program Files 2009-02-14 12:14:46 ----D---- C:\WINDOWS\system32\drivers 2009-02-14 10:50:13 ----D---- C:\WINDOWS\Debug 2009-02-14 08:58:30 ----SHD---- C:\WINDOWS\Installer 2009-02-14 08:57:20 ----D---- C:\WINDOWS\WinSxS 2009-02-13 22:20:31 ----SHD---- C:\System Volume Information 2009-02-13 22:20:31 ----D---- C:\WINDOWS\system32\Restore 2009-02-13 17:02:48 ----D---- C:\WINDOWS\Registration 2009-02-09 11:07:26 ----D---- C:\WINDOWS\system32\config 2009-02-09 10:35:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-02-04 21:48:10 ----RSD---- C:\WINDOWS\Fonts 2009-01-31 21:29:38 ----D---- C:\Program Files\Fichiers communs 2009-01-29 17:55:05 ----D---- C:\WINDOWS\system32\CatRoot 2009-01-29 17:44:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-01-29 17:19:15 ----ASHC---- C:\BOOT.INI 2009-01-29 16:00:44 ----D---- C:\Program Files\Movie Maker 2009-01-25 19:25:39 ----D---- C:\WINDOWS\system32\DirectX 2009-01-25 18:26:27 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-01-25 18:05:53 ----D---- C:\WINDOWS\system32\mui 2009-01-25 18:01:25 ----D---- C:\WINDOWS\system32\spool 2009-01-25 17:00:30 ----D---- C:\Documents and Settings 2009-01-25 03:33:26 ----AC---- C:\c0.txt 2009-01-25 01:57:06 ----SD---- C:\WINDOWS\Tasks 2009-01-25 01:08:04 ----A---- C:\WINDOWS\system32\logonuiX.exe 2009-01-25 00:57:02 ----D---- C:\Program Files\Windows Media Player 2009-01-24 16:11:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-01-24 15:51:19 ----RD---- C:\WINDOWS\Web 2009-01-24 15:43:00 ----D---- C:\WINDOWS\PCHealth 2009-01-24 15:42:58 ----A---- C:\WINDOWS\win.ini 2009-01-24 15:30:23 ----A---- C:\WINDOWS\system32\uxtheme.dll 2009-01-24 15:29:21 ----D---- C:\WINDOWS\Cursors 2009-01-24 15:17:50 ----D---- C:\WINDOWS\system32\wbem 2009-01-24 15:16:59 ----D---- C:\WINDOWS\AppPatch 2009-01-24 15:16:56 ----D---- C:\WINDOWS\system32\Setup 2009-01-24 14:53:42 ----D---- C:\WINDOWS\security 2009-01-24 14:38:53 ----D---- C:\WINDOWS\ime 2009-01-24 14:38:04 ----D---- C:\WINDOWS\system32\oobe 2009-01-24 14:30:23 ----D---- C:\WINDOWS\system32\npp 2009-01-24 14:30:18 ----D---- C:\WINDOWS\msagent 2009-01-24 14:30:12 ----D---- C:\WINDOWS\srchasst 2009-01-24 14:30:09 ----D---- C:\Program Files\NetMeeting 2009-01-24 14:30:04 ----D---- C:\WINDOWS\system32\Com 2009-01-24 14:29:48 ----D---- C:\Program Files\Windows NT 2009-01-24 14:29:23 ----D---- C:\Program Files\Fichiers communs\System 2009-01-24 14:27:28 ----D---- C:\WINDOWS\system 2009-01-24 14:17:41 ----RASH---- C:\NTDETECT.COM 2009-01-24 13:43:12 ----D---- C:\WINDOWS\system32\Macromed 2009-01-24 13:18:25 ----HD---- C:\Program Files\WindowsUpdate 2009-01-24 13:07:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-01-24 11:42:28 ----N---- C:\WINDOWS\system.ini 2009-01-15 02:22:32 ----A---- C:\WINDOWS\system32\ieframe.dll.mui 2009-01-15 02:19:36 ----A---- C:\WINDOWS\system32\advpack.dll.mui 2009-01-15 02:17:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2009-01-15 02:13:18 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-01-15 02:12:12 ----A---- C:\WINDOWS\system32\ieframe.dll 2009-01-15 02:06:48 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-01-15 02:06:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe 2009-01-15 02:06:08 ----A---- C:\WINDOWS\system32\webcheck.dll 2009-01-15 02:06:00 ----A---- C:\WINDOWS\system32\url.dll 2009-01-15 02:05:42 ----A---- C:\WINDOWS\system32\wininet.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\occache.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\msrating.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\licmgr10.dll 2009-01-15 02:04:28 ----A---- C:\WINDOWS\system32\corpol.dll 2009-01-15 02:04:16 ----A---- C:\WINDOWS\system32\jsproxy.dll 2009-01-15 02:03:58 ----A---- C:\WINDOWS\system32\jscript.dll 2009-01-15 02:03:50 ----A---- C:\WINDOWS\system32\ieaksie.dll 2009-01-15 02:03:42 ----A---- C:\WINDOWS\system32\ieakeng.dll 2009-01-15 02:03:36 ----A---- C:\WINDOWS\system32\vbscript.dll 2009-01-15 02:03:32 ----A---- C:\WINDOWS\system32\admparse.dll 2009-01-15 02:03:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2009-01-15 02:03:20 ----A---- C:\WINDOWS\system32\ieakui.dll 2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\ieudinit.exe 2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\iesetup.dll 2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\inseng.dll 2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\iernonce.dll 2009-01-15 02:03:12 ----A---- C:\WINDOWS\system32\advpack.dll 2009-01-15 02:02:50 ----A---- C:\WINDOWS\system32\iertutil.dll 2009-01-15 02:02:40 ----A---- C:\WINDOWS\system32\msfeeds.dll 2009-01-15 02:02:20 ----A---- C:\WINDOWS\system32\mstime.dll 2009-01-15 02:01:52 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-01-15 02:01:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe 2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\icardie.dll 2009-01-15 02:01:26 ----A---- C:\WINDOWS\system32\imgutil.dll 2009-01-15 02:01:22 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2009-01-15 02:01:18 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-01-15 02:01:16 ----A---- C:\WINDOWS\system32\dxtrans.dll 2009-01-15 02:01:06 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-01-15 02:00:46 ----A---- C:\WINDOWS\system32\mshtmler.dll 2009-01-15 02:00:38 ----A---- C:\WINDOWS\system32\mshta.exe 2009-01-15 01:50:50 ----A---- C:\WINDOWS\system32\ieui.dll 2009-01-15 01:50:38 ----A---- C:\WINDOWS\system32\msls31.dll 2009-01-15 01:35:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-06-18 36864] R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [] R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys [] R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-01-31 279088] R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-01-31 43696] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-06-13 184240] R1 vcsmpdrv;vcsmpdrv; C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys [2002-06-07 49232] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-06-19 752764] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-09-30 611840] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 EMCR;EMCR; C:\WINDOWS\System32\DRIVERS\EMCR7SK.sys [2003-07-22 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-04 25280] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 MTC0001_ESB;ESB device driver; C:\WINDOWS\System32\ntESB.sys [2001-11-27 5072] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090213.050\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090213.050\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8180.SYS [2003-06-10 164864] R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-06-13 13616] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-06-13 96432] R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-06-13 38576] R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\ipsdefs\20090212.001\SymIDSCo.sys [] R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280] R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-06-13 37424] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-03-27 268784] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 41856] S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-02-05 162136] S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-04-13 1897408] S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys [] S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-02-05 506912] S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-02-17 85552] S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-01-17 39348] S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-01-31 317616] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-09-30 380928] R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-26 152984] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-14 950096] R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL [] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version); C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-16 139264] R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-01-24 1245064] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe [2008-11-15 6447744] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF-----------------
  11. frozz
    Aucuns changement toujours regedit qui ne s'ouvre pas ainsi que le gestionnaire de tâches et les fenetres intempestives sont tours là Avez-vous une autre solution?
  12. frozz
    J'avais 2 infections. J'ai une erreur en ouvrant le fichier.vbs : Ligne: 7 Caract. : 1 Erreur : Racine incorrecte dans la clé de Registre "HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command\". Code : 80070005 Source : WshShell.RegWrite PS: Merci de m'accorder votre temps.
  13. frozz
    j'ai toujous le probleme Voici le rapport : Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1761 Windows 5.1.2600 Service Pack 3 2009-02-14 13:44:22 mbam-log-2009-02-14 (13-44-22).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 173754 Temps écoulé: 1 hour(s), 22 minute(s), 53 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): E:\disque dur\hdd C\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
  14. frozz
    voici: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:20, on 2009-02-14 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\ESB.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\4mtcsb.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\jwtch32.exe C:\Program Files\spooler.exe C:\PROGRA~1\Cacheman\Cacheman.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Styler.exe C:\Program Files\TrueTransparency\TrueTransparency.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Karcher.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/befr.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\TB\StylerTB.dll O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe O4 - HKLM\..\Run: [4mtcsb] C:\WINDOWS\System32\4mtcsb.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Microsoft netswitch] C:\WINDOWS\system32\jwtch32.exe O4 - HKLM\..\Run: [Printspooler] C:\Program Files\spooler.exe O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\Cacheman\Cacheman.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 4\transtask.exe" O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Raccourci vers Styler.lnk = C:\Program Files\Styler.exe O4 - Global Startup: Raccourci vers TrueTransparency.lnk = C:\Program Files\TrueTransparency\TrueTransparency.exe O4 - Global Startup: Raccourci vers ViStart OneStep.lnk = E:\ViStart OneStep.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9501 bytes
  15. frozz
    Merci pour cette réponse rapide
×
×
  • Créer...