Aller au contenu

frozz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    16

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par frozz

  1. frozz
    Voici le rapport du premier scan, je m occupe a l instant du prochain : ComboFix 09-03-01.01 - erdt 2009-03-02 21:11:05.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.756 [GMT 1:00] Lancé depuis: c:\documents and settings\erdt\Bureau\101010.exe Commutateurs utilisés :: c:\documents and settings\erdt\Mes documents\CFScript.txt AV: Norton AntiVirus *On-access scanning disabled* (Updated) FW: Norton AntiVirus *enabled* * Un nouveau point de restauration a été créé FILE :: c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\d3d9caps.dat . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Bonjour c:\program files\Bonjour\About Bonjour.rtf c:\program files\Bonjour\mdnsNSP.dll c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\AutoRun.inf c:\windows\system32\d3d9caps.dat . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-02 au 2009-03-02 )))))))))))))))))))))))))))))))))))) . 2009-03-02 19:09 . 2009-03-02 19:09 <REP> d-------- c:\documents and settings\erdt\Application Data\HP 2009-03-02 19:03 . 2009-03-02 19:03 <REP> d-------- c:\documents and settings\All Users\Application Data\HPSSUPPLY 2009-03-02 19:01 . 2009-03-02 19:01 <REP> d-------- c:\documents and settings\All Users\Application Data\HP Product Assistant 2009-03-02 19:01 . 2009-03-02 19:02 <REP> d-------- c:\documents and settings\All Users\Application Data\HP 2009-03-02 19:00 . 2009-03-02 19:00 <REP> d-------- c:\program files\Fichiers communs\HP 2009-03-02 18:54 . 2009-03-02 17:25 132,529 --------- c:\windows\hpoins14.dat.temp 2009-03-02 18:54 . 2007-09-21 12:59 1,996 --------- c:\windows\hpomdl14.dat.temp 2009-03-02 18:00 . 2009-03-02 18:00 <REP> d---s---- c:\documents and settings\NetworkService\Favoris 2009-03-02 17:34 . 2009-03-02 17:34 <REP> d----c--- C:\erdt 2009-03-02 17:29 . 2009-03-02 17:32 <REP> d----c--- C:\ComboFix 2009-03-02 17:28 . 2009-03-02 17:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-03-02 17:24 . 2009-03-02 17:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-03-02 17:24 . 2007-03-28 14:01 117,760 --a------ c:\windows\system32\hpzll5ha.dll 2009-03-02 17:20 . 2009-03-02 17:20 <REP> d-------- c:\program files\Hewlett-Packard 2009-03-02 17:19 . 2009-03-02 17:19 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard 2009-03-02 17:17 . 2007-03-18 07:11 675,840 --a------ c:\windows\system32\hpowiax3.dll 2009-03-02 17:17 . 2007-03-18 07:11 569,344 --a------ c:\windows\system32\hpotscl3.dll 2009-03-02 17:17 . 2007-03-18 07:11 303,104 --a------ c:\windows\system32\hpovst10.dll 2009-03-02 17:17 . 2007-03-31 06:07 267,864 --a------ c:\windows\system32\hpzids01.dll 2009-03-02 17:16 . 2009-03-02 19:04 <REP> d-------- c:\program files\HP 2009-03-02 17:15 . 2009-03-02 19:09 160,115 --a------ c:\windows\hpoins14.dat 2009-03-02 17:15 . 2007-09-21 11:48 2,000 --------- c:\windows\hpomdl14.dat 2009-03-01 12:52 . 2009-03-01 12:52 <REP> d-------- c:\documents and settings\erdt\Application Data\XemiComputers 2009-03-01 11:28 . 2009-03-01 11:31 <REP> d-------- c:\program files\TGTSoft 2009-03-01 11:28 . 2009-03-01 11:28 88 --a------ c:\windows\StyleBuilder.INI 2009-02-28 20:52 . 2009-02-28 20:52 <REP> d----c--- C:\Dell 2009-02-28 20:49 . 2009-02-28 20:49 <REP> d-------- c:\windows\OPTIONS 2009-02-28 00:42 . 2009-02-28 01:27 <REP> d-------- c:\documents and settings\erdt\Application Data\Ventrilo 2009-02-28 00:40 . 2009-02-28 01:33 <REP> d-------- c:\program files\VentSrv 2009-02-28 00:39 . 2009-02-28 01:33 <REP> d-------- c:\program files\Ventrilo 2009-02-28 00:38 . 2009-02-28 00:39 262 --a------ c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2009-02-28 00:37 . 2009-02-28 00:39 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2009-02-27 09:27 . 2009-02-27 09:33 <REP> d--h-c--- c:\windows\ie8 2009-02-27 00:57 . 2009-02-27 00:58 <REP> d-------- c:\documents and settings\erdt\Application Data\dvdcss 2009-02-27 00:56 . 2009-02-27 11:40 <REP> d-------- c:\documents and settings\erdt\Application Data\vlc 2009-02-27 00:54 . 2009-02-27 00:54 <REP> d-------- c:\program files\VideoLAN 2009-02-27 00:18 . 2009-02-27 00:18 <REP> d-------- c:\program files\Safari 2009-02-26 17:15 . 2009-02-26 17:15 <REP> d-------- c:\program files\MzRam 2009-02-25 20:53 . 2006-08-22 21:05 520,192 --------- c:\windows\system32\ati2sgag.exe 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\Driver 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\ACE 2009-02-25 20:51 . 2006-08-23 09:05 1,686,484 --a--c--- C:\data1.cab 2009-02-25 20:51 . 2009-02-25 20:51 1,529,216 --a--c--- C:\GenuineCheck.exe 2009-02-25 20:51 . 2006-08-23 09:05 512 --a--c--- C:\data2.cab 2009-02-25 20:45 . 2009-02-25 20:47 45,490,823 --a--c--- C:\ati catalyst-mobility-6.9-all-kxp.exe 2009-02-25 15:50 . 2009-02-25 15:50 <REP> d----c--- C:\DirectX10 RC2 Fix 3-Pre-Final 2009-02-25 15:50 . 2009-02-28 23:57 716,153 --a------ c:\windows\system32\unins000.exe 2009-02-25 15:50 . 2008-03-05 16:03 329,224 --a------ c:\windows\system32\DXErr.exe 2009-02-25 15:50 . 2008-03-05 16:03 209,416 --a------ c:\windows\system32\dxcpl.exe 2009-02-25 15:50 . 2009-02-28 23:57 12,731 --a------ c:\windows\system32\unins000.dat 2009-02-25 15:48 . 2009-02-25 15:49 4,764,495 --a--c--- C:\DirectX10_RC2_Fix_3-Pre-Final.zip 2009-02-25 15:22 . 2009-02-25 15:33 26,699,048 --a--c--- C:\SafariSetup.exe 2009-02-23 17:10 . 2009-03-01 12:51 <REP> d-------- c:\program files\Teamspeak2_RC2 2009-02-23 16:42 . 2009-02-23 16:42 1,657,659 --a--c--- C:\ts2_server_rc2_202319.exe 2009-02-23 16:39 . 2009-02-23 16:39 <REP> d-------- c:\documents and settings\erdt\Application Data\teamspeak2 2009-02-23 16:38 . 2009-02-23 16:38 5,862,994 --a--c--- C:\ts2_client_rc2_2032.exe 2009-02-23 16:38 . 2009-02-23 16:38 34,064 --a------ c:\windows\system32\lhacm.acm 2009-02-22 19:49 . 2009-02-22 19:49 <REP> d-------- c:\program files\TaskSwitchXP 2009-02-22 19:40 . 2009-02-27 17:09 <REP> d--h----- c:\windows\NiwradSoft Shell Pack 2009-02-22 16:49 . 2009-02-22 16:49 <REP> d--hs---- c:\windows\ftpcache 2009-02-22 16:48 . 2009-02-22 16:50 <REP> d-------- c:\program files\iSpeed 2009-02-22 14:48 . 2003-06-25 16:05 266,360 --a------ c:\windows\system32\TweakUI.exe 2009-02-22 14:48 . 2002-06-21 15:09 160,217 --a------ c:\windows\system32\PowerToysLicense.rtf 2009-02-22 00:42 . 2009-02-22 00:42 <REP> d-------- c:\documents and settings\erdt\Application Data\dBpoweramp 2009-02-21 12:24 . 2009-01-24 15:30 219,648 --a------ c:\windows\system32\uxtheme.dll.backup 2009-02-20 18:31 . 2003-08-03 15:31 90,624 --a------ c:\program files\tclock2.exe 2009-02-19 12:03 . 2009-02-19 12:03 579,464 --a------ c:\windows\system32\SymNeti.dll 2009-02-19 12:03 . 2009-02-19 12:03 207,240 --a------ c:\windows\system32\SymRedir.dll 2009-02-19 11:31 . 2009-02-19 11:31 184,496 --a------ c:\windows\system32\drivers\symtdi.sys 2009-02-19 11:31 . 2009-02-19 11:31 96,560 --a------ c:\windows\system32\drivers\symfw.sys 2009-02-19 11:31 . 2009-02-19 11:31 41,008 --a------ c:\windows\system32\drivers\symndisv.sys 2009-02-19 11:31 . 2009-02-19 11:31 38,576 --a------ c:\windows\system32\drivers\symids.sys 2009-02-19 11:31 . 2009-02-19 11:31 37,424 --a------ c:\windows\system32\drivers\symndis.sys 2009-02-19 11:31 . 2009-02-19 11:31 31,280 --a------ c:\windows\system32\drivers\SymIM.sys 2009-02-19 11:31 . 2009-02-19 11:31 22,320 --a------ c:\windows\system32\drivers\symredrv.sys 2009-02-19 11:31 . 2009-02-19 11:31 13,616 --a------ c:\windows\system32\drivers\symdns.sys 2009-02-19 11:31 . 2009-02-19 11:31 9,844 --a------ c:\windows\system32\drivers\SymRedir.cat 2009-02-19 11:31 . 2009-02-19 11:31 1,611 --a------ c:\windows\system32\drivers\SymRedir.inf 2009-02-18 19:42 . 2009-02-18 19:42 <REP> d-------- c:\documents and settings\erdt\Application Data\River Past G5 2009-02-18 19:42 . 2009-02-22 19:15 <REP> d-------- c:\documents and settings\All Users\Application Data\River Past G5 2009-02-18 18:16 . 2009-02-18 18:16 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.bmp 2009-02-18 18:16 . 2009-02-18 18:16 2,180 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat 2009-02-18 18:08 . 2009-02-18 18:08 <REP> d-------- c:\documents and settings\erdt\Application Data\AccurateRip 2009-02-18 18:07 . 2009-02-18 18:07 <REP> d-------- c:\program files\Illustrate 2009-02-18 18:07 . 2009-02-18 18:16 167,936 --a------ c:\windows\system32\SpoonUninstall.exe 2009-02-18 18:07 . 2009-02-18 18:07 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2009-02-18 18:07 . 2009-02-18 18:07 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-02-17 23:16 . 2009-02-17 23:16 <REP> d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT 2009-02-17 23:16 . 2002-01-05 15:37 344,064 --a------ c:\windows\system32\msvcr70.dll 2009-02-16 22:35 . 2009-02-16 23:06 <REP> d-------- c:\documents and settings\erdt\Application Data\LimeWire 2009-02-16 22:31 . 2009-02-16 22:35 <REP> d-------- c:\program files\LimeWire 2009-02-15 18:43 . 2009-02-27 11:57 <REP> d----c--- C:\Nexon 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys 2009-02-15 14:39 . 2009-02-15 14:39 22,200 --ah----- c:\windows\system32\mlfcache.dat 2009-02-14 20:57 . 2009-02-14 21:09 <REP> d-------- c:\program files\CleanUp! 2009-02-14 17:56 . 2009-02-14 17:59 <REP> d----c--- C:\rsit 2009-02-14 17:46 . 2008-04-13 19:34 230,912 --a------ c:\windows\system32\dllcache\regedit.exe.exe.exe 2009-02-14 17:44 . 2009-02-14 17:44 543 --a------ c:\windows\Raccourci vers regedit.exe.exe.lnk 2009-02-14 15:52 . 2009-02-14 21:14 4,411 --a------ c:\windows\pop.htm 2009-02-14 15:33 . 2009-02-14 15:33 <REP> d--hs---- c:\documents and settings\erdt\PrivacIE 2009-02-14 15:32 . 2009-02-14 15:32 <REP> d--hs---- c:\documents and settings\erdt\IECompatCache 2009-02-14 15:31 . 2009-02-14 15:31 <REP> d--hs---- c:\documents and settings\erdt\IETldCache 2009-02-14 13:47 . 2009-02-14 13:47 4,158 --a------ c:\program files\hijackthis.vbs 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-14 12:14 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-14 11:15 . 2009-02-14 11:15 401,720 --a--c--- c:\program files\Karcher.exe 2009-02-14 11:13 . 2009-02-27 09:34 <REP> d-------- c:\windows\ie8updates 2009-02-14 10:48 . 2009-01-11 06:00 79,360 --------- c:\windows\system32\dllcache\iecompat.dll 2009-02-14 10:15 . 2009-02-14 10:57 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-02-14 10:05 . 2009-02-14 10:14 <REP> d-------- c:\program files\Navilog1 2009-02-14 08:57 . 2009-02-14 08:57 <REP> d-------- c:\program files\Lavasoft 2009-02-14 08:57 . 2009-02-14 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-02-13 22:07 . 2009-02-13 22:07 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39 . 2009-02-13 20:40 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-13 20:39 . 2009-02-22 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\program files\SpywareBlaster 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\documents and settings\All Users\Application Data\TEMP 2009-02-12 18:11 . 2009-02-23 23:44 <REP> d-------- c:\program files\eMule 2009-02-12 17:24 . 2009-02-13 20:26 <REP> d-------- c:\program files\Steam . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-02 17:48 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-03-01 10:23 --------- d-----w c:\documents and settings\erdt\Application Data\uTorrent 2009-02-28 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 19:48 164,864 ----a-w c:\windows\system32\drivers\RTL8180.sys 2009-02-27 08:14 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-02-25 21:42 64,061 ----a-w c:\program files\AUG2007_d3dx9_35_x64.cab 2009-02-25 19:52 --------- d-----w c:\program files\ATI Technologies 2009-02-21 18:18 --------- d-----w c:\program files\ViStart 2009-02-21 01:32 --------- d-----w c:\program files\Windows Live 2009-02-17 15:34 --------- d-----w c:\program files\SQLyog Community 2009-02-17 15:34 --------- d-----w c:\documents and settings\erdt\Application Data\SQLyog 2009-02-14 16:59 --------- d-----w c:\program files\Trend Micro 2009-02-14 10:20 9,502 ----a-w c:\program files\hijackthis.log 2009-02-07 19:08 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment 2009-01-31 22:42 --------- d-----w c:\documents and settings\erdt\Application Data\Apple Computer 2009-01-31 20:33 --------- d-----w c:\program files\iTunes 2009-01-31 20:33 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 20:32 --------- d-----w c:\program files\iPod 2009-01-31 20:32 --------- d-----w c:\program files\Fichiers communs\Apple 2009-01-31 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2009-01-31 20:31 --------- d-----w c:\program files\QuickTime 2009-01-28 20:31 --------- d-----w c:\program files\MySQL 2009-01-28 20:15 --------- d-----w c:\documents and settings\erdt\Application Data\Grisoft 2009-01-28 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft 2009-01-28 15:24 --------- d-----w c:\program files\No-IP 2009-01-28 15:19 --------- d-----w c:\program files\DIFX 2009-01-27 21:10 --------- d-----w c:\program files\SystemRequirementsLab 2009-01-27 21:10 --------- d-----w c:\documents and settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 17:32 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-01-27 16:44 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-01-27 16:44 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-01-27 16:44 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-01-27 16:44 --------- d-----w c:\program files\Symantec 2009-01-27 13:27 --------- d-----w c:\documents and settings\All Users\Application Data\Nokia 2009-01-27 13:24 --------- d-----w c:\program files\Nokia 2009-01-27 13:23 --------- d-----w c:\program files\Fichiers communs\Nokia 2009-01-27 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-26 20:44 --------- d-----w c:\program files\OpenOffice.org 3 2009-01-26 20:44 --------- d-----w c:\program files\JRE 2009-01-26 20:43 --------- d-----w c:\program files\Java 2009-01-26 20:39 --------- d-----w c:\program files\Fichiers communs\Java 2009-01-26 20:02 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-01-25 17:02 --------- d-----w c:\program files\Reference Assemblies 2009-01-25 17:02 --------- d-----w c:\program files\MSBuild 2009-01-25 16:55 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 11:43 --------- d-----w c:\program files\Cacheman 2009-01-25 11:21 --------- d-----w c:\program files\GlobFX Technologies 2009-01-25 02:29 --------- d-----w c:\program files\Full Speed 2009-01-25 01:59 --------- d-----w c:\documents and settings\All Users\Application Data\NexonEU 2009-01-25 01:43 --------- d-----w c:\program files\CCleaner 2009-01-25 00:58 --------- d-----w c:\program files\Act 3d 2009-01-25 00:57 --------- d-----w c:\program files\Apple Software Update 2009-01-25 00:57 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-01-25 00:10 --------- d---a-w c:\program files\TrueTransparency 2009-01-25 00:05 --------- d-----w c:\program files\Stardock 2009-01-25 00:05 --------- d-----w c:\program files\Fichiers communs\Stardock 2009-01-24 23:49 --------- d-----w c:\program files\TB 2009-01-24 23:41 --------- d-----w c:\program files\wallpaper 2009-01-24 23:41 --------- d-----w c:\program files\UNRAR 2009-01-24 23:41 --------- d-----w c:\program files\shadow 2009-01-24 23:41 --------- d-----w c:\program files\msstyles 2009-01-24 23:41 --------- d-----w c:\program files\image 2009-01-24 23:41 --------- d-----w c:\documents and settings\erdt\Application Data\Styler 2009-01-24 23:31 --------- d-----w c:\program files\Vista Styler 2009-01-24 15:12 --------- d-----w c:\program files\Microsoft Silverlight 2009-01-24 15:11 --------- d-----w c:\program files\Microsoft 2009-01-24 15:05 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-24 14:56 --------- d-----w c:\program files\WinCustomize 2009-01-24 14:47 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-01-24 14:44 --------- d-----w c:\program files\Norton AntiVirus 2009-01-24 14:41 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-24 14:37 --------- d-----w c:\program files\uTorrent 2009-01-24 14:33 --------- d-----w c:\program files\Fichiers communs\Windows Live 2009-01-24 14:32 --------- d-----w c:\program files\Windows Sidebar 2009-01-24 14:30 64,026 ----a-w c:\windows\BricoPackUninst.cmd 2009-01-24 14:30 6,112 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2009-01-24 14:29 --------- d-----w c:\documents and settings\erdt\Application Data\ViStart 2009-01-24 14:16 --------- d-----w c:\program files\Google 2009-01-24 12:18 --------- d-----w c:\documents and settings\erdt\Application Data\Symantec 2009-01-24 12:14 --------- d-----w c:\program files\Opera 2009-01-24 10:38 --------- d-----w c:\program files\CyberLink 2009-01-24 10:38 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2009-01-24 10:34 --------- d-----w c:\program files\Virtual CD v4 SDK 2009-01-24 10:30 --------- d-----w c:\program files\Real 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\xing shared 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\Real 2009-01-24 10:30 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-24 10:27 --------- d-----w c:\documents and settings\erdt\Application Data\InterTrust 2009-01-24 10:27 --------- d-----w c:\documents and settings\Administrateur\Application Data\InterTrust 2009-01-24 10:20 --------- d-----w c:\program files\Synaptics 2009-01-24 10:19 --------- d-----w c:\program files\VIA 2008-10-27 09:37 696,881 ----a-w c:\program files\APR2007_d3dx10_33_x86.cab 2008-10-27 09:37 196,782 ----a-w c:\program files\APR2007_XACT_x64.cab 2008-10-27 09:37 183,919 ----a-w c:\program files\AUG2006_XACT_x64.cab 2008-10-27 09:37 180,149 ----a-w c:\program files\Apr2006_XACT_x64.cab 2008-10-27 09:37 152,241 ----a-w c:\program files\APR2007_XACT_x86.cab 2008-10-27 09:37 139,033 ----a-w c:\program files\OCT2006_XACT_x86.cab 2008-10-27 09:37 138,251 ----a-w c:\program files\AUG2006_XACT_x86.cab . ------- Sigcheck ------- 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\Backup\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\TempFiles\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\ServicePackFiles\i386\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\user32.dll 2005-03-02 19:10 578048 0df75fb73f705b011630159a43d7c354 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\user32.dll 2005-03-02 19:20 578048 c34920eb988ce98910bd6b0417f334eb c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\user32.dll 2002-08-30 13:00 561152 0abf2f5280940d32d1d52bd3500b0c37 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\dllcache\user32.dll 2008-08-14 19:26 2068096 755b50949d0dbc0f0136b0db58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\Driver Cache\i386\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\TempFiles\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe 2004-10-28 02:27 1959424 939a0369e78bfb0bd342302e86390a09 c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntkrnlpa.exe 2005-03-02 19:17 1959424 d0a4b5f428873b73a75178605b6db10d c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntkrnlpa.exe 2005-03-02 19:07 2058880 73fa9c95d235844a36968c7852c7dbdd c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntkrnlpa.exe 2005-03-02 19:13 2059008 5311776074b6c13f983dc75baeac9c0c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntkrnlpa.exe 2003-02-05 11:28 1951872 c43bd608a00e80d499a660ae103f0fe3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\dllcache\ntkrnlpa.exe 2008-08-14 19:26 2191232 d79210549bbf09b7638e860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\Driver Cache\i386\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\TempFiles\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\ServicePackFiles\i386\ntoskrnl.exe 2004-10-28 02:27 2092032 a8a188ac824aac564048c3a61a94ab9c c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntoskrnl.exe 2005-03-02 19:17 2044416 131b4b0968e429b4221a7f0d8f0a26c7 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntoskrnl.exe 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntoskrnl.exe 2002-08-29 11:42 2045824 f58b3ce36566d6061a496dc595a8aaa3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\dllcache\ntoskrnl.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\TempFiles\explorer.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\ServicePackFiles\i386\explorer.exe 2002-08-30 13:00 1008128 82fe0d400cb1ac937234467b927b867a c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\explorer.exe . ((((((((((((((((((((((((((((( SnapShot@2009-03-02_17.46.02.45 ))))))))))))))))))))))))))))))))))))))))) . + 2009-03-02 18:02:33 65,536 ----a-r c:\windows\Installer\{10E1E87C-656C-4D08-86D6-5443D28583BE}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe + 2009-03-02 18:04:01 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\ARPPRODUCTICON.exe + 2009-03-02 18:04:01 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\hpqSSupply.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\ARPPRODUCTICON.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\NewShortcut1_8389382B53BA4A87885491E3D80A5AC7.exe + 2009-03-02 18:05:16 25,214 ----a-r c:\windows\Installer\{8389382B-53BA-4A87-8854-91E3D80A5AC7}\NewShortcut2_8389382B53BA4A87885491E3D80A5AC7.exe + 2009-03-02 18:04:34 65,536 ----a-r c:\windows\Installer\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}\ARPPRODUCTICON.exe + 2009-03-02 18:04:34 689,720 ----a-r c:\windows\Installer\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe + 2009-03-02 18:05:08 25,214 ----a-r c:\windows\Installer\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}\ARPPRODUCTICON.exe + 2007-04-23 19:11:18 287,256 ----a-r c:\windows\system32\AbaleZip.dll + 2003-03-18 18:05:50 89,088 ----a-w c:\windows\system32\atl71.dll + 2007-03-11 20:24:52 1,645,320 ----a-w c:\windows\system32\gdiplus.dll + 2007-03-11 20:24:50 190,072 ----a-w c:\windows\system32\Macromed\Flash\FlashUtil9b.exe + 2009-03-02 20:17:42 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_2a8.dat + 2007-03-11 20:32:42 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll + 2007-03-11 20:32:42 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll + 2007-03-11 20:32:42 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll + 2007-03-11 20:32:42 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll + 2007-03-11 20:32:42 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll + 2007-03-11 20:32:42 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll + 2007-03-11 20:32:42 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-01-24 151597] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-10-17 51048] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe] c:\documents and settings\erdt\Menu D‚marrer\Programmes\D‚marrage\ Teamspeak RC2.lnk - c:\program files\Teamspeak2_RC2\TeamSpeak.exe [2003-08-29 1436160] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\nexon\Combat Arms EU\CombatArms.exe"= c:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms EU\Engine.exe"= c:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms EU\\NMService.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "e:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8080:TCP"= 8080:TCP:accès au serveur web "8085:TCP"= 8085:TCP:Royaume 1 "8084:TCP"= 8084:TCP:Royaume 2 "80:TCP"= 80:TCP:O "3306:TCP"= 3306:TCP:connexion à la db de mangos "3427:TCP"= 3427:TCP:PO "3724:TCP"= 3724:TCP:connexion à la base Realmd "3306:UDP"= 3306:UDP:tnw "8767:TCP"= 8767:TCP:ts "8767:UDP"= 8767:UDP:tS "3784:TCP"= 3784:TCP:ca "3784:UDP"= 3784:UDP:combatarms R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [2009-01-24 49232] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Fichiers communs\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [2009-01-24 139264] R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [1980-01-01 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 101936] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-01-24 164864] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-03-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] 2009-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-03-02 c:\windows\Tasks\HDReg.job - c:\apps\HDReg\HDRegRem.exe [2002-10-02 11:57] 2009-03-02 c:\windows\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job - c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 07:05] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 2.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 3.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-02 21:19:15 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1504) c:\windows\system32\SETUPAPI.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1572) c:\windows\system32\SETUPAPI.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe c:\windows\system32\msiexec.exe c:\windows\system32\notepad.exe . ************************************************************************** . Heure de fin: 2009-03-02 21:27:14 - La machine a redémarré [erdt] ComboFix-quarantined-files.txt 2009-03-02 20:27:08 ComboFix2.txt 2009-03-02 16:47:59 Avant-CF: 28,622,307,328 octets libres Après-CF: 29,207,154,688 octets libres 452 --- E O F --- 2009-02-25 20:27:49
  2. frozz
    Bonjour, désolé pour le grand retard milles excuses, voici le rapport: ComboFix 09-03-01.01 - erdt 2009-03-02 17:41:22.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.576 [GMT 1:00] Lancé depuis: c:\documents and settings\erdt\Bureau\101010.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) FW: Norton AntiVirus *enabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\setup.exe c:\windows\system32\_002951_.tmp.dll c:\windows\system32\_002952_.tmp.dll c:\windows\system32\_002953_.tmp.dll c:\windows\system32\advapi32new.dll c:\windows\system32\apphelpnew.dll c:\windows\system32\AutoRun.inf c:\windows\system32\crypt32new.dll c:\windows\system32\d3d10core.dll c:\windows\system32\kernel32new.dll c:\windows\system32\MabryObj.dll c:\windows\system32\msvcrtnew.dll c:\windows\system32\ntdsapinew.dll c:\windows\system32\powrprofnew.dll c:\windows\system32\Process.exe c:\windows\system32\secur32new.dll c:\windows\system32\user32new.dll c:\windows\system32\winstanew.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-02 au 2009-03-02 )))))))))))))))))))))))))))))))))))) . 2009-03-02 17:34 . 2009-03-02 17:34 <REP> d----c--- C:\erdt 2009-03-02 17:29 . 2009-03-02 17:32 <REP> d----c--- C:\ComboFix 2009-03-02 17:28 . 2009-03-02 17:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-03-02 17:24 . 2009-03-02 17:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Hewlett-Packard 2009-03-02 17:24 . 2007-03-28 14:01 117,760 --a------ c:\windows\system32\hpzll5ha.dll 2009-03-02 17:20 . 2009-03-02 17:20 <REP> d-------- c:\program files\Hewlett-Packard 2009-03-02 17:19 . 2009-03-02 17:19 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard 2009-03-02 17:17 . 2009-03-02 17:38 <REP> d-------- c:\windows\LastGood 2009-03-02 17:17 . 2007-03-18 07:11 675,840 --a------ c:\windows\system32\hpowiax3.dll 2009-03-02 17:17 . 2007-03-18 07:11 569,344 --a------ c:\windows\system32\hpotscl3.dll 2009-03-02 17:17 . 2007-03-18 07:11 303,104 --a------ c:\windows\system32\hpovst10.dll 2009-03-02 17:17 . 2007-03-31 06:07 267,864 --a------ c:\windows\system32\hpzids01.dll 2009-03-02 17:16 . 2009-03-02 17:16 <REP> d-------- c:\program files\HP 2009-03-02 17:15 . 2009-03-02 17:25 132,529 --a------ c:\windows\hpoins14.dat 2009-03-02 17:15 . 2007-09-21 12:59 1,996 --------- c:\windows\hpomdl14.dat 2009-03-01 12:52 . 2009-03-01 12:52 <REP> d-------- c:\documents and settings\erdt\Application Data\XemiComputers 2009-03-01 11:28 . 2009-03-01 11:31 <REP> d-------- c:\program files\TGTSoft 2009-03-01 11:28 . 2009-03-01 11:28 88 --a------ c:\windows\StyleBuilder.INI 2009-02-28 20:52 . 2009-02-28 20:52 <REP> d----c--- C:\Dell 2009-02-28 20:49 . 2009-02-28 20:49 <REP> d-------- c:\windows\OPTIONS 2009-02-28 00:42 . 2009-02-28 01:27 <REP> d-------- c:\documents and settings\erdt\Application Data\Ventrilo 2009-02-28 00:40 . 2009-02-28 01:33 <REP> d-------- c:\program files\VentSrv 2009-02-28 00:39 . 2009-02-28 01:33 <REP> d-------- c:\program files\Ventrilo 2009-02-28 00:38 . 2009-02-28 00:39 262 --a------ c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2009-02-28 00:37 . 2009-02-28 00:39 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard 2009-02-27 09:27 . 2009-02-27 09:33 <REP> d--h-c--- c:\windows\ie8 2009-02-27 00:57 . 2009-02-27 00:58 <REP> d-------- c:\documents and settings\erdt\Application Data\dvdcss 2009-02-27 00:56 . 2009-02-27 11:40 <REP> d-------- c:\documents and settings\erdt\Application Data\vlc 2009-02-27 00:54 . 2009-02-27 00:54 <REP> d-------- c:\program files\VideoLAN 2009-02-27 00:18 . 2009-02-27 00:18 <REP> d-------- c:\program files\Safari 2009-02-27 00:17 . 2009-02-27 00:17 <REP> d-------- c:\program files\Bonjour 2009-02-26 17:15 . 2009-02-26 17:15 <REP> d-------- c:\program files\MzRam 2009-02-25 22:32 . 2009-02-28 13:37 3,688 --a------ c:\windows\system32\d3d9caps.dat 2009-02-25 20:53 . 2006-08-22 21:05 520,192 --------- c:\windows\system32\ati2sgag.exe 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\Driver 2009-02-25 20:51 . 2006-11-10 12:29 <REP> d----c--- C:\ACE 2009-02-25 20:51 . 2006-08-23 09:05 1,686,484 --a--c--- C:\data1.cab 2009-02-25 20:51 . 2009-02-25 20:51 1,529,216 --a--c--- C:\GenuineCheck.exe 2009-02-25 20:51 . 2006-08-23 09:05 512 --a--c--- C:\data2.cab 2009-02-25 20:45 . 2009-02-25 20:47 45,490,823 --a--c--- C:\ati catalyst-mobility-6.9-all-kxp.exe 2009-02-25 15:50 . 2009-02-25 15:50 <REP> d----c--- C:\DirectX10 RC2 Fix 3-Pre-Final 2009-02-25 15:50 . 2009-02-28 23:57 716,153 --a------ c:\windows\system32\unins000.exe 2009-02-25 15:50 . 2008-03-05 16:03 329,224 --a------ c:\windows\system32\DXErr.exe 2009-02-25 15:50 . 2008-03-05 16:03 209,416 --a------ c:\windows\system32\dxcpl.exe 2009-02-25 15:50 . 2009-02-28 23:57 12,731 --a------ c:\windows\system32\unins000.dat 2009-02-25 15:48 . 2009-02-25 15:49 4,764,495 --a--c--- C:\DirectX10_RC2_Fix_3-Pre-Final.zip 2009-02-25 15:22 . 2009-02-25 15:33 26,699,048 --a--c--- C:\SafariSetup.exe 2009-02-23 17:10 . 2009-03-01 12:51 <REP> d-------- c:\program files\Teamspeak2_RC2 2009-02-23 16:42 . 2009-02-23 16:42 1,657,659 --a--c--- C:\ts2_server_rc2_202319.exe 2009-02-23 16:39 . 2009-02-23 16:39 <REP> d-------- c:\documents and settings\erdt\Application Data\teamspeak2 2009-02-23 16:38 . 2009-02-23 16:38 5,862,994 --a--c--- C:\ts2_client_rc2_2032.exe 2009-02-23 16:38 . 2009-02-23 16:38 34,064 --a------ c:\windows\system32\lhacm.acm 2009-02-22 19:49 . 2009-02-22 19:49 <REP> d-------- c:\program files\TaskSwitchXP 2009-02-22 19:40 . 2009-02-27 17:09 <REP> d--h----- c:\windows\NiwradSoft Shell Pack 2009-02-22 16:49 . 2009-02-22 16:49 <REP> d--hs---- c:\windows\ftpcache 2009-02-22 16:48 . 2009-02-22 16:50 <REP> d-------- c:\program files\iSpeed 2009-02-22 14:48 . 2003-06-25 16:05 266,360 --a------ c:\windows\system32\TweakUI.exe 2009-02-22 14:48 . 2002-06-21 15:09 160,217 --a------ c:\windows\system32\PowerToysLicense.rtf 2009-02-22 00:42 . 2009-02-22 00:42 <REP> d-------- c:\documents and settings\erdt\Application Data\dBpoweramp 2009-02-21 12:24 . 2009-01-24 15:30 219,648 --a------ c:\windows\system32\uxtheme.dll.backup 2009-02-20 18:31 . 2003-08-03 15:31 90,624 --a------ c:\program files\tclock2.exe 2009-02-19 12:03 . 2009-02-19 12:03 579,464 --a------ c:\windows\system32\SymNeti.dll 2009-02-19 12:03 . 2009-02-19 12:03 207,240 --a------ c:\windows\system32\SymRedir.dll 2009-02-19 11:31 . 2009-02-19 11:31 184,496 --a------ c:\windows\system32\drivers\symtdi.sys 2009-02-19 11:31 . 2009-02-19 11:31 96,560 --a------ c:\windows\system32\drivers\symfw.sys 2009-02-19 11:31 . 2009-02-19 11:31 41,008 --a------ c:\windows\system32\drivers\symndisv.sys 2009-02-19 11:31 . 2009-02-19 11:31 38,576 --a------ c:\windows\system32\drivers\symids.sys 2009-02-19 11:31 . 2009-02-19 11:31 37,424 --a------ c:\windows\system32\drivers\symndis.sys 2009-02-19 11:31 . 2009-02-19 11:31 31,280 --a------ c:\windows\system32\drivers\SymIM.sys 2009-02-19 11:31 . 2009-02-19 11:31 22,320 --a------ c:\windows\system32\drivers\symredrv.sys 2009-02-19 11:31 . 2009-02-19 11:31 13,616 --a------ c:\windows\system32\drivers\symdns.sys 2009-02-19 11:31 . 2009-02-19 11:31 9,844 --a------ c:\windows\system32\drivers\SymRedir.cat 2009-02-19 11:31 . 2009-02-19 11:31 1,611 --a------ c:\windows\system32\drivers\SymRedir.inf 2009-02-18 19:42 . 2009-02-18 19:42 <REP> d-------- c:\documents and settings\erdt\Application Data\River Past G5 2009-02-18 19:42 . 2009-02-22 19:15 <REP> d-------- c:\documents and settings\All Users\Application Data\River Past G5 2009-02-18 18:16 . 2009-02-18 18:16 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.bmp 2009-02-18 18:16 . 2009-02-18 18:16 2,180 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9 Codec.dat 2009-02-18 18:08 . 2009-02-18 18:08 <REP> d-------- c:\documents and settings\erdt\Application Data\AccurateRip 2009-02-18 18:07 . 2009-02-18 18:07 <REP> d-------- c:\program files\Illustrate 2009-02-18 18:07 . 2009-02-18 18:16 167,936 --a------ c:\windows\system32\SpoonUninstall.exe 2009-02-18 18:07 . 2009-02-18 18:07 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2009-02-18 18:07 . 2009-02-18 18:07 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-02-17 23:16 . 2009-02-17 23:16 <REP> d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT 2009-02-17 23:16 . 2002-01-05 15:37 344,064 --a------ c:\windows\system32\msvcr70.dll 2009-02-16 22:35 . 2009-02-16 23:06 <REP> d-------- c:\documents and settings\erdt\Application Data\LimeWire 2009-02-16 22:31 . 2009-02-16 22:35 <REP> d-------- c:\program files\LimeWire 2009-02-15 18:43 . 2009-02-27 11:57 <REP> d----c--- C:\Nexon 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:33 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\drivers\kbdhid.sys 2009-02-15 17:10 . 2008-04-13 19:05 14,720 --a------ c:\windows\system32\dllcache\kbdhid.sys 2009-02-15 14:39 . 2009-02-15 14:39 22,200 --ah----- c:\windows\system32\mlfcache.dat 2009-02-14 20:57 . 2009-02-14 21:09 <REP> d-------- c:\program files\CleanUp! 2009-02-14 17:56 . 2009-02-14 17:59 <REP> d----c--- C:\rsit 2009-02-14 17:46 . 2008-04-13 19:34 230,912 --a------ c:\windows\system32\dllcache\regedit.exe.exe.exe 2009-02-14 17:44 . 2009-02-14 17:44 543 --a------ c:\windows\Raccourci vers regedit.exe.exe.lnk 2009-02-14 15:52 . 2009-02-14 21:14 4,411 --a------ c:\windows\pop.htm 2009-02-14 15:33 . 2009-02-14 15:33 <REP> d--hs---- c:\documents and settings\erdt\PrivacIE 2009-02-14 15:32 . 2009-02-14 15:32 <REP> d--hs---- c:\documents and settings\erdt\IECompatCache 2009-02-14 15:31 . 2009-02-14 15:31 <REP> d--hs---- c:\documents and settings\erdt\IETldCache 2009-02-14 13:47 . 2009-02-14 13:47 4,158 --a------ c:\program files\hijackthis.vbs 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-14 12:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-14 12:14 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-14 12:14 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-14 11:15 . 2009-02-14 11:15 401,720 --a--c--- c:\program files\Karcher.exe 2009-02-14 11:13 . 2009-02-27 09:34 <REP> d-------- c:\windows\ie8updates 2009-02-14 10:48 . 2009-01-11 06:00 79,360 --------- c:\windows\system32\dllcache\iecompat.dll 2009-02-14 10:15 . 2009-02-14 10:57 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-02-14 10:05 . 2009-02-14 10:14 <REP> d-------- c:\program files\Navilog1 2009-02-14 08:57 . 2009-02-14 08:57 <REP> d-------- c:\program files\Lavasoft 2009-02-14 08:57 . 2009-02-14 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-02-13 22:07 . 2009-02-13 22:07 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39 . 2009-02-13 20:40 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-13 20:39 . 2009-02-22 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\program files\SpywareBlaster 2009-02-13 20:32 . 2009-02-13 20:32 <REP> d-------- c:\documents and settings\All Users\Application Data\TEMP 2009-02-12 18:11 . 2009-02-23 23:44 <REP> d-------- c:\program files\eMule 2009-02-12 17:24 . 2009-02-13 20:26 <REP> d-------- c:\program files\Steam 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\XP 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\NeXT 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Language 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Digital 2009-02-11 17:50 . 2009-02-11 17:50 <REP> d-------- c:\program files\Default . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-01 20:14 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-03-01 10:23 --------- d-----w c:\documents and settings\erdt\Application Data\uTorrent 2009-02-28 20:20 413,696 ----a-w c:\windows\system32\wrap_oal.dll 2009-02-28 20:20 110,592 ----a-w c:\windows\system32\OpenAL32.dll 2009-02-28 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 19:48 164,864 ----a-w c:\windows\system32\drivers\RTL8180.sys 2009-02-27 08:14 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-02-25 21:42 64,061 ----a-w c:\program files\AUG2007_d3dx9_35_x64.cab 2009-02-25 19:52 --------- d-----w c:\program files\ATI Technologies 2009-02-22 18:40 219,648 ----a-w c:\windows\system32\uxtheme.dll 2009-02-21 18:18 --------- d-----w c:\program files\ViStart 2009-02-21 01:32 --------- d-----w c:\program files\Windows Live 2009-02-17 15:34 --------- d-----w c:\program files\SQLyog Community 2009-02-17 15:34 --------- d-----w c:\documents and settings\erdt\Application Data\SQLyog 2009-02-14 16:59 --------- d-----w c:\program files\Trend Micro 2009-02-14 10:20 9,502 ----a-w c:\program files\hijackthis.log 2009-02-07 19:08 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment 2009-01-31 22:42 --------- d-----w c:\documents and settings\erdt\Application Data\Apple Computer 2009-01-31 20:33 --------- d-----w c:\program files\iTunes 2009-01-31 20:33 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 20:32 --------- d-----w c:\program files\iPod 2009-01-31 20:32 --------- d-----w c:\program files\Fichiers communs\Apple 2009-01-31 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2009-01-31 20:31 --------- d-----w c:\program files\QuickTime 2009-01-28 20:31 --------- d-----w c:\program files\MySQL 2009-01-28 20:15 --------- d-----w c:\documents and settings\erdt\Application Data\Grisoft 2009-01-28 20:15 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft 2009-01-28 15:24 --------- d-----w c:\program files\No-IP 2009-01-28 15:19 --------- d-----w c:\program files\DIFX 2009-01-27 21:10 --------- d-----w c:\program files\SystemRequirementsLab 2009-01-27 21:10 --------- d-----w c:\documents and settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 17:32 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-01-27 16:44 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-01-27 16:44 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL 2009-01-27 16:44 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-01-27 16:44 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-01-27 16:44 --------- d-----w c:\program files\Symantec 2009-01-27 13:27 --------- d-----w c:\documents and settings\All Users\Application Data\Nokia 2009-01-27 13:24 --------- d-----w c:\program files\Nokia 2009-01-27 13:23 --------- d-----w c:\program files\Fichiers communs\Nokia 2009-01-27 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-26 20:44 --------- d-----w c:\program files\OpenOffice.org 3 2009-01-26 20:44 --------- d-----w c:\program files\JRE 2009-01-26 20:43 --------- d-----w c:\program files\Java 2009-01-26 20:39 --------- d-----w c:\program files\Fichiers communs\Java 2009-01-26 20:02 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-01-26 19:59 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-01-25 17:02 --------- d-----w c:\program files\Reference Assemblies 2009-01-25 17:02 --------- d-----w c:\program files\MSBuild 2009-01-25 16:55 --------- d--h--w c:\documents and settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 11:43 --------- d-----w c:\program files\Cacheman 2009-01-25 11:21 --------- d-----w c:\program files\GlobFX Technologies 2009-01-25 02:29 --------- d-----w c:\program files\Full Speed 2009-01-25 01:59 --------- d-----w c:\documents and settings\All Users\Application Data\NexonEU 2009-01-25 01:43 --------- d-----w c:\program files\CCleaner 2009-01-25 00:58 --------- d-----w c:\program files\Act 3d 2009-01-25 00:57 --------- d-----w c:\program files\Apple Software Update 2009-01-25 00:57 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-01-25 00:10 --------- d---a-w c:\program files\TrueTransparency 2009-01-25 00:08 5,650,944 ----a-w c:\windows\system32\logonuiX.exe 2009-01-25 00:05 --------- d-----w c:\program files\Stardock 2009-01-25 00:05 --------- d-----w c:\program files\Fichiers communs\Stardock 2009-01-24 23:49 --------- d-----w c:\program files\TB 2009-01-24 23:41 --------- d-----w c:\program files\wallpaper 2009-01-24 23:41 --------- d-----w c:\program files\UNRAR 2009-01-24 23:41 --------- d-----w c:\program files\shadow 2009-01-24 23:41 --------- d-----w c:\program files\msstyles 2009-01-24 23:41 --------- d-----w c:\program files\image 2009-01-24 23:41 --------- d-----w c:\documents and settings\erdt\Application Data\Styler 2009-01-24 23:31 --------- d-----w c:\program files\Vista Styler 2009-01-24 15:15 193,220 ----a-w c:\windows\Web\Wallpaper\uninstall_Vista_Wallpapers.exe 2009-01-24 15:12 --------- d-----w c:\program files\Microsoft Silverlight 2009-01-24 15:11 --------- d-----w c:\program files\Microsoft 2009-01-24 15:05 --------- d-----w c:\program files\Windows Live SkyDrive 2009-01-24 14:56 --------- d-----w c:\program files\WinCustomize 2009-01-24 14:47 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-01-24 14:44 --------- d-----w c:\program files\Norton AntiVirus 2009-01-24 14:41 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-24 14:37 --------- d-----w c:\program files\uTorrent 2009-01-24 14:33 --------- d-----w c:\program files\Fichiers communs\Windows Live 2009-01-24 14:32 --------- d-----w c:\program files\Windows Sidebar 2009-01-24 14:30 64,026 ----a-w c:\windows\BricoPackUninst.cmd 2009-01-24 14:30 6,112 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2009-01-24 14:29 --------- d-----w c:\documents and settings\erdt\Application Data\ViStart 2009-01-24 14:16 --------- d-----w c:\program files\Google 2009-01-24 12:18 --------- d-----w c:\documents and settings\erdt\Application Data\Symantec 2009-01-24 12:14 --------- d-----w c:\program files\Opera 2009-01-24 10:38 --------- d-----w c:\program files\CyberLink 2009-01-24 10:38 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2009-01-24 10:34 --------- d-----w c:\program files\Virtual CD v4 SDK 2009-01-24 10:30 --------- d-----w c:\program files\Real 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\xing shared 2009-01-24 10:30 --------- d-----w c:\program files\Fichiers communs\Real 2009-01-24 10:30 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 10:29 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-01-24 10:27 --------- d-----w c:\documents and settings\erdt\Application Data\InterTrust 2009-01-24 10:27 --------- d-----w c:\documents and settings\Administrateur\Application Data\InterTrust 2009-01-24 10:20 --------- d-----w c:\program files\Synaptics 2009-01-24 10:19 --------- d-----w c:\program files\VIA . ------- Sigcheck ------- 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\Backup\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\NiwradSoft Shell Pack\TempFiles\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\ServicePackFiles\i386\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\user32.dll 2005-03-02 19:10 578048 0df75fb73f705b011630159a43d7c354 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\user32.dll 2005-03-02 19:20 578048 c34920eb988ce98910bd6b0417f334eb c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\user32.dll 2002-08-30 13:00 561152 0abf2f5280940d32d1d52bd3500b0c37 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\user32.dll 2005-03-02 19:21 562176 6eef91ad23c3474c934174d11c6da321 c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\user32.dll 2008-04-13 19:33 579584 de4a4ac7328fc80156034e7eb283676d c:\windows\system32\dllcache\user32.dll 2008-08-14 19:26 2068096 755b50949d0dbc0f0136b0db58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\Driver Cache\i386\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe 2008-08-14 14:23 2068096 8da71f1900721e1e4fcb5b02d55fb771 c:\windows\NiwradSoft Shell Pack\TempFiles\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe 2004-10-28 02:27 1959424 939a0369e78bfb0bd342302e86390a09 c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntkrnlpa.exe 2005-03-02 19:17 1959424 d0a4b5f428873b73a75178605b6db10d c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntkrnlpa.exe 2005-03-02 19:07 2058880 73fa9c95d235844a36968c7852c7dbdd c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntkrnlpa.exe 2005-03-02 19:13 2059008 5311776074b6c13f983dc75baeac9c0c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntkrnlpa.exe 2003-02-05 11:28 1951872 c43bd608a00e80d499a660ae103f0fe3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\ntkrnlpa.exe 2008-08-14 14:23 2229248 11ed3598aef0dd03dddc9526e76f42a8 c:\windows\system32\dllcache\ntkrnlpa.exe 2008-08-14 19:26 2191232 d79210549bbf09b7638e860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\Driver Cache\i386\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe 2008-08-14 14:23 2191232 c8d4d5974f9671da0a37175650912960 c:\windows\NiwradSoft Shell Pack\TempFiles\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\ServicePackFiles\i386\ntoskrnl.exe 2004-10-28 02:27 2092032 a8a188ac824aac564048c3a61a94ab9c c:\windows\SoftwareDistribution\Download\08fcc408139b43fa0e9fa6d9360a7752\sp1qfe\ntoskrnl.exe 2005-03-02 19:17 2044416 131b4b0968e429b4221a7f0d8f0a26c7 c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp1qfe\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntoskrnl.exe 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a c:\windows\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntoskrnl.exe 2002-08-29 11:42 2045824 f58b3ce36566d6061a496dc595a8aaa3 c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\ntoskrnl.exe 2008-08-14 14:23 2352384 4c0d5bc0de23f79a02a8d7c1d7741519 c:\windows\system32\dllcache\ntoskrnl.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe 2008-04-13 19:34 1571328 68536f1b366f990f9094ce6ed64dec41 c:\windows\NiwradSoft Shell Pack\TempFiles\explorer.exe 2008-04-13 19:34 1544704 0f884302612083417931cc9d64eb930a c:\windows\ServicePackFiles\i386\explorer.exe 2002-08-30 13:00 1008128 82fe0d400cb1ac937234467b927b867a c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\backup\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-01-24 151597] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-10-17 51048] "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe] c:\documents and settings\erdt\Menu D‚marrer\Programmes\D‚marrage\ Teamspeak RC2.lnk - c:\program files\Teamspeak2_RC2\TeamSpeak.exe [2003-08-29 1436160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\nexon\Combat Arms EU\CombatArms.exe"= c:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "c:\nexon\Combat Arms EU\Engine.exe"= c:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "c:\\Nexon\\Combat Arms EU\\NMService.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "e:\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8080:TCP"= 8080:TCP:accès au serveur web "8085:TCP"= 8085:TCP:Royaume 1 "8084:TCP"= 8084:TCP:Royaume 2 "80:TCP"= 80:TCP:O "3306:TCP"= 3306:TCP:connexion à la db de mangos "3427:TCP"= 3427:TCP:PO "3724:TCP"= 3724:TCP:connexion à la base Realmd "3306:UDP"= 3306:UDP:tnw "8767:TCP"= 8767:TCP:ts "8767:UDP"= 8767:UDP:tS "3784:TCP"= 3784:TCP:ca "3784:UDP"= 3784:UDP:combatarms R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [2009-01-24 49232] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Fichiers communs\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [2009-01-24 139264] R3 EMCR;EMCR;c:\windows\system32\drivers\EMCR7SK.sys [1980-01-01 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 101936] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-01-24 164864] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - NET_DRIVER_HPZ12 *NewlyCreated* - PML_DRIVER_HPZ12 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-02-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] 2009-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-01-24 c:\windows\Tasks\HDReg.job - c:\apps\HDReg\HDRegRem.exe [2002-10-02 11:57] 2009-01-24 c:\windows\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job - c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 07:05] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 2.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] 2009-01-24 c:\windows\Tasks\Rappel d'enregistrement 3.job - c:\windows\System32\OOBE\oobebaln.exe [2008-04-13 19:34] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-Active Desktop Calendar - c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-02 17:44:59 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1504) c:\windows\system32\SETUPAPI.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1568) c:\windows\system32\SETUPAPI.dll . Heure de fin: 2009-03-02 17:47:57 ComboFix-quarantined-files.txt 2009-03-02 16:47:46 Avant-CF: 29,182,623,744 octets libres Après-CF: 29,581,676,544 octets libres 422 --- E O F --- 2009-02-25 20:27:49
  3. frozz
    j'ai pas de fichier combofix dans C:\ j'ai un dossier combofix
  4. frozz
    Lorsque je lance combofix (installé sur mon bureau ) j'ai une erreur : -Windows ne parvient pas à accéder au périphérique, au chemin d'accès ou au fichier spécifié. Vous ne disposez peut etre pas des autorisations appropriées pour avoir accès à l'élément.
  5. frozz
    Bonjour, En cherchant le mode recuperation , j'ai trouvé (F8) mode avec les dernies parametres fonctionnels j'ai cliqué desse et miracle tout marche comme avant plus de pub intempestives. Savez-vous comment serait ce possible et dois je faire un scan complet (si oui avec quel logiciel me conseillez vous?)
  6. frozz
    La console de récupération je sait pas comment l installer Je suis sous xp Home, navigateur: Opera
  7. frozz
    Merci je test ca de suite bonne nuit et a demain =) PS: Vos liens fonctionnent ?
  8. frozz
    Comment? Merci d'avance Edit: ok falkra désolé pour le dérangement occasionné j'ai envoyé un message privé =)
  9. frozz
    et voici le INFO: info.txt logfile of random's system information tool 1.05 2009-02-14 17:59:39 ======Uninstall list====== -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{09B44E78-A988-4BC0-962F-63ECD3333708} /l1036 -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {8855FF30-19CE-4CB1-A654-87B38369CCE1} -->C:\WINDOWS\System32\UNESB.exe -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE -->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean -->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Act 3d Silex Screensaver-->C:\Program Files\Act 3d\Silex Screensaver\uninstall.exe Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2} AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Cacheman 5.50-->C:\PROGRA~1\Cacheman\UNWISE.EXE C:\PROGRA~1\Cacheman\install.dat ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Combat Arms EU-->"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:50340359 -locale:EU Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09} Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5} eMule-->"C:\Program Files\eMule\Uninstall.exe" Eraser-->"C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE Eraser-->C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe Full Speed-->"C:\WINDOWS\Full Speed\uninstall.exe" "/U:C:\Program Files\Full Speed\Uninstall\uninstall.xml" Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C} GlobFX Space Travel-->"C:\Program Files\GlobFX Technologies\SpaceTravel\Uninstall.exe" Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0} iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate" LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} LogonStudio-->C:\PROGRA~1\WINCUS~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\WINCUS~1\LOGONS~1\INSTALL.LOG Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC} Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MySQL Server 5.0-->MsiExec.exe /I{DBACBFE4-F79E-4AFB-A7C3-463555B8446B} Navilog1 3.7.3-->"C:\Program Files\Navilog1\unins000.exe" No-IP.com DUC (remove only)-->"C:\Program Files\No-IP\DUC20.exe" -uninstall Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625} Nokia Flashing Cable Driver-->MsiExec.exe /X{D99C322D-C21B-40C7-AE71-EE51AA096B6E} Nokia Software Updater-->MsiExec.exe /X{59367F7E-D7C1-4629-8AEC-71AA24A68F31} Norton AntiVirus (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_5_0_23\Setup.exe" /X Norton AntiVirus Help-->MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8} Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2} Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB} OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33} Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe PhoenixRC-->MsiExec.exe /X{14D7BE12-B66C-4510-8FC0-4DD306625C0C} PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\SETUP.EXE" -uninstall QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Safari-->MsiExec.exe /X{582D2A53-F426-4C5E-A2E6-43C1AB36B907} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sonic RecordNow DX-->MsiExec.exe /I{8855FF30-19CE-4CB1-A654-87B38369CCE1} SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Styler-->MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941} Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Tweak Up 1.9a-->C:\Program Files\Tweak Up 1.9a\uninstal.exe Tweak-XP Pro 4-->C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini" Vista Wallpapers-->C:\WINDOWS\Web\Wallpaper\uninstall_Vista_Wallpapers.exe ViStart-->C:\Program Files\ViStart\KillMe.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" WampServer 2.0-->"c:\wamp\unins000.exe" Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Norton AntiVirus FW: Norton AntiVirus System event log Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1864 Source Name: DCOM Time Written: 20090125170116.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1863 Source Name: DCOM Time Written: 20090125170056.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 1862 Source Name: DCOM Time Written: 20090125170042.000000+060 Event Type: error User: SN232000140121\Administrateur Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 1861 Source Name: DCOM Time Written: 20090125170041.000000+060 Event Type: error User: SN232000140121\Administrateur Computer Name: SN232000140121 Event Code: 10005 Message: DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 1860 Source Name: DCOM Time Written: 20090125170023.000000+060 Event Type: error User: AUTORITE NT\SYSTEM Application event log Computer Name: SN232000140121 Event Code: 35 Message: Le service 'LiveUpdate Notice' a démarré. Record Number: 640 Source Name: ccSvcHst Time Written: 20090125182837.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 34 Message: Le service 'LiveUpdate Notice' démarre. Record Number: 639 Source Name: ccSvcHst Time Written: 20090125182834.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 35 Message: Le service 'ccEvtMgr' a démarré. Record Number: 638 Source Name: ccSvcHst Time Written: 20090125182834.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 34 Message: Le service 'ccEvtMgr' démarre. Record Number: 637 Source Name: ccSvcHst Time Written: 20090125182831.000000+060 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: SN232000140121 Event Code: 35 Message: Le service 'ccSetMgr' a démarré. Record Number: 636 Source Name: ccSvcHst Time Written: 20090125182831.000000+060 Event Type: information User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=1 "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\TVNAVI~1;C:\Program Files\QuickTime\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 8, AuthenticAMD "PROCESSOR_LEVEL"=15 "PROCESSOR_REVISION"=0408 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  10. frozz
    Voici le LOG ,pour le registre j'ai trouver la solution en renomant regedit.exe en regedit.exe.exe et ca fonctionne : Logfile of random's system information tool 1.05 (written by random/random) Run by erdt at 2009-02-14 17:56:34 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 35 GB (64%) free of 55 GB Total RAM: 1023 MB (40% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:59, on 2009-02-14 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\ESB.exe C:\WINDOWS\System32\4mtcsb.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\jwtch32.exe C:\Program Files\spooler.exe C:\PROGRA~1\Cacheman\Cacheman.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Styler.exe C:\Program Files\TrueTransparency\TrueTransparency.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Opera\opera.exe C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Program Files\Hamachi\hamachi.exe C:\Documents and Settings\erdt\Bureau\RSIT.exe C:\Program Files\trend micro\erdt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\TB\StylerTB.dll O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe O4 - HKLM\..\Run: [4mtcsb] C:\WINDOWS\System32\4mtcsb.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Microsoft netswitch] C:\WINDOWS\system32\jwtch32.exe O4 - HKLM\..\Run: [Printspooler] C:\Program Files\spooler.exe O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\Cacheman\Cacheman.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 4\transtask.exe" O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe" O4 - Global Startup: Raccourci vers Styler.lnk = C:\Program Files\Styler.exe O4 - Global Startup: Raccourci vers TrueTransparency.lnk = C:\Program Files\TrueTransparency\TrueTransparency.exe O4 - Global Startup: Raccourci vers ViStart OneStep.lnk = E:\ViStart OneStep.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9286 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\HDReg.job C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complète du système - erdt.job C:\WINDOWS\tasks\Rappel d'enregistrement 2.job C:\WINDOWS\tasks\Rappel d'enregistrement 3.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-12-02 73040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll [2009-01-24 116088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-26 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-26 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-26 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\TB\StylerTB.dll [2006-05-02 102400] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ESB"=C:\WINDOWS\System32\ESB.exe [2003-08-04 282624] "4mtcsb"=C:\WINDOWS\System32\4mtcsb.exe [2002-11-29 32768] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-03-27 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-03-27 634880] "ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2008-10-17 51048] "osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2008-02-06 718704] "LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-24 151597] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-26 136600] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "Microsoft netswitch"=C:\WINDOWS\system32\jwtch32.exe [2009-02-12 25071] "Printspooler"=C:\Program Files\spooler.exe [2009-02-12 6144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Cacheman"=C:\PROGRA~1\Cacheman\Cacheman.exe [2003-07-31 1290752] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "TransTask"=C:\Program Files\Tweak-XP Pro 4\transtask.exe [2005-01-15 121856] "Tweak-XP Pro"=C:\Program Files\Tweak-XP Pro 4\autostart.exe [2004-09-28 16896] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Raccourci vers Styler.lnk - C:\Program Files\Styler.exe Raccourci vers TrueTransparency.lnk - C:\Program Files\TrueTransparency\TrueTransparency.exe Raccourci vers ViStart OneStep.lnk - E:\ViStart OneStep.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoColorChoice"=0 "NoDispCPL"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 "NoVisualStyleChoice"=0 "NoSizeChoice"=0 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoSMBalloonTip"=1 "NoDriveTypeAutoRun"=149 "MemCheckBoxInRunDlg"=0 "NoClose"=0 "NoAutoTrayNotify"=0 "NoResolveTrack"=0 "NoResolveSearch"=1 "NoWelcomeScreen"=1 "NoRecentDocsNetHood"=1 "NoDesktopCleanupWizard"=1 "NoSharedDocuments"=1 "NoThemesTab"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "NoDriveAutoRun"= "NoStrCmpLogical"= "NoClose"= "NoResolveSearch"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine" "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core" "E:\T6NW\ZMWS\ZazouMiniWebServerMonitor.exe"="E:\T6NW\ZMWS\ZazouMiniWebServerMonitor.exe:*:Enabled:ZazouMiniWebServerMonitor" "E:\T6NW\ZMWS\mysql\bin\mysqld.exe"="E:\T6NW\ZMWS\mysql\bin\mysqld.exe:*:Enabled:mysqld" "E:\T6NW\realmd\TrinityRealm.exe"="E:\T6NW\realmd\TrinityRealm.exe:*:Enabled:TrinityRealm" "E:\T6NW\royaume1\TrinityCore.exe"="E:\T6NW\royaume1\TrinityCore.exe:*:Enabled:TrinityCore" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "E:\TNW\ZMWS\ZazouMiniWebServerMonitor.exe"="E:\TNW\ZMWS\ZazouMiniWebServerMonitor.exe:*:Enabled:ZazouMiniWebServerMonitor" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "E:\World of Warcraft\Launcher.exe"="E:\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft" "E:\World of Warcraft\Wow.exe"="E:\World of Warcraft\Wow.exe:LocalSubNet:Enabled:Wow" "C:\Program Files\spooler.exe"="C:\Program Files\spooler.exe:*:Enabled:otmspr" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fc6070f-ea03-11dd-a5ae-806d6172696f}] shell\AutoRun\command - D:\install.exe /AUTORUN shell\configure\command - D:\install.exe shell\install\command - D:\install.exe ======List of files/folders created in the last 1 months====== 2009-02-14 17:56:34 ----DC---- C:\rsit 2009-02-14 17:44:07 ----A---- C:\WINDOWS\Raccourci vers regedit.exe.exe.lnk 2009-02-14 17:31:24 ----D---- C:\WINDOWS\LastGood 2009-02-14 16:03:09 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-14 13:47:23 ----A---- C:\Program Files\hijackthis.vbs 2009-02-14 12:14:50 ----D---- C:\Documents and Settings\erdt\Application Data\Malwarebytes 2009-02-14 12:14:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-14 12:14:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-02-14 11:15:32 ----AC---- C:\Program Files\Karcher.exe 2009-02-14 11:13:13 ----D---- C:\WINDOWS\ie8updates 2009-02-14 11:11:24 ----A---- C:\WINDOWS\imsins.BAK 2009-02-14 11:04:19 ----HDC---- C:\WINDOWS\ie8 2009-02-14 10:15:51 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-02-14 10:14:13 ----AC---- C:\cleannavi.txt 2009-02-14 10:14:13 ----A---- C:\WINDOWS\system32\Process.exe 2009-02-14 10:07:45 ----AC---- C:\fixnavi.txt 2009-02-14 10:05:06 ----D---- C:\Program Files\Navilog1 2009-02-14 08:58:30 ----HDC---- C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0} 2009-02-14 08:57:47 ----D---- C:\Program Files\Lavasoft 2009-02-14 08:57:47 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-02-13 22:20:36 ----A---- C:\WINDOWS\SWREG.exe 2009-02-13 22:20:36 ----A---- C:\WINDOWS\NIRCMD.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\zip.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\VFIND.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\SWSC.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\sed.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\grep.exe 2009-02-13 22:20:35 ----A---- C:\WINDOWS\fdsv.exe 2009-02-13 22:20:13 ----D---- C:\WINDOWS\ERDNT 2009-02-13 22:20:12 ----DC---- C:\Qoobox 2009-02-13 22:20:11 ----DC---- C:\ComboFix 2009-02-13 22:20:07 ----A---- C:\WINDOWS\system32\CF8079.exe 2009-02-13 22:19:28 ----AC---- C:\Bug.txt 2009-02-13 22:18:53 ----DC---- C:\32788R22FWJFW 2009-02-13 22:07:45 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-13 20:39:58 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-13 20:39:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-13 20:32:23 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-02-13 20:32:09 ----D---- C:\Program Files\SpywareBlaster 2009-02-12 20:55:22 ----A---- C:\WINDOWS\system32\jwtch32.exe 2009-02-12 20:55:22 ----A---- C:\Program Files\spooler.exe 2009-02-12 18:11:14 ----D---- C:\Program Files\eMule 2009-02-12 17:24:00 ----D---- C:\Program Files\Steam 2009-02-11 17:55:58 ----D---- C:\Program Files\WinRoll 2009-02-11 17:50:17 ----D---- C:\Program Files\XP 2009-02-11 17:50:17 ----D---- C:\Program Files\NeXT 2009-02-11 17:50:17 ----D---- C:\Program Files\Language 2009-02-11 17:50:17 ----D---- C:\Program Files\Digital 2009-02-11 17:50:17 ----D---- C:\Program Files\Default 2009-02-11 17:50:17 ----A---- C:\Program Files\SkinTrash.ini 2009-02-11 17:44:37 ----D---- C:\Program Files\Themes 2009-02-11 17:44:37 ----D---- C:\Program Files\Languages 2009-02-11 17:44:37 ----A---- C:\Program Files\YzToolBar.dll 2009-02-10 20:09:52 ----D---- C:\Documents and Settings\erdt\Application Data\codeblocks 2009-02-10 20:08:49 ----D---- C:\Program Files\CodeBlocks 2009-02-09 11:12:25 ----D---- C:\WINDOWS\ie7updates 2009-02-09 11:06:57 ----D---- C:\WINDOWS\WBEM 2009-02-09 11:02:17 ----HDC---- C:\WINDOWS\ie7 2009-02-09 10:30:20 ----D---- C:\Program Files\MSXML 4.0 2009-02-09 10:29:20 ----A---- C:\WINDOWS\system32\wmpns.dll 2009-02-09 10:14:53 ----A---- C:\WINDOWS\system32\MRT.exe 2009-02-09 09:51:40 ----D---- C:\Documents and Settings\erdt\Application Data\Help 2009-02-04 20:15:05 ----D---- C:\Program Files\WinShut XP 2009-02-04 20:14:29 ----N---- C:\WINDOWS\Setup1.exe 2009-02-04 20:14:22 ----A---- C:\WINDOWS\ST6UNST.EXE 2009-02-04 17:05:51 ----D---- C:\WINDOWS\Minidump 2009-02-04 16:15:47 ----D---- C:\Documents and Settings\erdt\Application Data\Hamachi 2009-02-04 16:14:17 ----D---- C:\Program Files\Hamachi 2009-02-02 18:33:58 ----A---- C:\WINDOWS\iun6002.exe 2009-02-02 18:33:44 ----D---- C:\Program Files\Tweak-XP Pro 4 2009-02-02 18:29:17 ----D---- C:\Program Files\Tweak Up 1.9a 2009-01-31 22:42:54 ----A---- C:\WINDOWS\system32\ptpusb.dll 2009-01-31 22:42:52 ----A---- C:\WINDOWS\system32\ptpusd.dll 2009-01-31 22:10:23 ----D---- C:\Documents and Settings\erdt\Application Data\SQLyog 2009-01-31 22:10:13 ----D---- C:\Program Files\SQLyog Community 2009-01-31 21:33:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-01-31 21:32:52 ----D---- C:\Program Files\iPod 2009-01-31 21:32:46 ----D---- C:\Program Files\iTunes 2009-01-31 21:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-31 21:30:35 ----D---- C:\Program Files\QuickTime 2009-01-31 21:30:33 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-01-31 21:29:38 ----D---- C:\Program Files\Fichiers communs\Apple 2009-01-31 20:23:52 ----DC---- C:\wamp 2009-01-28 21:31:02 ----D---- C:\Program Files\MySQL 2009-01-28 21:15:36 ----D---- C:\Documents and Settings\erdt\Application Data\Grisoft 2009-01-28 21:15:19 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2009-01-28 21:15:13 ----D---- C:\Program Files\Grisoft 2009-01-28 19:18:19 ----DC---- C:\Logs 2009-01-28 16:28:08 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment 2009-01-28 16:21:35 ----DC---- C:\CABS 2009-01-28 16:19:13 ----D---- C:\Program Files\DIFX 2009-01-28 15:52:56 ----D---- C:\Program Files\No-IP 2009-01-27 22:10:21 ----D---- C:\Program Files\SystemRequirementsLab 2009-01-27 22:10:18 ----D---- C:\Documents and Settings\erdt\Application Data\SystemRequirementsLab 2009-01-27 21:12:27 ----HT---- C:\WINDOWS\system32\48aa529.dll 2009-01-27 21:12:27 ----HT---- C:\WINDOWS\system32\38682e8.dll 2009-01-27 14:27:22 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia 2009-01-27 14:23:55 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-01-27 14:23:54 ----A---- C:\WINDOWS\system32\nmwcdcls.dll 2009-01-27 14:23:12 ----D---- C:\Program Files\Fichiers communs\Nokia 2009-01-27 14:23:11 ----D---- C:\Program Files\Nokia 2009-01-27 14:22:05 ----D---- C:\Documents and Settings\All Users\Application Data\Installations 2009-01-26 21:44:18 ----D---- C:\Program Files\JRE 2009-01-26 21:44:07 ----D---- C:\Program Files\OpenOffice.org 3 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\javaws.exe 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\javaw.exe 2009-01-26 21:43:08 ----A---- C:\WINDOWS\system32\java.exe 2009-01-26 21:39:54 ----D---- C:\Program Files\Fichiers communs\Java 2009-01-26 21:00:17 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-01-26 20:59:47 ----D---- C:\Program Files\Java 2009-01-26 20:59:21 ----D---- C:\Documents and Settings\erdt\Application Data\Sun 2009-01-25 21:36:15 ----D---- C:\Program Files\PhoenixRC 2009-01-25 18:36:10 ----D---- C:\WINDOWS\pss 2009-01-25 18:02:24 ----D---- C:\Program Files\MSBuild 2009-01-25 18:02:15 ----D---- C:\WINDOWS\system32\XPSViewer 2009-01-25 18:02:05 ----D---- C:\WINDOWS\system32\en-us 2009-01-25 18:02:05 ----D---- C:\Program Files\Reference Assemblies 2009-01-25 18:01:13 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-01-25 17:59:46 ----D---- C:\Program Files\Trend Micro 2009-01-25 17:55:13 ----HD---- C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} 2009-01-25 16:38:42 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2009-01-25 16:38:42 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2009-01-25 16:38:41 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2009-01-25 16:38:38 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2009-01-25 16:38:37 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2009-01-25 16:38:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2009-01-25 16:38:35 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2009-01-25 16:38:33 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2009-01-25 16:38:33 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2009-01-25 16:38:32 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2009-01-25 16:38:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2009-01-25 16:38:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2009-01-25 16:38:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2009-01-25 16:38:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2009-01-25 16:38:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2009-01-25 16:38:25 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2009-01-25 16:38:22 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2009-01-25 16:38:20 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2009-01-25 16:38:20 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2009-01-25 16:38:19 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2009-01-25 16:38:17 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2009-01-25 16:38:15 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2009-01-25 16:38:13 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2009-01-25 16:38:11 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2009-01-25 16:38:09 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2009-01-25 16:38:06 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2009-01-25 16:38:04 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2009-01-25 16:38:02 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2009-01-25 16:37:57 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2009-01-25 16:37:57 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2009-01-25 16:37:52 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2009-01-25 16:37:46 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2009-01-25 16:37:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2009-01-25 16:37:25 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2009-01-25 16:37:24 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2009-01-25 16:37:23 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2009-01-25 16:37:22 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2009-01-25 16:37:22 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2009-01-25 16:37:21 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2009-01-25 16:37:18 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2009-01-25 16:37:17 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2009-01-25 16:37:10 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2009-01-25 16:35:36 ----D---- C:\WINDOWS\Logs 2009-01-25 12:42:29 ----D---- C:\Program Files\Cacheman 2009-01-25 12:21:52 ----D---- C:\Program Files\GlobFX Technologies 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\muweb.dll 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-01-25 12:15:32 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-01-25 03:32:59 ----A---- C:\WINDOWS\ssaver.ini 2009-01-25 03:32:59 ----A---- C:\WINDOWS\Orage.INI 2009-01-25 03:29:11 ----D---- C:\WINDOWS\Full Speed 2009-01-25 03:29:10 ----D---- C:\Program Files\Full Speed 2009-01-25 02:43:22 ----D---- C:\Program Files\CCleaner 2009-01-25 01:58:42 ----D---- C:\Documents and Settings\erdt\Application Data\Apple Computer 2009-01-25 01:58:12 ----D---- C:\Program Files\Act 3d 2009-01-25 01:57:35 ----D---- C:\Program Files\Safari 2009-01-25 01:57:12 ----D---- C:\Program Files\Bonjour 2009-01-25 01:57:01 ----D---- C:\Program Files\Apple Software Update 2009-01-25 01:57:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-01-25 01:24:11 ----A---- C:\Program Files\VisualToolTip.exe 2009-01-25 01:05:45 ----D---- C:\Program Files\Stardock 2009-01-25 00:57:34 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-01-25 00:41:33 ----D---- C:\Program Files\wallpaper 2009-01-25 00:41:33 ----D---- C:\Program Files\msstyles 2009-01-25 00:41:33 ----D---- C:\Documents and Settings\erdt\Application Data\Styler 2009-01-25 00:41:22 ----D---- C:\Program Files\UNRAR 2009-01-25 00:41:22 ----D---- C:\Program Files\shadow 2009-01-25 00:41:22 ----D---- C:\Program Files\image 2009-01-25 00:41:21 ----D---- C:\Program Files\TB 2009-01-25 00:31:21 ----D---- C:\Program Files\Vista Styler 2009-01-25 00:29:48 ----AD---- C:\Program Files\TrueTransparency 2009-01-25 00:10:03 ----D---- C:\Documents and Settings\All Users\Application Data\NexonEU 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\winstanew.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\user32new.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\setupapinew.dll 2009-01-24 16:30:20 ----A---- C:\WINDOWS\system32\secur32new.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\rpcrt4new.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\powrprofnew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\Nucleus.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\ntdsapinew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\ntdllnew.dll 2009-01-24 16:30:19 ----A---- C:\WINDOWS\system32\msvcrtnew.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\M2000Twn.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\kernel32new.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\dxgi.dll 2009-01-24 16:30:18 ----A---- C:\WINDOWS\system32\dwmapi.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_37.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2009-01-24 16:30:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3dx10.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3d10core.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\d3d10.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\crypt32new.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\apphelpnew.dll 2009-01-24 16:30:16 ----A---- C:\WINDOWS\system32\advapi32new.dll 2009-01-24 16:29:23 ----DC---- C:\download 2009-01-24 16:28:53 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe 2009-01-24 16:15:13 ----D---- C:\WINDOWS\data 2009-01-24 16:12:12 ----D---- C:\Program Files\Microsoft Silverlight 2009-01-24 16:06:18 ----D---- C:\Program Files\Microsoft 2009-01-24 16:05:50 ----D---- C:\Program Files\Windows Live SkyDrive 2009-01-24 15:57:19 ----A---- C:\WINDOWS\LogonStudio.ini 2009-01-24 15:56:39 ----A---- C:\WINDOWS\system32\JPGUtils.dll 2009-01-24 15:56:37 ----D---- C:\Program Files\WinCustomize 2009-01-24 15:56:37 ----D---- C:\Program Files\Fichiers communs\Stardock 2009-01-24 15:49:45 ----RSD---- C:\WINDOWS\assembly 2009-01-24 15:48:48 ----D---- C:\WINDOWS\Microsoft.NET 2009-01-24 15:48:01 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2009-01-24 15:47:11 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-01-24 15:43:43 ----D---- C:\Program Files\Windows Live 2009-01-24 15:41:20 ----D---- C:\Program Files\Windows Media Connect 2 2009-01-24 15:37:16 ----D---- C:\Program Files\uTorrent 2009-01-24 15:37:13 ----D---- C:\Documents and Settings\erdt\Application Data\uTorrent 2009-01-24 15:36:11 ----D---- C:\WINDOWS\system32\LogFiles 2009-01-24 15:34:39 ----D---- C:\Documents and Settings\erdt\Application Data\Macromedia 2009-01-24 15:33:30 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-01-24 15:32:06 ----D---- C:\Program Files\Windows Sidebar 2009-01-24 15:32:05 ----D---- C:\Program Files\Norton AntiVirus 2009-01-24 15:31:21 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2009-01-24 15:31:08 ----D---- C:\Program Files\Symantec 2009-01-24 15:31:08 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-01-24 15:30:24 ----A---- C:\WINDOWS\BricoPackUninst.cmd 2009-01-24 15:28:48 ----D---- C:\Documents and Settings\erdt\Application Data\ViStart 2009-01-24 15:28:44 ----D---- C:\Program Files\ViStart 2009-01-24 15:26:18 ----A---- C:\WINDOWS\BricoPackUninst.txt 2009-01-24 15:26:18 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd 2009-01-24 15:25:21 ----D---- C:\WINDOWS\BricoPacks 2009-01-24 15:22:27 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-01-24 15:17:34 ----D---- C:\WINDOWS\Prefetch 2009-01-24 14:39:42 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-01-24 14:39:42 ----N---- C:\WINDOWS\system32\msxml6.dll 2009-01-24 14:38:55 ----N---- C:\WINDOWS\system32\proxycfg.exe 2009-01-24 14:38:55 ----N---- C:\WINDOWS\system32\logman.exe 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2009-01-24 14:38:34 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bthserv.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bthci.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\blastcln.exe 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\azroles.dll 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\auditusr.exe 2009-01-24 14:38:33 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\credssp.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\cmsetacl.dll 2009-01-24 14:38:32 ----N---- C:\WINDOWS\system32\btpanui.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-01-24 14:38:30 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-01-24 14:38:29 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\fltmc.exe 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\fltlib.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\extmgr.dll 2009-01-24 14:38:28 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\httpapi.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\fwcfg.dll 2009-01-24 14:38:27 ----N---- C:\WINDOWS\system32\fsquirt.exe 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdsmsno.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdno1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmlt48.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmlt47.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdmaori.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinmal.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinben.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdinbe1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdfi1.dll 2009-01-24 14:38:23 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-01-24 14:38:22 ----N---- C:\WINDOWS\system32\kbdukx.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-01-24 14:38:21 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2009-01-24 14:38:20 ----N---- C:\WINDOWS\system32\msdadiag.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napstat.exe 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-01-24 14:38:19 ----N---- C:\WINDOWS\system32\mssha.dll 2009-01-24 14:38:17 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pnetsh.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pgraph.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2pgasvc.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\p2p.dll 2009-01-24 14:38:16 ----N---- C:\WINDOWS\system32\onex.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qutil.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\qagent.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\powercfg.exe 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\pnrpnsp.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2009-01-24 14:38:15 ----N---- C:\WINDOWS\system32\p2psvc.dll 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\setupn.exe 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\sdhcinst.dll 2009-01-24 14:38:14 ----N---- C:\WINDOWS\system32\s3gnb.dll 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\smbinst.exe 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\slrundll.exe 2009-01-24 14:38:13 ----N---- C:\WINDOWS\system32\slcoinst.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\verclsid.exe 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\twext.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-01-24 14:38:11 ----N---- C:\WINDOWS\system32\strmfilt.dll 2009-01-24 14:38:11 ----A---- C:\WINDOWS\system32\xpsp2res.dll 2009-01-24 14:38:10 ----N---- C:\WINDOWS\system32\w3ssl.dll 2009-01-24 14:38:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2009-01-24 14:38:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wshbth.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wscsvc.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wscntfy.exe 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wmphoto.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-01-24 14:38:08 ----N---- C:\WINDOWS\system32\winshfhc.dll 2009-01-24 14:38:06 ----N---- C:\WINDOWS\system32\xmlprov.dll 2009-01-24 14:38:06 ----A---- C:\WINDOWS\system32\xmllite.dll 2009-01-24 14:38:05 ----N---- C:\WINDOWS\system32\xmlprovi.dll 2009-01-24 14:38:04 ----D---- C:\WINDOWS\system32\fr-fr 2009-01-24 14:38:03 ----D---- C:\WINDOWS\provisioning 2009-01-24 14:37:53 ----D---- C:\WINDOWS\l2schemas 2009-01-24 14:37:51 ----D---- C:\WINDOWS\system32\fr 2009-01-24 14:37:49 ----D---- C:\WINDOWS\peernet 2009-01-24 14:36:10 ----D---- C:\Documents and Settings\erdt\Application Data\WinRAR 2009-01-24 14:35:36 ----D---- C:\Program Files\WinRAR 2009-01-24 14:30:56 ----D---- C:\WINDOWS\ServicePackFiles 2009-01-24 14:19:35 ----D---- C:\WINDOWS\network diagnostic 2009-01-24 14:09:15 ----D---- C:\WINDOWS\EHome 2009-01-24 14:06:14 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-01-24 13:41:48 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2009-01-24 13:41:47 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2009-01-24 13:41:47 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2009-01-24 13:41:46 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2009-01-24 13:41:45 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2009-01-24 13:41:45 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2009-01-24 13:41:44 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2009-01-24 13:41:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2009-01-24 13:41:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2009-01-24 13:38:55 ----A---- C:\WINDOWS\system32\wstdecod.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\psisdecd.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\msyuv.dll 2009-01-24 13:38:54 ----A---- C:\WINDOWS\system32\msvidctl.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\qdvd.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\qdv.dll 2009-01-24 13:38:52 ----A---- C:\WINDOWS\system32\dmusic.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dxdiagn.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dxdiag.exe 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\dmime.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\d3d9.dll 2009-01-24 13:38:51 ----A---- C:\WINDOWS\system32\d3d8.dll 2009-01-24 13:38:48 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dsound.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dpwsockx.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\dplayx.dll 2009-01-24 13:38:46 ----A---- C:\WINDOWS\system32\ddraw.dll 2009-01-24 13:38:14 ----A---- C:\WINDOWS\system32\wrap_oal.dll 2009-01-24 13:38:13 ----A---- C:\WINDOWS\system32\OpenAL32.dll 2009-01-24 13:27:42 ----D---- C:\WINDOWS\system32\bits 2009-01-24 13:25:18 ----D---- C:\WINDOWS\system32\PreInstall 2009-01-24 13:24:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-01-24 13:24:54 ----HD---- C:\WINDOWS\$hf_mig$ 2009-01-24 13:24:05 ----N---- C:\WINDOWS\system32\bitsprx3.dll 2009-01-24 13:24:05 ----N---- C:\WINDOWS\system32\bitsprx2.dll 2009-01-24 13:24:05 ----A---- C:\WINDOWS\system32\winhttp.dll 2009-01-24 13:24:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-01-24 13:19:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-01-24 13:18:26 ----D---- C:\WINDOWS\SoftwareDistribution 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wups.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-01-24 13:18:18 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-01-24 13:18:05 ----D---- C:\Documents and Settings\erdt\Application Data\Symantec 2009-01-24 13:15:07 ----D---- C:\Documents and Settings\erdt\Application Data\Opera 2009-01-24 13:14:52 ----D---- C:\Program Files\Opera 2009-01-24 13:13:29 ----D---- C:\Documents and Settings\erdt\Application Data\Google 2009-01-24 13:07:49 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-01-24 13:07:45 ----D---- C:\Program Files\Google 2009-01-24 12:11:10 ----AC---- C:\MCDLOG.TXT 2009-01-24 12:11:10 ----AC---- C:\DWNLOG.TXT 2009-01-24 12:08:06 ----HD---- C:\PNP 2009-01-24 12:06:12 ----HD---- C:\DRIVERS 2009-01-24 12:06:06 ----D---- C:\APPS 2009-01-24 12:05:40 ----HD---- C:\DIVTOOLS 2009-01-24 12:05:38 ----D---- C:\ACTIVDOC 2009-01-24 11:56:40 ----ASH---- C:\Documents and Settings\erdt\Application Data\desktop.ini 2009-01-24 11:56:39 ----SD---- C:\Documents and Settings\erdt\Application Data\Microsoft 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Real 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\InterTrust 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Identities 2009-01-24 11:56:39 ----D---- C:\Documents and Settings\erdt\Application Data\Adobe 2009-01-24 11:54:30 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt 2009-01-24 11:40:25 ----SHD---- C:\RECYCLER 2009-01-24 11:40:24 ----A---- C:\WINDOWS\smscfg.ini 2009-01-24 11:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2009-01-24 11:38:17 ----D---- C:\Program Files\CyberLink 2009-01-24 11:37:49 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL 2009-01-24 11:34:46 ----D---- C:\Program Files\Virtual CD v4 SDK 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsscsi.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsenv.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcscomm.dll 2009-01-24 11:34:46 ----A---- C:\WINDOWS\system32\vcsapi.dll 2009-01-24 11:34:37 ----A---- C:\WINDOWS\ODBC.INI 2009-01-24 11:32:49 ----D---- C:\WINDOWS\ShellNew 2009-01-24 11:32:41 ----D---- C:\Program Files\Microsoft Visual Studio 2009-01-24 11:32:41 ----D---- C:\Program Files\Fichiers communs\Designer 2009-01-24 11:31:31 ----D---- C:\Program Files\Microsoft Office 2009-01-24 11:30:54 ----D---- C:\Program Files\Fichiers communs\xing shared 2009-01-24 11:30:49 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-01-24 11:30:45 ----D---- C:\Program Files\Real 2009-01-24 11:30:45 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-01-24 11:30:45 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-01-24 11:30:44 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-01-24 11:30:43 ----D---- C:\Program Files\Fichiers communs\Real 2009-01-24 11:29:54 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime 2009-01-24 11:29:38 ----D---- C:\Program Files\Fichiers communs\TVNavigTechnologies Shared 2009-01-24 11:28:30 ----A---- C:\WINDOWS\HDReg.ini 2009-01-24 11:27:56 ----D---- C:\WINDOWS\Profiles 2009-01-24 11:27:55 ----D---- C:\WINDOWS\system32\Adobe 2009-01-24 11:27:55 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-01-24 11:26:48 ----SHC---- C:\BOOT.BAK 2009-01-24 11:26:38 ----RSHD---- C:\cmdcons 2009-01-24 11:26:38 ----A---- C:\WINDOWS\UPGRADE.TXT 2009-01-24 11:23:26 ----A---- C:\WINDOWS\Wmfkbpok.ini 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpui.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpshell.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmploc.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpdxm.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpcore.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpcd.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmpasf.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmp.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\wmerror.dll 2009-01-24 11:23:22 ----A---- C:\WINDOWS\system32\asferror.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\mswmdm.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\msscp.dll 2009-01-24 11:23:12 ----A---- C:\WINDOWS\system32\mspmsnsv.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmvdmod.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMVCore.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmsdmod.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMNetmgr.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmidx.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\wmasf.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMADMOE.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\WMADMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\qasf.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\MP43DMOD.dll 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\logagent.exe 2009-01-24 11:23:04 ----A---- C:\WINDOWS\system32\LAPRXY.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\wmdmps.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\wmdmlog.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\mspmsp.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\msnetobj.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmv2clt.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmstor.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\drmclien.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\cewmdm.dll 2009-01-24 11:23:03 ----A---- C:\WINDOWS\system32\blackbox.dll 2009-01-24 11:22:59 ----A---- C:\WINDOWS\system32\OEMINFO.INI 2009-01-24 11:22:41 ----D---- C:\WINDOWS\RegisteredPackages 2009-01-24 11:20:53 ----D---- C:\Program Files\Synaptics 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPFcs.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPCoI.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynTPAPI.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynCtrl.dll 2009-01-24 11:20:53 ----A---- C:\WINDOWS\system32\SynCOM.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\slmh.exe 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\SLLights.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\minirec.exe 2009-01-24 11:20:46 ----A---- C:\WINDOWS\system32\amr_cpl.dll 2009-01-24 11:20:46 ----A---- C:\WINDOWS\SmCfg.exe 2009-01-24 11:20:41 ----D---- C:\WINDOWS\Modio 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\slserv.exe 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\SLGen.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\slextspk.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\system32\coinst.dll 2009-01-24 11:20:40 ----A---- C:\WINDOWS\slrundll.exe 2009-01-24 11:20:20 ----A---- C:\WINDOWS\system32\Audio3D.dll 2009-01-24 11:20:20 ----A---- C:\WINDOWS\system32\a3d.dll 2009-01-24 11:20:20 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2009-01-24 11:20:20 ----A---- C:\WINDOWS\alcupd.exe 2009-01-24 11:20:20 ----A---- C:\WINDOWS\alcrmv.exe 2009-01-24 11:19:12 ----HD---- C:\Program Files\InstallShield Installation Information 2009-01-24 11:19:12 ----D---- C:\Program Files\ATI Technologies 2009-01-24 11:19:09 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-01-24 11:19:07 ----D---- C:\Program Files\VIA 2009-01-24 11:19:07 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-01-24 11:19:05 ----A---- C:\WINDOWS\IsUninst.exe 2009-01-24 11:17:52 ----A---- C:\WINDOWS\system32\xpsp1hfm.exe 2009-01-24 11:15:39 ----A---- C:\WINDOWS\system32\hccoin.dll 2009-01-24 11:15:31 ----A---- C:\WINDOWS\system32\usbui.dll 2009-01-15 02:22:08 ----N---- C:\WINDOWS\system32\msrating.dll.mui 2009-01-15 02:21:46 ----N---- C:\WINDOWS\system32\mshta.exe.mui 2009-01-15 02:19:36 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui 2009-01-15 02:19:08 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui ======List of files/folders modified in the last 1 months====== 2009-02-14 17:59:24 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-02-14 17:58:29 ----D---- C:\WINDOWS\system32 2009-02-14 17:55:50 ----D---- C:\WINDOWS 2009-02-14 17:53:14 ----D---- C:\Program Files\Outlook Express 2009-02-14 17:51:47 ----D---- C:\WINDOWS\system32\usmt 2009-02-14 16:55:11 ----D---- C:\WINDOWS\Temp 2009-02-14 16:13:21 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-14 14:59:09 ----HD---- C:\WINDOWS\inf 2009-02-14 14:59:09 ----D---- C:\WINDOWS\Media 2009-02-14 14:59:09 ----D---- C:\WINDOWS\Help 2009-02-14 14:59:09 ----D---- C:\Program Files\Internet Explorer 2009-02-14 13:47:23 ----RD---- C:\Program Files 2009-02-14 12:14:46 ----D---- C:\WINDOWS\system32\drivers 2009-02-14 10:50:13 ----D---- C:\WINDOWS\Debug 2009-02-14 08:58:30 ----SHD---- C:\WINDOWS\Installer 2009-02-14 08:57:20 ----D---- C:\WINDOWS\WinSxS 2009-02-13 22:20:31 ----SHD---- C:\System Volume Information 2009-02-13 22:20:31 ----D---- C:\WINDOWS\system32\Restore 2009-02-13 17:02:48 ----D---- C:\WINDOWS\Registration 2009-02-09 11:07:26 ----D---- C:\WINDOWS\system32\config 2009-02-09 10:35:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-02-04 21:48:10 ----RSD---- C:\WINDOWS\Fonts 2009-01-31 21:29:38 ----D---- C:\Program Files\Fichiers communs 2009-01-29 17:55:05 ----D---- C:\WINDOWS\system32\CatRoot 2009-01-29 17:44:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-01-29 17:19:15 ----ASHC---- C:\BOOT.INI 2009-01-29 16:00:44 ----D---- C:\Program Files\Movie Maker 2009-01-25 19:25:39 ----D---- C:\WINDOWS\system32\DirectX 2009-01-25 18:26:27 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-01-25 18:05:53 ----D---- C:\WINDOWS\system32\mui 2009-01-25 18:01:25 ----D---- C:\WINDOWS\system32\spool 2009-01-25 17:00:30 ----D---- C:\Documents and Settings 2009-01-25 03:33:26 ----AC---- C:\c0.txt 2009-01-25 01:57:06 ----SD---- C:\WINDOWS\Tasks 2009-01-25 01:08:04 ----A---- C:\WINDOWS\system32\logonuiX.exe 2009-01-25 00:57:02 ----D---- C:\Program Files\Windows Media Player 2009-01-24 16:11:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-01-24 15:51:19 ----RD---- C:\WINDOWS\Web 2009-01-24 15:43:00 ----D---- C:\WINDOWS\PCHealth 2009-01-24 15:42:58 ----A---- C:\WINDOWS\win.ini 2009-01-24 15:30:23 ----A---- C:\WINDOWS\system32\uxtheme.dll 2009-01-24 15:29:21 ----D---- C:\WINDOWS\Cursors 2009-01-24 15:17:50 ----D---- C:\WINDOWS\system32\wbem 2009-01-24 15:16:59 ----D---- C:\WINDOWS\AppPatch 2009-01-24 15:16:56 ----D---- C:\WINDOWS\system32\Setup 2009-01-24 14:53:42 ----D---- C:\WINDOWS\security 2009-01-24 14:38:53 ----D---- C:\WINDOWS\ime 2009-01-24 14:38:04 ----D---- C:\WINDOWS\system32\oobe 2009-01-24 14:30:23 ----D---- C:\WINDOWS\system32\npp 2009-01-24 14:30:18 ----D---- C:\WINDOWS\msagent 2009-01-24 14:30:12 ----D---- C:\WINDOWS\srchasst 2009-01-24 14:30:09 ----D---- C:\Program Files\NetMeeting 2009-01-24 14:30:04 ----D---- C:\WINDOWS\system32\Com 2009-01-24 14:29:48 ----D---- C:\Program Files\Windows NT 2009-01-24 14:29:23 ----D---- C:\Program Files\Fichiers communs\System 2009-01-24 14:27:28 ----D---- C:\WINDOWS\system 2009-01-24 14:17:41 ----RASH---- C:\NTDETECT.COM 2009-01-24 13:43:12 ----D---- C:\WINDOWS\system32\Macromed 2009-01-24 13:18:25 ----HD---- C:\Program Files\WindowsUpdate 2009-01-24 13:07:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-01-24 11:42:28 ----N---- C:\WINDOWS\system.ini 2009-01-15 02:22:32 ----A---- C:\WINDOWS\system32\ieframe.dll.mui 2009-01-15 02:19:36 ----A---- C:\WINDOWS\system32\advpack.dll.mui 2009-01-15 02:17:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2009-01-15 02:13:18 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-01-15 02:12:12 ----A---- C:\WINDOWS\system32\ieframe.dll 2009-01-15 02:06:48 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-01-15 02:06:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe 2009-01-15 02:06:08 ----A---- C:\WINDOWS\system32\webcheck.dll 2009-01-15 02:06:00 ----A---- C:\WINDOWS\system32\url.dll 2009-01-15 02:05:42 ----A---- C:\WINDOWS\system32\wininet.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\occache.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\msrating.dll 2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\licmgr10.dll 2009-01-15 02:04:28 ----A---- C:\WINDOWS\system32\corpol.dll 2009-01-15 02:04:16 ----A---- C:\WINDOWS\system32\jsproxy.dll 2009-01-15 02:03:58 ----A---- C:\WINDOWS\system32\jscript.dll 2009-01-15 02:03:50 ----A---- C:\WINDOWS\system32\ieaksie.dll 2009-01-15 02:03:42 ----A---- C:\WINDOWS\system32\ieakeng.dll 2009-01-15 02:03:36 ----A---- C:\WINDOWS\system32\vbscript.dll 2009-01-15 02:03:32 ----A---- C:\WINDOWS\system32\admparse.dll 2009-01-15 02:03:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2009-01-15 02:03:20 ----A---- C:\WINDOWS\system32\ieakui.dll 2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\ieudinit.exe 2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\iesetup.dll 2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\inseng.dll 2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\iernonce.dll 2009-01-15 02:03:12 ----A---- C:\WINDOWS\system32\advpack.dll 2009-01-15 02:02:50 ----A---- C:\WINDOWS\system32\iertutil.dll 2009-01-15 02:02:40 ----A---- C:\WINDOWS\system32\msfeeds.dll 2009-01-15 02:02:20 ----A---- C:\WINDOWS\system32\mstime.dll 2009-01-15 02:01:52 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-01-15 02:01:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe 2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\icardie.dll 2009-01-15 02:01:26 ----A---- C:\WINDOWS\system32\imgutil.dll 2009-01-15 02:01:22 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2009-01-15 02:01:18 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-01-15 02:01:16 ----A---- C:\WINDOWS\system32\dxtrans.dll 2009-01-15 02:01:06 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-01-15 02:00:46 ----A---- C:\WINDOWS\system32\mshtmler.dll 2009-01-15 02:00:38 ----A---- C:\WINDOWS\system32\mshta.exe 2009-01-15 01:50:50 ----A---- C:\WINDOWS\system32\ieui.dll 2009-01-15 01:50:38 ----A---- C:\WINDOWS\system32\msls31.dll 2009-01-15 01:35:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-06-18 36864] R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [] R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys [] R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-01-31 279088] R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-01-31 43696] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-06-13 184240] R1 vcsmpdrv;vcsmpdrv; C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys [2002-06-07 49232] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-06-19 752764] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-09-30 611840] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 EMCR;EMCR; C:\WINDOWS\System32\DRIVERS\EMCR7SK.sys [2003-07-22 68224] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-04 25280] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 MTC0001_ESB;ESB device driver; C:\WINDOWS\System32\ntESB.sys [2001-11-27 5072] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090213.050\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090213.050\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8180.SYS [2003-06-10 164864] R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-06-13 13616] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-06-13 96432] R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-06-13 38576] R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\ipsdefs\20090212.001\SymIDSCo.sys [] R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280] R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-06-13 37424] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-03-27 268784] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 41856] S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-02-05 162136] S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-04-13 1897408] S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys [] S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-02-05 506912] S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-02-17 85552] S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-01-17 39348] S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-01-31 317616] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-09-30 380928] R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-26 152984] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-14 950096] R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL [] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version); C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-16 139264] R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-01-24 1245064] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe [2008-11-15 6447744] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880] -----------------EOF-----------------
  11. frozz
    Aucuns changement toujours regedit qui ne s'ouvre pas ainsi que le gestionnaire de tâches et les fenetres intempestives sont tours là Avez-vous une autre solution?
  12. frozz
    J'avais 2 infections. J'ai une erreur en ouvrant le fichier.vbs : Ligne: 7 Caract. : 1 Erreur : Racine incorrecte dans la clé de Registre "HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command\". Code : 80070005 Source : WshShell.RegWrite PS: Merci de m'accorder votre temps.
  13. frozz
    j'ai toujous le probleme Voici le rapport : Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1761 Windows 5.1.2600 Service Pack 3 2009-02-14 13:44:22 mbam-log-2009-02-14 (13-44-22).txt Type de recherche: Examen complet (C:\|E:\|) Eléments examinés: 173754 Temps écoulé: 1 hour(s), 22 minute(s), 53 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): E:\disque dur\hdd C\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
  14. frozz
    voici: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:20, on 2009-02-14 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\System32\ESB.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\4mtcsb.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\jwtch32.exe C:\Program Files\spooler.exe C:\PROGRA~1\Cacheman\Cacheman.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Styler.exe C:\Program Files\TrueTransparency\TrueTransparency.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Karcher.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/befr.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\TB\StylerTB.dll O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe O4 - HKLM\..\Run: [4mtcsb] C:\WINDOWS\System32\4mtcsb.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Microsoft netswitch] C:\WINDOWS\system32\jwtch32.exe O4 - HKLM\..\Run: [Printspooler] C:\Program Files\spooler.exe O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\Cacheman\Cacheman.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 4\transtask.exe" O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Raccourci vers Styler.lnk = C:\Program Files\Styler.exe O4 - Global Startup: Raccourci vers TrueTransparency.lnk = C:\Program Files\TrueTransparency\TrueTransparency.exe O4 - Global Startup: Raccourci vers ViStart OneStep.lnk = E:\ViStart OneStep.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- End of file - 9501 bytes
  15. frozz
    Merci pour cette réponse rapide
  16. frozz
    Bonjour, J'ai un probleme quand je suis sur mon bureau j'ai des fenetres intempestives d'internet explorer (pub casino,poker...) qui reviennent chaque fois, ce n'est pas tout je ne sait plus ouvrir regedit (regedit.exe n'existe plus) ainsi que le gestionnaire des taches. Seriez vous m'aider svp. Pour le rapport j'attends de savoir quel programme utilisez-vous? EDIT: Pour regedit.exe j'ai renomer regedit.exe.exe et ca marche
×
×
  • Créer...