myriam-guadeloupe

Membres

Afficher le profil Afficher son activité

Compteur de contenus
4
Inscription
le 8 juin 2009
Dernière visite
le 8 juin 2009

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par myriam-guadeloupe

conseils

myriam-guadeloupe a posté un sujet dans Analyses et éradication malwares

J'ai suivi les infos pour déveroler mon pc mais je comprends pas est ce que j'ai bien fait??? Merki
- le 8 juin 2009
- 1 réponse
Analyse HijackThis

myriam-guadeloupe a répondu à un(e) sujet de myriam-guadeloupe dans Analyses et éradication malwares

-----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Mobile AMD Sempron™ Processor 3000+ ) BIOS : Insyde Software MobilePRO BIOS Version 4.00.05 USER : admin ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Anti-Virus 8.0.0.357 (Activated) C:\ (Local Disk) - NTFS - Total:37 Go (Free:27 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 08/06/2009| 5:34 ) -----------\\ Recherche de Fichiers / Dossiers ... [service] MyWebSearchService C:\Program Files\FunWebProducts C:\Program Files\FunWebProducts\Installr C:\Program Files\FunWebProducts\ScreenSaver C:\Program Files\FunWebProducts\Shared C:\Program Files\FunWebProducts\Installr\1.bin C:\Program Files\FunWebProducts\Installr\Cache C:\Program Files\FunWebProducts\Installr\setups C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP(2).DLL C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL C:\Program Files\FunWebProducts\Installr\Cache\00472E0B(2).exe C:\Program Files\FunWebProducts\Installr\Cache\00472E0B.exe C:\Program Files\FunWebProducts\Installr\Cache\files(2).ini C:\Program Files\FunWebProducts\Installr\Cache\files.ini C:\Program Files\FunWebProducts\ScreenSaver\Images C:\Program Files\FunWebProducts\Shared\Cache C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html C:\Program Files\GamesBar C:\Program Files\GamesBar\Localization2-French.ini C:\Program Files\MyWebSearch C:\Program Files\MyWebSearch\bar C:\Program Files\MyWebSearch\bar\1.bin C:\Program Files\MyWebSearch\bar\Avatar C:\Program Files\MyWebSearch\bar\Cache C:\Program Files\MyWebSearch\bar\Game C:\Program Files\MyWebSearch\bar\History C:\Program Files\MyWebSearch\bar\icons C:\Program Files\MyWebSearch\bar\Message C:\Program Files\MyWebSearch\bar\Notifier C:\Program Files\MyWebSearch\bar\Settings C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL C:\Program Files\MyWebSearch\bar\Avatar\COMMON C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S C:\Program Files\MyWebSearch\bar\Avatar\COMMON\avatar.htm C:\Program Files\MyWebSearch\bar\Avatar\COMMON\bgfadel.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\bgfader.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\common-x.css C:\Program Files\MyWebSearch\bar\Avatar\COMMON\common.css C:\Program Files\MyWebSearch\bar\Avatar\COMMON\cornerbl.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\cornerbr.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\ext_def.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\ext_roll.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\include.js C:\Program Files\MyWebSearch\bar\Avatar\COMMON\index.htm C:\Program Files\MyWebSearch\bar\Avatar\COMMON\loader.htm C:\Program Files\MyWebSearch\bar\Avatar\COMMON\loading.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\logo.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\max_def.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\max_roll.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\min_def.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\min_roll.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\noflash.htm C:\Program Files\MyWebSearch\bar\Avatar\COMMON\res_def.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\res_roll.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\spacer.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\spacer.swf C:\Program Files\MyWebSearch\bar\Avatar\COMMON\topgrad.gif C:\Program Files\MyWebSearch\bar\Avatar\COMMON\window(2).ico C:\Program Files\MyWebSearch\bar\Avatar\COMMON\window.ico C:\Program Files\MyWebSearch\bar\Cache\0003DAE0 C:\Program Files\MyWebSearch\bar\Cache\00485219 C:\Program Files\MyWebSearch\bar\Cache\00485FB5.bin C:\Program Files\MyWebSearch\bar\Cache\00486284.bin C:\Program Files\MyWebSearch\bar\Cache\00486B7D.bin C:\Program Files\MyWebSearch\bar\Cache\004875ED.bin C:\Program Files\MyWebSearch\bar\Cache\0048807C.bin C:\Program Files\MyWebSearch\bar\Cache\02F5B68C.bin C:\Program Files\MyWebSearch\bar\Cache\02F5CA62.bin C:\Program Files\MyWebSearch\bar\Cache\02F5D668.bin C:\Program Files\MyWebSearch\bar\Cache\02F5E230.bin C:\Program Files\MyWebSearch\bar\Cache\files.ini C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S C:\Program Files\MyWebSearch\bar\History\search3 C:\Program Files\MyWebSearch\bar\icons\CM(2).ICO C:\Program Files\MyWebSearch\bar\icons\CM.ICO C:\Program Files\MyWebSearch\bar\icons\MFC(2).ICO C:\Program Files\MyWebSearch\bar\icons\MFC.ICO C:\Program Files\MyWebSearch\bar\icons\PSS(2).ICO C:\Program Files\MyWebSearch\bar\icons\PSS.ICO C:\Program Files\MyWebSearch\bar\icons\SMILEY(2).ICO C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO C:\Program Files\MyWebSearch\bar\icons\WB(2).ICO C:\Program Files\MyWebSearch\bar\icons\WB.ICO C:\Program Files\MyWebSearch\bar\icons\ZWINKY(2).ICO C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO C:\Program Files\MyWebSearch\bar\Message\COMMON C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm C:\Program Files\MyWebSearch\bar\Settings\setting2.htm C:\Program Files\MyWebSearch\bar\Settings\settings.dat C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat C:\DOCUME~1\admin\Cookies\admin@mywebsearch[1].txt C:\WINDOWS\System32\f3PSSavr.scr -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 08/06/2009| 5:34 - Option : [1] -----------\\ Fin du rapport a 5:34:44,96
- le 8 juin 2009
- 3 réponses
Analyse HijackThis

myriam-guadeloupe a répondu à un(e) sujet de myriam-guadeloupe dans Analyses et éradication malwares

info.txt logfile of random's system information tool 1.06 2009-06-08 05:04:39 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf -->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer' Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} My Web Search (Zwinky)-->rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Orange - Logiciels Internet-->C:\Program Files\Orange HSS\installation\core\Installgui.exe -u Pacific Poker-->C:\PROGRA~1\PACIFI~1\UNWISE.EXE C:\PROGRA~1\PACIFI~1\INSTALL.LOG Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" Smart Link 56K Modem-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe WebTarot 1.30-->"C:\Program Files\Webtarot\unins000.exe" Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 4.5 SDK-->MsiExec.exe /I{0CA21011-069B-B16A-A5CA-9ABE49DAC05C} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======Security center information====== AV: Norton AntiVirus AV: AntiVir Desktop (outdated) AV: Kaspersky Anti-Virus ======System event log====== Computer Name: MYRIAM-DB6A65B4 Event Code: 7024 Message: Le service Norton AntiVirus s'est arrêté avec l'erreur service particulière 4294967295 (0xFFFFFFFF). Record Number: 5 Source Name: Service Control Manager Time Written: 20090606023104.000000+120 Event Type: erreur User: Computer Name: MYRIAM-DB6A65B4 Event Code: 7000 Message: Le service avast! Antivirus n'a pas pu démarrer en raison de l'erreur : Le chemin d'accès spécifié est introuvable. Record Number: 4 Source Name: Service Control Manager Time Written: 20090606023104.000000+120 Event Type: erreur User: Computer Name: MYRIAM-DB6A65B4 Event Code: 7000 Message: Le service avast! iAVS4 Control Service n'a pas pu démarrer en raison de l'erreur : Le chemin d'accès spécifié est introuvable. Record Number: 3 Source Name: Service Control Manager Time Written: 20090606023104.000000+120 Event Type: erreur User: Computer Name: MYRIAM-DB6A65B4 Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20090606023058.000000+120 Event Type: Informations User: Computer Name: MYRIAM-DB6A65B4 Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20090606023058.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: MYRIAM-DB6A65B4 Event Code: 103 Message: msnmsgr (576) \\.\C:\Documents and Settings\Myriam\Local Settings\Application Data\Microsoft\Messenger\mila971@hotmail.fr\SharingMetadata\Working\database_F06C_2E4_6C02_A606\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 1884 Source Name: ESENT Time Written: 20090507190118.000000+120 Event Type: Informations User: Computer Name: MYRIAM-DB6A65B4 Event Code: 102 Message: msnmsgr (576) \\.\C:\Documents and Settings\Myriam\Local Settings\Application Data\Microsoft\Messenger\mila971@hotmail.fr\SharingMetadata\Working\database_F06C_2E4_6C02_A606\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 1883 Source Name: ESENT Time Written: 20090507190117.000000+120 Event Type: Informations User: Computer Name: MYRIAM-DB6A65B4 Event Code: 100 Message: msnmsgr (576) Le moteur de base de données 5.01.2600.2780 est démarré. Record Number: 1882 Source Name: ESENT Time Written: 20090507190117.000000+120 Event Type: Informations User: Computer Name: MYRIAM-DB6A65B4 Event Code: 101 Message: msnmsgr (576) Le moteur de base de données est arrêté. Record Number: 1881 Source Name: ESENT Time Written: 20090507185916.000000+120 Event Type: Informations User: Computer Name: MYRIAM-DB6A65B4 Event Code: 103 Message: msnmsgr (576) \\.\C:\Documents and Settings\Myriam\Local Settings\Application Data\Microsoft\Messenger\mila971@hotmail.fr\SharingMetadata\Working\database_F06C_2E4_6C02_A606\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 1880 Source Name: ESENT Time Written: 20090507185916.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
- le 8 juin 2009
- 3 réponses
Analyse HijackThis

myriam-guadeloupe a posté un sujet dans Analyses et éradication malwares

Bonjour Un petit peut d'aide serait la bienvenue , avec mes remerciements d'avançe . Analyse rapports HijackThis, Eradication malwares Logfile of random's system information tool 1.06 (written by random/random) Run by admin at 2009-06-08 05:07:36 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 28 GB (74%) free of 38 GB Total RAM: 447 MB (36% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 05:07:37, on 08/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\DOCUME~1\admin\LOCALS~1\Temp\8BD54F3E-DD19-4a69-93D8-5C6A5BBBE20E.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\admin\Bureau\RSIT.exe C:\Program Files\trend micro\admin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (file missing) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing) O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [softwareHelper] C:\Documents and Settings\Myriam\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.1.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1204098022359 O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk...ows-i586-jc.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshe...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 7732 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}] MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2009-04-09 65536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}] mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] EoBho Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-05 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-05 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2004-06-22 143360] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-09-01 53248] "ORAHSSSessionManager"=C:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-12-12 107248] "MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF [] "My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=2 /w [] "EoEngine"= [] "SoftwareHelper"=C:\Documents and Settings\Myriam\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-09-16 69632] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-05 148888] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] C:\Documents and Settings\admin\Menu Démarrer\Programmes\Démarrage Notification de cadeaux MSN.lnk - C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS" "C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*:Disabled:jeu de tarot" "C:\Documents and Settings\admin\Local Settings\Temp\7zS9.tmp\SymNRT.exe"="C:\Documents and Settings\admin\Local Settings\Temp\7zS9.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2009-06-08 05:03:34 ----D---- C:\Program Files\trend micro 2009-06-08 05:03:31 ----D---- C:\rsit 2009-06-08 01:47:35 ----D---- C:\WINDOWS\LastGood 2009-06-08 01:47:22 ----D---- C:\Program Files\Avira 2009-06-08 01:47:22 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-08 01:24:30 ----D---- C:\Windows Installer 4.5 SDK 2009-06-08 00:57:27 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller 2009-06-08 00:52:44 ----D---- C:\Program Files\Windows Installer 4.5 SDK 2009-06-08 00:16:12 ----D---- C:\Documents and Settings\admin\Application Data\Macromedia 2009-06-08 00:12:33 ----D---- C:\Documents and Settings\admin\Application Data\Adobe 2009-06-08 00:09:57 ----D---- C:\Documents and Settings\admin\Application Data\Identities 2009-06-08 00:09:48 ----HD---- C:\Program Files\Uninstall Information 2009-06-08 00:09:38 ----ASH---- C:\Documents and Settings\admin\Application Data\desktop.ini 2009-06-08 00:09:36 ----SD---- C:\Documents and Settings\admin\Application Data\Microsoft 2009-06-05 03:05:52 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-05 03:05:52 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-05 03:05:52 ----A---- C:\WINDOWS\system32\java.exe 2009-06-05 03:05:52 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-06-05 03:05:06 ----D---- C:\Program Files\Java 2009-06-05 02:51:50 ----A---- C:\WINDOWS\MPW.INI 2009-06-04 23:08:15 ----A---- C:\WINDOWS\system32\OVUI2RC.dll 2009-06-04 23:08:14 ----A---- C:\WINDOWS\system32\OVUI2.dll 2009-06-04 23:08:12 ----A---- C:\WINDOWS\system32\OVComS.exe 2009-06-04 23:08:11 ----A---- C:\WINDOWS\system32\OVComC.dll 2009-06-04 23:08:10 ----A---- C:\WINDOWS\system32\OVCodec2.dll 2009-06-04 19:30:21 ----D---- C:\Documents and Settings\All Users\Application Data\Intenium 2009-06-03 01:56:59 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo 2009-06-01 20:36:57 ----D---- C:\Program Files\VideoLAN 2009-05-29 03:05:49 ----D---- C:\Program Files\GamesBar 2009-05-29 03:03:26 ----D---- C:\Program Files\Fichiers communs\Oberon Media 2009-05-29 03:03:25 ----D---- C:\Program Files\orange 2009-05-26 03:58:21 ----D---- C:\Program Files\Oberon Media 2009-05-26 03:58:20 ----D---- C:\Program Files\MSN Games 2009-05-22 04:05:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-05-21 02:49:06 ----D---- C:\Program Files\movie maker 2009-05-20 01:35:46 ----A---- C:\WINDOWS\system32\ieencode.dll 2009-05-20 00:52:19 ----D---- C:\732cd9fa3ce6640d680715f8 2009-05-19 03:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-05-19 01:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-05-17 23:12:12 ----D---- C:\Documents and Settings\All Users\Application Data\Norton 2009-05-17 23:03:14 ----A---- C:\WINDOWS\system32\SETE4.tmp 2009-05-17 23:03:13 ----A---- C:\WINDOWS\system32\SETE3.tmp 2009-05-17 23:03:12 ----A---- C:\WINDOWS\system32\SETE2.tmp 2009-05-17 23:03:11 ----D---- C:\8b6a8b7fcdea0393f1a28ff0 2009-05-17 23:02:09 ----D---- C:\WINDOWS\SxsCaPendDel 2009-05-14 19:51:32 ----RSH---- C:\j.cmd 2009-05-13 19:40:19 ----D---- C:\Documents and Settings\All Users\Application Data\Zylom 2009-05-09 21:14:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microgaming 2009-05-09 21:14:07 ----D---- C:\Documents and Settings\All Users\Application Data\MGS ======List of files/folders modified in the last 1 months====== 2009-06-08 05:03:34 ----RD---- C:\Program Files 2009-06-08 03:56:06 ----D---- C:\WINDOWS 2009-06-08 03:52:45 ----SHD---- C:\RECYCLER 2009-06-08 03:51:10 ----SHD---- C:\WINDOWS\Installer 2009-06-08 03:51:09 ----D---- C:\Documents and Settings 2009-06-08 03:44:37 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-06-08 03:35:56 ----D---- C:\WINDOWS\Temp 2009-06-08 03:28:33 ----A---- C:\WINDOWS\imsins.BAK 2009-06-08 03:28:29 ----D---- C:\WINDOWS\system32 2009-06-08 03:28:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-06-08 03:28:04 ----D---- C:\Config.Msi 2009-06-08 03:19:03 ----D---- C:\Program Files\Internet Explorer 2009-06-08 02:05:42 ----D---- C:\WINDOWS\Prefetch 2009-06-08 01:47:40 ----HD---- C:\WINDOWS\inf 2009-06-08 01:47:40 ----D---- C:\WINDOWS\system32\drivers 2009-06-08 01:44:54 ----D---- C:\WINDOWS\WinSxS 2009-06-08 01:44:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-06-08 01:29:43 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-08 01:20:00 ----A---- C:\WINDOWS\ntbtlog.txt 2009-06-08 01:12:09 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-08 01:06:26 ----SHD---- C:\System Volume Information 2009-06-08 00:10:04 ----A---- C:\WINDOWS\OEWABLog.txt 2009-06-07 05:30:42 ----D---- C:\Program Files\Webtarot 2009-06-07 05:27:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-06-05 03:06:29 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-06-04 23:08:22 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-29 03:03:26 ----D---- C:\Program Files\Fichiers communs 2009-05-25 03:11:48 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-05-22 04:47:52 ----A---- C:\WINDOWS\setuplog.txt 2009-05-22 04:47:21 ----D---- C:\WINDOWS\system32\oobe 2009-05-22 04:41:13 ----D---- C:\activdoc 2009-05-22 04:33:37 ----D---- C:\Program Files\7-Zip 2009-05-22 04:28:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-05-22 02:22:51 ----D---- C:\WINDOWS\AppPatch 2009-05-21 04:06:25 ----D---- C:\Program Files\Windows Media Player 2009-05-21 03:14:56 ----RSD---- C:\WINDOWS\Fonts 2009-05-21 03:13:25 ----D---- C:\WINDOWS\EHome 2009-05-21 03:13:23 ----D---- C:\WINDOWS\Help 2009-05-21 03:13:21 ----HDC---- C:\WINDOWS\ie7 2009-05-21 03:13:18 ----D---- C:\WINDOWS\ime 2009-05-21 03:12:51 ----D---- C:\WINDOWS\PeerNet 2009-05-21 03:12:51 ----D---- C:\WINDOWS\network diagnostic 2009-05-21 03:12:51 ----D---- C:\WINDOWS\msagent 2009-05-21 03:12:49 ----D---- C:\WINDOWS\repair 2009-05-21 03:12:21 ----D---- C:\WINDOWS\srchasst 2009-05-21 03:12:20 ----D---- C:\WINDOWS\system 2009-05-21 03:10:48 ----D---- C:\WINDOWS\system32\bits 2009-05-21 03:10:48 ----D---- C:\WINDOWS\system32\1033 2009-05-21 03:10:46 ----D---- C:\WINDOWS\system32\Com 2009-05-21 03:10:14 ----D---- C:\WINDOWS\system32\fr 2009-05-21 03:10:13 ----D---- C:\WINDOWS\system32\npp 2009-05-21 03:10:11 ----D---- C:\WINDOWS\system32\ras 2009-05-21 03:10:09 ----D---- C:\WINDOWS\system32\Setup 2009-05-21 03:10:09 ----D---- C:\WINDOWS\system32\Restore 2009-05-21 03:10:07 ----D---- C:\WINDOWS\system32\wbem 2009-05-21 03:10:07 ----D---- C:\WINDOWS\system32\usmt 2009-05-21 03:10:07 ----D---- C:\WINDOWS\system32\URTTemp 2009-05-21 03:10:03 ----D---- C:\WINDOWS\WBEM 2009-05-21 03:10:03 ----D---- C:\WINDOWS\twain_32 2009-05-21 03:09:23 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2009-05-21 03:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-05-21 03:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-05-21 03:09:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-05-21 03:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-05-21 03:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-05-21 03:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-05-21 03:08:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-05-21 03:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2009-05-21 03:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-05-21 03:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ 2009-05-21 03:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-05-21 03:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$ 2009-05-21 03:08:50 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2009-05-21 03:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$ 2009-05-21 03:08:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2009-05-21 03:08:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2009-05-21 03:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-05-21 03:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2009-05-21 03:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-05-21 03:08:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-05-21 03:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2009-05-21 03:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2009-05-21 03:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-05-21 03:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$ 2009-05-21 03:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-05-21 03:08:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2009-05-21 03:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$ 2009-05-21 03:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2009-05-21 03:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2009-05-21 03:08:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2009-05-21 03:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-05-21 03:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2009-05-21 03:08:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-05-21 03:08:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-05-21 03:08:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-05-21 03:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2009-05-21 03:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2009-05-21 03:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-05-21 03:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$ 2009-05-21 03:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2009-05-21 03:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-05-21 03:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2009-05-21 03:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2009-05-21 03:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-05-21 03:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2009-05-21 03:07:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-05-21 03:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2009-05-21 03:07:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-05-21 03:07:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2009-05-21 03:07:47 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$ 2009-05-21 03:07:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2009-05-21 03:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-05-21 03:07:45 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$ 2009-05-21 03:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$ 2009-05-21 03:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$ 2009-05-21 03:07:43 ----HDC---- C:\WINDOWS\$NtUninstallKB944533$ 2009-05-21 03:07:39 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$ 2009-05-21 03:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB943460_0$ 2009-05-21 03:07:33 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$ 2009-05-21 03:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$ 2009-05-21 03:07:26 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$ 2009-05-21 03:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$ 2009-05-21 03:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-05-21 03:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$ 2009-05-21 03:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB941202$ 2009-05-21 03:07:22 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2009-05-21 03:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$ 2009-05-21 03:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$ 2009-05-21 03:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2009-05-21 03:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$ 2009-05-21 03:07:09 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2009-05-21 03:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$ 2009-05-21 03:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$ 2009-05-21 03:07:06 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$ 2009-05-21 03:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$ 2009-05-21 03:07:04 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2009-05-21 03:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$ 2009-05-21 03:07:01 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$ 2009-05-21 03:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$ 2009-05-21 03:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$ 2009-05-21 03:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$ 2009-05-21 03:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2009-05-21 03:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$ 2009-05-21 03:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$ 2009-05-21 03:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$ 2009-05-21 03:06:45 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$ 2009-05-21 03:06:44 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$ 2009-05-21 03:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$ 2009-05-21 03:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$ 2009-05-21 03:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$ 2009-05-21 03:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2009-05-21 03:06:38 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$ 2009-05-21 03:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB925876$ 2009-05-21 03:06:35 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$ 2009-05-21 03:06:34 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$ 2009-05-21 03:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$ 2009-05-21 03:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$ 2009-05-21 03:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$ 2009-05-21 03:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$ 2009-05-21 03:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-05-21 03:06:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$ 2009-05-21 03:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$ 2009-05-21 03:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$ 2009-05-21 03:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$ 2009-05-21 03:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$ 2009-05-21 03:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$ 2009-05-21 03:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$ 2009-05-21 03:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$ 2009-05-21 03:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB920342$ 2009-05-21 03:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$ 2009-05-21 03:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$ 2009-05-21 03:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$ 2009-05-21 03:06:14 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$ 2009-05-21 03:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$ 2009-05-21 03:06:12 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$ 2009-05-21 03:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$ 2009-05-21 03:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$ 2009-05-21 03:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$ 2009-05-21 03:06:08 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$ 2009-05-21 03:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$ 2009-05-21 03:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$ 2009-05-21 03:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$ 2009-05-21 03:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$ 2009-05-21 03:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$ 2009-05-21 03:05:58 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$ 2009-05-21 03:05:57 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$ 2009-05-21 03:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$ 2009-05-21 03:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$ 2009-05-21 03:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$ 2009-05-21 03:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$ 2009-05-21 03:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$ 2009-05-21 03:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$ 2009-05-21 03:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$ 2009-05-21 03:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$ 2009-05-21 03:05:40 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$ 2009-05-21 03:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$ 2009-05-21 03:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$ 2009-05-21 03:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$ 2009-05-21 03:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$ 2009-05-21 03:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$ 2009-05-21 03:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$ 2009-05-21 03:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$ 2009-05-21 03:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$ 2009-05-21 03:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2009-05-21 03:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$ 2009-05-21 03:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$ 2009-05-21 03:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$ 2009-05-21 03:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$ 2009-05-21 03:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$ 2009-05-21 03:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$ 2009-05-21 03:05:20 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2009-05-21 02:57:30 ----D---- C:\Program Files\Services en ligne 2009-05-21 02:57:00 ----D---- C:\Program Files\PacificPoker 2009-05-21 02:57:00 ----D---- C:\Program Files\Outlook Express 2009-05-21 02:55:27 ----D---- C:\Program Files\Online Services 2009-05-21 02:55:26 ----D---- C:\Program Files\NetMeeting 2009-05-21 02:55:04 ----D---- C:\Program Files\Messenger 2009-05-21 02:53:33 ----D---- C:\Program Files\Fichiers communs\System 2009-05-21 02:51:16 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-21 02:51:00 ----D---- C:\df6fa281e70bea25fdedba658a858922 2009-05-21 02:49:49 ----D---- C:\WINDOWS\system32\1036 2009-05-21 02:49:02 ----HD---- C:\WINDOWS\msdownld.tmp 2009-05-21 02:48:47 ----D---- C:\WINDOWS\ie8updates 2009-05-20 22:57:13 ----D---- C:\WINDOWS\system32\fr-fr 2009-05-20 22:56:54 ----D---- C:\WINDOWS\ie7updates 2009-05-20 22:07:45 ----SD---- C:\WINDOWS\Tasks 2009-05-20 21:57:44 ----HD---- C:\WINDOWS\$hf_mig$ 2009-05-20 21:08:15 ----D---- C:\WINDOWS\Media 2009-05-20 21:07:44 ----D---- C:\WINDOWS\security 2009-05-20 20:57:59 ----D---- C:\WINDOWS\Minidump 2009-05-20 01:54:23 ----D---- C:\WINDOWS\system32\CatRoot 2009-05-18 03:34:07 ----SHD---- C:\WINDOWS\system32\NetworkService32(2) 2009-05-18 01:09:38 ----D---- C:\WINDOWS\Microsoft.NET 2009-05-18 01:09:35 ----RSD---- C:\WINDOWS\assembly 2009-05-17 23:45:23 ----D---- C:\WINDOWS\system32\XPSViewer 2009-05-17 23:04:21 ----D---- C:\WINDOWS\system32\en-us ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-09-21 2278784] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-25 229720] R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-25 653600] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-25 13216] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-09-01 171392] S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 DCamUSBSTK017;STK017 Camera; C:\WINDOWS\system32\DRIVERS\STK017W2.sys [2003-11-17 99476] S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-01-02 43520] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 24592] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-25 1395376] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 QCDonner;Logitech QuickCam Express; C:\WINDOWS\system32\DRIVERS\OVCD.sys [2001-08-17 28032] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-25 100240] S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys [] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [2007-12-11 65536] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-05 152984] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-08-25 57344] S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
- le 8 juin 2009
- 3 réponses

Connexion

myriam-guadeloupe

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par myriam-guadeloupe

conseils

Analyse HijackThis

Analyse HijackThis

Analyse HijackThis

Zebulon

Outils en ligne

Naviguer