amen

Membres

Afficher le profil Afficher son activité

Compteur de contenus
9
Inscription
le 1 juillet 2009
Dernière visite
le 14 juillet 2009

amen's Achievements

Junior Member (3/12)

Réputation sur la communauté

rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

oui ca marche!! merci beacoup!
- le 5 juillet 2009
- 13 réponses
rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

ok c'est fait! et a propos de l'analyse avec MBAM y'avait rien a signaler! mais mon poblème n'est pas résolu, car au debut j avais posté dans commentcamarche et on m'avait orienter vers hijack! mon probleme c'est que quand j'etteints mon ordi, y'a un message qui s'affiche: Fin du programme: IndexStoreSrv_CstratupHelpr.... ce programme ne repmond pas pour retourner dans windows et.....
- le 4 juillet 2009
- 13 réponses
rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

salut! merci beacoup, en fait concernant l'analyse avec MBAM je l'ai refaite! mais j'ai un petit souci ( c'est un peu bete!!) je n'arrive pas a desinstaller toolbarsd, je ne l ai pas trouver dans ajouter ou supprimer des programmes??!!
- le 4 juillet 2009
- 13 réponses
rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

-----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU E2180 @ 2.00GHz ) BIOS : Award Modular BIOS v6.00PG USER : S.A.R.L. KIMEDIAS ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:29 Go (Free:6 Go) D:\ (Local Disk) - NTFS - Total:44 Go (Free:20 Go) E:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 04/07/2009|13:16 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\DOCUME~1\SARL~1.KIM\Favoris\Torrent Search Torrent Finder Torrent Search Engine.url C:\WINDOWS\iun6002.exe -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.google.com"'>http://www.google.com" "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"'>http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}" "Default_Page_URL"="http://fr.yahoo.com/?fr=fp-yie8"'>http://fr.yahoo.com/?fr=fp-yie8" "Url"="http://go.microsoft.com/fwlink/?LinkId=68929"'>http://go.microsoft.com/fwlink/?LinkId=68929" "Url"="http://go.microsoft.com/fwlink/?LinkId=68928"'>http://go.microsoft.com/fwlink/?LinkId=68928" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://toolbar.ask.com/toolbarv/askRedirect?o=101808&gct=&gc=1&q="'>http://toolbar.ask.com/toolbarv/askRedirect?o=101808&gct=&gc=1&q=" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\SARL~1.KIM\Application Data\uTorrent\2 in 1 pack - Kaspersky Internet Security & AntiVirus Anti-Virus 2009 v8.0.0.357 crack + serial + Keygen.rar.torrent 1 - "C:\ToolBar SD\TB_1.txt" - 04/07/2009|13:17 - Option : [1] -----------\\ Fin du rapport a 13:17:12,67 Aprés suppression: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU E2180 @ 2.00GHz ) BIOS : Award Modular BIOS v6.00PG USER : S.A.R.L. KIMEDIAS ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:29 Go (Free:6 Go) D:\ (Local Disk) - NTFS - Total:44 Go (Free:20 Go) E:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 04/07/2009|13:19 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\DOCUME~1\SARL~1.KIM\Favoris\Torrent Search Torrent Finder Torrent Search Engine.url Supprime! - C:\WINDOWS\iun6002.exe Supprime! - C:\Program Files\AskBarDis -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.google.com" "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}" "Default_Page_URL"="http://fr.yahoo.com/?fr=fp-yie8" "Url"="http://go.microsoft.com/fwlink/?LinkId=68929" "Url"="http://go.microsoft.com/fwlink/?LinkId=68928" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://toolbar.ask.com/toolbarv/askRedirect?o=101808&gct=&gc=1&q=" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\SARL~1.KIM\Application Data\uTorrent\2 in 1 pack - Kaspersky Internet Security & AntiVirus Anti-Virus 2009 v8.0.0.357 crack + serial + Keygen.rar.torrent 1 - "C:\ToolBar SD\TB_1.txt" - 04/07/2009|13:17 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 04/07/2009|13:20 - Option : [2] -----------\\ Fin du rapport a 13:20:21,17 Rapport RSIT: Logfile of random's system information tool 1.06 (written by random/random) Run by S.A.R.L. KIMEDIAS at 2009-07-04 13:27:53 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 7 GB (22%) free of 31 GB Total RAM: 1015 MB (30% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:28:03, on 04/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AlienGUIse\wbload.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\dwwin.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\S.A.R.L. KIMEDIAS\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\S.A.R.L. KIMEDIAS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?&.s...ym&.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirec...p;gc=1&q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [EPSON TX106_TX109 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE /FU "C:\WINDOWS\TEMP\E_S56.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1227457152484 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing) O23 - Service: Service Google Update (gupdate1c991c198633948) (gupdate1c991c198633948) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11698 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-03-08 770048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-11 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-02-28 570664] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-11 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2005-03-14 1057280] "EPSON TX106_TX109 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE [2008-02-05 188928] C:\Documents and Settings\S.A.R.L. KIMEDIAS\Menu Démarrer\Programmes\Démarrage Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="wbsys.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] C:\Program Files\AlienGUIse\fastload.dll [2001-12-21 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoBandCustomize"=0 "NoMovingBands"=0 "NoCloseDragDropBands"=0 "NoActiveDesktop"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player" "E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java Platform SE binary" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ======List of files/folders created in the last 1 months====== 2009-07-04 13:16:14 ----A---- C:\TB.txt 2009-07-04 13:14:51 ----D---- C:\ToolBar SD 2009-07-02 17:05:35 ----D---- C:\rsit 2009-07-02 15:34:06 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Malwarebytes 2009-07-02 15:34:00 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-07-02 15:33:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-07-01 02:05:49 ----D---- C:\Program Files\Registry Easy 2009-07-01 01:40:49 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-07-01 01:40:48 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-07-01 01:40:47 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-07-01 01:40:46 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\TuneUp Software 2009-07-01 01:40:17 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-07-01 01:40:14 ----D---- C:\Program Files\TuneUp Utilities 2009 2009-07-01 01:39:53 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-07-01 01:33:20 ----D---- C:\Program Files\Trend Micro 2009-06-26 14:46:18 ----D---- C:\Program Files\Tweak-XP Pro 4 2009-06-26 14:39:07 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Auslogics 2009-06-26 14:39:01 ----D---- C:\Program Files\Auslogics 2009-06-26 00:35:29 ----D---- C:\Program Files\AskSearch 2009-06-22 11:37:04 ----D---- C:\Documents and Settings\All Users\Application Data\UDL 2009-06-22 11:36:34 ----D---- C:\Program Files\Epson Software 2009-06-22 11:35:41 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK2.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK.ini 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICEntry.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\EpPicPrt.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\EPPicMgr.dll 2009-06-22 11:33:07 ----A---- C:\WINDOWS\system32\E_DCINST.DLL 2009-06-22 11:33:06 ----A---- C:\WINDOWS\system32\E_FLBEDR.DLL 2009-06-22 11:33:06 ----A---- C:\WINDOWS\system32\E_FD4BEDR.DLL 2009-06-22 11:32:51 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON 2009-06-22 11:32:41 ----A---- C:\WINDOWS\system32\escwiad.dll 2009-06-22 11:32:36 ----D---- C:\Program Files\epson 2009-06-22 11:32:02 ----A---- C:\WINDOWS\CDETX106109ERUkAr.ini 2009-06-21 00:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2009-06-21 00:27:10 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-06-21 00:27:08 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2009-06-17 14:07:53 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\ENJOY Plus! 2009-06-17 14:07:53 ----D---- C:\Documents and Settings\All Users\Application Data\ENJOY Plus! 2009-06-17 14:07:50 ----D---- C:\Program Files\ENJOY Plus! 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\java.exe 2009-06-09 18:05:32 ----D---- C:\Program Files\Avira 2009-06-09 18:05:32 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-06 13:24:00 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll 2009-06-06 13:23:58 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL 2009-06-06 13:23:57 ----D---- C:\Program Files\PDFCreator 2009-06-06 13:23:57 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL 2009-06-06 13:23:57 ----A---- C:\WINDOWS\system32\MSCC2FR.DLL 2009-06-05 23:09:11 ----RA---- C:\WINDOWS\system32\igfxres.dll 2009-06-05 23:05:12 ----D---- C:\WINDOWS\Prefetch 2009-06-05 22:58:27 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-06-05 22:48:27 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-06-05 22:48:27 ----A---- C:\WINDOWS\system32\irclass.dll 2009-06-05 22:48:07 ----RA---- C:\WINDOWS\SET99.tmp 2009-06-05 22:48:05 ----RA---- C:\WINDOWS\SET8D.tmp 2009-06-05 22:48:04 ----RA---- C:\WINDOWS\SET8A.tmp 2009-06-05 18:18:17 ----A---- C:\WINDOWS\system32\setb5.tmp 2009-06-05 18:17:06 ----D---- C:\WINDOWS\RegisteredPackages 2009-06-05 14:27:26 ----D---- C:\Program Files\LimeWire 2009-06-05 13:38:03 ----A---- C:\WINDOWS\wininit.ini 2009-06-05 13:28:38 ----A---- C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs.txt 2009-06-05 13:26:58 ----D---- C:\WINDOWS\IIS Temporary Compressed Files 2009-06-05 13:07:54 ----RA---- C:\WINDOWS\SETC3.tmp 2009-06-05 13:07:50 ----RA---- C:\WINDOWS\SETB7.tmp 2009-06-05 13:07:49 ----RA---- C:\WINDOWS\SETB4.tmp 2009-06-05 12:49:59 ----A---- C:\WINDOWS\UPGRADE.TXT 2009-06-05 12:41:41 ----D---- C:\WINDOWS\system32\Cache 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\snprfdll.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\smtpctrs.ini 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\smtpctrs.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\regtrace.exe 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\ntfsdrct.ini 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\fcachdll.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\adsiisex.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3svapi.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3ctrs.ini 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3ctrs.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\axperf.ini 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\aspperf.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\wamregps.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\iisrstap.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\iisreset.exe 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\ftpsapi2.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\infoctrs.ini 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\infoctrs.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\inetsloc.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\iismui.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\convlog.exe 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\admxprox.dll 2009-06-05 12:41:01 ----A---- C:\WINDOWS\system32\smtpapi.dll 2009-06-05 12:41:00 ----A---- C:\WINDOWS\system32\rwnh.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\infoadmn.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\iismap.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\iisext.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\exstrace.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\adsiis.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\admwprox.dll 2009-06-05 12:40:58 ----A---- C:\WINDOWS\system32\iisRtl.dll 2009-06-05 12:40:55 ----A---- C:\WINDOWS\system32\staxmem.dll ======List of files/folders modified in the last 1 months====== 2009-07-04 13:19:51 ----RD---- C:\Program Files 2009-07-04 13:19:41 ----D---- C:\WINDOWS 2009-07-04 13:19:17 ----D---- C:\WINDOWS\Temp 2009-07-04 13:04:11 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-04 13:01:05 ----D---- C:\WINDOWS\system32\inetsrv 2009-07-04 12:57:20 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-04 12:56:44 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-03 22:29:50 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\uTorrent 2009-07-02 17:12:14 ----A---- C:\WINDOWS\NeroDigital.ini 2009-07-02 16:52:27 ----D---- C:\WINDOWS\system32\drivers 2009-07-02 12:33:52 ----D---- C:\WINDOWS\system32 2009-07-02 00:42:05 ----D---- C:\Program Files\Mozilla Firefox 2009-07-01 17:48:56 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\LimeWire 2009-07-01 16:14:33 ----D---- C:\WINDOWS\security 2009-07-01 02:57:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-07-01 02:47:37 ----SHD---- C:\System Volume Information 2009-07-01 02:47:37 ----D---- C:\WINDOWS\system32\Restore 2009-07-01 02:42:08 ----SD---- C:\WINDOWS\Tasks 2009-07-01 01:40:51 ----SHD---- C:\WINDOWS\Installer 2009-07-01 01:40:51 ----SHD---- C:\Config.Msi 2009-07-01 01:40:50 ----D---- C:\WINDOWS\system32\config 2009-06-29 01:40:40 ----D---- C:\WINDOWS\Minidump 2009-06-26 15:21:43 ----D---- C:\WINDOWS\system32\LogFiles 2009-06-26 14:46:20 ----HD---- C:\WINDOWS\inf 2009-06-26 14:04:36 ----A---- C:\WINDOWS\win.ini 2009-06-26 14:04:08 ----D---- C:\Program Files\Windows Media Player 2009-06-26 14:01:36 ----D---- C:\WINDOWS\WinSxS 2009-06-26 13:58:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-26 13:58:22 ----D---- C:\WINDOWS\Help 2009-06-26 13:58:21 ----D---- C:\Program Files\Windows Media Connect 2 2009-06-25 21:02:28 ----D---- C:\Program Files\FreeUndelete 2009-06-25 12:55:01 ----D---- C:\Program Files\Google 2009-06-22 11:36:34 ----HD---- C:\Program Files\InstallShield Installation Information 2009-06-22 11:36:15 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-06-22 11:32:54 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-06-22 11:32:36 ----D---- C:\WINDOWS\twain_32 2009-06-21 02:12:51 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\dvdcss 2009-06-21 01:34:27 ----D---- C:\WINDOWS\AppPatch 2009-06-21 00:29:16 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-16 23:39:40 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Skype 2009-06-16 22:28:03 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\skypePM 2009-06-11 18:04:04 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-06-11 18:04:00 ----D---- C:\Program Files\Java 2009-06-06 23:13:02 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\vlc 2009-06-06 16:25:10 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-06 12:03:15 ----D---- C:\WINDOWS\SoftwareDistribution 2009-06-06 03:33:45 ----D---- C:\WINDOWS\Debug 2009-06-06 00:45:13 ----D---- C:\WINDOWS\system 2009-06-06 00:45:12 ----D---- C:\WINDOWS\system32\Setup 2009-06-06 00:45:03 ----D---- C:\WINDOWS\system32\usmt 2009-06-06 00:44:53 ----D---- C:\WINDOWS\ime 2009-06-06 00:44:53 ----D---- C:\WINDOWS\ehome 2009-06-06 00:44:51 ----RSD---- C:\WINDOWS\Fonts 2009-06-06 00:44:51 ----D---- C:\WINDOWS\Media 2009-06-06 00:44:40 ----D---- C:\WINDOWS\PeerNet 2009-06-06 00:44:28 ----D---- C:\WINDOWS\system32\npp 2009-06-06 00:44:22 ----D---- C:\WINDOWS\msagent 2009-06-06 00:42:34 ----D---- C:\WINDOWS\system32\1036 2009-06-06 00:42:13 ----D---- C:\WINDOWS\system32\icsxml 2009-06-06 00:41:44 ----D---- C:\WINDOWS\system32\1033 2009-06-06 00:40:49 ----D---- C:\WINDOWS\Driver Cache 2009-06-05 23:09:34 ----D---- C:\WINDOWS\Registration 2009-06-05 22:59:16 ----A---- C:\WINDOWS\ODBCINST.INI 2009-06-05 22:58:53 ----D---- C:\WINDOWS\system32\ias 2009-06-05 22:58:29 ----RD---- C:\WINDOWS\Web 2009-06-05 22:58:23 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-06-05 22:58:09 ----D---- C:\WINDOWS\system32\oobe 2009-06-05 22:57:06 ----D---- C:\WINDOWS\system32\Com 2009-06-05 22:56:15 ----D---- C:\WINDOWS\system32\wbem 2009-06-05 22:54:34 ----SH---- C:\boot.ini 2009-06-05 22:48:47 ----A---- C:\WINDOWS\system.ini 2009-06-05 22:48:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-06-05 16:22:55 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-06-05 14:21:58 ----SHD---- C:\RECYCLER 2009-06-05 13:18:03 ----D---- C:\Program Files\Outlook Express 2009-06-05 13:18:03 ----D---- C:\Program Files\Fichiers communs\System 2009-06-05 13:17:59 ----D---- C:\Program Files\Internet Explorer 2009-06-05 12:42:05 ----D---- C:\InetPub ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-03 223616] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-04 12032] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-11-21 15781] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-04 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-04 55936] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-04 5888] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-19 12416] R3 USB_RNDIS;Thomson ST Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-03 12672] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 DIGIRPS;Pilote PortServer Digi; C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 msloop;Pilote de carte de bouclage Microsoft; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-10-04 4992] S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089] R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-11 152984] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-07-01 603904] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336] R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S2 gupdate1c991c198633948;Service Google Update (gupdate1c991c198633948); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-18 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-01 360192] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] -----------------EOF-----------------
- le 4 juillet 2009
- 13 réponses
rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

salut!! ok j ai fait tt ce ke tu mas demandé de faire mai g oublié de poster le rapport de RIT, le voila: et merci beacoup c tres gentil!! Logfile of random's system information tool 1.06 (written by random/random) Run by S.A.R.L. KIMEDIAS at 2009-07-02 17:05:35 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 7 GB (23%) free of 31 GB Total RAM: 1015 MB (28% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:05:48, on 02/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\System32\alg.exe C:\Program Files\AlienGUIse\wbload.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Windows Live\Family Safety\fsui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\S.A.R.L. KIMEDIAS\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\S.A.R.L. KIMEDIAS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?&.s...ym&.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirec...p;gc=1&q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EPSON TX106_TX109 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE /FU "C:\WINDOWS\TEMP\E_S56.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1227457152484 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing) O23 - Service: Service Google Update (gupdate1c991c198633948) (gupdate1c991c198633948) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11829 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-03-08 770048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-11 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-03-08 770048] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-02-28 570664] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-11 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2005-03-14 1057280] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "EPSON TX106_TX109 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE [2008-02-05 188928] C:\Documents and Settings\S.A.R.L. KIMEDIAS\Menu Démarrer\Programmes\Démarrage Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="wbsys.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] C:\Program Files\AlienGUIse\fastload.dll [2001-12-21 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoBandCustomize"=0 "NoMovingBands"=0 "NoCloseDragDropBands"=0 "NoActiveDesktop"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player" "E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java Platform SE binary" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{423914ec-4ad6-11de-84fe-b49b25917e5e}] shell\AutoRun\command - F:\ozmzwu.exe shell\explore\command - F:\ozmzwu.exe shell\open\command - F:\ozmzwu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c2d8af8-4a2e-11de-84fa-cbf0cd8e0061}] shell\AutoRun\command - F:\ozmzwu.exe shell\explore\command - F:\ozmzwu.exe shell\open\command - F:\ozmzwu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3b2da7c-1166-11de-842b-00147f1c1b1d}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af8fcb0e-b724-11dd-8289-001d7d7474fb}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn ======List of files/folders created in the last 1 months====== 2009-07-02 17:05:35 ----D---- C:\rsit 2009-07-02 15:34:06 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Malwarebytes 2009-07-02 15:34:00 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-07-02 15:33:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-07-01 02:05:49 ----D---- C:\Program Files\Registry Easy 2009-07-01 01:40:49 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-07-01 01:40:48 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-07-01 01:40:47 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-07-01 01:40:46 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\TuneUp Software 2009-07-01 01:40:17 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-07-01 01:40:14 ----D---- C:\Program Files\TuneUp Utilities 2009 2009-07-01 01:39:53 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-07-01 01:33:20 ----D---- C:\Program Files\Trend Micro 2009-06-26 14:46:26 ----A---- C:\WINDOWS\iun6002.exe 2009-06-26 14:46:18 ----D---- C:\Program Files\Tweak-XP Pro 4 2009-06-26 14:39:07 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Auslogics 2009-06-26 14:39:01 ----D---- C:\Program Files\Auslogics 2009-06-26 00:35:29 ----D---- C:\Program Files\AskSearch 2009-06-26 00:35:28 ----D---- C:\Program Files\AskBarDis 2009-06-22 11:37:04 ----D---- C:\Documents and Settings\All Users\Application Data\UDL 2009-06-22 11:36:34 ----D---- C:\Program Files\Epson Software 2009-06-22 11:35:41 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK2.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK.ini 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICSDK.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\PICEntry.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\EpPicPrt.dll 2009-06-22 11:33:52 ----A---- C:\WINDOWS\system32\EPPicMgr.dll 2009-06-22 11:33:07 ----A---- C:\WINDOWS\system32\E_DCINST.DLL 2009-06-22 11:33:06 ----A---- C:\WINDOWS\system32\E_FLBEDR.DLL 2009-06-22 11:33:06 ----A---- C:\WINDOWS\system32\E_FD4BEDR.DLL 2009-06-22 11:32:51 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON 2009-06-22 11:32:41 ----A---- C:\WINDOWS\system32\escwiad.dll 2009-06-22 11:32:36 ----D---- C:\Program Files\epson 2009-06-22 11:32:02 ----A---- C:\WINDOWS\CDETX106109ERUkAr.ini 2009-06-21 00:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2009-06-21 00:27:10 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-06-21 00:27:08 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2009-06-17 14:07:53 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\ENJOY Plus! 2009-06-17 14:07:53 ----D---- C:\Documents and Settings\All Users\Application Data\ENJOY Plus! 2009-06-17 14:07:50 ----D---- C:\Program Files\ENJOY Plus! 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-11 18:04:23 ----A---- C:\WINDOWS\system32\java.exe 2009-06-09 18:05:32 ----D---- C:\Program Files\Avira 2009-06-09 18:05:32 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-06 13:24:00 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll 2009-06-06 13:23:58 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL 2009-06-06 13:23:57 ----D---- C:\Program Files\PDFCreator 2009-06-06 13:23:57 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL 2009-06-06 13:23:57 ----A---- C:\WINDOWS\system32\MSCC2FR.DLL 2009-06-05 23:09:11 ----RA---- C:\WINDOWS\system32\igfxres.dll 2009-06-05 23:05:12 ----D---- C:\WINDOWS\Prefetch 2009-06-05 22:58:27 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-06-05 22:48:27 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-06-05 22:48:27 ----A---- C:\WINDOWS\system32\irclass.dll 2009-06-05 22:48:07 ----RA---- C:\WINDOWS\SET99.tmp 2009-06-05 22:48:05 ----RA---- C:\WINDOWS\SET8D.tmp 2009-06-05 22:48:04 ----RA---- C:\WINDOWS\SET8A.tmp 2009-06-05 18:18:17 ----A---- C:\WINDOWS\system32\setb5.tmp 2009-06-05 18:17:06 ----D---- C:\WINDOWS\RegisteredPackages 2009-06-05 14:27:26 ----D---- C:\Program Files\LimeWire 2009-06-05 13:38:03 ----A---- C:\WINDOWS\wininit.ini 2009-06-05 13:28:38 ----A---- C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs.txt 2009-06-05 13:26:58 ----D---- C:\WINDOWS\IIS Temporary Compressed Files 2009-06-05 13:07:54 ----RA---- C:\WINDOWS\SETC3.tmp 2009-06-05 13:07:50 ----RA---- C:\WINDOWS\SETB7.tmp 2009-06-05 13:07:49 ----RA---- C:\WINDOWS\SETB4.tmp 2009-06-05 12:49:59 ----A---- C:\WINDOWS\UPGRADE.TXT 2009-06-05 12:41:41 ----D---- C:\WINDOWS\system32\Cache 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\snprfdll.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\smtpctrs.ini 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\smtpctrs.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\regtrace.exe 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\ntfsdrct.ini 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\fcachdll.dll 2009-06-05 12:41:32 ----A---- C:\WINDOWS\system32\adsiisex.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3svapi.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3ctrs.ini 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\w3ctrs.dll 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\axperf.ini 2009-06-05 12:41:07 ----A---- C:\WINDOWS\system32\aspperf.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\wamregps.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\iisrstap.dll 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\iisreset.exe 2009-06-05 12:41:06 ----A---- C:\WINDOWS\system32\ftpsapi2.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\infoctrs.ini 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\infoctrs.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\inetsloc.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\iismui.dll 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\convlog.exe 2009-06-05 12:41:05 ----A---- C:\WINDOWS\system32\admxprox.dll 2009-06-05 12:41:01 ----A---- C:\WINDOWS\system32\smtpapi.dll 2009-06-05 12:41:00 ----A---- C:\WINDOWS\system32\rwnh.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\infoadmn.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\iismap.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\iisext.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\exstrace.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\adsiis.dll 2009-06-05 12:40:59 ----A---- C:\WINDOWS\system32\admwprox.dll 2009-06-05 12:40:58 ----A---- C:\WINDOWS\system32\iisRtl.dll 2009-06-05 12:40:55 ----A---- C:\WINDOWS\system32\staxmem.dll 2009-06-03 02:12:55 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\InstallShield 2009-06-03 01:26:08 ----RA---- C:\WINDOWS\Alcmtr.exe ======List of files/folders modified in the last 1 months====== 2009-07-02 16:58:42 ----D---- C:\WINDOWS\Temp 2009-07-02 16:57:04 ----D---- C:\WINDOWS\system32\inetsrv 2009-07-02 16:53:18 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-02 16:52:27 ----RD---- C:\Program Files 2009-07-02 16:52:27 ----D---- C:\WINDOWS\system32\drivers 2009-07-02 16:51:44 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-02 16:17:19 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\uTorrent 2009-07-02 12:33:52 ----D---- C:\WINDOWS\system32 2009-07-02 00:42:05 ----D---- C:\Program Files\Mozilla Firefox 2009-07-01 22:33:49 ----D---- C:\WINDOWS 2009-07-01 19:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-01 17:48:56 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\LimeWire 2009-07-01 16:14:33 ----D---- C:\WINDOWS\security 2009-07-01 02:57:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-07-01 02:47:37 ----SHD---- C:\System Volume Information 2009-07-01 02:47:37 ----D---- C:\WINDOWS\system32\Restore 2009-07-01 02:42:08 ----SD---- C:\WINDOWS\Tasks 2009-07-01 01:40:51 ----SHD---- C:\WINDOWS\Installer 2009-07-01 01:40:51 ----SHD---- C:\Config.Msi 2009-07-01 01:40:50 ----D---- C:\WINDOWS\system32\config 2009-06-29 01:40:40 ----D---- C:\WINDOWS\Minidump 2009-06-28 14:07:02 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-26 15:21:43 ----D---- C:\WINDOWS\system32\LogFiles 2009-06-26 14:46:20 ----HD---- C:\WINDOWS\inf 2009-06-26 14:04:36 ----A---- C:\WINDOWS\win.ini 2009-06-26 14:04:08 ----D---- C:\Program Files\Windows Media Player 2009-06-26 14:01:36 ----D---- C:\WINDOWS\WinSxS 2009-06-26 13:58:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-26 13:58:22 ----D---- C:\WINDOWS\Help 2009-06-26 13:58:21 ----D---- C:\Program Files\Windows Media Connect 2 2009-06-25 21:02:28 ----D---- C:\Program Files\FreeUndelete 2009-06-25 12:55:01 ----D---- C:\Program Files\Google 2009-06-22 11:36:34 ----HD---- C:\Program Files\InstallShield Installation Information 2009-06-22 11:36:15 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-06-22 11:32:54 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-06-22 11:32:36 ----D---- C:\WINDOWS\twain_32 2009-06-21 02:12:51 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\dvdcss 2009-06-21 01:34:27 ----D---- C:\WINDOWS\AppPatch 2009-06-21 00:29:16 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-16 23:39:40 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\Skype 2009-06-16 22:28:03 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\skypePM 2009-06-11 18:04:04 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-06-11 18:04:00 ----D---- C:\Program Files\Java 2009-06-06 23:13:02 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\vlc 2009-06-06 16:25:10 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-06 12:03:15 ----D---- C:\WINDOWS\SoftwareDistribution 2009-06-06 03:33:45 ----D---- C:\WINDOWS\Debug 2009-06-06 00:45:13 ----D---- C:\WINDOWS\system 2009-06-06 00:45:12 ----D---- C:\WINDOWS\system32\Setup 2009-06-06 00:45:03 ----D---- C:\WINDOWS\system32\usmt 2009-06-06 00:44:53 ----D---- C:\WINDOWS\ime 2009-06-06 00:44:53 ----D---- C:\WINDOWS\ehome 2009-06-06 00:44:51 ----RSD---- C:\WINDOWS\Fonts 2009-06-06 00:44:51 ----D---- C:\WINDOWS\Media 2009-06-06 00:44:40 ----D---- C:\WINDOWS\PeerNet 2009-06-06 00:44:28 ----D---- C:\WINDOWS\system32\npp 2009-06-06 00:44:22 ----D---- C:\WINDOWS\msagent 2009-06-06 00:42:34 ----D---- C:\WINDOWS\system32\1036 2009-06-06 00:42:13 ----D---- C:\WINDOWS\system32\icsxml 2009-06-06 00:41:44 ----D---- C:\WINDOWS\system32\1033 2009-06-06 00:40:49 ----D---- C:\WINDOWS\Driver Cache 2009-06-05 23:09:34 ----D---- C:\WINDOWS\Registration 2009-06-05 22:59:16 ----A---- C:\WINDOWS\ODBCINST.INI 2009-06-05 22:58:53 ----D---- C:\WINDOWS\system32\ias 2009-06-05 22:58:29 ----RD---- C:\WINDOWS\Web 2009-06-05 22:58:23 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-06-05 22:58:09 ----D---- C:\WINDOWS\system32\oobe 2009-06-05 22:57:06 ----D---- C:\WINDOWS\system32\Com 2009-06-05 22:56:15 ----D---- C:\WINDOWS\system32\wbem 2009-06-05 22:54:34 ----SH---- C:\boot.ini 2009-06-05 22:48:47 ----A---- C:\WINDOWS\system.ini 2009-06-05 22:48:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-06-05 16:22:55 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-06-05 14:21:58 ----SHD---- C:\RECYCLER 2009-06-05 13:18:03 ----D---- C:\Program Files\Outlook Express 2009-06-05 13:18:03 ----D---- C:\Program Files\Fichiers communs\System 2009-06-05 13:17:59 ----D---- C:\Program Files\Internet Explorer 2009-06-05 12:42:05 ----D---- C:\InetPub 2009-06-03 02:13:08 ----D---- C:\Program Files\Realtek 2009-06-03 01:48:14 ----D---- C:\Program Files\iPod 2009-06-03 01:38:56 ----D---- C:\Documents and Settings\S.A.R.L. KIMEDIAS\Application Data\ESTsoft 2009-06-03 01:29:25 ----D---- C:\WINDOWS\system32\RTCOM 2009-06-03 01:26:45 ----D---- C:\WINDOWS\system32\ReinstallBackups ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-03 223616] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-04 12032] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-11-21 15781] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-04 63232] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-04 55936] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-04 5888] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-19 12416] R3 USB_RNDIS;Thomson ST Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-03 12672] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 DIGIRPS;Pilote PortServer Digi; C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 msloop;Pilote de carte de bouclage Microsoft; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-10-04 4992] S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320] S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\SARL~1.KIM\LOCALS~1\Temp\mc2A.tmp [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089] R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-11 152984] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-07-01 603904] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336] R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-19 15872] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S2 gupdate1c991c198633948;Service Google Update (gupdate1c991c198633948); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-18 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-01 360192] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-07-02 17:05:50 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001} AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe" Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Stylus SX100_TX100 Manual-->C:\Program Files\EPSON\TPMANUAL\ESSX100_TX100\ENG\USE_G\DOCUNINS.EXE EPSON TX106_TX109 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSEDR.EXE /R /APD /P:"EPSON TX106_TX109 Series" EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything ffdshow [rev 1703] [2007-12-15]-->"C:\Program Files\K-Lite Codec Pack\ffdshow\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772 Java 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} K-Lite Mega Codec Pack 4.7.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" MediaInfo 0.7.7.8-->C:\Program Files\MediaInfo\uninst.exe Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 8-->MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1036 REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Remote Desktop Web Connection-->rundll32 advpack.dll,LaunchINFSection C:\InetPub\wwwroot\TSWeb\setup.inf,DefaultUninstall,, Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Tweak-XP Pro 4-->C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini" Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb959141)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CC6191C2-B0CE-473C-AD77-61EA3497D796} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE ======Hosts File====== 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: KIMEDIA Event Code: 59 Message: Generate Activation Context a échoué pour C:\Program Files\Fichiers communs\Nero\AudioPlugins\msa.dll. Message d'erreur de référence : Opération réussie. . Record Number: 1087 Source Name: SideBySide Time Written: 20090614212912.000000+120 Event Type: erreur User: Computer Name: KIMEDIA Event Code: 58 Message: Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie "C:\Program Files\Fichiers communs\Nero\AudioPlugins\msa.dll" à la ligne 9. Record Number: 1086 Source Name: SideBySide Time Written: 20090614212912.000000+120 Event Type: erreur User: Computer Name: KIMEDIA Event Code: 59 Message: Generate Activation Context a échoué pour C:\Program Files\Fichiers communs\Nero\AudioPlugins\MSAxp.dll. Message d'erreur de référence : Opération réussie. . Record Number: 1085 Source Name: SideBySide Time Written: 20090614212708.000000+120 Event Type: erreur User: Computer Name: KIMEDIA Event Code: 58 Message: Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie "C:\Program Files\Fichiers communs\Nero\AudioPlugins\MSAxp.dll" à la ligne 9. Record Number: 1084 Source Name: SideBySide Time Written: 20090614212708.000000+120 Event Type: erreur User: Computer Name: KIMEDIA Event Code: 59 Message: Generate Activation Context a échoué pour C:\Program Files\Fichiers communs\Nero\AudioPlugins\msa.dll. Message d'erreur de référence : Opération réussie. . Record Number: 1083 Source Name: SideBySide Time Written: 20090614212707.000000+120 Event Type: erreur User: =====Application event log===== Computer Name: KIMEDIA Event Code: 105 Message: The service was started. Record Number: 5 Source Name: PLFlash DeviceIoControl Service Time Written: 20090618125132.000000+120 Event Type: Informations User: Computer Name: KIMEDIA Event Code: 0 Message: Record Number: 4 Source Name: Nero BackItUp Scheduler 3 Time Written: 20090618125132.000000+120 Event Type: Informations User: Computer Name: KIMEDIA Event Code: 0 Message: Service started Record Number: 3 Source Name: fsssvc Time Written: 20090618125130.000000+120 Event Type: Informations User: Computer Name: KIMEDIA Event Code: 0 Message: Record Number: 2 Source Name: gupdate1c991c198633948 Time Written: 20090618125130.000000+120 Event Type: Informations User: Computer Name: KIMEDIA Event Code: 4096 Message: The AntiVir service has been started successfully! Record Number: 1 Source Name: Avira AntiVir Time Written: 20090618125129.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\ESTsoft\ALZip;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
- le 3 juillet 2009
- 13 réponses
rapport hijackthis-Résolu-

amen a répondu à un(e) sujet de amen dans Analyses et éradication malwares

merci!! voici le rapport de MBAM log: Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2363 Windows 5.1.2600 Service Pack 2 02/07/2009 16:50:44 mbam-log-2009-07-02 (16-50-38).txt Type de recherche: Examen complet (C:\|D:\|G:\|) Eléments examinés: 153877 Temps écoulé: 49 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df1c8e21-4045-4d67-b528-335f1a4f0de9} (Adware.Navipromo) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Lala (Trojan.Banker) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> No action taken. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe csrcs.exe) Good: (Explorer.exe) -> No action taken. Dossier(s) infecté(s): C:\resycled (Trojan.DNSChanger) -> No action taken. C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (Backdoor.Bot) -> No action taken. Fichier(s) infecté(s): c:\RECYCLER\s-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (Backdoor.Bot) -> No action taken. c:\documents and settings\s.a.r.l. kimedias\local settings\application data\kqscaqs_nav.dat (Adware.NaviPromo) -> No action taken.
- le 2 juillet 2009
- 13 réponses
analyse rapport HijackThis

amen a posté un sujet dans Analyses et éradication malwares

slt, voici mon rapport y a t il kelkun ki peut m aider! merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:16:40, on 01/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AlienGUIse\wbload.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Explorer.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Registry Easy\RE.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?&.s...ym&.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirec...p;gc=1&q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EPSON TX106_TX109 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE /FU "C:\WINDOWS\TEMP\E_S56.tmp" /EF "HKCU" O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1227457152484 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing) O23 - Service: Service Google Update (gupdate1c991c198633948) (gupdate1c991c198633948) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 12097 bytes
- le 1 juillet 2009
- 1 réponse
rapport hijackthis-Résolu-

amen a posté un sujet dans Analyses et éradication malwares

slt, voila mon rapport y a t il kelkun ki peut m aider! merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:16:40, on 01/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AlienGUIse\wbload.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Explorer.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Registry Easy\RE.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?&.s...ym&.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirec...p;gc=1&q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EPSON TX106_TX109 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDR.EXE /FU "C:\WINDOWS\TEMP\E_S56.tmp" /EF "HKCU" O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1227457152484 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing) O23 - Service: Service Google Update (gupdate1c991c198633948) (gupdate1c991c198633948) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 12097 bytes
- le 1 juillet 2009
- 13 réponses
rapport hijackthis

amen a posté un sujet dans Optimisation, Trucs & Astuces

slt a ts je ss tt nouveau ds ce forum et je ss un peu perdu la! g fait le scan et g 1 rapport et la je ne sais pa koi faire avec! kekun peut m aider??
- le 1 juillet 2009
- 1 réponse

Connexion

amen

Compteur de contenus

Inscription

Dernière visite

amen's Achievements

Junior Member (3/12)

Réputation sur la communauté

rapport hijackthis-Résolu-

rapport hijackthis-Résolu-

rapport hijackthis-Résolu-

rapport hijackthis-Résolu-

rapport hijackthis-Résolu-

rapport hijackthis-Résolu-

analyse rapport HijackThis

rapport hijackthis-Résolu-

rapport hijackthis

Zebulon

Outils en ligne

Naviguer