Aller au contenu

coldstorage

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    10

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par coldstorage

  1. coldstorage
    bonjours daft et thanos! pour le problème de connexion a msn ,sa mes déjà arriver!! j ai fait un clic droit en bas a droite sur l heure afficher ensuite ajuster heure ensuite temps internet après time windows.com mettre a jours tu attend et appliquer!!! sa avait marcher pour moi!! j espère que sa te sera utile!! ++
  2. coldstorage
    et bien quesque je peut dire d autre a par un grand "MERCI thanos"! t est vraiment fort mec! merci mille fois,et bien comment dit t on dans c est cas la?pas de nouvelle bonne nouvelle!!! merci bonne continuation+++++
  3. coldstorage
    ok thenos!! merci! alors oui j ai installer un nouveau jeux! un peut mauvais d ailleurs!! ^^ pourquoi??
  4. coldstorage
    re-bonjours!! ok comprit thanos pour la clef!!! voici le rapport! Logfile of random's system information tool 1.06 (written by random/random) Run by aguinaldo at 2009-11-01 09:19:30 Microsoft Windows XP Professionnel Service Pack 3, v.5512 System drive C: has 23 GB (3%) free of 715 GB Total RAM: 2046 MB (76% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:19:31, on 01/11/2009 Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20978) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\uTorrent\utorrent.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ALCFDRTM.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Documents and Settings\aguinaldo\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\aguinaldo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 7562 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Automatic troubleshooting.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224] "XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-26 734264] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-07-04 161064] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] "TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-10-17 1070984] "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "Adobe_ID0ENQBO"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="?,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-11 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "ForceClassicControlPanel"=1 "NoDesktopCleanupWizard"=1 "NoInstrumentation"=1 "NoResolveSearch"=1 "NoResolveTrack"=1 "NoSMBalloonTip"=1 "NoSMConfigurePrograms"=1 "NoStartMenuMFUprogramsList"=1 "NoStrCmpLogical"=0 "NoWelcomeScreen"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoDriveTypeAutoRun"= "NoResolveTrack"= "NoSetActiveDesktop"= "HideRunAsVerb"= "NoInstrumentation"= "NoStartMenuMFUprogramsList"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)" "C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance" "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe"="C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1bd-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - K:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - L:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1c4-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - M:\sr-install.bat ======List of files/folders created in the last 1 months====== 2009-10-31 23:05:14 ----D---- C:\WINDOWS\WWII General Commander 2009-10-31 23:05:14 ----D---- C:\Matrix Games 2009-10-31 23:04:50 ----D---- C:\sr-ww2gc_temp 2009-10-31 22:58:06 ----A---- C:\WINDOWS\WWII General Commander Setup Log.txt 2009-10-31 13:07:07 ----D---- C:\WINDOWS\Prefetch 2009-10-31 13:07:07 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-10-31 13:05:35 ----D---- C:\_OTM 2009-10-31 10:05:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe 2009-10-31 10:05:25 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-10-31 10:05:06 ----D---- C:\Documents and Settings\aguinaldo\Application Data\TuneUp Software 2009-10-31 10:04:53 ----D---- C:\Program Files\TuneUp Utilities 2010 2009-10-31 10:04:45 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-10-31 10:04:39 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-10-30 22:40:50 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Real 2009-10-30 10:00:53 ----A---- C:\WINDOWS\system32\flags.ini 2009-10-29 09:12:36 ----D---- C:\rsit 2009-10-28 17:17:29 ----D---- C:\Program Files\Trend Micro 2009-10-28 17:10:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\HouseCall 6.6 2009-10-28 13:25:42 ----D---- C:\Documents and Settings\aguinaldo\Application Data\runic games 2009-10-28 13:23:43 ----D---- C:\Program Files\Runic Games 2009-10-26 10:49:55 ----D---- C:\Program Files\Kaspersky Lab 2009-10-26 10:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-10-26 10:46:50 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-10-26 10:30:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Mozilla 2009-10-26 10:28:21 ----D---- C:\Program Files\mozilla.org 2009-10-26 09:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-10-26 09:58:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-10-26 09:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-10-26 09:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-10-26 09:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-10-26 09:53:59 ----D---- C:\WINDOWS\ie7updates 2009-10-26 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-10-26 09:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-10-26 09:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-10-26 09:51:47 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-26 09:46:07 ----D---- C:\Program Files\Panda Security 2009-10-25 09:11:38 ----D---- C:\Documents and Settings\aguinaldo\Application Data\abelhadigital.com 2009-10-24 09:35:54 ----D---- C:\Program Files\Machinarium 2009-10-22 23:08:10 ----D---- C:\WINDOWS\system32\AGEIA 2009-10-22 23:08:10 ----D---- C:\Program Files\AGEIA Technologies 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-10-22 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\realtech VR 2009-10-22 22:57:06 ----D---- C:\Program Files\realtech VR 2009-10-22 12:02:08 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet 2009-10-22 11:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\ALM 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDF.dll 2009-10-22 10:37:43 ----D---- C:\Program Files\Adobe Media Player 2009-10-22 10:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-22 10:36:37 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2009-10-22 10:33:14 ----D---- C:\Program Files\Adobe 2009-10-21 23:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-10-21 20:38:24 ----A---- C:\WINDOWS\wininit.ini 2009-10-21 20:23:02 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-21 20:23:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-21 16:26:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\vlc 2009-10-21 15:03:28 ----D---- C:\WINDOWS\pss 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\UNRAR3.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-10-21 11:49:40 ----D---- C:\Program Files\Trojan Remover 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Simply Super Software 2009-10-20 22:54:37 ----D---- C:\Program Files\EditHexa 2009-10-20 22:54:37 ----A---- C:\WINDOWS\EditHexaUninstall.exe 2009-10-20 22:23:18 ----D---- C:\WINDOWS\A5W_DATA 2009-10-20 22:23:18 ----A---- C:\WINDOWS\A5W.INI 2009-10-20 22:23:13 ----A---- C:\WINDOWS\w32dasm8.ini 2009-10-20 20:34:56 ----A---- C:\WINDOWS\system32\klogon.dll 2009-10-19 14:10:11 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-19 12:07:39 ----D---- C:\Program Files\Padus 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2009-10-17 12:46:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-10-16 10:56:22 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared 2009-10-16 10:56:05 ----D---- C:\Program Files\Rosetta Stone 2009-10-16 10:56:05 ----D---- C:\Documents and Settings\All Users\Application Data\Rosetta Stone 2009-10-14 14:20:17 ----D---- C:\Program Files\Codemasters 2009-10-14 09:12:46 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Apple Computer 2009-10-14 09:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-14 09:12:02 ----D---- C:\Program Files\QuickTime 2009-10-14 09:12:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-10-13 12:07:13 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Yahoo! 2009-10-13 12:06:44 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! 2009-10-10 21:36:01 ----D---- C:\Program Files\eMule 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdkor.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdjpn.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd106.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd103.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101c.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101b.dll 2009-10-08 19:51:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\FastStone 2009-10-08 11:16:16 ----D---- C:\Documents and Settings\aguinaldo\Application Data\mIRC 2009-10-05 21:27:33 ----D---- C:\WINDOWS\Sun ======List of files/folders modified in the last 1 months====== 2009-11-01 09:17:14 ----D---- C:\Program Files\Mozilla Firefox 2009-11-01 09:16:39 ----D---- C:\WINDOWS\Temp 2009-11-01 00:02:35 ----D---- C:\WINDOWS 2009-11-01 00:01:22 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-31 23:09:57 ----D---- C:\WINDOWS\system32 2009-10-31 23:09:56 ----D---- C:\WINDOWS\inf 2009-10-31 23:09:33 ----RSD---- C:\WINDOWS\assembly 2009-10-31 23:09:11 ----D---- C:\WINDOWS\system32\DirectX 2009-10-31 10:44:30 ----SD---- C:\WINDOWS\Tasks 2009-10-31 10:37:58 ----SHD---- C:\WINDOWS\Installer 2009-10-31 10:09:07 ----D---- C:\Program Files\PowerArchiver 2009-10-31 10:04:53 ----D---- C:\Program Files 2009-10-30 12:49:57 ----SHD---- C:\RECYCLER 2009-10-28 17:11:16 ----D---- C:\WINDOWS\system32\drivers 2009-10-28 16:48:34 ----D---- C:\WINDOWS\Network Diagnostic 2009-10-28 16:44:28 ----SH---- C:\boot.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\win.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\system.ini 2009-10-28 13:23:41 ----D---- C:\WINDOWS\WinSxS 2009-10-28 12:58:15 ----D---- C:\Documents and Settings\aguinaldo\Application Data\dvdcss 2009-10-28 09:32:27 ----HD---- C:\Program Files\InstallShield Installation Information 2009-10-26 21:38:39 ----A---- C:\WINDOWS\NeroDigital.ini 2009-10-26 13:42:44 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Adobe 2009-10-26 10:54:15 ----SHD---- C:\System Volume Information 2009-10-26 10:48:02 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-26 09:59:00 ----D---- C:\WINDOWS\system32\dllcache 2009-10-26 09:56:50 ----D---- C:\Program Files\Internet Explorer 2009-10-26 09:55:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-10-26 09:27:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-22 23:08:46 ----D---- C:\WINDOWS\Help 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs 2009-10-22 23:07:46 ----D---- C:\Program Files\NVIDIA Corporation 2009-10-22 22:44:39 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-10-22 10:47:26 ----RSD---- C:\WINDOWS\Fonts 2009-10-21 08:34:40 ----A---- C:\WINDOWS\system32\svchost.exe 2009-10-20 12:35:46 ----D---- C:\WINDOWS\Debug 2009-10-14 14:26:58 ----D---- C:\WINDOWS\SxsCaPendDel 2009-10-09 16:45:46 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-10-09 12:59:19 ----A---- C:\WINDOWS\system32\ResHacker.ini 2009-10-08 15:44:50 ----D---- C:\temp 2009-10-05 19:06:54 ----D---- C:\Program Files\mIRCG 2009-10-04 09:23:06 ----D---- C:\Program Files\ma-config.com 2009-10-04 09:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-10-03 15:11:59 ----SD---- C:\Documents and Settings\aguinaldo\Application Data\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 132736] R1 IfsDrives;IfsDrives; C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-25 4608] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-10-26 315408] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-13 60800] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-13 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 aj5wpz24;aj5wpz24; C:\WINDOWS\system32\drivers\aj5wpz24.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-19 479200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-11 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-11 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-17 152984] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2009-10-21 14336] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560] S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-09-10 269648] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-22 655624] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-10-31 435016] S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-21 14336] -----------------EOF----------------- merci camarade!!
  5. coldstorage
    bonsoir thanos!!! alors non je n est plus de pubs depuis un petit moment !!!merci camarade! et oui j ai une clef usb mais je ne l ai pas chez moi en ce moment!(je l ait prêté) merci alors voici le rapport!! All processes killed Error: Unable to interpret <:first> in the current context! ========== PROCESSES ========== No active process named explorer.exe was found! ========== SERVICES/DRIVERS ========== Service\Driver npggsvc deleted successfully. ========== FILES ========== File/Folder C:\WINDOWS\system32\GameMon.des.exe not found. File move failed. L:\Autorun.exe scheduled to be moved on reboot. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aacee1be-9fb1-11de-8686-00508dbbea6e}\ not found. HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"load"|"" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: aguinaldo ->Temp folder emptied: 1143984 bytes File delete failed. C:\Documents and Settings\aguinaldo\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 82881178 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 14692 bytes Total Files Cleaned = 80,18 mb OTM by OldTimer - Version 3.0.0.6 log created on 11012009_000109 Files moved on Reboot... File L:\Autorun.exe not found! Registry entries deleted on Reboot... comme d habitude un big merci pour le temps que tu consacre avec moi! et ba du coup tu a moins de lecture se coup si!!! en tous cas merci!!
  6. coldstorage
    re bonjours thanos!! voila pour otm! All processes killed Error: Unable to interpret <:first> in the current context! ========== SERVICES/DRIVERS ========== Service\Driver tmcomm stopped successfully. Service\Driver tmcomm deleted successfully. ========== FILES ========== File/Folder C:\WINDOWS\system32\calc.dll not found. File/Folder C:\DOCUME~1\AGUINA~1\MENUDM~1\PROGRA~1\DMARRA~1\scandisk.dll not found. File/Folder C:\Program Files\QUAD Utilities not found. File move failed. L:\Autorun.exe scheduled to be moved on reboot. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\calc\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableDCOM\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Scheduler\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Windows service\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^aguinaldo^Menu Démarrer^Programmes^Démarrage^scandisk.lnk\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13879d0b-a175-11de-8687-00508dbbea6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13879d0b-a175-11de-8687-00508dbbea6e}\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{538aa59b-ae90-11de-8689-00508dbbea6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{538aa59b-ae90-11de-8689-00508dbbea6e}\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1b9-9fb1-11de-8686-00508dbbea6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aacee1b9-9fb1-11de-8686-00508dbbea6e}\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aacee1be-9fb1-11de-8686-00508dbbea6e}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: aguinaldo ->Temp folder emptied: 103895497 bytes File delete failed. C:\Documents and Settings\aguinaldo\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 27208440 bytes ->Java cache emptied: 13714066 bytes ->FireFox cache emptied: 88658897 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 366240 bytes %systemdrive% .tmp files removed: 0 bytes C:\WINDOWS\msdownld.tmp folder deleted successfully. %systemroot% .tmp files removed: 2351795 bytes %systemroot%\System32 .tmp files removed: 3072 bytes Windows Temp folder emptied: 13394 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 225,33 mb OTM by OldTimer - Version 3.0.0.6 log created on 10312009_130535 Files moved on Reboot... File L:\Autorun.exe not found! Registry entries deleted on Reboot... et voila pour rsit!! Logfile of random's system information tool 1.06 (written by random/random) Run by aguinaldo at 2009-10-31 13:11:43 Microsoft Windows XP Professionnel Service Pack 3, v.5512 System drive C: has 28 GB (4%) free of 715 GB Total RAM: 2046 MB (75% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:11:44, on 31/10/2009 Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20978) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ALCFDRTM.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Documents and Settings\aguinaldo\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\aguinaldo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris F3 - REG:win.ini: load=???? O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 7650 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Automatic troubleshooting.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224] "XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-26 734264] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-07-04 161064] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] "TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-10-17 1070984] "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "Adobe_ID0ENQBO"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-11 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "ForceClassicControlPanel"=1 "NoDesktopCleanupWizard"=1 "NoInstrumentation"=1 "NoResolveSearch"=1 "NoResolveTrack"=1 "NoSMBalloonTip"=1 "NoSMConfigurePrograms"=1 "NoStartMenuMFUprogramsList"=1 "NoStrCmpLogical"=0 "NoWelcomeScreen"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoDriveTypeAutoRun"= "NoResolveTrack"= "NoSetActiveDesktop"= "HideRunAsVerb"= "NoInstrumentation"= "NoStartMenuMFUprogramsList"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)" "C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance" "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe"="C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1bd-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - K:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - L:\autorun.exe ======List of files/folders created in the last 1 months====== 2009-10-31 13:07:07 ----D---- C:\WINDOWS\Prefetch 2009-10-31 13:07:07 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-10-31 13:05:35 ----D---- C:\_OTM 2009-10-31 10:05:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe 2009-10-31 10:05:25 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-10-31 10:05:06 ----D---- C:\Documents and Settings\aguinaldo\Application Data\TuneUp Software 2009-10-31 10:04:53 ----D---- C:\Program Files\TuneUp Utilities 2010 2009-10-31 10:04:45 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-10-31 10:04:39 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-10-30 22:40:50 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Real 2009-10-30 10:00:53 ----A---- C:\WINDOWS\system32\flags.ini 2009-10-29 09:12:36 ----D---- C:\rsit 2009-10-28 17:17:29 ----D---- C:\Program Files\Trend Micro 2009-10-28 17:10:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\HouseCall 6.6 2009-10-28 13:25:42 ----D---- C:\Documents and Settings\aguinaldo\Application Data\runic games 2009-10-28 13:23:43 ----D---- C:\Program Files\Runic Games 2009-10-26 10:49:55 ----D---- C:\Program Files\Kaspersky Lab 2009-10-26 10:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-10-26 10:46:50 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-10-26 10:30:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Mozilla 2009-10-26 10:28:21 ----D---- C:\Program Files\mozilla.org 2009-10-26 09:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-10-26 09:58:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-10-26 09:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-10-26 09:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-10-26 09:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-10-26 09:53:59 ----D---- C:\WINDOWS\ie7updates 2009-10-26 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-10-26 09:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-10-26 09:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-10-26 09:51:47 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-26 09:46:07 ----D---- C:\Program Files\Panda Security 2009-10-25 09:11:38 ----D---- C:\Documents and Settings\aguinaldo\Application Data\abelhadigital.com 2009-10-24 09:35:54 ----D---- C:\Program Files\Machinarium 2009-10-22 23:08:10 ----D---- C:\WINDOWS\system32\AGEIA 2009-10-22 23:08:10 ----D---- C:\Program Files\AGEIA Technologies 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-10-22 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\realtech VR 2009-10-22 22:57:06 ----D---- C:\Program Files\realtech VR 2009-10-22 12:02:08 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet 2009-10-22 11:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\ALM 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDF.dll 2009-10-22 10:37:43 ----D---- C:\Program Files\Adobe Media Player 2009-10-22 10:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-22 10:36:37 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2009-10-22 10:33:14 ----D---- C:\Program Files\Adobe 2009-10-21 23:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-10-21 20:38:24 ----A---- C:\WINDOWS\wininit.ini 2009-10-21 20:23:02 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-21 20:23:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-21 16:26:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\vlc 2009-10-21 15:03:28 ----D---- C:\WINDOWS\pss 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\UNRAR3.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-10-21 11:49:40 ----D---- C:\Program Files\Trojan Remover 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Simply Super Software 2009-10-20 22:54:37 ----D---- C:\Program Files\EditHexa 2009-10-20 22:54:37 ----A---- C:\WINDOWS\EditHexaUninstall.exe 2009-10-20 22:23:18 ----D---- C:\WINDOWS\A5W_DATA 2009-10-20 22:23:18 ----A---- C:\WINDOWS\A5W.INI 2009-10-20 22:23:13 ----A---- C:\WINDOWS\w32dasm8.ini 2009-10-20 20:34:56 ----A---- C:\WINDOWS\system32\klogon.dll 2009-10-19 14:10:11 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-19 12:07:39 ----D---- C:\Program Files\Padus 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2009-10-17 12:46:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-10-16 10:56:22 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared 2009-10-16 10:56:05 ----D---- C:\Program Files\Rosetta Stone 2009-10-16 10:56:05 ----D---- C:\Documents and Settings\All Users\Application Data\Rosetta Stone 2009-10-14 14:20:17 ----D---- C:\Program Files\Codemasters 2009-10-14 09:12:46 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Apple Computer 2009-10-14 09:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-14 09:12:02 ----D---- C:\Program Files\QuickTime 2009-10-14 09:12:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-10-13 12:07:13 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Yahoo! 2009-10-13 12:06:44 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! 2009-10-10 21:36:01 ----D---- C:\Program Files\eMule 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdkor.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdjpn.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd106.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd103.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101c.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101b.dll 2009-10-08 19:51:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\FastStone 2009-10-08 11:16:16 ----D---- C:\Documents and Settings\aguinaldo\Application Data\mIRC 2009-10-05 21:27:33 ----D---- C:\WINDOWS\Sun 2009-10-01 12:14:23 ----RA---- C:\WINDOWS\system32\psfind.dll 2009-10-01 08:55:51 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2009-10-01 08:52:23 ----A---- C:\WINDOWS\system32\CmdLineExt.dll ======List of files/folders modified in the last 1 months====== 2009-10-31 13:08:24 ----D---- C:\Program Files\Mozilla Firefox 2009-10-31 13:07:18 ----D---- C:\WINDOWS\Temp 2009-10-31 13:07:07 ----D---- C:\WINDOWS 2009-10-31 13:05:59 ----D---- C:\WINDOWS\system32 2009-10-31 10:44:30 ----SD---- C:\WINDOWS\Tasks 2009-10-31 10:37:58 ----SHD---- C:\WINDOWS\Installer 2009-10-31 10:09:07 ----D---- C:\Program Files\PowerArchiver 2009-10-31 10:04:53 ----D---- C:\Program Files 2009-10-30 12:49:57 ----SHD---- C:\RECYCLER 2009-10-29 20:32:21 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-28 17:11:16 ----D---- C:\WINDOWS\system32\drivers 2009-10-28 16:48:34 ----D---- C:\WINDOWS\Network Diagnostic 2009-10-28 16:44:28 ----SH---- C:\boot.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\win.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\system.ini 2009-10-28 13:23:41 ----D---- C:\WINDOWS\WinSxS 2009-10-28 13:23:26 ----D---- C:\WINDOWS\inf 2009-10-28 12:58:15 ----D---- C:\Documents and Settings\aguinaldo\Application Data\dvdcss 2009-10-28 09:32:27 ----HD---- C:\Program Files\InstallShield Installation Information 2009-10-26 21:38:39 ----A---- C:\WINDOWS\NeroDigital.ini 2009-10-26 13:42:44 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Adobe 2009-10-26 10:54:15 ----SHD---- C:\System Volume Information 2009-10-26 10:48:02 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-26 09:59:00 ----D---- C:\WINDOWS\system32\dllcache 2009-10-26 09:56:50 ----D---- C:\Program Files\Internet Explorer 2009-10-26 09:55:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-10-26 09:27:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-22 23:08:46 ----D---- C:\WINDOWS\Help 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs 2009-10-22 23:07:46 ----D---- C:\Program Files\NVIDIA Corporation 2009-10-22 22:44:39 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-10-22 10:47:26 ----RSD---- C:\WINDOWS\Fonts 2009-10-21 08:47:02 ----D---- C:\WINDOWS\system32\DirectX 2009-10-21 08:34:40 ----A---- C:\WINDOWS\system32\svchost.exe 2009-10-20 12:35:46 ----D---- C:\WINDOWS\Debug 2009-10-14 14:26:58 ----D---- C:\WINDOWS\SxsCaPendDel 2009-10-14 14:24:53 ----RSD---- C:\WINDOWS\assembly 2009-10-09 16:45:46 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-10-09 12:59:19 ----A---- C:\WINDOWS\system32\ResHacker.ini 2009-10-08 15:44:50 ----D---- C:\temp 2009-10-05 19:06:54 ----D---- C:\Program Files\mIRCG 2009-10-04 09:23:06 ----D---- C:\Program Files\ma-config.com 2009-10-04 09:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-10-03 15:11:59 ----SD---- C:\Documents and Settings\aguinaldo\Application Data\Microsoft 2009-10-01 14:45:33 ----D---- C:\Program Files\THQ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 132736] R1 IfsDrives;IfsDrives; C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-25 4608] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-10-26 315408] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-13 60800] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-13 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 ax5mltlo;ax5mltlo; C:\WINDOWS\system32\drivers\ax5mltlo.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-19 479200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-11 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-11 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-17 152984] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2009-10-21 14336] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560] S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-09-10 269648] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-22 655624] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-07 2821468] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-10-31 435016] S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-21 14336] -----------------EOF----------------- merci et comme d hab' bonne lecture et bon week-end!!
  7. coldstorage
    voila le nouveau rapport rsit! Logfile of random's system information tool 1.06 (written by random/random) Run by aguinaldo at 2009-10-30 23:52:00 Microsoft Windows XP Professionnel Service Pack 3, v.5512 System drive C: has 16 GB (2%) free of 715 GB Total RAM: 2046 MB (62% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:52:05, on 30/10/2009 Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20978) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ALCFDRTM.EXE C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\uTorrent\utorrent.exe C:\Program Files\Winamp\winamp.exe C:\Documents and Settings\aguinaldo\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\aguinaldo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris F3 - REG:win.ini: load=???? O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 7497 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-26 734264] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-07-04 161064] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] "TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-10-17 1070984] "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "Adobe_ID0ENQBO"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2009-10-01 289072] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\calc] C:\WINDOWS\system32\calc.dll,_IWMPEvents@0 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableDCOM] N [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] ?????? ??Ÿ ???????? [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^aguinaldo^Menu Démarrer^Programmes^Démarrage^scandisk.lnk] C:\DOCUME~1\AGUINA~1\MENUDM~1\PROGRA~1\DMARRA~1\scandisk.dll,_IWMPEvents@0 [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-11 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "ForceClassicControlPanel"=1 "NoDesktopCleanupWizard"=1 "NoInstrumentation"=1 "NoResolveSearch"=1 "NoResolveTrack"=1 "NoSMBalloonTip"=1 "NoSMConfigurePrograms"=1 "NoStartMenuMFUprogramsList"=1 "NoStrCmpLogical"=0 "NoWelcomeScreen"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoDriveTypeAutoRun"= "NoResolveTrack"= "NoSetActiveDesktop"= "HideRunAsVerb"= "NoInstrumentation"= "NoStartMenuMFUprogramsList"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)" "C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance" "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe"="C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13879d0b-a175-11de-8687-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{538aa59b-ae90-11de-8689-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1b9-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1bd-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - K:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - L:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1c4-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - M:\Torchlight_Setup.exe ======List of files/folders created in the last 1 months====== 2009-10-30 22:40:50 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Real 2009-10-30 10:00:53 ----A---- C:\WINDOWS\system32\flags.ini 2009-10-29 09:12:36 ----D---- C:\rsit 2009-10-28 17:17:29 ----D---- C:\Program Files\Trend Micro 2009-10-28 17:10:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\HouseCall 6.6 2009-10-28 13:25:42 ----D---- C:\Documents and Settings\aguinaldo\Application Data\runic games 2009-10-28 13:23:43 ----D---- C:\Program Files\Runic Games 2009-10-26 10:49:55 ----D---- C:\Program Files\Kaspersky Lab 2009-10-26 10:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-10-26 10:46:50 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-10-26 10:30:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Mozilla 2009-10-26 10:28:21 ----D---- C:\Program Files\mozilla.org 2009-10-26 09:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-10-26 09:58:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-10-26 09:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-10-26 09:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-10-26 09:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-10-26 09:53:59 ----D---- C:\WINDOWS\ie7updates 2009-10-26 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-10-26 09:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-10-26 09:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-10-26 09:51:47 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-26 09:46:07 ----D---- C:\Program Files\Panda Security 2009-10-25 09:11:38 ----D---- C:\Documents and Settings\aguinaldo\Application Data\abelhadigital.com 2009-10-24 09:35:54 ----D---- C:\Program Files\Machinarium 2009-10-22 23:08:10 ----D---- C:\WINDOWS\system32\AGEIA 2009-10-22 23:08:10 ----D---- C:\Program Files\AGEIA Technologies 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-10-22 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\realtech VR 2009-10-22 22:57:06 ----D---- C:\Program Files\realtech VR 2009-10-22 12:02:08 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet 2009-10-22 11:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\ALM 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDF.dll 2009-10-22 10:37:43 ----D---- C:\Program Files\Adobe Media Player 2009-10-22 10:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-22 10:36:37 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2009-10-22 10:33:14 ----D---- C:\Program Files\Adobe 2009-10-21 23:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-10-21 20:38:24 ----A---- C:\WINDOWS\wininit.ini 2009-10-21 20:23:02 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-21 20:23:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-21 16:26:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\vlc 2009-10-21 15:03:28 ----D---- C:\WINDOWS\pss 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\UNRAR3.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-10-21 11:49:40 ----D---- C:\Program Files\Trojan Remover 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Simply Super Software 2009-10-20 22:54:37 ----D---- C:\Program Files\EditHexa 2009-10-20 22:54:37 ----A---- C:\WINDOWS\EditHexaUninstall.exe 2009-10-20 22:23:18 ----D---- C:\WINDOWS\A5W_DATA 2009-10-20 22:23:18 ----A---- C:\WINDOWS\A5W.INI 2009-10-20 22:23:13 ----A---- C:\WINDOWS\w32dasm8.ini 2009-10-20 20:34:56 ----A---- C:\WINDOWS\system32\klogon.dll 2009-10-19 14:10:11 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-19 12:07:39 ----D---- C:\Program Files\Padus 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2009-10-17 17:36:16 ----HD---- C:\WINDOWS\msdownld.tmp 2009-10-17 12:46:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-10-16 10:56:22 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared 2009-10-16 10:56:05 ----D---- C:\Program Files\Rosetta Stone 2009-10-16 10:56:05 ----D---- C:\Documents and Settings\All Users\Application Data\Rosetta Stone 2009-10-14 14:20:17 ----D---- C:\Program Files\Codemasters 2009-10-14 09:12:46 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Apple Computer 2009-10-14 09:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-14 09:12:02 ----D---- C:\Program Files\QuickTime 2009-10-14 09:12:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-10-13 12:07:13 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Yahoo! 2009-10-13 12:06:44 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdkor.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdjpn.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd106.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd103.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101c.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101b.dll 2009-10-08 19:51:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\FastStone 2009-10-08 11:16:16 ----D---- C:\Documents and Settings\aguinaldo\Application Data\mIRC 2009-10-05 21:27:33 ----D---- C:\WINDOWS\Sun 2009-10-01 12:14:23 ----RA---- C:\WINDOWS\system32\psfind.dll 2009-10-01 08:55:51 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2009-10-01 08:52:23 ----A---- C:\WINDOWS\system32\CmdLineExt.dll ======List of files/folders modified in the last 1 months====== 2009-10-30 23:08:25 ----D---- C:\Program Files\Mozilla Firefox 2009-10-30 13:14:21 ----D---- C:\Program Files\PowerArchiver 2009-10-30 12:49:57 ----SHD---- C:\RECYCLER 2009-10-30 12:49:56 ----D---- C:\WINDOWS\system32 2009-10-30 12:49:56 ----D---- C:\WINDOWS 2009-10-30 10:00:28 ----D---- C:\WINDOWS\Temp 2009-10-29 22:20:36 ----D---- C:\Program Files 2009-10-29 20:32:21 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-28 17:11:16 ----D---- C:\WINDOWS\system32\drivers 2009-10-28 16:48:34 ----D---- C:\WINDOWS\Network Diagnostic 2009-10-28 16:44:28 ----SH---- C:\boot.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\win.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\system.ini 2009-10-28 13:23:41 ----SHD---- C:\WINDOWS\Installer 2009-10-28 13:23:41 ----D---- C:\WINDOWS\WinSxS 2009-10-28 13:23:26 ----D---- C:\WINDOWS\inf 2009-10-28 12:58:15 ----D---- C:\Documents and Settings\aguinaldo\Application Data\dvdcss 2009-10-26 21:38:39 ----A---- C:\WINDOWS\NeroDigital.ini 2009-10-26 13:42:44 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Adobe 2009-10-26 10:54:15 ----SHD---- C:\System Volume Information 2009-10-26 10:48:02 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-26 10:47:46 ----SD---- C:\WINDOWS\Tasks 2009-10-26 09:59:00 ----D---- C:\WINDOWS\system32\dllcache 2009-10-26 09:56:50 ----D---- C:\Program Files\Internet Explorer 2009-10-26 09:55:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-10-26 09:27:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-22 23:08:46 ----D---- C:\WINDOWS\Help 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs 2009-10-22 23:07:46 ----D---- C:\Program Files\NVIDIA Corporation 2009-10-22 22:44:39 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-10-22 10:47:26 ----RSD---- C:\WINDOWS\Fonts 2009-10-21 08:47:02 ----D---- C:\WINDOWS\system32\DirectX 2009-10-21 08:34:40 ----A---- C:\WINDOWS\system32\svchost.exe 2009-10-20 12:35:46 ----D---- C:\WINDOWS\Debug 2009-10-20 12:14:55 ----HD---- C:\Program Files\InstallShield Installation Information 2009-10-14 14:26:58 ----D---- C:\WINDOWS\SxsCaPendDel 2009-10-14 14:24:53 ----RSD---- C:\WINDOWS\assembly 2009-10-09 16:45:46 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-10-09 12:59:19 ----A---- C:\WINDOWS\system32\ResHacker.ini 2009-10-08 15:44:50 ----D---- C:\temp 2009-10-05 19:06:54 ----D---- C:\Program Files\mIRCG 2009-10-04 09:23:06 ----D---- C:\Program Files\ma-config.com 2009-10-04 09:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-10-03 15:11:59 ----SD---- C:\Documents and Settings\aguinaldo\Application Data\Microsoft 2009-10-01 14:45:33 ----D---- C:\Program Files\THQ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 132736] R1 IfsDrives;IfsDrives; C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-25 4608] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-10-26 315408] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-13 60800] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-13 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 a55oh3gt;a55oh3gt; C:\WINDOWS\system32\drivers\a55oh3gt.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-19 479200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-11 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-11 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-17 152984] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-09-10 269648] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-22 655624] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-07 2821468] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-21 14336] -----------------EOF----------------- merci Thanos,alors non pour l instant pas de pub pendant que je surf..je trouve sa étrange! car j avais pas arrêter de faire des scans! dit moi thanos quesque tu y voie la dans tous c est rapport dit moi? j aimerait un peut apprendre moi aussi! pourrait tu me dire se que tu cherche?? merci l amis++
  8. coldstorage
    salut Thanos! tous d abord merci pour t on attention a mon problème!! merci voila pour le raport MalwareByte's Anti-Malware avec comme tu me la demander mise a jour mais j ai pas de clé usb/disque dur externe... Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3059 Windows 5.1.2600 Service Pack 3, v.5512 30/10/2009 12:49:57 mbam-log-2009-10-30 (12-49-57).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 371065 Temps écoulé: 1 hour(s), 11 minute(s), 14 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 12 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a2234b15-23f2-42ad-f4e4-00aac39c0004} (Trojan.Ertfor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2234b15-23f2-42ad-f4e4-00aac39c0004} (Trojan.Ertfor) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\kbdnet.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\kbdnet.dll -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1858 (Worm.Autorun) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\aguinaldo\Mes documents\Downloads\Garmin.City.Navigator.Europe.NT.v2010.1.Update\IMG\006-D0323-08\manifest.xml (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1858\Desktop.ini (Worm.Autorun) -> Quarantined and deleted successfully. C:\WINDOWS\010112010146116101.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101464955.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465050.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465249.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465349.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465649.xxe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mscert.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kbdnet.dll (Trojan.Agent) -> Quarantined and deleted successfully. le raport rsit! info.txt logfile of random's system information tool 1.06 2009-10-29 09:12:39 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF} Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E} Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8} Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F} Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100} Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D} Adobe Creative Suite 4 Master Collection-->C:\Program Files\Fichiers communs\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1 Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C} Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8} Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF} Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678} Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C} Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9} Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF} Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C} Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{BD423B54-8668-44B6-8610-D24514445E88} Adobe Flash CS4 STI-fr-->MsiExec.exe /I{48F9998C-3BA0-42D3-82E6-5882441EB8CE} Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9} Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2} Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807} Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217} Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C} Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1} Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA} Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67} Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4} Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8} Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC} Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD} Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15} Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047} Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353} Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD} Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7} Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038} Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B} Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA} Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3} Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B} Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8} Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D} Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD} Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D} DiscJuggler-->C:\Program Files\Padus\DiscJuggler\Uninstall.exe EditHexa-->C:\WINDOWS\EditHexaUninstall.exe "C:\Program Files\EditHexa" Ext2Ifs-->"C:\WINDOWS\System32\UnIfs.exe" FastStone-->"C:\Program Files\FastStone Capture\Désinstaller.exe" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" HouseCall 6.6-->"C:\Documents and Settings\aguinaldo\Application Data\HouseCall 6.6\uninstaller.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} IrfanView-->"C:\Program Files\IrfanView\Désinstaller.exe" Java 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} K-Lite Mega Codec Pack 5.2.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243} Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe Machinarium-->C:\Program Files\Machinarium\uninst.exe Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606} Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe" Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual J# 2.0 Redistributable Package-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe Microsoft Xbox 360 Accessories 1.1-->MsiExec.exe /X{9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE} NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x040c -removeonly Nero 7 Essentials-->MsiExec.exe /X{3BDEE284-1516-40E8-B784-00FEBE1B1036} NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B} OF Dragon Rising-->"C:\Program Files\InstallShield Installation Information\{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}\setup.exe" -runfromtemp -l0x040c -removeonly OpenGL Extensions Viewer 3.0-->"C:\Program Files\realtech VR\OpenGL Extensions Viewer 3.0\uninst.exe" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8} Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9} PowerArchiver 2007 French-->MsiExec.exe /I{1AEE96F5-C6A1-49FE-B82F-DE7DC459FE90} Reshack/Reg2NSIS/Reg2inf-->"C:\WINDOWS\System32\UnTools.exe" RESIDENT EVIL 5-->MsiExec.exe /X{AC08BBA0-96B9-431A-A7D0-D8598E493775} Rosetta Stone V3-->MsiExec.exe /X{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} Torchlight-->C:\Program Files\Runic Games\Torchlight\uninstall.exe Trojan Remover 6.8.1-->"C:\Program Files\Trojan Remover\unins000.exe" TubeMaster++ 1.3-->"C:\Program Files\TubeMaster++\unins000.exe" Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe VDMSound 2.0.4-->MsiExec.exe /I{8ECBE643-8230-11D5-9D6B-00A024112F81} Virtual CDRom-->"C:\Program Files\Virtual CDRom\Désinstaller.exe" VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Trust Anti-Pub-->"C:\WINDOWS\System32\Drivers\Etc\UnHosts.exe" Windows Trust Installer-->"C:\Program Files\WTInstaller\Désinstaller.exe" WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe ======Hosts File====== 127.0.0.1 localhost 127.0.0.1 rad.msn.com 127.0.0.1 rad.live.com 127.0.0.1 ads1.msn.com 127.0.0.1 adfarm.mediaplex.com 127.0.0.1 101com.com 127.0.0.1 101order.com 127.0.0.1 103bees.com 127.0.0.1 1100i.com 127.0.0.1 123banners.com Securitycenter WMI appears to be broken ======System event log====== Computer Name: AGUINALD-612874 Event Code: 15007 Message: La réservation de l'espace de nom identifié par le préfixe d'URL http://*:2869/ a été correctement ajoutée. Record Number: 5 Source Name: HTTP Time Written: 20070101015417.000000+060 Event Type: Informations User: Computer Name: AGUINALD-612874 Event Code: 3260 Message: Cet ordinateur a correctement été joint au workgroup 'WORKGROUP'. Record Number: 4 Source Name: Workstation Time Written: 20070101015156.000000+060 Event Type: Informations User: Computer Name: AGUINALD-612874 Event Code: 6011 Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers AGUINALD-612874. Record Number: 3 Source Name: EventLog Time Written: 20070101015128.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20070101024624.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20070101024624.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: AGUINALD-612874 Event Code: 4113 Message: Record Number: 8446 Source Name: Avira AntiVir Time Written: 20091017090306.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: AGUINALD-612874 Event Code: 4113 Message: Record Number: 8445 Source Name: Avira AntiVir Time Written: 20091017090306.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: AGUINALD-612874 Event Code: 4113 Message: Record Number: 8444 Source Name: Avira AntiVir Time Written: 20091017090250.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: AGUINALD-612874 Event Code: 4113 Message: Record Number: 8443 Source Name: Avira AntiVir Time Written: 20091017090250.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: AGUINALD-612874 Event Code: 4113 Message: Record Number: 8442 Source Name: Avira AntiVir Time Written: 20091017090235.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%VDMSPath% "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=1706 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "VDMSPath"=C:\Program Files\VDMSound\ -----------------EOF----------------- ba voila thanos et surtout bonne lecture!
  9. coldstorage
    bonjours et merci Thanos! voila pour le raport MalwareByte's Anti-Malware! alwarebytes' Anti-Malware 1.41 Version de la base de données: 2797 Windows 5.1.2600 Service Pack 3, v.5512 21/10/2009 20:54:51 mbam-log-2009-10-21 (20-54-51).txt Type de recherche: Examen rapide Eléments examinés: 88079 Temps écoulé: 9 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) raport random systeme! Logfile of random's system information tool 1.06 (written by random/random) Run by aguinaldo at 2009-10-29 09:12:36 Microsoft Windows XP Professionnel Service Pack 3, v.5512 System drive C: has 21 GB (3%) free of 715 GB Total RAM: 2046 MB (73% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:12:37, on 29/10/2009 Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20978) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\WINDOWS\ALCFDRTM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\aguinaldo\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\aguinaldo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris F3 - REG:win.ini: load=???? O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {A2234B15-23F2-42AD-F4E4-00AAC39C0004} - (no file) O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\kbdnet.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 7641 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2234B15-23F2-42AD-F4E4-00AAC39C0004}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-26 734264] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-07-04 161064] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] "TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-10-17 1070984] "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "Adobe_ID0ENQBO"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2009-10-01 289072] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\calc] C:\WINDOWS\system32\calc.dll,_IWMPEvents@0 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableDCOM] N [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] ?????? ??Ÿ ???????? [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^aguinaldo^Menu Démarrer^Programmes^Démarrage^scandisk.lnk] C:\DOCUME~1\AGUINA~1\MENUDM~1\PROGRA~1\DMARRA~1\scandisk.dll,_IWMPEvents@0 [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\WINDOWS\system32\kbdnet.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-11 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "ForceClassicControlPanel"=1 "NoDesktopCleanupWizard"=1 "NoInstrumentation"=1 "NoResolveSearch"=1 "NoResolveTrack"=1 "NoSMBalloonTip"=1 "NoSMConfigurePrograms"=1 "NoStartMenuMFUprogramsList"=1 "NoStrCmpLogical"=0 "NoWelcomeScreen"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoDriveTypeAutoRun"= "NoResolveTrack"= "NoSetActiveDesktop"= "HideRunAsVerb"= "NoInstrumentation"= "NoStartMenuMFUprogramsList"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)" "C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE"="C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)" "C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Program Files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance" "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe"="C:\Program Files\Codemasters\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services" "C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone V3 Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13879d0b-a175-11de-8687-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{538aa59b-ae90-11de-8689-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1b9-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1bd-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - K:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1be-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - L:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aacee1c4-9fb1-11de-8686-00508dbbea6e}] shell\AutoRun\command - M:\Torchlight_Setup.exe ======List of files/folders created in the last 1 months====== 2009-10-29 09:12:36 ----D---- C:\rsit 2009-10-28 17:17:29 ----D---- C:\Program Files\Trend Micro 2009-10-28 17:10:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\HouseCall 6.6 2009-10-28 13:25:42 ----D---- C:\Documents and Settings\aguinaldo\Application Data\runic games 2009-10-28 13:23:43 ----D---- C:\Program Files\Runic Games 2009-10-26 10:49:55 ----D---- C:\Program Files\Kaspersky Lab 2009-10-26 10:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-10-26 10:46:50 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-10-26 10:30:14 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Mozilla 2009-10-26 10:28:21 ----D---- C:\Program Files\mozilla.org 2009-10-26 09:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-10-26 09:58:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-10-26 09:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-10-26 09:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-10-26 09:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-10-26 09:53:59 ----D---- C:\WINDOWS\ie7updates 2009-10-26 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-10-26 09:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-10-26 09:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-10-26 09:51:47 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-26 09:46:07 ----D---- C:\Program Files\Panda Security 2009-10-25 09:11:38 ----D---- C:\Documents and Settings\aguinaldo\Application Data\abelhadigital.com 2009-10-24 09:35:54 ----D---- C:\Program Files\Machinarium 2009-10-22 23:08:10 ----D---- C:\WINDOWS\system32\AGEIA 2009-10-22 23:08:10 ----D---- C:\Program Files\AGEIA Technologies 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-10-22 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\realtech VR 2009-10-22 22:57:06 ----D---- C:\Program Files\realtech VR 2009-10-22 22:35:35 ----D---- C:\Program Files\Eufloria 2009-10-22 12:02:08 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet 2009-10-22 11:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\ALM 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll 2009-10-22 10:46:25 ----RA---- C:\WINDOWS\system32\AdobePDF.dll 2009-10-22 10:37:43 ----D---- C:\Program Files\Adobe Media Player 2009-10-22 10:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-22 10:36:37 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2009-10-22 10:33:14 ----D---- C:\Program Files\Adobe 2009-10-21 23:13:38 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-10-21 20:38:24 ----A---- C:\WINDOWS\wininit.ini 2009-10-21 20:23:02 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-21 20:23:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-21 16:26:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\vlc 2009-10-21 15:03:28 ----D---- C:\WINDOWS\pss 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\UNRAR3.dll 2009-10-21 11:49:41 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-10-21 11:49:40 ----D---- C:\Program Files\Trojan Remover 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-10-21 11:49:40 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Simply Super Software 2009-10-20 22:54:37 ----D---- C:\Program Files\EditHexa 2009-10-20 22:54:37 ----A---- C:\WINDOWS\EditHexaUninstall.exe 2009-10-20 22:23:18 ----D---- C:\WINDOWS\A5W_DATA 2009-10-20 22:23:18 ----A---- C:\WINDOWS\A5W.INI 2009-10-20 22:23:13 ----A---- C:\WINDOWS\w32dasm8.ini 2009-10-20 20:34:56 ----A---- C:\WINDOWS\system32\klogon.dll 2009-10-19 14:10:11 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-19 12:07:39 ----D---- C:\Program Files\Padus 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2009-10-17 17:37:10 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2009-10-17 17:37:09 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2009-10-17 17:37:08 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2009-10-17 17:36:16 ----HD---- C:\WINDOWS\msdownld.tmp 2009-10-17 12:46:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-10-16 10:56:22 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared 2009-10-16 10:56:05 ----D---- C:\Program Files\Rosetta Stone 2009-10-16 10:56:05 ----D---- C:\Documents and Settings\All Users\Application Data\Rosetta Stone 2009-10-14 14:20:17 ----D---- C:\Program Files\Codemasters 2009-10-14 09:12:46 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Apple Computer 2009-10-14 09:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-14 09:12:02 ----D---- C:\Program Files\QuickTime 2009-10-14 09:12:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-10-13 12:07:13 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Yahoo! 2009-10-13 12:06:44 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdkor.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbdjpn.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd106.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd103.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101c.dll 2009-10-09 12:27:32 ----A---- C:\WINDOWS\system32\kbd101b.dll 2009-10-08 19:51:52 ----D---- C:\Documents and Settings\aguinaldo\Application Data\FastStone 2009-10-08 11:16:16 ----D---- C:\Documents and Settings\aguinaldo\Application Data\mIRC 2009-10-05 21:27:33 ----D---- C:\WINDOWS\Sun 2009-10-01 12:14:23 ----RA---- C:\WINDOWS\system32\psfind.dll 2009-10-01 08:55:51 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2009-10-01 08:52:23 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2009-09-30 15:29:16 ----D---- C:\Program Files\NCsoft ======List of files/folders modified in the last 1 months====== 2009-10-29 09:04:11 ----D---- C:\Program Files\Mozilla Firefox 2009-10-29 09:02:07 ----D---- C:\WINDOWS\Temp 2009-10-28 17:17:29 ----D---- C:\Program Files 2009-10-28 17:11:16 ----D---- C:\WINDOWS\system32\drivers 2009-10-28 16:48:34 ----D---- C:\WINDOWS\Network Diagnostic 2009-10-28 16:46:37 ----D---- C:\WINDOWS 2009-10-28 16:44:28 ----SH---- C:\boot.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\win.ini 2009-10-28 16:44:28 ----A---- C:\WINDOWS\system.ini 2009-10-28 13:23:41 ----SHD---- C:\WINDOWS\Installer 2009-10-28 13:23:41 ----D---- C:\WINDOWS\WinSxS 2009-10-28 13:23:31 ----D---- C:\WINDOWS\system32 2009-10-28 13:23:26 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-28 13:23:26 ----D---- C:\WINDOWS\inf 2009-10-28 12:58:15 ----D---- C:\Documents and Settings\aguinaldo\Application Data\dvdcss 2009-10-28 00:22:29 ----D---- C:\Program Files\PowerArchiver 2009-10-26 21:38:39 ----A---- C:\WINDOWS\NeroDigital.ini 2009-10-26 13:42:44 ----D---- C:\Documents and Settings\aguinaldo\Application Data\Adobe 2009-10-26 10:54:15 ----SHD---- C:\System Volume Information 2009-10-26 10:48:02 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-26 10:47:46 ----SD---- C:\WINDOWS\Tasks 2009-10-26 09:59:00 ----D---- C:\WINDOWS\system32\dllcache 2009-10-26 09:56:50 ----D---- C:\Program Files\Internet Explorer 2009-10-26 09:55:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-10-26 09:27:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-22 23:08:46 ----D---- C:\WINDOWS\Help 2009-10-22 23:08:02 ----D---- C:\Program Files\Fichiers communs 2009-10-22 23:07:46 ----D---- C:\Program Files\NVIDIA Corporation 2009-10-22 22:44:39 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-10-22 10:47:26 ----RSD---- C:\WINDOWS\Fonts 2009-10-21 12:28:43 ----SHD---- C:\RECYCLER 2009-10-21 08:47:02 ----D---- C:\WINDOWS\system32\DirectX 2009-10-21 08:34:40 ----A---- C:\WINDOWS\system32\svchost.exe 2009-10-20 12:35:46 ----D---- C:\WINDOWS\Debug 2009-10-20 12:14:55 ----HD---- C:\Program Files\InstallShield Installation Information 2009-10-14 14:26:58 ----D---- C:\WINDOWS\SxsCaPendDel 2009-10-14 14:24:53 ----RSD---- C:\WINDOWS\assembly 2009-10-09 16:45:46 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-10-09 12:59:19 ----A---- C:\WINDOWS\system32\ResHacker.ini 2009-10-08 15:44:50 ----D---- C:\temp 2009-10-05 19:06:54 ----D---- C:\Program Files\mIRCG 2009-10-04 09:23:06 ----D---- C:\Program Files\ma-config.com 2009-10-04 09:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-10-03 15:11:59 ----SD---- C:\Documents and Settings\aguinaldo\Application Data\Microsoft 2009-10-01 14:45:33 ----D---- C:\Program Files\THQ 2009-09-30 00:49:38 ----D---- C:\WINDOWS\Microsoft.NET ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 132736] R1 IfsDrives;IfsDrives; C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-25 4608] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-10-26 315408] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-13 60800] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-13 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 afv7v4bf;afv7v4bf; C:\WINDOWS\system32\drivers\afv7v4bf.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-19 479200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-11 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-11 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-17 152984] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-09-10 269648] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-22 655624] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-07 2821468] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-10-21 14336] -----------------EOF----------------- et bien voila je croit que je n est rien oublier!!!! merci!!
  10. coldstorage
    bonjours a toutes et a tous! voila depuis quelque temps il m arrive quelque chose de désagréable avec mes 2 navigateurs(firefox ie)! a chaque fois que je lance une recherche sur google je clicke sur les liens du bas, et bien a chaque fois je tombe sur des site publicitaires ou xxx ... alors bien sur j ai veviner que j ai choper quelque chose quelque part,j ai lancer le grand netoyage (spybot ccleaner ad-aware kis) mais rien ny fait c esst toujours la!! donc,je demande votre aide svp car la sa devient vraiment lourd... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:23:47, on 28/10/2009 Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20978) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ALCFDRTM.EXE C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris F3 - REG:win.ini: load=???? O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {A2234B15-23F2-42AD-F4E4-00AAC39C0004} - (no file) O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\kbdnet.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 7535 bytes alors voila..merci d avance de votre aides!!!vraiment!!!
×
×
  • Créer...