Aller au contenu

tolba

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

Autres informations

  • Votre config
    xp sp3
  • Mes langues
    francais

tolba's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. tolba
    Un grand merci à tous je vous tiendrai au courant a Bientot et encore merci
  2. tolba
    Bonsoir A ce momment tout marche à merveille voici le rapport Lien CJoint.com BFksYdOQTcE Merci beaucoup à toi apollo tu es un As et merci à tous
  3. tolba
    Bonjour apollo bonjour à tous Merci pour le SFT.exe voici le rapport : Lien CJoint.com BFkjFnydsxQ A Bientot et Merci beaucoup
  4. tolba
  5. tolba
    Merci Apollo pour tes conseilles et ceus de tous Il m'a été impossible de télécharger SFT.exe avec Malwarebytes j'ai scanné et Supprimé les malwares trouvés ci joint rapport Lien CJoint.com BFjvczEufaz Merci encore une fois et jespere ne pas vous déranger plus longtemps je vous tiendrai au courant Bonsoir
  6. tolba
    Bonjour, ci joint le rapport de suppression de AdwCleaner Lien CJoint.com BFjoduLNGbi Merci
  7. tolba
    Merci de vous occuper de moi c'est trés gentil le rapport de AdwCleaner a été envoyer mais revoici l'adresse Lien CJoint.com BFivwUKrKfc celui de ZHPFix le voici Lien CJoint.com BFjiJguv89V merci beaucoup et à bientot
  8. tolba
    Merci apollo Voilà c'est fait ci joint les rapports de: 1 AdwCleaner 2 ZHPDiag Merci d'avance a toi et à tous et bon soir Les liens des rapports http://cjoint.com/?BFiuGi7vaA4 http://cjoint.com/?BFivwUKrKfc
  9. tolba
  10. tolba
    Bonjour et merci notpa c'est déjas fait pour kaspersky mais rien a faire c'est le meme probleme
  11. tolba
    Bonjour je suis sous windows XP SP3 3 a4 fois par jour j'ai un ecran bleu Merci de m'orienter pour trouver une solution à ce probleme ci joint les rapports Crash dump et combofix Merci windows version: Windows XP Service Pack 3, 5.1, build: 2600 windows dir: C:\WINDOWS CPU: GenuineIntel Intel® Pentium® D CPU 3.00GHz Intel586, level: 15 2 logical processors, active mask: 3 RAM: 2138550272 total VM: 2147352576, free: 2036445184 -------------------------------------------------------------------------------- Crash Dump Analysis -------------------------------------------------------------------------------- Crash dump directory: C:\WINDOWS\Minidump Crash dumps are enabled on your computer. On Thu 07/06/2012 02:54:12 GMT your computer crashed crash dump file: C:\WINDOWS\Minidump\Mini060712-01.dmp uptime: 09:18:07 This was probably caused by the following module: klif.sys (klif+0x1FF32) Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFB9DEF1F6, 0xFFFFFFFFA543A948, 0x0) Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M file path: C:\WINDOWS\system32\drivers\klif.sys product: Kaspersky™ Anti-Virus ® company: Kaspersky Lab description: Klif Mini-Filter [fre_wnet_x86] Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: klif.sys (Klif Mini-Filter [fre_wnet_x86], Kaspersky Lab). Google query: klif.sys Kaspersky Lab KERNEL_MODE_EXCEPTION_NOT_HANDLED_M -------------------------------------------------------------------------------- ci joint rapport combofix -------------------------------------------------------------------------------- ComboFix 12-06-03.01 - boub 04/06/2012 19:38:25.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1256.213.1036.18.2039.1281 [GMT 1:00] Running from: c:\documents and settings\boub\Mes documents\Downloads\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . ADS - WINDOWS: deleted 128 bytes in 1 streams. . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\B51B53C718.sys c:\documents and settings\boub\Application Data\Dealio c:\documents and settings\boub\Application Data\Dealio\res\widgets.xml c:\documents and settings\boub\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml c:\documents and settings\boub\Application Data\facemoods.com c:\documents and settings\boub\Application Data\IDM\idmmzcc3 c:\documents and settings\boub\Application Data\IDM\idmmzcc3\chrome.manifest c:\documents and settings\boub\Application Data\IDM\idmmzcc3\chrome\idmmzcc.jar c:\documents and settings\boub\Application Data\IDM\idmmzcc3\components\idmmzcc.dll c:\documents and settings\boub\Application Data\IDM\idmmzcc3\components\iIDMMzCC.xpt c:\documents and settings\boub\Application Data\IDM\idmmzcc3\install.js c:\documents and settings\boub\Application Data\IDM\idmmzcc3\install.rdf c:\documents and settings\boub\Application Data\IDM\idmmzcc3\META-INF\manifest.mf c:\documents and settings\boub\Application Data\IDM\idmmzcc3\META-INF\zigbert.rsa c:\documents and settings\boub\Application Data\IDM\idmmzcc3\META-INF\zigbert.sf c:\documents and settings\boub\Application Data\Paes c:\documents and settings\boub\Application Data\Paes\rimul.moo c:\documents and settings\boub\Application Data\Paes\rimul.tmp c:\documents and settings\boub\Application Data\PriceGong c:\documents and settings\boub\Application Data\PriceGong\Data\1.xml c:\documents and settings\boub\Application Data\PriceGong\Data\a.xml c:\documents and settings\boub\Application Data\PriceGong\Data\b.xml c:\documents and settings\boub\Application Data\PriceGong\Data\c.xml c:\documents and settings\boub\Application Data\PriceGong\Data\d.xml c:\documents and settings\boub\Application Data\PriceGong\Data\e.xml c:\documents and settings\boub\Application Data\PriceGong\Data\f.xml c:\documents and settings\boub\Application Data\PriceGong\Data\g.xml c:\documents and settings\boub\Application Data\PriceGong\Data\h.xml c:\documents and settings\boub\Application Data\PriceGong\Data\i.xml c:\documents and settings\boub\Application Data\PriceGong\Data\J.xml c:\documents and settings\boub\Application Data\PriceGong\Data\k.xml c:\documents and settings\boub\Application Data\PriceGong\Data\l.xml c:\documents and settings\boub\Application Data\PriceGong\Data\m.xml c:\documents and settings\boub\Application Data\PriceGong\Data\mru.xml c:\documents and settings\boub\Application Data\PriceGong\Data\n.xml c:\documents and settings\boub\Application Data\PriceGong\Data\o.xml c:\documents and settings\boub\Application Data\PriceGong\Data\p.xml c:\documents and settings\boub\Application Data\PriceGong\Data\q.xml c:\documents and settings\boub\Application Data\PriceGong\Data\r.xml c:\documents and settings\boub\Application Data\PriceGong\Data\s.xml c:\documents and settings\boub\Application Data\PriceGong\Data\t.xml c:\documents and settings\boub\Application Data\PriceGong\Data\u.xml c:\documents and settings\boub\Application Data\PriceGong\Data\v.xml c:\documents and settings\boub\Application Data\PriceGong\Data\w.xml c:\documents and settings\boub\Application Data\PriceGong\Data\x.xml c:\documents and settings\boub\Application Data\PriceGong\Data\y.xml c:\documents and settings\boub\Application Data\PriceGong\Data\z.xml c:\documents and settings\boub\Application Data\Toolbar4 c:\documents and settings\boub\WINDOWS c:\documents and settings\NetworkService\Application Data\facemoods.com c:\program files\adobs c:\program files\adobs\msats.exe c:\program files\adobs\msats.ini c:\program files\adobs\Update_1.0.exe c:\program files\AutocompletePro c:\program files\AutocompletePro\AutocompletePro.dll c:\program files\AutocompletePro\chrome\autocompleteprochrome.crx c:\program files\AutocompletePro\FireFoxExtension.exe c:\program files\AutocompletePro\InstTracker.exe c:\program files\AutocompletePro\support@predictad.com\chrome.manifest c:\program files\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.js c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.xul c:\program files\AutocompletePro\support@predictad.com\chrome\content\utils.js c:\program files\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js c:\program files\AutocompletePro\support@predictad.com\install.rdf c:\program files\AutocompletePro\unins000.dat c:\program files\AutocompletePro\unins000.exe c:\program files\Dealio Toolbar c:\program files\Dealio Toolbar\IE\4.0.2\config.ini c:\program files\Dealio Toolbar\Res\amazon.gif c:\program files\Dealio Toolbar\Res\apple.gif c:\program files\Dealio Toolbar\Res\barnes.gif c:\program files\Dealio Toolbar\Res\bestbuy.gif c:\program files\Dealio Toolbar\Res\dealio_logo.gif c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif c:\program files\Dealio Toolbar\Res\ebay.gif c:\program files\Dealio Toolbar\Res\icon_settings.gif c:\program files\Dealio Toolbar\Res\macys.gif c:\program files\Dealio Toolbar\Res\newegg.gif c:\program files\Dealio Toolbar\Res\overstock.gif c:\program files\Dealio Toolbar\Res\search-button-hover.gif c:\program files\Dealio Toolbar\Res\search-button.gif c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif c:\program files\Dealio Toolbar\Res\search-chevron.gif c:\program files\Dealio Toolbar\Res\search_amazon.gif c:\program files\Dealio Toolbar\Res\search_dealio.gif c:\program files\Dealio Toolbar\Res\search_ebay.gif c:\program files\Dealio Toolbar\Res\search_yahoo.gif c:\program files\Dealio Toolbar\Res\target.gif c:\program files\Dealio Toolbar\Res\walmart.gif c:\program files\Dealio Toolbar\Res\widgets.xml c:\program files\Dealio Toolbar\WidgiHelper.exe c:\program files\Error Repair Professional c:\program files\facemoods.com c:\program files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.crx c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.png c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe c:\program files\facemoods.com\sqlite3.dll c:\program files\Funmoods\funmoods\1.5.11.16\bh\fuNMoods.dll c:\program files\ScreensCorner\Common\msUDt.dll c:\program files\zap\tbHElper.dll C:\u.tmp c:\windows\system32\~GLH01fb.TMP c:\windows\system32\~GLH01fd.TMP c:\windows\system32\~GLH0200.TMP c:\windows\system32\~GLH0202.TMP c:\windows\system32\~GLH0204.TMP c:\windows\system32\~GLH0206.TMP c:\windows\system32\~GLH0208.TMP c:\windows\system32\~GLH020a.TMP c:\windows\system32\~GLH020c.TMP c:\windows\system32\~GLH020e.TMP c:\windows\system32\~GLH0210.TMP c:\windows\system32\~GLH0212.TMP c:\windows\system32\~GLH0214.TMP c:\windows\system32\~GLH0216.TMP c:\windows\system32\~GLH0218.TMP c:\windows\system32\~GLH021a.TMP c:\windows\system32\~GLH021c.TMP c:\windows\system32\~GLH021e.TMP c:\windows\system32\~GLH0220.TMP c:\windows\system32\~GLH0222.TMP c:\windows\system32\~GLH0224.TMP c:\windows\system32\~GLH0226.TMP c:\windows\system32\~GLH0228.TMP c:\windows\system32\~GLH022a.TMP c:\windows\system32\~GLH022c.TMP c:\windows\system32\~GLH022e.TMP c:\windows\system32\~GLH0230.TMP c:\windows\system32\~GLH0232.TMP c:\windows\system32\~GLH0234.TMP c:\windows\system32\~GLH0236.TMP c:\windows\system32\~GLH0238.TMP c:\windows\system32\~GLH023a.TMP c:\windows\system32\~GLH023c.TMP c:\windows\system32\~GLH023e.TMP c:\windows\system32\~GLH0240.TMP c:\windows\system32\~GLH0242.TMP c:\windows\system32\~GLH0244.TMP c:\windows\system32\~GLH0246.TMP c:\windows\system32\~GLH0248.TMP c:\windows\system32\~GLH024a.TMP c:\windows\system32\~GLH024c.TMP c:\windows\system32\~GLH024e.TMP c:\windows\system32\~GLH0250.TMP c:\windows\system32\~GLH0252.TMP c:\windows\system32\~GLH0254.TMP c:\windows\system32\~GLH0256.TMP c:\windows\system32\~GLH0258.TMP c:\windows\system32\~GLH025a.TMP c:\windows\system32\~GLH025c.TMP c:\windows\system32\~GLH025e.TMP c:\windows\system32\~GLH0260.TMP c:\windows\system32\~GLH0262.TMP c:\windows\system32\~GLH0264.TMP c:\windows\system32\~GLH0266.TMP c:\windows\system32\~GLH0268.TMP c:\windows\system32\~GLH026a.TMP c:\windows\system32\~GLH026c.TMP c:\windows\system32\~GLH026e.TMP c:\windows\system32\~GLH0270.TMP c:\windows\system32\~GLH0272.TMP c:\windows\system32\~GLH0274.TMP c:\windows\system32\~GLH0276.TMP c:\windows\system32\~GLH0278.TMP c:\windows\system32\~GLH027a.TMP c:\windows\system32\~GLH027c.TMP c:\windows\system32\~GLH027e.TMP c:\windows\system32\~GLH0280.TMP c:\windows\system32\~GLH0282.TMP c:\windows\system32\~GLH0284.TMP c:\windows\system32\~GLH0286.TMP c:\windows\system32\~GLH0289.TMP c:\windows\system32\~GLH028b.TMP c:\windows\system32\~GLH028d.TMP c:\windows\system32\~GLH0290.TMP c:\windows\system32\~GLH0292.TMP c:\windows\system32\~GLH0294.TMP c:\windows\system32\~GLH0296.TMP c:\windows\system32\~GLH0298.TMP c:\windows\system32\~GLH029a.TMP c:\windows\system32\~GLH029c.TMP c:\windows\system32\~GLH029e.TMP c:\windows\system32\~GLH02a0.TMP c:\windows\system32\~GLH02a2.TMP c:\windows\system32\~GLH02a5.TMP c:\windows\system32\~GLH02a7.TMP c:\windows\system32\~GLH02a9.TMP c:\windows\system32\~GLH02ab.TMP c:\windows\system32\~GLH02ad.TMP c:\windows\system32\~GLH02af.TMP c:\windows\system32\~GLH02b2.TMP c:\windows\system32\~GLH02b5.TMP c:\windows\system32\~GLH02b8.TMP c:\windows\system32\~GLH02ba.TMP c:\windows\system32\~GLH02bc.TMP c:\windows\system32\~GLH02be.TMP c:\windows\system32\~GLH02c0.TMP c:\windows\system32\~GLH02c2.TMP c:\windows\system32\~GLH02c4.TMP c:\windows\system32\~GLH02c6.TMP c:\windows\system32\~GLH02c8.TMP c:\windows\system32\~GLH02cb.TMP c:\windows\system32\~GLH02cd.TMP c:\windows\system32\~GLH02cf.TMP c:\windows\system32\~GLH02d2.TMP c:\windows\system32\~GLH02d4.TMP c:\windows\system32\~GLH02d6.TMP c:\windows\system32\~GLH02d8.TMP c:\windows\system32\~GLH02db.TMP c:\windows\system32\~GLH02de.TMP c:\windows\system32\~GLH02df.TMP c:\windows\system32\~GLH02e1.TMP c:\windows\system32\~GLH02e3.TMP c:\windows\system32\~GLH02e5.TMP c:\windows\system32\~GLH02e7.TMP c:\windows\system32\~GLH02ee.TMP c:\windows\system32\~GLH02f0.TMP c:\windows\system32\~GLH02f2.TMP c:\windows\system32\~GLH02f4.TMP c:\windows\system32\~GLH02f6.TMP c:\windows\system32\~GLH02f8.TMP c:\windows\system32\~GLH02fa.TMP c:\windows\system32\~GLH02fc.TMP c:\windows\system32\~GLH02fe.TMP c:\windows\system32\~GLH0300.TMP c:\windows\system32\~GLH0302.TMP c:\windows\system32\~GLH0304.TMP c:\windows\system32\~GLH0306.TMP c:\windows\system32\~GLH0308.TMP c:\windows\system32\~GLH030a.TMP c:\windows\system32\~GLH030c.TMP c:\windows\system32\~GLH030e.TMP c:\windows\system32\~GLH0310.TMP c:\windows\system32\~GLH0312.TMP c:\windows\system32\~GLH0314.TMP c:\windows\system32\~GLH0316.TMP c:\windows\system32\~GLH0318.TMP c:\windows\system32\~GLH031a.TMP c:\windows\system32\~GLH031c.TMP c:\windows\system32\~GLH031e.TMP c:\windows\system32\~GLH0320.TMP c:\windows\system32\~GLH0322.TMP c:\windows\system32\~GLH0324.TMP c:\windows\system32\~GLH0326.TMP c:\windows\system32\~GLH0328.TMP c:\windows\system32\~GLH032a.TMP c:\windows\system32\~GLH032c.TMP c:\windows\system32\~GLH032e.TMP c:\windows\system32\~GLH0330.TMP c:\windows\system32\~GLH0332.TMP c:\windows\system32\~GLH0334.TMP c:\windows\system32\~GLH0336.TMP c:\windows\system32\~GLH0338.TMP c:\windows\system32\~GLH033a.TMP c:\windows\system32\~GLH033c.TMP c:\windows\system32\~GLH033e.TMP c:\windows\system32\~GLH0340.TMP c:\windows\system32\~GLH0342.TMP c:\windows\system32\~GLH0344.TMP c:\windows\system32\~GLH0346.TMP c:\windows\system32\~GLH0348.TMP c:\windows\system32\~GLH034a.TMP c:\windows\system32\~GLH034c.TMP c:\windows\system32\~GLH034e.TMP c:\windows\system32\~GLH0350.TMP c:\windows\system32\~GLH0352.TMP c:\windows\system32\~GLH0354.TMP c:\windows\system32\~GLH0356.TMP c:\windows\system32\~GLH0358.TMP c:\windows\system32\~GLH035a.TMP c:\windows\system32\~GLH035c.TMP c:\windows\system32\~GLH035e.TMP c:\windows\system32\~GLH0360.TMP c:\windows\system32\~GLH0362.TMP c:\windows\system32\~GLH0364.TMP c:\windows\system32\~GLH0366.TMP c:\windows\system32\~GLH0368.TMP c:\windows\system32\~GLH036a.TMP c:\windows\system32\~GLH036c.TMP c:\windows\system32\~GLH036e.TMP c:\windows\system32\~GLH0370.TMP c:\windows\system32\~GLH0372.TMP c:\windows\system32\~GLH0374.TMP c:\windows\system32\~GLH0376.TMP c:\windows\system32\~GLH0378.TMP c:\windows\system32\~GLH037a.TMP c:\windows\system32\~GLH037c.TMP c:\windows\system32\~GLH037e.TMP c:\windows\system32\~GLH0380.TMP c:\windows\system32\~GLH0382.TMP c:\windows\system32\~GLH0384.TMP c:\windows\system32\~GLH0386.TMP c:\windows\system32\~GLH0388.TMP c:\windows\system32\~GLH038a.TMP c:\windows\system32\~GLH038c.TMP c:\windows\system32\~GLH038e.TMP c:\windows\system32\~GLH0390.TMP c:\windows\system32\~GLH0392.TMP c:\windows\system32\~GLH0394.TMP c:\windows\system32\~GLH0396.TMP c:\windows\system32\~GLH0398.TMP c:\windows\system32\~GLH039a.TMP c:\windows\system32\~GLH039c.TMP c:\windows\system32\~GLH039e.TMP c:\windows\system32\~GLH03a0.TMP c:\windows\system32\~GLH03a2.TMP c:\windows\system32\install c:\windows\system32\SET63.tmp c:\windows\system32\SET66.tmp c:\windows\system32\SET6A.tmp c:\windows\system32\SET72.tmp c:\windows\system32\slbiop.dll.tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_Log_Events -------\Legacy_Log_Events -------\Service_Log Events -------\Service_Log Events . . ((((((((((((((((((((((((( Files Created from 2012-05-04 to 2012-06-04 ))))))))))))))))))))))))))))))) . . 2012-06-01 18:43 . 2002-12-24 14:51 741888 ----a-w- c:\windows\system32\K2KRMT.dll 2012-06-01 18:16 . 2012-06-01 18:17 -------- d-----w- c:\program files\Kelk 2000 2012-05-30 16:22 . 2012-05-30 16:22 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat 2012-05-30 16:17 . 2012-05-30 17:50 115369 ----a-w- c:\windows\system32\drivers\klin.dat 2012-05-30 16:17 . 2012-05-30 17:49 97961 ----a-w- c:\windows\system32\drivers\klick.dat 2012-05-30 16:16 . 2012-06-04 18:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2012-05-30 16:16 . 2012-05-30 16:16 -------- d-----w- c:\program files\Kaspersky Lab 2012-05-29 18:23 . 2005-11-28 05:56 147456 ----a-r- c:\windows\system32\igfxres.dll 2012-05-26 12:28 . 2012-05-26 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\ManyCam 2012-05-25 14:15 . 2012-05-25 14:15 -------- d-----w- c:\program files\Windows Media Connect 2 2012-05-24 09:23 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll 2012-05-22 14:53 . 2012-06-04 18:54 -------- d-----w- c:\documents and settings\boub\Application Data\BITS 2012-05-22 14:53 . 2012-05-22 14:53 -------- d-----w- c:\documents and settings\boub\Application Data\FlashgetSetup 2012-05-22 14:53 . 2012-05-22 19:03 -------- d-----w- c:\documents and settings\boub\Application Data\FlashGet 2012-05-22 14:53 . 2012-05-22 14:53 -------- d-----w- c:\program files\FlashGet Network 2012-05-22 13:42 . 2012-06-03 16:32 -------- d-----w- c:\program files\FlashGet 2012-05-22 05:10 . 2012-05-22 05:10 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit 2012-05-18 08:02 . 2012-05-22 07:28 -------- d-----w- c:\program files\JDownloader bis 2012-05-16 14:55 . 2008-04-14 12:00 97792 -c--a-w- c:\windows\system32\dllcache\chtmbx.dll 2012-05-16 14:54 . 2001-08-23 16:02 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys 2012-05-16 14:53 . 2008-04-13 18:33 516768 -c--a-w- c:\windows\system32\dllcache\ativvaxx.dll 2012-05-16 14:52 . 2008-04-14 12:00 19456 -c--a-w- c:\windows\system32\dllcache\agt0411.dll 2012-05-16 14:50 . 2008-04-14 12:00 47104 -c--a-w- c:\windows\system32\dllcache\coadmin.dll 2012-05-16 14:50 . 2003-03-24 14:52 188480 -c--a-w- c:\windows\system32\dllcache\cfgwiz.exe 2012-05-16 14:50 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\author.exe 2012-05-16 14:50 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\author.dll 2012-05-16 14:50 . 2008-04-14 12:00 43520 -c--a-w- c:\windows\system32\dllcache\admwprox.dll 2012-05-16 14:50 . 2008-04-14 12:00 290816 -c--a-w- c:\windows\system32\dllcache\adsiis51.dll 2012-05-16 14:50 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\admin.exe 2012-05-16 14:50 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll 2012-05-16 13:27 . 2008-04-14 12:00 16825 ----a-r- c:\windows\SET98.tmp 2012-05-16 13:27 . 2008-04-14 12:00 1088840 ----a-r- c:\windows\SET89.tmp 2012-05-16 13:27 . 2008-04-14 12:00 1246130 ----a-r- c:\windows\SET83.tmp 2012-05-16 11:57 . 2008-04-14 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe 2012-05-16 11:36 . 2008-04-13 18:38 16825 ----a-r- c:\windows\SET91.tmp 2012-05-16 11:36 . 2008-04-13 18:38 1088840 ----a-r- c:\windows\SET82.tmp 2012-05-16 11:36 . 2008-04-13 18:47 1246130 ----a-r- c:\windows\SET7F.tmp 2012-05-15 20:47 . 2008-04-13 18:38 16825 ----a-r- c:\windows\SET90.tmp 2012-05-15 20:47 . 2008-04-13 18:38 1088840 ----a-r- c:\windows\SET81.tmp 2012-05-15 20:47 . 2008-04-13 18:47 1246130 ----a-r- c:\windows\SET7E.tmp 2012-05-15 19:12 . 2008-04-14 12:00 16825 ----a-r- c:\windows\SET8F.tmp 2012-05-15 19:11 . 2008-04-14 12:00 1088840 ----a-r- c:\windows\SET80.tmp 2012-05-15 19:11 . 2008-04-14 12:00 1246130 ----a-r- c:\windows\SET7D.tmp 2012-05-15 18:10 . 2008-04-14 12:00 16825 ----a-r- c:\windows\SET88.tmp 2012-05-15 18:10 . 2008-04-14 12:00 1088840 ----a-r- c:\windows\SET7C.tmp 2012-05-15 18:10 . 2008-04-14 12:00 1246130 ----a-r- c:\windows\SET79.tmp 2012-05-15 17:31 . 2008-04-13 18:38 16825 ----a-r- c:\windows\SET87.tmp 2012-05-15 17:31 . 2008-04-13 18:38 1088840 ----a-r- c:\windows\SET7B.tmp 2012-05-15 17:31 . 2008-04-13 18:47 1246130 ----a-r- c:\windows\SET78.tmp 2012-05-15 17:09 . 2008-04-14 12:00 16825 ----a-r- c:\windows\SET86.tmp 2012-05-15 17:09 . 2008-04-14 12:00 1088840 ----a-r- c:\windows\SET7A.tmp 2012-05-15 17:09 . 2008-04-14 12:00 1246130 ----a-r- c:\windows\SET77.tmp 2012-05-15 16:07 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll 2012-05-15 16:07 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\irclass.dll 2012-05-15 16:07 . 2008-04-14 12:00 16825 ----a-r- c:\windows\SET14C.tmp 2012-05-15 16:07 . 2008-04-14 12:00 1088840 ----a-r- c:\windows\SET140.tmp 2012-05-15 16:07 . 2008-04-14 12:00 1246130 ----a-r- c:\windows\SET13D.tmp 2012-05-13 15:24 . 2004-07-15 14:55 323584 ----a-w- c:\windows\system32\wowctl2.dll 2012-05-13 15:14 . 2012-05-18 18:36 -------- d-----w- c:\program files\Cracklock 2012-05-11 16:34 . 2012-05-28 06:57 -------- d-----w- c:\program files\Google Books Downloader 2012-05-09 18:40 . 2012-05-09 18:55 -------- d-----w- c:\documents and settings\boub\Application Data\ALLCapture 2012-05-09 18:39 . 2012-05-09 19:19 -------- d-----w- c:\program files\ALLCapture Enterprise 3.0 2012-05-09 07:48 . 2012-05-09 07:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Hotspot Shield 2012-05-09 07:46 . 2012-05-09 19:03 -------- d-----w- c:\program files\Hotspot Shield 2012-05-08 18:01 . 2012-05-11 15:10 -------- d-----w- C:\crack logiciel 2012-05-08 14:21 . 2012-05-08 14:21 -------- d-----w- c:\program files\Debugging Tools for Windows (x86) 2012-05-08 13:51 . 2012-06-03 18:23 -------- d-----w- c:\program files\WhoCrashed 2012-05-08 13:48 . 2012-05-08 13:48 -------- d-----w- c:\documents and settings\boub\Local Settings\Application Data\OCCT 2012-05-08 13:45 . 2012-05-08 13:45 -------- d-----w- c:\program files\OCCTPT 2012-05-08 13:25 . 2012-05-23 12:35 -------- d-----w- c:\program files\SpeedFan 2012-05-08 08:18 . 2012-05-08 08:18 -------- d-----w- c:\program files\CPUID 2012-05-08 08:18 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-01 18:16 . 2002-04-19 00:22 411724 ----a-w- c:\windows\system32\hardlock.vxd 2012-05-15 16:53 . 2012-03-26 21:45 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2012-04-11 13:51 . 2008-04-13 19:07 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 13:51 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:51 . 2008-04-14 12:00 1862400 ----a-w- c:\windows\system32\win32k.sys 2012-04-03 04:51 . 2012-04-03 04:51 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-04-03 04:51 . 2011-12-21 12:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-26 21:45 . 2012-03-26 21:45 32768 ----a-w- c:\windows\system32\drivers\taphss.sys 2012-03-25 19:19 . 2010-05-03 07:44 98304 ----a-w- c:\windows\DUMP8433.tmp 2012-03-25 18:02 . 2010-05-03 07:44 98304 ----a-w- c:\windows\DUMP75eb.tmp 2012-03-15 13:17 . 2012-03-19 19:05 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-03-07 08:51 . 2010-05-03 07:44 98304 ----a-w- c:\windows\DUMP65fd.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{dfabc5b5-039b-4865-979a-de31cdf3e351}"= "c:\program files\Media_Star\tbMedi.dll" [2010-11-13 3913000] "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}] . [HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] 2011-05-09 08:49 176936 ----a-w- c:\program files\uTorrentBar_FR\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-13 20:58 3913000 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{42CB2906-3B4F-4A62-B2E0-132481175962}] 2011-08-23 15:33 2656256 ------w- c:\program files\zap\tbcore3.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\Softonic_France\tbSof0.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] 2010-03-17 13:45 2355224 -c--a-w- c:\program files\Vuze_Remote\tbVuze.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dfabc5b5-039b-4865-979a-de31cdf3e351}] 2010-11-13 20:58 3913000 ----a-w- c:\program files\Media_Star\tbMedi.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{A29B2641-9931-448A-8DE7-B2D63BDC1812}"= "c:\program files\zap\tbcore3.dll" [2011-08-23 2656256] "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{a29b2641-9931-448a-8de7-b2d63bdc1812}] [HKEY_CLASSES_ROOT\TBSB07359.TBSB07359.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB07359.TBSB07359] . [HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}"= "c:\program files\Softonic_France\tbSof0.dll" [2010-10-18 3908192] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224] "{DFABC5B5-039B-4865-979A-DE31CDF3E351}"= "c:\program files\Media_Star\tbMedi.dll" [2010-11-13 3913000] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-13 3913000] "{A29B2641-9931-448A-8DE7-B2D63BDC1812}"= "c:\program files\zap\tbcore3.dll" [2011-08-23 2656256] "{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CLASSES_ROOT\clsid\{a29b2641-9931-448a-8de7-b2d63bdc1812}] [HKEY_CLASSES_ROOT\TBSB07359.TBSB07359.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB07359.TBSB07359] . [HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2009-11-26 1521488] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-11 880496] "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296] "FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe" [2012-03-15 3090056] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Athan"="c:\program files\Athan\Athan.exe" [2011-03-19 1183744] "atwtusb"="atwtusb.exe" [2007-05-15 323232] "RTHDCPL"="RTHDCPL.EXE" [2010-03-26 19522592] "VX6000"="c:\windows\vVX6000.exe" [2006-06-29 994096] "snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 798720] "EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328] "APSDaemon"="c:\program files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-10-30 273528] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784] "avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2012-05-30 311680] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\boub\Menu Démarrer\Programmes\Démarrage\ Password Safe.lnk - c:\program files\Password Safe\pwsafe.exe [2012-2-21 3817984] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Delivery.lnk] backup=c:\windows\pss\Delivery.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk] backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^boub^Menu Démarrer^Programmes^Démarrage^BTGuard Updates.lnk] backup=c:\windows\pss\BTGuard Updates.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Program Files HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\Free Video Zilla HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mfmanager . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Fichiers communs\Nokia\MPlatform\NokiaMServer [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2UDSL5ZKH3O9C] 2008-07-25 09:17 1172472 --sha-w- c:\documents and settings\boub\Application Data\YBTPC9YTTR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus] 2009-11-25 17:13 939272 ----a-w- c:\program files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2010-10-25 14:13 821144 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2010-10-25 14:13 36760 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Synchronizer] 2010-10-25 14:13 1216416 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 17:29 937920 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5] 2012-03-06 17:39 574296 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] 2012-05-30 17:50 311680 ----a-w- c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyDownloads] 2011-10-14 07:30 854040 ----a-w- c:\program files\Easy Downloads\easydownloads.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget] 2007-09-25 08:10 2007088 ----a-w- c:\program files\FlashGet\flashget.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3] 2012-03-15 02:05 3090056 ----a-w- c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-06-02 05:35 136176 ----atw- c:\documents and settings\boub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam] 2012-04-20 11:46 2099064 ----a-w- c:\program files\ManyCam\Bin\ManyCam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaDICO36] 2004-05-27 13:25 252416 -c--a-w- c:\program files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-13 18:34 1695232 -c----w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent] 2011-08-11 22:56 169264 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2010-05-14 09:32 1479680 -c--a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrtScr by FireStarter] 2009-05-16 03:15 1700864 ----a-w- c:\program files\PrtScr\PrtScr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-04-08 11:59 254696 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynapseUpdate] 2009-03-09 14:10 491520 ----a-w- c:\program files\Synapse Développement\Synapse Update\Synapse Update.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-10-30 12:16 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\W6RHW3IVYITR8] 2008-07-25 09:17 1172472 --sha-w- c:\documents and settings\boub\Application Data\TN7EN7H4A66.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "UxTuneUp"=2 (0x2) "Application Updater"=2 (0x2) "AdvancedSystemCareService"=2 (0x2) "ABBYY.Licensing.FineReader.Sprint.9.0"=2 (0x2) "MSSQL$SQLEXPRESS"=2 (0x2) "nlsX86cc"=2 (0x2) "idsvc"=3 (0x3) "HssWd"=2 (0x2) "HssTrayService"=3 (0x3) "HssSrv"=2 (0x2) "hshld"=2 (0x2) "gupdatem"=3 (0x3) "gupdate"=2 (0x2) "FsUsbExService"=2 (0x2) "FLEXnet Licensing Service"=3 (0x3) "AdobeFlashPlayerUpdateSvc"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Free Video Zilla\\FVZilla.exe"= "c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Pando Networks\\Pando\\Pando.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"= "c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\BTGUARD\\uTorrent.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Easy Downloads\\easydownloads.exe"= "c:\\Documents and Settings\\boub\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"= "c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "f:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Documents and Settings\\boub\\Mes documents\\Downloads\\solutoinstaller(2).exe"= "c:\\Program Files\\Soluto\\Soluto.exe"= "c:\\Program Files\\Soluto\\SolutoService.exe"= "c:\\Program Files\\Soluto\\SolutoConsole.exe"= "c:\\Program Files\\Soluto\\SolutoUpdateService.exe"= "c:\\Documents and Settings\\boub\\Bureau\\Orbit.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\TorrentB\\TorrentB.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Documents and Settings\\boub\\Bureau\\A\\cnet2_musexplorer7_exe.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "58667:TCP"= 58667:TCP:p ando "58667:UDP"= 58667:UDP:p ando "3389:TCP"= 3389:TCP:* isabled:@xpsp2res.dll,-22009 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20:41 33808] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/04/2010 11:11 691696] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [08/09/2011 15:24 101616] R2 ADSLAutoconnect;ADSLAutoconnect;c:\program files\ADSL Autoconnect\ADSL Autoconnect.exe [09/04/2010 23:18 446464] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [21/05/2012 17:31 913752] R2 RtNdPt5x;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt5x.sys [12/05/2010 13:22 22016] R2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [10/09/2010 22:36 261456] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17:46 31760] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20:59 19472] R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [11/01/2012 07:11 32000] R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [22/02/2012 11:34 22400] S1 aiptektp;Pen Pad;c:\windows\system32\drivers\aiptektp.sys [13/04/2010 04:57 22528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 mfservice;mfservice; [x] S3 ALSysIO;ALSysIO;\??\c:\docume~1\boub\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\boub\LOCALS~1\Temp\ALSysIO.sys [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/05/2010 13:20 1691480] S3 BvrpKrnl;BvrpKrnl;c:\program files\WinFax eXPert\BvrpKrnl.exe [22/09/2010 17:27 573440] S3 FsUsbExDisk;FsUsbExDisk;\??\c:\windows\system32\FsUsbExDisk.SYS --> c:\windows\system32\FsUsbExDisk.SYS [?] S3 mfkrnl2;mfkrnl2; [x] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [19/06/2011 16:31 18432] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [04/03/2012 20:55 16472] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [04/03/2012 20:55 11104] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/04/2010 06:58 27064] S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [12/05/2010 13:22 29440] S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [12/05/2010 13:22 17536] S3 SwitchBoard;SwitchBoard;c:\program files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe [10/05/2010 10:14 517096] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; [x] S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [30/06/2006 00:56 2383152] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14/05/2009 17:07 759048] S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03/04/2012 05:51 253600] S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [07/02/2011 18:21 238952] S4 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [09/04/2010 19:59 135664] S4 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [09/04/2010 19:59 135664] S4 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe --> c:\program files\Hotspot Shield\bin\openvpnas.exe [?] S4 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS --> c:\program files\Hotspot Shield\bin\hsswd.exe -product HSS [?] S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23/07/2009 04:17 47128] S4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [10/08/2010 09:25 63488] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30/03/2009 03:09 239336] S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30/03/2009 03:23 366936] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder . 2012-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 04:51] . 2012-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 18:59] . 2012-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 18:59] . 2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1659004503-1177238915-1003Core.job - c:\documents and settings\boub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-18 05:35] . 2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1659004503-1177238915-1003UA.job - c:\documents and settings\boub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-18 05:35] . 2012-06-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1659004503-1177238915-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . 2012-06-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1659004503-1177238915-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40] . 2012-06-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44] . 2012-06-04 c:\windows\Tasks\User_Feed_Synchronization-{F46EF737-6502-43BF-AA40-7CBAAE956FC0}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851639 uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Download all links by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm IE: Download by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Télécharger avec Mipony - file://c:\program files\MiPony\Browser\IEContext.htm LSP: c:\windows\system32\idmmbc.dll TCP: Interfaces\{76682EAA-D26D-4228-A91F-A81963ACE37C}: NameServer = 66.28.0.45 66.28.0.61 FF - ProfilePath - c:\documents and settings\boub\Application Data\Mozilla\Firefox\Profiles\gxu97rpa.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=904789ea000000000000001a4d2285f3&tlver=1.4.35.10&affID=101368&babsrc=SP_FFUP FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6.12\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: Multi Links: multilinks@plugin - %profile%\extensions\multilinks@plugin FF - Ext: Quran Player: unloco@quranplayer.net - %profile%\extensions\unloco@quranplayer.net FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: FoxLingo: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} - %profile%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false FF - user.js: extensions.funmoods_i.hmpg - true FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=down FF - user.js: extensions.funmoods_i.dfltSrch - true FF - user.js: extensions.funmoods_i.srchPrvdr - Search FF - user.js: extensions.funmoods_i.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=down FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=down&q= FF - user.js: extensions.funmoods_i.id - 904789ea000000000000001a4d2285f3 FF - user.js: extensions.funmoods_i.instlDay - 15413 FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16 FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1614:33 FF - user.js: extensions.funmoods_i.prtnrId - funmoods FF - user.js: extensions.funmoods_i.prdct - funmoods FF - user.js: extensions.funmoods_i.aflt - down FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods_i.tlbrId - base FF - user.js: extensions.funmoods_i.instlRef - FF - user.js: extensions.funmoods_i.dfltLng - FF - user.js: extensions.funmoods_i.excTlbr - false . - - - - ORPHANS REMOVED - - - - . SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-Advanced SystemCare 4 - c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe MSConfigStartUp-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe MSConfigStartUp-IDMan - c:\program files\idm-egydown\IDMan.exe MSConfigStartUp-MediaGet2 - c:\documents and settings\boub\Local Settings\Application Data\MediaGet2\mediaget.exe MSConfigStartUp-PowerSuite - c:\progra~1\Uniblue\POWERS~1\launcher.exe MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe MSConfigStartUp-TweakRAM - c:\program files\TweakRAM\TweakRAM.exe AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe AddRemove-WinDevMobile15Express - e:\windev mobile 15 e.x.p.r.e.s.s\Desinstallation.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-04 19:53 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1123561945-1659004503-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC5A367E-FD48-6769-F204-F3783B5B2FAB}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iaadjdbbkfpacigbof"=hex:6a,61,65,6d,65,66,63,6b,68,68,66,67,63,6e,6a,68,68,64, 68,68,00,00 "hacglbpfbmclfnhk"=hex:6a,61,65,6d,6e,65,64,65,6c,64,6c,6f,6c,62,66,6c,68,6f, 64,63,00,00 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3840ca71-aea0-4112-aade-df65082048cb}] @Denied: (Full) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):c6,ca,47,a0,50,86,2d,de,d5,33,b1,f7,ee,f1,9e,2a,39,98,3c,54,bb, 0d,f0,91,4c,74,61,ee,21,33,38,29,55,42,1d,c4,fe,3a,46,d0,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{883f53b1-2920-4ffc-9ef1-0774072f59a0}] @Denied: (Full) (Everyone) "Model"=dword:000000df "Therad"=dword:0000001d "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EC5A367E-FD48-6769-F204-F3783B5B2FAB}\InProcServer32*] "jaocaieogdmgcaefkifj"=hex:6a,61,65,6d,65,66,63,6b,68,68,66,67,63,6e,6a,68,68, 64,68,68,00,00 "iaoccjknjekiehhccm"=hex:6a,61,65,6d,6e,65,64,65,6c,64,6c,6f,6c,62,66,6c,68,6f, 64,63,00,00 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(564) c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'lsass.exe'(616) c:\windows\system32\idmmbc.dll . - - - - - - - > 'explorer.exe'(2412) c:\program files\Internet Download Manager\IDMShellExt.dll c:\program files\Internet Download Manager\IDMNetMon.DLL c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\crypserv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\Fichiers communs\Protexis\License Service\PsiService_2.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\RTHDCPL.EXE c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe . ************************************************************************** . Completion time: 2012-06-04 20:04:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-04 19:03 . Pre-Run: 2 134 806 528 octets libres Post-Run: 1 588 453 376 octets libres . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /noexecute=optin . - - End Of File - - 87C9DCF5199363727C6BFFF3E9167AFE
×
×
  • Créer...