Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Resolu]Rapport HijackThis (machine comporte bizzarement[Help]

Chrisredfield32
 Partager

Messages recommandés

Chrisredfield32 Extrem Member

Chrisredfield32

Posté(e)
Posté(e) (modifié)

Bonjour, voila mon probleme, depuis quelques temps ma machine comporte bizzarrement style plus de mise a jour pour kaspersky depuis 3 jour (bon sa arrive de temps a temps avec les mise a jous des antivirus qu'ils prennent leur temps! donc je dit c'est pas si grave pour 2-3jour!!!)

Et aussi j'ai remarqué que popriété du poste de travail=>mise a jour automatiques, le face du cadre a fait mise a jour!!!

comment sa:

 

sanstitresx3.png

 

 

Au lieu etre comment sa

 

sec6601ak3.png

 

Mais le problemes, je fait pas fait de mise a jour (ni automatique) et la tite case a été décoché!

 

C'est vrai que c'est des petits detailles pas tres grand important!

 

Voici mes rapport HijackThis v2.0.2

 

Mode sans Echec

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:38:29, on 1/10/2007

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Safe mode

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\HijackThis 2.0.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

 

--

End of file - 4822 bytes

 

Mode Normal

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:41:17, on 1/10/2007

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\vVX1000.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\WINDOWS\system32\sistray.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft LifeCam\MSCamSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wuauclt.exe

C:\HijackThis 2.0.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

 

--

End of file - 5781 bytes

 

Merci beaucoups de vouloir bien m'aidé :P

Modifié par Chrisredfield32

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Est ce que tu veux bien faire le scan suiant stp ? >

 

Télécharge WinPFind3U.exesur ton bureau.

  • Double clique sur le fichier téléchargé : un dossier nommé WinPFind3U va apparaitre sur ton bureau.
  • Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
  • Sous le groupe Files Created Within sélectionne 60 days
  • Sous le groupe Files Modified Within sélectionne 60 days
  • Sous le groupe String Search sélectionne Non-Microsoft
  • Sous le groupe Additional Scans coche les cases >
    Reg- Security Settings
    Reg- Software Policy Settings
    Reg- Uninstall List
    Reg- Additional Folder Scans

  • A présent clique sur le bouton Run Scan dans la barre d'outils
  • Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
  • Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
  • Copie/Colle le contenu du rapport dans ta prochaine réponse.

A noter: ton windows n'est pas à jour! est ce une version légale ? Si oui, il faudra penser sérieusement à mettre le SP2 lorsqu'on aura fini.

Tu n'as pas de parefeu! il va falloir en installer un. Fais ce scan rapide des ports de ton pc pour comprendre (poste le rapport) > http://www.zebulon.fr/outils/scanports/test-securite.php

 

@+

Chrisredfield32 Extrem Member

Chrisredfield32

Posté(e)
  • Auteur
Posté(e)

Re j'ai peur l'incompatibilité de certains programme :s

Je vais pensé a mettre a jour mon xp pro :P et nettoyé mes dossier aussi bref pour le pare-feu, j'utilise le modem-routeur de D-Link et Xp sp1( tres petit complémentaire)

 

 

Voici le rapport :P

 

 

WinPFind3 logfile created on: 1/10/2007 18:46:00

WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\PC Intel\Bureau\WinPFind3u\

Microsoft Windows XP Service Pack 1 (Version = 5.1.2600)

Internet Explorer (Version = 6.0.2800.1106)

 

479,36 Mb Total Physical Memory | 180,05 Mb Available Physical Memory | 37,56% Memory free

1,05 Gb Paging File | 0,80 Gb Available in Paging File | 76,18% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74,53 Gb Total Space | 61,81 Gb Free Space | 82,93% Space Free

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

 

Computer Name: PC-5S4TDJ7PN8GC

Current User Name: PC Intel

Logged in as Administrator.

Current Boot Mode: Normal

 

 

[Processes - Non-Microsoft Only]

aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 2 | Size = 566616 bytes | Modified Date = 31/08/2007 21:57:06 | Attr = ]

avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 24/03/2006 20:09:22 | Attr = ]

avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 24/03/2006 20:09:22 | Attr = ]

googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 27/06/2007 19:56:28 | Attr = ]

hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 22/12/2003 8:38:42 | Attr = ]

hpwuschd2.exe -> %ProgramFiles%\Hewlett-Packard\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 3, 0, 38, 1 | Size = 49152 bytes | Modified Date = 18/02/2004 19:55:28 | Attr = ]

hpztsb10.exe -> %System32%\spool\drivers\w32x86\3\hpztsb10.exe -> HP [Ver = 2.323.0.0 | Size = 172032 bytes | Modified Date = 4/03/2004 16:46:24 | Attr = ]

rthdcpl.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.6.9 | Size = 16208384 bytes | Modified Date = 1/06/2006 10:48:00 | Attr = R ]

sistray.exe -> %System32%\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3750 | Size = 262144 bytes | Modified Date = 29/06/2006 4:04:38 | Attr = ]

wincinemamgr.exe -> %ProgramFiles%\InterVideo\Common\Bin\WinCinemaMgr.exe -> [Ver = 1.0 | Size = 98304 bytes | Modified Date = 5/08/2002 1:27:24 | Attr = ]

winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 4/09/2007 10:47:26 | Attr = ]

 

[Win32 Services - Non-Microsoft Only]

(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 2 | Size = 566616 bytes | Modified Date = 31/08/2007 21:57:06 | Attr = ]

(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Stopped] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4119 | Size = 376832 bytes | Modified Date = 31/08/2005 7:36:10 | Attr = ]

(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0024 | Size = 516096 bytes | Modified Date = 30/08/2005 21:05:00 | Attr = ]

(AVP) Kaspersky Anti-Virus 6.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 24/03/2006 20:09:22 | Attr = ]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 | Size = 205312 bytes | Modified Date = 28/08/2001 14:00:00 | Attr = ]

(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 10/06/2007 18:35:24 | Attr = ]

(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14/11/2005 1:06:04 | Attr = ]

(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.7.00.12140 | Size = 45056 bytes | Modified Date = 14/12/2006 2:21:20 | Attr = ]

(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 155715 bytes | Modified Date = 11/08/2006 22:42:50 | Attr = ]

(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> [Ver = 4.7.00.12140 | Size = 57344 bytes | Modified Date = 14/12/2006 1:46:16 | Attr = ]

(SonicStage Back-End Service) SonicStage Back-End Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SsBeSvc.exe -> Sony Corporation [Ver = 4.3.01.14020 | Size = 112184 bytes | Modified Date = 5/02/2007 10:11:16 | Attr = ]

(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.7.00.12140 | Size = 69632 bytes | Modified Date = 14/12/2006 2:02:08 | Attr = ]

(SSScsiSV) SonicStage SCSI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SSScsiSV.exe -> Sony Corporation [Ver = 4.3.01.14020 | Size = 75320 bytes | Modified Date = 5/02/2007 10:11:18 | Attr = ]

 

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 22/12/2003 8:38:42 | Attr = ]

HP Software Update -> %ProgramFiles%\Hewlett-Packard\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 3, 0, 38, 1 | Size = 49152 bytes | Modified Date = 18/02/2004 19:55:28 | Attr = ]

HPDJ Taskbar Utility -> %System32%\spool\drivers\w32x86\3\hpztsb10.exe -> HP [Ver = 2.323.0.0 | Size = 172032 bytes | Modified Date = 4/03/2004 16:46:24 | Attr = ]

kav -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 139367 bytes | Modified Date = 24/03/2006 20:09:22 | Attr = ]

NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 9/07/2001 10:50:42 | Attr = ]

NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 7630848 bytes | Modified Date = 11/08/2006 22:43:02 | Attr = ]

NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9147 | Size = 86016 bytes | Modified Date = 11/08/2006 22:43:04 | Attr = ]

nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1519616 bytes | Modified Date = 11/08/2006 22:43:00 | Attr = ]

RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.6.9 | Size = 16208384 bytes | Modified Date = 1/06/2006 10:48:00 | Attr = R ]

SiSPower -> %System32%\SiSPower.dll [Rundll32.exe SiSPower.dll,ModeAgent] -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3750 | Size = 49152 bytes | Modified Date = 28/06/2006 21:05:20 | Attr = R ]

SkyTel -> %SystemRoot%\SkyTel.exe -> Realtek Semiconductor Corp. [Ver = 1.0.0.0 | Size = 2879488 bytes | Modified Date = 16/05/2006 12:04:26 | Attr = R ]

< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->

IMAIL -> Installed = 1 ->

MAPI -> Installed = 1 ->

MSFS -> Installed = 1 ->

< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 27/06/2007 19:56:28 | Attr = ]

< Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->

%AllUsersStartup%\InterVideo WinCinema Manager.lnk -> %ProgramFiles%\InterVideo\Common\Bin\WinCinemaMgr.exe -> [Ver = 1.0 | Size = 98304 bytes | Modified Date = 5/08/2002 1:27:24 | Attr = ]

%AllUsersStartup%\Utility Tray.lnk -> %System32%\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3750 | Size = 262144 bytes | Modified Date = 29/06/2006 4:04:38 | Attr = ]

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->

AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4119 | Size = 46080 bytes | Modified Date = 31/08/2005 7:37:14 | Attr = ]

klogon -> %System32%\klogon.dll -> Kaspersky Lab [Ver = 6.0.0.299 | Size = 28778 bytes | Modified Date = 24/03/2006 20:08:14 | Attr = ]

< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->

< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

< HOSTS File > (186848 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->

< Internet Explorer Settings > -> ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->

HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->

HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->

HKLM: SearchAssistant -> http://www.google.com/ie ->

HKCU: Local Page -> C:\WINDOWS\System32\blank.htm ->

HKCU: Search Bar -> http://www.google.com/ie ->

HKCU: Search Page -> http://www.google.com ->

HKCU: Start Page -> http://www.msn.be/ ->

HKCU: SearchAssistant -> http://www.google.com/ie ->

HKCU: ProxyEnable -> 0 ->

< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 2/03/2001 12:02:04 | Attr = ]

{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 23/07/2007 15:18:32 | Attr = ]

< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->

{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->

ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]

WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2436160 bytes | Modified Date = 19/01/2007 23:56:04 | Attr = R ]

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} -> Reg Data - Value does not exist [buttonText: Antivirus Internet] -> File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [buttonText: Recherche] -> File not found

< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

E&xporter vers Microsoft Excel -> -> File not found

< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\ ->

.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 30/01/2001 13:56:24 | Attr = ]

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{0CFF07F1-EE38-4192-9F5A-8FBB60007D15} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->

{221F7008-9EC0-4C84-AE02-C43A073203AC} -> (SiS190 100/10 Ethernet Device) ->

{A30584BC-62E3-4CDD-B0EC-DC6C17C2C378} -> (Carte réseau Fast Ethernet PCI Realtek RTL8139 Family) ->

{DD825340-8619-494D-A2F9-6F4D2819BA61} -> () ->

< Default Protocols [HKLM] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->

shell -> shell protocol not assigned ->

< Default Protocols [HKCU] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->

shell -> shell protocol not assigned ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->

cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.4 | Size = 81920 bytes | Modified Date = 22/12/2003 8:38:40 | Attr = ]

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{166B1BCA-3F9C-11CF-8075-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...director/sw.cab ->

DirectAnimation Java Classes -> - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->

Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->

 

 

[Registry - Additional Scans - Non-Microsoft Only]

< Security Settings > -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> LanmanWorkstation;RpcSs; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Utilise la bande passante réseau inactive pour transférer des données. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\System32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu de connexion Internet (ICF) / Partage de connexion Internet (ICS) ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;NLA;RasMan;ALG; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Autorise le téléchargement et l'installation des mises à jour de Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité Mises à jour automatiques, ni accéder au site Web Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\System32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\CertificatePolicy\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\WindowsLiveCall\PortRange\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->

< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->

HKEY_CURRENT_USER\Software\Policies\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->

< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate ->

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer ->

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->

{6F5D254A-5869-4B94-BF55-D68938FD1CC6} -> Microsoft LifeCam ->

{716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK ->

{75193929-9A52-4CA4-98DE-8C7296940920} -> Kaspersky Anti-Virus 6.0 ->

{7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec ->

{85B1BEF2-2357-4C27-ABBE-15A1AE3AF78D} -> HP Deskjet 5700 ->

{87E2B986-07E8-477a-93DC-AF0B6758B192} -> DocProcQFolder ->

{8A4CE7FD-9657-4B06-9943-E1819F3D5D67} -> DocProc ->

{9011040C-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 ->

{94FB906A-CF42-4128-A509-D353026A607E} -> REALTEK Gigabit and Fast Ethernet NIC Driver ->

{98E8A2EF-4EAE-43B8-A172-74842B764777} -> InterVideo WinDVD 4 ->

{9A394342-4A68-4EBA-85A6-55B559F4E700} -> Microsoft .NET Framework 1.1 French Language Pack ->

{A0EB195B-5876-48E6-879D-33D4B2102610} -> SonicStage 4.3 ->

{A3B685A0-4B1A-410F-B630-582324729318} -> Réussir ses CV et Lettres de Motivation ->

{B81023A5-71ED-46EB-BE3B-9F974D1155F1} -> HP Software Update ->

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 ->

{CCD663AE-610D-4BDF-AAB0-E914B044527D} -> OpenMG Secure Module 4.7.00 ->

{DC226AC9-0314-496C-BE6A-B6A132628466} -> SiSAGP driver ->

{E31C348B-63A9-4CBF-8D7F-D932ABB63244} -> Ad-Aware 2007 ->

{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver ->

{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} -> Windows Live Messenger ->

Adobe Acrobat 5.0 -> Adobe Acrobat 5.0 ->

Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX ->

AnyDVD -> AnyDVD ->

ATI Display Driver -> ATI Display Driver ->

Cartes de visite -> Micro Application - Cartes de visite ->

CCleaner -> CCleaner (remove only) ->

CloneDVD2 -> CloneDVD2 ->

eMule -> eMule ->

eMule Plus_is1 -> eMule Plus 1.2b ->

HD Tune_is1 -> HD Tune 2.53 ->

HijackThis -> HijackThis 2.0.2 ->

HPOCR -> OCR Software by I.R.I.S 7.0 ->

InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D} -> OpenMG Secure Module 4.7.00 ->

InstallWIX_{75193929-9A52-4CA4-98DE-8C7296940920} -> Kaspersky Anti-Virus 6.0 ->

KB822603 -> Correctif Windows XP - KB822603 ->

KB823980 -> Correctif Windows XP - KB823980 ->

KB835732 -> Correctif Windows XP - KB835732 ->

KB888111WXP -> High Definition Audio Driver Package - KB888111 ->

Mozilla Firefox (2.0.0.7) -> Mozilla Firefox (2.0.0.7) ->

Nero - Burning Rom!UninstallKey -> Nero 6 Demo ->

NVIDIA Drivers -> NVIDIA Drivers ->

SiS VGA Driver -> SiS VGA Utilities ->

Spybot - Search & Destroy_is1 -> Spybot - Search & Destroy 1.4 ->

Windows Media Format Runtime -> Windows Media Format Runtime ->

Windows Media Player -> Lecteur Windows Media 10 ->

 

[Files/Folders - Created Within 60 days]

HijackThis 2.0.exe -> %SystemDrive%\HijackThis 2.0.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 401720 bytes | Created Date = 30/09/2007 21:34:54 | Attr = ]

sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Created Date = 17/08/2007 15:19:20 | Attr = H ]

sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 232 bytes | Created Date = 31/08/2007 16:08:40 | Attr = H ]

sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Created Date = 17/08/2007 15:19:20 | Attr = H ]

sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Created Date = 31/08/2007 16:08:40 | Attr = H ]

is-B4EG2.exe -> %SystemRoot%\is-B4EG2.exe -> [Ver = 51.46.0.0 | Size = 679424 bytes | Created Date = 10/09/2007 9:37:27 | Attr = ]

is-B4EG2.lst -> %SystemRoot%\is-B4EG2.lst -> [Ver = | Size = 132 bytes | Created Date = 10/09/2007 9:37:27 | Attr = ]

is-B4EG2.msg -> %SystemRoot%\is-B4EG2.msg -> [Ver = | Size = 14107 bytes | Created Date = 10/09/2007 9:37:27 | Attr = ]

IsUn040c.exe -> %SystemRoot%\IsUn040c.exe -> InstallShield Software Corporation [Ver = 5, 50, 137, 0 | Size = 327168 bytes | Created Date = 15/09/2007 17:08:32 | Attr = ]

IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 17/08/2007 15:17:44 | Attr = ]

Micro Application Shared -> %SystemRoot%\Micro Application Shared -> [Folder | Created Date = 15/09/2007 17:10:15 | Attr = ]

Navigma.INI -> %SystemRoot%\Navigma.INI -> [Ver = | Size = 40 bytes | Created Date = 15/09/2007 17:08:12 | Attr = ]

Profiles -> %SystemRoot%\Profiles -> [Folder | Created Date = 17/08/2007 15:17:53 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Created Date = 20/08/2007 9:34:22 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 27/08/2007 13:12:20 | Attr = ]

Adobe -> %System32%\Adobe -> [Folder | Created Date = 17/08/2007 15:17:50 | Attr = ]

Drvssrvr.hlp -> %System32%\Drvssrvr.hlp -> [Ver = | Size = 87427 bytes | Created Date = 15/09/2007 17:10:13 | Attr = ]

ic32.dll -> %System32%\ic32.dll -> The Imaging Source Europe GmbH [Ver = 8.0.224.500 | Size = 69632 bytes | Created Date = 16/09/2007 19:12:01 | Attr = ]

ic32.ini -> %System32%\ic32.ini -> [Ver = | Size = 151 bytes | Created Date = 16/09/2007 19:12:03 | Attr = ]

odbcinst.cnt -> %System32%\odbcinst.cnt -> [Ver = | Size = 244 bytes | Created Date = 15/09/2007 17:10:09 | Attr = ]

odbcinst.hlp -> %System32%\odbcinst.hlp -> [Ver = | Size = 26858 bytes | Created Date = 15/09/2007 17:10:09 | Attr = ]

Odbcjet.cnt -> %System32%\Odbcjet.cnt -> [Ver = | Size = 7348 bytes | Created Date = 15/09/2007 17:10:11 | Attr = ]

Odbcjet.hlp -> %System32%\Odbcjet.hlp -> [Ver = | Size = 171967 bytes | Created Date = 15/09/2007 17:10:11 | Attr = ]

Odbcjtnw.cnt -> %System32%\Odbcjtnw.cnt -> [Ver = | Size = 3176 bytes | Created Date = 15/09/2007 17:10:11 | Attr = ]

Odbcjtnw.hlp -> %System32%\Odbcjtnw.hlp -> [Ver = | Size = 62863 bytes | Created Date = 15/09/2007 17:10:11 | Attr = ]

ODBCSTF.DLL -> %System32%\ODBCSTF.DLL -> [Ver = | Size = 36864 bytes | Created Date = 15/09/2007 17:10:14 | Attr = ]

ssa3d30.ocx -> %System32%\ssa3d30.ocx -> Infragistics, Inc. [Ver = 3.03.0008 | Size = 349968 bytes | Created Date = 16/09/2007 19:12:04 | Attr = ]

sssplt30.ocx -> %System32%\sssplt30.ocx -> Infragistics, Inc. [Ver = 3.03.0008 | Size = 177936 bytes | Created Date = 16/09/2007 19:12:04 | Attr = ]

Tx32.dll -> %System32%\Tx32.dll -> [Ver = | Size = 446464 bytes | Created Date = 16/09/2007 19:12:01 | Attr = ]

Tx4ole.ocx -> %System32%\Tx4ole.ocx -> The Imaging Source Europe GmbH [Ver = 8.0.119.502 | Size = 290816 bytes | Created Date = 16/09/2007 19:12:03 | Attr = ]

Txc4Net.dll -> %System32%\Txc4Net.dll -> Micro Application [Ver = 1.00 | Size = 32768 bytes | Created Date = 16/09/2007 19:12:04 | Attr = ]

txobj32.dll -> %System32%\txobj32.dll -> The Imaging Source Europe GmbH [Ver = 8.0.112.500 | Size = 327680 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

txtls32.dll -> %System32%\txtls32.dll -> The Imaging Source Europe GmbH [Ver = 8.0.150.500 | Size = 81920 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

tx_bmp32.flt -> %System32%\tx_bmp32.flt -> The Imaging Source Europe GmbH [Ver = 8.0.125.501 | Size = 32768 bytes | Created Date = 16/09/2007 19:12:03 | Attr = ]

tx_htm32.dll -> %System32%\tx_htm32.dll -> The Imaging Source Europe GmbH [Ver = 9.0.141.500 | Size = 135168 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

tx_rtf32.dll -> %System32%\tx_rtf32.dll -> The Imaging Source Europe GmbH [Ver = 9.0.310.500 | Size = 131072 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

tx_tif32.flt -> %System32%\tx_tif32.flt -> The Imaging Source Europe GmbH [Ver = 8.0.243.501 | Size = 45056 bytes | Created Date = 16/09/2007 19:12:03 | Attr = ]

tx_wmf32.flt -> %System32%\tx_wmf32.flt -> The Imaging Source Europe GmbH [Ver = 8.0.112.501 | Size = 32768 bytes | Created Date = 16/09/2007 19:12:03 | Attr = ]

tx_word.dll -> %System32%\tx_word.dll -> The Imaging Source Europe GmbH [Ver = 8.0.141.500 | Size = 323584 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

wndtls32.dll -> %System32%\wndtls32.dll -> The Imaging Source Europe GmbH [Ver = 8.0.132.501 | Size = 61440 bytes | Created Date = 16/09/2007 19:12:02 | Attr = ]

pcouffin.sys -> %System32%\drivers\pcouffin.sys -> VSO Software [Ver = 1.36 | Size = 47360 bytes | Created Date = 15/08/2007 18:04:26 | Attr = ]

hosts.20070910-104012.backup -> %System32%\drivers\etc\hosts.20070910-104012.backup -> [Ver = | Size = 790 bytes | Created Date = 10/09/2007 9:40:12 | Attr = ]

hosts.20070912-120848.backup -> %System32%\drivers\etc\hosts.20070912-120848.backup -> [Ver = | Size = 65862 bytes | Created Date = 12/09/2007 11:08:48 | Attr = R ]

hosts.20070912-122801.backup -> %System32%\drivers\etc\hosts.20070912-122801.backup -> [Ver = | Size = 178769 bytes | Created Date = 12/09/2007 11:28:02 | Attr = R ]

hosts.20070912-123907.backup -> %System32%\drivers\etc\hosts.20070912-123907.backup -> [Ver = | Size = 1457 bytes | Created Date = 12/09/2007 11:39:07 | Attr = R ]

hosts.20070913-120149.backup -> %System32%\drivers\etc\hosts.20070913-120149.backup -> [Ver = | Size = 178769 bytes | Created Date = 13/09/2007 11:01:49 | Attr = R ]

hosts.20070919-222852.backup -> %System32%\drivers\etc\hosts.20070919-222852.backup -> [Ver = | Size = 179217 bytes | Created Date = 19/09/2007 21:28:52 | Attr = R ]

hosts.20070927-113356.backup -> %System32%\drivers\etc\hosts.20070927-113356.backup -> [Ver = | Size = 184199 bytes | Created Date = 27/09/2007 10:33:56 | Attr = R ]

Adobe -> %UserAppData%\Adobe -> [Folder | Created Date = 17/08/2007 15:17:50 | Attr = ]

ezpinst.exe -> %UserAppData%\ezpinst.exe -> [Ver = | Size = 81920 bytes | Created Date = 15/08/2007 18:04:26 | Attr = ]

InterTrust -> %UserAppData%\InterTrust -> [Folder | Created Date = 17/08/2007 15:17:49 | Attr = ]

pcouffin.cat -> %UserAppData%\pcouffin.cat -> [Ver = | Size = 7176 bytes | Created Date = 15/08/2007 18:04:26 | Attr = ]

pcouffin.inf -> %UserAppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Created Date = 15/08/2007 18:04:26 | Attr = ]

pcouffin.sys -> %UserAppData%\pcouffin.sys -> VSO Software [Ver = 1.36 | Size = 47360 bytes | Created Date = 15/08/2007 18:04:26 | Attr = ]

Vso -> %UserAppData%\Vso -> [Folder | Created Date = 15/08/2007 18:04:25 | Attr = ]

Lettres de motivation.doc -> %UserDocuments%\Lettres de motivation.doc -> [Ver = | Size = 21504 bytes | Created Date = 16/09/2007 19:29:50 | Attr = ]

Acrobat Reader 5.0.lnk -> %AllUsersDesktop%\Acrobat Reader 5.0.lnk -> [Ver = | Size = 882 bytes | Created Date = 17/08/2007 15:17:57 | Attr = ]

192.168.1.1.url -> %UserDesktop%\192.168.1.1.url -> [Ver = | Size = 276 bytes | Created Date = 21/08/2007 21:03:12 | Attr = R ]

HD Tune.lnk -> %UserDesktop%\HD Tune.lnk -> [Ver = | Size = 613 bytes | Created Date = 26/08/2007 14:24:06 | Attr = ]

JkDefrag.exe -> %UserDesktop%\JkDefrag.exe -> J.C. Kessels [Ver = 3.19 | Size = 217088 bytes | Created Date = 20/09/2007 10:10:33 | Attr = ]

Lecteur Windows Media.lnk -> %UserDesktop%\Lecteur Windows Media.lnk -> [Ver = | Size = 804 bytes | Created Date = 24/09/2007 17:05:40 | Attr = ]

Nouveau dossier -> %UserDesktop%\Nouveau dossier -> [Folder | Created Date = 1/10/2007 17:41:05 | Attr = ]

SonicStage.lnk -> %UserDesktop%\SonicStage.lnk -> [Ver = | Size = 1429 bytes | Created Date = 21/08/2007 21:03:44 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 1/10/2007 17:40:30 | Attr = ]

Autodesk Shared -> %CommonProgramFiles%\Autodesk Shared -> [Folder | Created Date = 27/09/2007 20:26:25 | Attr = ]

LHSPF -> %CommonProgramFiles%\LHSPF -> [Folder | Created Date = 27/09/2007 20:30:34 | Attr = ]

 

[Files/Folders - Modified Within 60 days]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 195 bytes | Modified Date = 29/08/2007 12:43:46 | Attr = HS]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 30/09/2007 22:19:22 | Attr = H ]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 27/09/2007 21:26:26 | Attr = R ]

sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 232 bytes | Modified Date = 31/08/2007 17:42:26 | Attr = H ]

sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 232 bytes | Modified Date = 31/08/2007 18:22:26 | Attr = H ]

sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 232 bytes | Modified Date = 14/09/2007 19:23:26 | Attr = H ]

sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 30/09/2007 22:10:24 | Attr = H ]

sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 30/09/2007 22:39:04 | Attr = H ]

sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 30/09/2007 23:13:10 | Attr = H ]

sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 17/08/2007 16:19:22 | Attr = H ]

sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 232 bytes | Modified Date = 31/08/2007 17:08:42 | Attr = H ]

sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 31/08/2007 17:42:26 | Attr = H ]

sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 31/08/2007 18:22:26 | Attr = H ]

sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/09/2007 19:23:26 | Attr = H ]

sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 30/09/2007 22:10:24 | Attr = H ]

sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 30/09/2007 22:39:04 | Attr = H ]

sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 30/09/2007 23:13:10 | Attr = H ]

sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 17/08/2007 16:19:22 | Attr = H ]

sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 31/08/2007 17:08:42 | Attr = H ]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 12/09/2007 11:53:16 | Attr = HS]

WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 1/10/2007 11:36:50 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 1/10/2007 16:47:42 | Attr = S]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 1/10/2007 16:47:58 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 30/09/2007 15:10:02 | Attr = S]

Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 30/09/2007 22:18:30 | Attr = R S]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 24/09/2007 15:58:12 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/09/2007 15:58:32 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 30/09/2007 22:19:22 | Attr = HS]

is-B4EG2.exe -> %SystemRoot%\is-B4EG2.exe -> [Ver = 51.46.0.0 | Size = 679424 bytes | Modified Date = 10/09/2007 10:37:28 | Attr = ]

is-B4EG2.lst -> %SystemRoot%\is-B4EG2.lst -> [Ver = | Size = 132 bytes | Modified Date = 10/09/2007 10:37:28 | Attr = ]

is-B4EG2.msg -> %SystemRoot%\is-B4EG2.msg -> [Ver = | Size = 14107 bytes | Modified Date = 10/09/2007 10:37:28 | Attr = ]

LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 16/09/2007 20:10:48 | Attr = ]

Micro Application Shared -> %SystemRoot%\Micro Application Shared -> [Folder | Modified Date = 15/09/2007 18:35:34 | Attr = ]

Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 19/09/2007 22:23:02 | Attr = ]

Navigma.INI -> %SystemRoot%\Navigma.INI -> [Ver = | Size = 40 bytes | Modified Date = 16/09/2007 20:10:32 | Attr = ]

ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 494 bytes | Modified Date = 15/09/2007 18:10:28 | Attr = ]

ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4557 bytes | Modified Date = 15/09/2007 18:10:26 | Attr = ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 30/09/2007 22:49:40 | Attr = ]

Profiles -> %SystemRoot%\Profiles -> [Folder | Modified Date = 17/08/2007 16:17:54 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Modified Date = 29/08/2007 11:56:48 | Attr = ]

RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 24/09/2007 15:58:32 | Attr = ]

Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 30/09/2007 22:19:42 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Modified Date = 24/09/2007 15:57:52 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 27/08/2007 14:14:10 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Modified Date = 19/09/2007 10:20:54 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 29/08/2007 12:43:46 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 30/09/2007 22:19:02 | Attr = ]

Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 1/10/2007 16:47:44 | Attr = ]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 697 bytes | Modified Date = 15/09/2007 18:10:28 | Attr = ]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 24/09/2007 15:57:44 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 1/10/2007 16:47:46 | Attr = H ]

Adobe -> %System32%\Adobe -> [Folder | Modified Date = 17/08/2007 16:17:52 | Attr = ]

amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 24/09/2007 15:58:14 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 21/08/2007 19:31:04 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 1/10/2007 16:50:14 | Attr = ]

config -> %System32%\config -> [Folder | Modified Date = 30/09/2007 22:19:58 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 24/09/2007 15:58:38 | Attr = RHS]

drivers -> %System32%\drivers -> [Folder | Modified Date = 30/09/2007 22:19:00 | Attr = ]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 244720 bytes | Modified Date = 30/09/2007 22:05:16 | Attr = ]

nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 24/09/2007 15:58:14 | Attr = ]

Restore -> %System32%\Restore -> [Folder | Modified Date = 30/09/2007 22:43:28 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Modified Date = 30/09/2007 22:19:42 | Attr = ]

wmpscheme.xml -> %System32%\wmpscheme.xml -> [Ver = | Size = 25065 bytes | Modified Date = 24/09/2007 14:51:52 | Attr = ]

wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 30/09/2007 22:05:22 | Attr = ]

AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 8320 bytes | Modified Date = 10/08/2007 16:52:04 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 27/09/2007 11:33:58 | Attr = ]

fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 38330912 bytes | Modified Date = 1/10/2007 18:39:16 | Attr = HS]

fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 516140 bytes | Modified Date = 1/10/2007 14:29:04 | Attr = HS]

fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 1004576 bytes | Modified Date = 1/10/2007 18:39:44 | Attr = HS]

fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 96200 bytes | Modified Date = 1/10/2007 14:29:04 | Attr = HS]

klick.sys -> %System32%\drivers\klick.sys -> Kaspersky Lab [Ver = 2.0.0.440 | Size = 82061 bytes | Modified Date = 3/09/2007 22:02:44 | Attr = ]

klin.sys -> %System32%\drivers\klin.sys -> Kaspersky Lab [Ver = 2.0.0.444 | Size = 81549 bytes | Modified Date = 3/09/2007 22:02:44 | Attr = ]

NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 9344 bytes | Modified Date = 10/08/2007 16:52:06 | Attr = ]

pcouffin.sys -> %System32%\drivers\pcouffin.sys -> VSO Software [Ver = 1.36 | Size = 47360 bytes | Modified Date = 15/08/2007 19:04:28 | Attr = ]

hosts.20070912-120848.backup -> %System32%\drivers\etc\hosts.20070912-120848.backup -> [Ver = | Size = 65862 bytes | Modified Date = 10/09/2007 10:40:14 | Attr = R ]

hosts.20070912-122801.backup -> %System32%\drivers\etc\hosts.20070912-122801.backup -> [Ver = | Size = 178769 bytes | Modified Date = 12/09/2007 12:08:50 | Attr = R ]

hosts.20070912-123907.backup -> %System32%\drivers\etc\hosts.20070912-123907.backup -> [Ver = | Size = 1457 bytes | Modified Date = 12/09/2007 12:28:04 | Attr = R ]

hosts.20070913-120149.backup -> %System32%\drivers\etc\hosts.20070913-120149.backup -> [Ver = | Size = 178769 bytes | Modified Date = 12/09/2007 12:39:08 | Attr = R ]

hosts.20070919-222852.backup -> %System32%\drivers\etc\hosts.20070919-222852.backup -> [Ver = | Size = 179217 bytes | Modified Date = 13/09/2007 12:01:50 | Attr = R ]

hosts.20070927-113356.backup -> %System32%\drivers\etc\hosts.20070927-113356.backup -> [Ver = | Size = 184199 bytes | Modified Date = 19/09/2007 22:28:52 | Attr = R ]

Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 30/09/2007 22:42:46 | Attr = ]

Adobe -> %UserAppData%\Adobe -> [Folder | Modified Date = 17/08/2007 16:17:52 | Attr = ]

DivX -> %UserAppData%\DivX -> [Folder | Modified Date = 24/08/2007 20:37:22 | Attr = ]

ezpinst.exe -> %UserAppData%\ezpinst.exe -> [Ver = | Size = 81920 bytes | Modified Date = 15/08/2007 19:04:28 | Attr = ]

InterTrust -> %UserAppData%\InterTrust -> [Folder | Modified Date = 17/08/2007 16:17:50 | Attr = ]

Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 1/10/2007 13:44:32 | Attr = S]

pcouffin.cat -> %UserAppData%\pcouffin.cat -> [Ver = | Size = 7176 bytes | Modified Date = 15/08/2007 19:04:28 | Attr = ]

pcouffin.inf -> %UserAppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Modified Date = 15/08/2007 19:04:28 | Attr = ]

pcouffin.sys -> %UserAppData%\pcouffin.sys -> VSO Software [Ver = 1.36 | Size = 47360 bytes | Modified Date = 15/08/2007 19:04:28 | Attr = ]

Vso -> %UserAppData%\Vso -> [Folder | Modified Date = 15/08/2007 19:04:42 | Attr = ]

ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 16/09/2007 20:43:04 | Attr = ]

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 43520 bytes | Modified Date = 24/09/2007 19:40:32 | Attr = ]

GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 93656 bytes | Modified Date = 28/09/2007 15:54:42 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 4312604 bytes | Modified Date = 1/10/2007 13:54:36 | Attr = H ]

Microsoft -> %LocalAppData%\Microsoft -> [Folder | Modified Date = 11/09/2007 21:03:14 | Attr = ]

Andy -> %UserDocuments%\Andy -> [Folder | Modified Date = 20/09/2007 10:29:28 | Attr = ]

Lettres de motivation.doc -> %UserDocuments%\Lettres de motivation.doc -> [Ver = | Size = 21504 bytes | Modified Date = 16/09/2007 20:29:52 | Attr = ]

Marie-Christine -> %UserDocuments%\Marie-Christine -> [Folder | Modified Date = 26/08/2007 21:07:04 | Attr = ]

Mes dossiers de partage.lnk -> %UserDocuments%\Mes dossiers de partage.lnk -> [Ver = | Size = 583 bytes | Modified Date = 1/10/2007 18:32:50 | Attr = ]

Mes fichier Rigolo -> %UserDocuments%\Mes fichier Rigolo -> [Folder | Modified Date = 15/09/2007 12:12:38 | Attr = ]

Mes fichiers reçus -> %UserDocuments%\Mes fichiers reçus -> [Folder | Modified Date = 29/09/2007 18:02:48 | Attr = ]

Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 1/10/2007 11:43:26 | Attr = R ]

Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 31/08/2007 22:42:48 | Attr = R ]

Programmes -> %UserDocuments%\Programmes -> [Folder | Modified Date = 29/09/2007 22:45:06 | Attr = ]

Acrobat Reader 5.0.lnk -> %AllUsersDesktop%\Acrobat Reader 5.0.lnk -> [Ver = | Size = 882 bytes | Modified Date = 17/08/2007 16:17:58 | Attr = ]

192.168.1.1.url -> %UserDesktop%\192.168.1.1.url -> [Ver = | Size = 276 bytes | Modified Date = 21/08/2007 22:03:04 | Attr = R ]

CCleaner.lnk -> %UserDesktop%\CCleaner.lnk -> [Ver = | Size = 1548 bytes | Modified Date = 16/09/2007 11:16:46 | Attr = ]

HD Tune.lnk -> %UserDesktop%\HD Tune.lnk -> [Ver = | Size = 613 bytes | Modified Date = 26/08/2007 15:24:08 | Attr = ]

JkDefrag.exe -> %UserDesktop%\JkDefrag.exe -> J.C. Kessels [Ver = 3.19 | Size = 217088 bytes | Modified Date = 27/08/2007 23:11:00 | Attr = ]

Lecteur Windows Media.lnk -> %UserDesktop%\Lecteur Windows Media.lnk -> [Ver = | Size = 804 bytes | Modified Date = 24/09/2007 15:59:14 | Attr = ]

Nouveau dossier -> %UserDesktop%\Nouveau dossier -> [Folder | Modified Date = 1/10/2007 18:42:02 | Attr = ]

SonicStage.lnk -> %UserDesktop%\SonicStage.lnk -> [Ver = | Size = 1429 bytes | Modified Date = 21/08/2007 19:33:16 | Attr = ]

Spybot - Search & Destroy.lnk -> %UserDesktop%\Spybot - Search & Destroy.lnk -> [Ver = | Size = 933 bytes | Modified Date = 10/09/2007 10:37:28 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 1/10/2007 18:40:32 | Attr = ]

Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 17/08/2007 16:17:50 | Attr = ]

Autodesk Shared -> %CommonProgramFiles%\Autodesk Shared -> [Folder | Modified Date = 30/09/2007 22:19:26 | Attr = ]

DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 30/09/2007 22:19:22 | Attr = ]

LHSPF -> %CommonProgramFiles%\LHSPF -> [Folder | Modified Date = 27/09/2007 21:30:36 | Attr = ]

Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 16/09/2007 20:12:12 | Attr = ]

 

[File String Scan - Non-Microsoft Only]

UPX! , UPX0 , -> %SystemDrive%\HijackThis 2.0.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 401720 bytes | Modified Date = 28/06/2007 14:36:00 | Attr = ]

PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 28/08/2001 14:00:00 | Attr = ]

PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.6.1.4 | Size = 740442 bytes | Modified Date = 27/07/2007 1:03:38 | Attr = ]

UPX! , UPX0 , -> %System32%\lameACM.acm -> http://www.mp3dev.org/ [Ver = 0.9.1 | Size = 188416 bytes | Modified Date = 10/05/2006 23:41:52 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 28/08/2001 14:00:00 | Attr = ]

WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 28/08/2001 14:00:00 | Attr = ]

UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 28/08/2001 14:00:00 | Attr = ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts -> [Ver = | Size = 186848 bytes | Modified Date = 27/09/2007 11:33:58 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070912-120848.backup -> [Ver = | Size = 65862 bytes | Modified Date = 10/09/2007 10:40:14 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070912-122801.backup -> [Ver = | Size = 178769 bytes | Modified Date = 12/09/2007 12:08:50 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070913-120149.backup -> [Ver = | Size = 178769 bytes | Modified Date = 12/09/2007 12:39:08 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070919-222852.backup -> [Ver = | Size = 179217 bytes | Modified Date = 13/09/2007 12:01:50 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070927-113356.backup -> [Ver = | Size = 184199 bytes | Modified Date = 19/09/2007 22:28:52 | Attr = R ]

@Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable ->

 

< End of report >

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut :P

 

rien de visible sur ce rapport non plus !

pour le pare-feu, j'utilise le modem-routeur de D-Link et Xp sp1( tres petit complémentaire)

Fais le test en ligne par précaution (et par curiosité): ca ne prend vraiment qu'une petite minute!

 

Pour le problème de mise à jour, est ce que tu reçois un message du type "Le programme de mise a jour n'a pas pu établir la connexion avec le serveur" ?

 

Fais un scan en ligne avec Panda: http://www.nanoscan.com/as/v1/principal.aspx?Lang=en

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.php#mozTocId131054

 

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

 

@+

Modifié par charles ingals
Chrisredfield32 Extrem Member

Chrisredfield32

Posté(e)
  • Auteur
Posté(e)
Fais le test en ligne par précaution (et par curiosité): ca ne prend vraiment qu'une petite minute!

 

Pour le problème de mise à jour, est ce que tu reçois un message du type "Le programme de mise a jour n'a pas pu établir la connexion avec le serveur" ?

 

Salut :P

 

J'ai fait le scan de panda antivirus et il a rien signaliée comme virus :P

 

J'avait deja fait par avant le scanne des ports et meme aujourd'hui :P

 

mais il y a un port non masqué mais fermé! comment je pourrait le masqué le port 22 ?

 

pour le probleme de mise a jour, j'avais desactivé la mise a jour automatique et je ne recoit aucun messages!

je comprend pas pk le truc c'est mis a jour lui meme :P :P

 

Rapport du scan de ports

Attention ! Il existe un ou plusieurs ports détectés comme fermés !

Un ou plusieurs ports fermés ont été détecté. Bien qu'il soit protégé, un port fermé reste visible, un pirate potentiel peut donc tenter d'attaquer votre machine. Pour plus de sécurité, il est conseillé de masquer ces ports ou de modifier la configuration de votre firewall.

 

Ports TCP ouverts Aucun port détecté

 

Ports TCP fermés 22 ssh Le shell SSH permet de se connecter à un serveur de façon sécurisée Trojans possibles : Adore sshd, Shaft

 

 

Ports TCP masqués 21 ftp Utilisé pour le transfert de fichier entre ordinateurs Trojans possibles : Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, FreddyK, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, RTB 666, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash

 

23 telnet Utilisé pour obtenir un shell distant Trojans possibles : ADM worm, Fire HacKer, My Very Own trojan, RTB 666, Telnet Pro, Tiny Telnet Server - TTS, Truva Atl

 

79 finger Permet de connaître diverses informations relatives à votre profil Trojans possibles : CDK, Firehotcker

 

80 http Utilisé pour les services Web. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port Trojans possibles : 711 trojan (Seven Eleven), AckCmd, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Code Red, Executor, God Message, God Message 4 Creator, Hooker, IISworm, MTX, NCX, Nimda, Noob, Ramen, Reverse WWW Tunnel Backdoor, RingZero, RTB 666, Seeker, WAN Remote, Web Server CT, WebDownloader

 

110 pop3 Utilisé par les serveurs de messagerie Internet. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. Trojans possibles : ProMail trojan

 

113 auth Utilisé par certains serveurs de messagerie ou de newsgroups (MiRC - Virc...). Des problèmes de performances peuvent survenir si ce port est masqué Trojans possibles : Invisible Identd Deamon, Kazimas

 

119 nntp Utilisé par les serveurs de news pour la distribution d'articles Usenet Trojans possibles : Happy99

 

135 N/A Utilisé pour les applications client/server basées sur des systèmes d'exploitation Microsoft Trojans possibles : W32.Blaster.Worm, W32/Lovsan.worm

 

143 imap Utilisé par les serveurs de messagerie Internet pour l'envoi de messages électroniques. Si vous n'utilisez pas de serveur IMAP, il est conseillé de fermer ce port. Trojans possibles : N/A

 

389 ldap LDAP (Lightweight Directory Access Protocol) : utilisé pour accéder automatiquement à des services d'annuaires en ligne Trojans possibles : N/A

 

443 https Utilisé pour sécuriser les communications HTTP. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port. Ce port est également utilisé par AOL Instant Messenger Trojans possibles : N/A

 

1002 N/A Port non standard Trojans possibles : N/A

 

1024 N/A Port réservé Trojans possibles : Jade, Latinus, NetSpy, Remote Administration Tool - RAT [no 2]

 

1025 N/A Port non standard Trojans possibles : Fraggle Rock, md5 Backdoor, NetSpy, Remote Storm

 

1026 N/A Port non standard Trojans possibles : N/A

 

1027 N/A Port non standard Trojans possibles : ICKiller

 

1028 N/A Port non standard Trojans possibles : N/A

 

1029 N/A Port non standard Trojans possibles : InCommand Access, ICQ Nuke 98

 

1030 N/A Port non standard Trojans possibles : N/A

 

1720 h323hostcall Port non standard. Peut être utilisé par NetMeeting Trojans possibles : N/A

 

5000 N/A Utilisé pour communiquer avec tous les périphériques UpnP reliés à votre réseau Trojans possibles : Back Door Setup, BioNet Lite, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...