Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

HELP !

gnnnee

Par gnnnee
dans Analyses et éradication malwares

 Partager

Messages recommandés

gnnnee Junior Member

gnnnee

Posté(e)
Posté(e)

Bonjour à vous,

 

Lorsque j'ouvre un dossier depuis l'explorateur, une fenêtre internet s'ouvre automatiquement blabla bla etc ...

Qu'est-ce qui m'arrive docteur ?

 

Main.txt

 

Deckard's System Scanner v20071014.68

Run by Sylvain on 2008-07-21 10:08:13

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- System Restore --------------------------------------------------------------

 

Successfully created a Deckard's System Scanner Restore Point.

 

 

-- Last 5 Restore Point(s) --

84: 2008-07-21 08:08:22 UTC - RP472 - Deckard's System Scanner Restore Point

83: 2008-07-20 14:55:55 UTC - RP471 - Systemprüfpunkt

82: 2008-07-19 12:05:41 UTC - RP470 - Installé Creative Software AutoUpdate

81: 2008-07-19 12:01:07 UTC - RP469 - Installé Creative WebCam

80: 2008-07-19 12:00:28 UTC - RP468 - Installé Creative System Information

 

 

-- First Restore Point --

1: 2008-04-22 08:58:27 UTC - RP389 - Systemprüfpunkt

 

 

Backed up registry hives.

Performed disk cleanup.

 

Total Physical Memory: 447 MiB (512 MiB recommended).

 

 

-- HijackThis (run as Sylvain.exe) ---------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:10:16, on 21/07/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

 

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\Programme\Alwil Software\Avast4\aswUpdSv.exe

H:\Programme\Alwil Software\Avast4\ashServ.exe

H:\WINDOWS\system32\spoolsv.exe

H:\WINDOWS\Explorer.EXE

H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe

H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

H:\WINDOWS\system32\RUNDLL32.EXE

H:\WINDOWS\system32\nvsvc32.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\RTHDCPL.EXE

H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

H:\Programme\QuickTime\qttask.exe

H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe

H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe

H:\Programme\Java\jre1.6.0_01\bin\jusched.exe

H:\Programme\Winamp\winampa.exe

H:\WINDOWS\V0330Mon.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Programme\Windows Live\Messenger\MsnMsgr.Exe

H:\Programme\Internet Download Manager\IDMan.exe

H:\Programme\Skype\Phone\Skype.exe

H:\Programme\Alwil Software\Avast4\ashMaiSv.exe

H:\Programme\Alwil Software\Avast4\ashWebSv.exe

H:\Programme\Philips\SA28XX Device Manager\main.exe

H:\Programme\MagicDisc\MagicDisc.exe

H:\Programme\Internet Download Manager\IEMonitor.exe

H:\Programme\Windows Live\Messenger\usnsvc.exe

H:\Dokumente und Einstellungen\Sylvain\Eigene Dateien\Downloads\Programs\dss.exe

H:\PROGRA~1\TRENDM~1\HIJACK~1\Sylvain.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Programme\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Programme\Winamp Toolbar\winamptb.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: search toolbar - {7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6} - H:\WINDOWS\system32\tbrsrch.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll

O2 - BHO: TBSB05587 - {BA94E628-6A42-40E4-9B65-E729711DD3FE} - H:\Programme\YooBarre\yoobarre.dll

O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll

O3 - Toolbar: YooBarre - {6AE02E1C-8859-4F57-9097-5A55A56A4CAF} - H:\Programme\YooBarre\yoobarre.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Programme\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe"

O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe

O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MMTray] "H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [mmtask] "H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe

O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe

O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [iDMan] H:\Programme\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: MagicDisc.lnk = H:\Programme\MagicDisc\MagicDisc.exe

O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe

O8 - Extra context menu item: &Winamp Search - H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: Download all links with IDM - H:\Programme\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - H:\Programme\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - H:\Programme\Internet Download Manager\IEExt.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe

O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Programme\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 9892 bytes

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R1 BIOS - h:\windows\system32\drivers\bios.sys <Not Verified; BIOSTAR Group; BIOSTAR I/O driver fle>

R2 CdaC15BA - h:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>

R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - h:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>

R3 mcdbus (Driver for MagicISO SCSI Host Controller) - h:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>

 

S3 SMCUSBT (EZ ConnectTM g 108Mbps Wireless USB Adapter Service) - h:\windows\system32\drivers\smcusbt1.sys (file missing)

S3 vaxscsi - h:\windows\system32\drivers\vaxscsi.sys (file missing)

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 ForcewareWebInterface (Forceware Web Interface) - "h:\programme\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>

R2 nTuneService (nTune Service) - h:\programme\nvidia corporation\ntune\ntuneservice.exe /startservice <Not Verified; NVIDIA; NVIDIA nTune>

 

S3 Boonty Games - "h:\programme\gemeinsame dateien\boonty shared\service\boonty.exe" <Not Verified; BOONTY; Boonty Games>

S3 FirebirdServerMAGIXInstance (Firebird Server - MAGIX Instance) - h:\magix\common\database\bin\fbserver.exe <Not Verified; MAGIX®; Firebird SQL Server - MAGIX Edition>

 

 

-- Device Manager: Disabled ----------------------------------------------------

 

No disabled devices found.

 

 

-- Files created between 2008-06-21 and 2008-07-21 -----------------------------

 

2008-07-21 10:00:51 0 d-------- H:\Programme\Trend Micro

2008-07-19 23:44:21 17920 --a------ H:\WINDOWS\system32\tbrsrch.dll

2008-07-19 22:05:52 17920 --a------ H:\WINDOWS\system32\tbsch.dll

2008-07-19 22:05:41 17920 --a------ H:\WINDOWS\system32\tbrsch.dll

2008-07-19 22:05:19 17920 --a------ H:\WINDOWS\system32\toolbarsrch.dll

2008-07-19 21:16:03 0 d--h----- H:\Programme\Zero G Registry

2008-07-19 21:16:03 0 d-------- H:\Programme\Sports Interactive

2008-07-19 14:04:01 53248 -----n--- H:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative Product Registration>

2008-07-19 14:01:15 0 d-------- H:\WINDOWS\CtDrvInstall

2008-07-19 14:00:14 308224 --a------ H:\WINDOWS\IsUn040c.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>

2008-07-19 13:59:07 0 d-------- H:\Programme\Creative

2008-07-15 11:37:04 0 d-------- H:\Programme\Musicalis

2008-07-15 11:35:44 0 d-------- H:\WINDOWS\A5W_DATA

2008-06-28 19:23:51 0 d-------- H:\Programme\Internet Download Manager

 

 

-- Find3M Report ---------------------------------------------------------------

 

2008-07-21 10:08:31 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\DMCache

2008-07-21 09:52:46 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Skype

2008-07-21 09:48:39 0 d-------- H:\Programme\Mozilla Thunderbird

2008-07-21 08:11:40 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\skypePM

2008-07-20 00:03:03 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Sports Interactive

2008-07-19 22:18:43 0 d-------- H:\Programme\Windows Live Safety Center

2008-07-19 14:15:37 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Creative

2008-07-19 14:05:37 0 d--h----- H:\Programme\InstallShield Installation Information

2008-07-17 19:19:46 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\OpenOffice.org2

2008-07-15 18:40:04 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Winamp

2008-07-01 15:42:11 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\IDM

2008-06-30 10:02:26 0 d-------- H:\Programme\Winamp

2008-06-28 18:53:35 405214 --a------ H:\WINDOWS\system32\perfh007.dat

2008-06-28 18:53:35 70712 --a------ H:\WINDOWS\system32\perfc007.dat

2008-06-15 18:01:50 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\dvdcss

2008-06-06 08:56:37 0 d-------- H:\Programme\Winamp Toolbar

2008-06-06 07:40:02 0 d-------- H:\Programme\Windows Live

2008-06-06 07:38:48 0 d--hs--c- H:\Programme\Gemeinsame Dateien\WindowsLiveInstaller

2008-06-06 07:38:05 0 d-------- H:\Programme\Gemeinsame Dateien

2008-06-03 18:45:13 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Mp3tag

2008-06-03 18:39:32 0 d-------- H:\Programme\Mp3tag

2008-06-01 20:41:07 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\JAM Software

2008-06-01 20:40:58 0 d-------- H:\Programme\JAM Software

2008-05-31 13:24:57 0 d-------- H:\Programme\Microsoft Silverlight

2008-05-30 09:36:15 0 d-------- H:\Programme\Soulseek

2008-05-21 11:05:20 0 d-------- H:\Programme\Philips

2008-05-21 11:03:47 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\InstallShield

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]

20/03/2008 00:36 1267040 --a------ H:\Programme\Winamp Toolbar\winamptb.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}]

19/07/2008 23:44 17920 --a------ H:\WINDOWS\system32\tbrsrch.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BA94E628-6A42-40E4-9B65-E729711DD3FE}]

16/05/2007 17:12 1208320 --a------ H:\Programme\YooBarre\yoobarre.dll

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= H:\Programme\Winamp Toolbar\winamptb.dll [20/03/2008 00:36 1267040]

 

[-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]

[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [12/07/2006 07:19]

"nwiz"="nwiz.exe" [12/07/2006 07:19 H:\WINDOWS\system32\nwiz.exe]

"NeroFilterCheck"="H:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50]

"avast!"="H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19]

"@"="" []

"NVIDIA nTune"="H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" [15/05/2006 17:12]

"NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 07:19]

"RTHDCPL"="RTHDCPL.EXE" [28/06/2006 14:54 H:\WINDOWS\RTHDCPL.exe]

"Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 H:\WINDOWS\Alcmtr.exe]

"TkBellExe"="H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [18/04/2007 19:23]

"Netcom"="H:\PROGRA~1\Netcom\Netcom.exe" []

"Eye On Network"="H:\Programme\Eye On Network\Eye On Network.exe" []

"QuickTime Task"="H:\Programme\QuickTime\qttask.exe" [27/04/2007 09:41]

"MMTray"="H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [17/01/2006 13:12]

"mmtask"="H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe" [17/01/2006 13:12]

"SunJavaUpdateSched"="H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" [14/03/2007 03:43]

"KernelFaultCheck"="H:\WINDOWS\system32\dumprep 0 -k" []

"NetStat Live"="H:\Programme\AnalogX\NetStat Live\nsl.exe" []

"WinampAgent"="H:\Programme\Winamp\winampa.exe" [01/04/2008 20:49]

"V0330Mon.exe"="H:\WINDOWS\V0330Mon.exe" [30/04/2007 03:03]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [04/08/2004 09:57]

"MsnMsgr"="H:\Programme\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34]

"PowerBar"="" []

"AlcoholAutomount"="H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" []

"IDMan"="H:\Programme\Internet Download Manager\IDMan.exe" [28/06/2008 19:25]

"Skype"="H:\Programme\Skype\Phone\Skype.exe" [01/02/2008 17:22]

 

H:\Dokumente und Einstellungen\Sylvain\Startmen\Programme\Autostart\

MagicDisc.lnk - H:\Programme\MagicDisc\MagicDisc.exe [02/02/2008 17:51:50]

 

H:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\

Philips Gestionnaire de p‚riph‚riques.lnk - H:\Programme\Philips\SA28XX Device Manager\main.exe [21/05/2008 11:05:21]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b1e52a7-3daa-11dc-b27e-00e04d049696}]

AutoRun\command- K:\autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{741211a2-ea7c-11dc-b3f5-00e04d049696}]

AutoRun\command- L:\ClickMe.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdc6dc4d-5a48-11dc-b2ad-00e04d049696}]

AutoRun\command- J:\autorun.exe

 

 

 

 

-- End of Deckard's System Scanner: finished at 2008-07-21 10:10:56 ------------

 

 

EXTRA.TXT

 

 

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

Microsoft Windows XP Home Edition (build 2600) SP 2.0

Architecture: X86; Language: German

 

CPU 0: AMD Processor model unknown

Percentage of Memory in Use: 59%

Physical Memory (total/avail): 446.48 MiB / 179.39 MiB

Pagefile Memory (total/avail): 1054.91 MiB / 649.38 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1929.91 MiB

 

C: is Removable (No Media)

D: is Removable (No Media)

E: is Removable (No Media)

F: is Removable (No Media)

G: is CDROM (No Media)

H: is Fixed (NTFS) - 74.52 GiB total, 23.18 GiB free.

J: is CDROM (CDFS)

K: is CDROM (UDF)

L: is Fixed (FAT32) - 232.83 GiB total, 45.43 GiB free.

 

\\.\PHYSICALDRIVE0 - SAMSUNG HD080HJ - 74.53 GiB - 1 partition

\PARTITION0 (bootable) - Installierbares Dateisystem - 74.52 GiB - H:

 

\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device

 

\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device

 

\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device

 

\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device

 

\\.\PHYSICALDRIVE1 - WD 2500JB External USB Device - 232.88 GiB - 1 partition

\PARTITION0 - Unknown - 232.88 GiB - L:

 

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is enabled.

 

FW: ActiveArmor Firewall v1.0 (NVIDIA Corporation) Disabled

AV: avast! antivirus 4.8.1201 [VPS 080720-0] v4.8.1201 (ALWIL Software)

 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"H:\\Programme\\Windows Live\\Messenger\\livecall.exe"="H:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"H:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="H:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"

"H:\\Programme\\Soulseek\\slsk.exe"="H:\\Programme\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"

"H:\\Programme\\VGas\\wyld3D6.exe"="H:\\Programme\\VGas\\wyld3D6.exe:*:Enabled:wyld3D6"

"H:\\Programme\\BitLord\\BitLord.exe"="H:\\Programme\\BitLord\\BitLord.exe:*:Enabled:BitLord"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"H:\\Programme\\Soulseek-Test\\slsk.exe"="H:\\Programme\\Soulseek-Test\\slsk.exe:*:Disabled:SoulSeek"

"H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"H:\\Programme\\Windows Live\\Messenger\\livecall.exe"="H:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"H:\\Programme\\Winamp Remote\\bin\\Orb.exe"="H:\\Programme\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"

"H:\\Programme\\Winamp Remote\\bin\\OrbTray.exe"="H:\\Programme\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"

"H:\\Programme\\Winamp Remote\\bin\\OrbStreamerClient.exe"="H:\\Programme\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"

"H:\\Programme\\Sports Interactive\\Football Manager 2008\\fm.exe"="H:\\Programme\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"

"H:\\Programme\\Skype\\Phone\\Skype.exe"="H:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

 

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=H:\Dokumente und Einstellungen\All Users

APPDATA=H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten

CLASSPATH=.;H:\Programme\QuickTime\QTSystem\QTJava.zip

CLIENTNAME=Console

CommonProgramFiles=H:\Programme\Gemeinsame Dateien

COMPUTERNAME=SYLVAIN-VJS44CZ

ComSpec=H:\WINDOWS\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=H:

HOMEPATH=\Dokumente und Einstellungen\Sylvain

LOGONSERVER=\\SYLVAIN-VJS44CZ

NUMBER_OF_PROCESSORS=1

OS=Windows_NT

Path=H:\WINDOWS\system32;H:\WINDOWS;H:\WINDOWS\System32\Wbem;H:\Programme\QuickTime\QTSystem\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 127 Stepping 1, AuthenticAMD

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=7f01

ProgramFiles=H:\Programme

PROMPT=$P$G

QTJAVA=H:\Programme\QuickTime\QTSystem\QTJava.zip

SESSIONNAME=Console

SystemDrive=H:

SystemRoot=H:\WINDOWS

TEMP=H:\DOKUME~1\Sylvain\LOKALE~1\Temp

TMP=H:\DOKUME~1\Sylvain\LOKALE~1\Temp

USERDOMAIN=SYLVAIN-VJS44CZ

USERNAME=Sylvain

USERPROFILE=H:\Dokumente und Einstellungen\Sylvain

windir=H:\WINDOWS

 

 

-- User Profiles ---------------------------------------------------------------

 

Sylvain (admin)

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> H:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

--> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c

--> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c

--> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c

--> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 H:\WINDOWS\INF\PCHealth.inf

Adobe Acrobat 5.0 --> H:\WINDOWS\ISUNINST.EXE -f"H:\Programme\Gemeinsame Dateien\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"H:\Programme\Gemeinsame Dateien\Adobe\Acrobat 5.0\NT\Uninst.dll"

Adobe Flash Player 9 ActiveX --> H:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock

Adobe Flash Player Plugin --> H:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Archiveur WinRAR --> H:\Programme\WinRAR\uninstall.exe

Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

avast! Antivirus --> H:\Programme\Alwil Software\Avast4\aswRunDll.exe "H:\Programme\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

AviSynth 2.5 --> "H:\Programme\AviSynth 2.5\Uninstall.exe"

Barre de confiance CM-CIC --> "H:\Programme\BarreConfCMCIC\Setup.exe" -u

BitLord 1.1 --> H:\Programme\BitLord\uninst.exe

Creative Live! Cam Center --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove

Creative Software AutoUpdate --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove

Creative System Information --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove

Creative WebCam Vista/Live! Cam Chat Driver (1.11.01.00) --> H:\WINDOWS\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll -pluginres CtCamPin.crl

DivX Codec --> H:\Programme\DivX\DivXCodecUninstall.exe /CODEC

DivXMachine 2.2 - 219 Pack4 --> "H:\Programme\DivXMachine II\unins000.exe"

DM_Install --> H:\Programme\InstallShield Installation Information\{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}\setup.exe -runfromtemp -l0x040c -removeonly

DVD Solution --> H:\Programme\Uninstall_CDS.exe

FairUse Wizard 2 --> "H:\Programme\FairUse Wizard 2\UnInstall_14333.exe"

FastStone Image Viewer 3.2 --> H:\Programme\FastStone Image Viewer\uninst.exe

ffvfw MPEG-4 Video Codec (uninstall only) --> "H:\Programme\ffvfw\uninstall.exe"

Firebird SQL Server - MAGIX Edition (F) --> H:\MAGIX\Common\Database\uninstall.exe

Football Manager 2008 --> "H:\Programme\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"

High Definition Audio Driver Package - KB888111 --> "H:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HijackThis 2.0.2 --> "H:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix für Windows XP (KB914440) --> "H:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"

Hotfix für Windows XP (KB935448) --> "H:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399) --> "H:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

IKEA HomePlanner Kitchen --> MsiExec.exe /I{F7107906-5D75-438A-BB33-010818834487}

Internet Download Manager --> H:\Programme\Internet Download Manager\Uninstall.exe

J'apprends la guitare --> MsiExec.exe /I{16A81684-F7EE-11D6-B1B8-0050BAE10642}

Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

MagicDisc 2.5.77 --> H:\PROGRA~1\MAGICD~1\UNWISE.EXE H:\PROGRA~1\MAGICD~1\INSTALL.LOG

Manuel d'utilisation de Creative WebCam Vista (Français) --> H:\WINDOWS\IsUn040c.exe -f"H:\Programme\Creative\Creative WebCam Vista\Manuel d'utilisation de Creative WebCam Vista\French\CTManual.isu"

Microsoft Compression Client Pack 1.0 for Windows XP --> "H:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "H:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Move Networks Media Player for Internet Explorer --> H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Move Networks\ie_bin\Uninst.exe

Mozilla Firefox (2.0.0.16) --> H:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe

Mozilla Thunderbird (2.0.0.14) --> H:\Programme\Mozilla Thunderbird\uninstall\helper.exe

Mp3tag v2.40 --> H:\Programme\Mp3tag\Mp3tagUninstall.EXE

Multimedia Launcher --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall

Musicmatch® Jukebox --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst

Nero OEM --> H:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NVIDIA Drivers --> H:\WINDOWS\system32\nvuide.exe UninstallGUI

NVIDIA ForceWare Network Access Manager --> H:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1036

NVIDIA nTune --> H:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1036

OpenOffice.org 2.2 --> MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}

QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}

RapidShare Manager --> rundll32.exe dfshim.dll,ShArpMaintain RapidShareManager.application, Culture=neutral, PublicKeyToken=beb8bcbf36015e49, processorArchitecture=msil

RealPlayer --> H:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek High Definition Audio Driver --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly

Sicherheitsupdate für Windows XP (KB893756) --> "H:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB896358) --> "H:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB896423) --> "H:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB896428) --> "H:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB899587) --> "H:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB899591) --> "H:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB900725) --> "H:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB901017) --> "H:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB901190) --> "H:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB901214) --> "H:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB902400) --> "H:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB904706) --> "H:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB905414) --> "H:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB905749) --> "H:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB908519) --> "H:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB911562) --> "H:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB911927) --> "H:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB913580) --> "H:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB914388) --> "H:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB914389) --> "H:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB917344) --> "H:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB917422) --> "H:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB917953) --> "H:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB918118) --> "H:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB918439) --> "H:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB919007) --> "H:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB920213) --> "H:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB920670) --> "H:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB920683) --> "H:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB920685) --> "H:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB921503) --> "H:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB922819) --> "H:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923191) --> "H:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923414) --> "H:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923689) --> "H:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923694) --> "H:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923980) --> "H:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB924191) --> "H:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB924270) --> "H:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB924496) --> "H:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB924667) --> "H:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB925902) --> "H:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB926255) --> "H:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB926436) --> "H:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB927779) --> "H:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB927802) --> "H:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB928090) --> "H:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB928255) --> "H:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB928843) --> "H:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB929123) --> "H:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB929969) --> "H:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB930178) --> "H:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB931261) --> "H:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB931768) --> "H:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB931784) --> "H:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB932168) --> "H:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB933566) --> "H:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB933729) --> "H:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB935839) --> "H:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB935840) --> "H:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB936021) --> "H:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB937143) --> "H:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB938127) --> "H:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB938829) --> "H:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB939653) --> "H:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941202) --> "H:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941568) --> "H:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941569) --> "H:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941644) --> "H:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941693) --> "H:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB942615) --> "H:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB943055) --> "H:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB943460) --> "H:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB943485) --> "H:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB944653) --> "H:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB945553) --> "H:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB946026) --> "H:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB948590) --> "H:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB948881) --> "H:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950749) --> "H:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950760) --> "H:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950762) --> "H:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951376-v2) --> "H:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951376) --> "H:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951698) --> "H:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951748) --> "H:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Skype 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Smart Guardian --> H:\WINDOWS\IsUninst.exe -f"H:\Programme\ITE\Smart Guardian\Uninst.isu"

SoulSeek Client 156c --> "H:\Programme\Soulseek\uninstall.exe"

SoulSeek Client 157 test 8 --> "H:\Programme\Soulseek-Test\uninstall.exe"

TreeSize Personal 5.0 --> "H:\Programme\JAM Software\TreeSize Personal\unins000.exe"

Update für Windows XP (KB894391) --> "H:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"

Update für Windows XP (KB898461) --> "H:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Update für Windows XP (KB900485) --> "H:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"

Update für Windows XP (KB904942) --> "H:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"

Update für Windows XP (KB908531) --> "H:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"

Update für Windows XP (KB910437) --> "H:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"

Update für Windows XP (KB911280) --> "H:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"

Update für Windows XP (KB916595) --> "H:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"

Update für Windows XP (KB920872) --> "H:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"

Update für Windows XP (KB922582) --> "H:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"

Update für Windows XP (KB927891) --> "H:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"

Update für Windows XP (KB930916) --> "H:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"

Update für Windows XP (KB931836) --> "H:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"

Update für Windows XP (KB932823-v3) --> "H:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"

Update für Windows XP (KB933360) --> "H:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"

Update für Windows XP (KB938828) --> "H:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"

Update für Windows XP (KB942763) --> "H:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"

Update für Windows XP (KB942840) --> "H:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"

Update für Windows XP (KB946627) --> "H:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"

VideoLAN VLC media player 0.8.6c --> H:\Programme\VideoLAN\VLC\uninstall.exe

Winamp --> "H:\Programme\Winamp\UninstWA.exe"

Winamp Toolbar for Firefox --> "H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Mozilla\Firefox\Profiles\yiscs0s2.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"

Winamp Toolbar for Internet Explorer --> "H:\Programme\Winamp Toolbar\uninstall.exe"

Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) --> H:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u H:\WINDOWS\System32\DRVSTORE\amdk8_46A23DA005A38EDACA9A5DA30EC2FEBF00D83D18\amdk8.inf

Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live OneCare safety scanner --> RunDll32.exe "H:\Programme\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT

Windows Media Format 11 runtime --> "H:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows XP-Hotfix - KB873339 --> H:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe

Windows XP-Hotfix - KB885835 --> H:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe

Windows XP-Hotfix - KB885836 --> H:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe

Windows XP-Hotfix - KB886185 --> H:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe

Windows XP-Hotfix - KB887472 --> H:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe

Windows XP-Hotfix - KB888302 --> H:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe

Windows XP-Hotfix - KB890859 --> "H:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"

Windows XP-Hotfix - KB891781 --> H:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe

WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

YooBarre --> regsvr32 /u /s "H:\Programme\YooBarre\yoobarre.dll"

 

 

-- Application Event Log -------------------------------------------------------

 

Event Record #/Type5279 / Success

Event Submitted/Written: 07/21/2008 09:46:39 AM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

Event Record #/Type5268 / Success

Event Submitted/Written: 07/21/2008 08:12:13 AM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

Event Record #/Type5250 / Success

Event Submitted/Written: 07/20/2008 04:30:55 PM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

Event Record #/Type5243 / Success

Event Submitted/Written: 07/20/2008 09:31:05 AM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

Event Record #/Type5225 / Success

Event Submitted/Written: 07/19/2008 10:11:26 PM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.

 

 

 

-- Security Event Log ----------------------------------------------------------

 

No Errors/Warnings found.

 

 

-- System Event Log ------------------------------------------------------------

 

Event Record #/Type32746 / Warning

Event Submitted/Written: 07/19/2008 11:54:06 PM

Event ID/Source: 4226 / Tcpip

Event Description:

TCP/IP hat das Sicherheitslimit erreicht, das für die Anzahl gleichzeitiger TCP-Verbindungsversuche festgelegt wurde.

 

Event Record #/Type32713 / Warning

Event Submitted/Written: 07/19/2008 07:46:07 PM

Event ID/Source: 1003 / Dhcp

Event Description:

Der Computer konnte die Netzwerkadresse, die durch den DHCP-Server für die

Netzwerkkarte mit der Netzwerkadresse 00E04D049696 zugeteilt wurde, nicht erneuern. Der

folgende Fehler ist aufgetreten:

%%1223.

Es wird weiterhin im Hintergrund versucht, eine Adresse vom

Netzwerkadressserver (DHCP) zu erhalten.

 

Event Record #/Type32566 / Warning

Event Submitted/Written: 07/18/2008 11:19:00 PM

Event ID/Source: 36 / W32Time

Event Description:

Der Zeitdienst konnte die Systemzeit seit 49152 Sekunden nicht

synchronisieren, da kein Zeitanbieter einen gültigen Zeitstempel

anbieten konnte. Die Systemuhr ist nicht synchronisiert.

 

Event Record #/Type32540 / Error

Event Submitted/Written: 07/18/2008 09:40:07 AM

Event ID/Source: 7034 / Service Control Manager

Event Description:

Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

 

Event Record #/Type32333 / Warning

Event Submitted/Written: 07/15/2008 05:08:20 PM

Event ID/Source: 1003 / Dhcp

Event Description:

Der Computer konnte die Netzwerkadresse, die durch den DHCP-Server für die

Netzwerkkarte mit der Netzwerkadresse 00E04D049696 zugeteilt wurde, nicht erneuern. Der

folgende Fehler ist aufgetreten:

%%1223.

Es wird weiterhin im Hintergrund versucht, eine Adresse vom

Netzwerkadressserver (DHCP) zu erhalten.

 

 

 

-- End of Deckard's System Scanner: finished at 2008-07-21 10:10:56 ------------

 

 

 

Merci d'avance

Cordialement,

 

Sylvain

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Bonsoir, on va faire un petit test (pas de danger :P ) en premier.

 

Que dit la fenêtre ?

 

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

gnnnee Junior Member

gnnnee

Posté(e)
  • Auteur
Posté(e)

bonsoir !

 

(non, je n'ai pas peur)

 

TB.txt

 

 

-----------\\ ToolBar S&D 1.0.6 XP/Vista

 

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : Sylvain ] [ "H:\Toolbar SD" ] [ Selection : 1 ]

[ 21/07/2008 | 22:51:55,64 ] [ PC : SYLVAIN-VJS44CZ ]

[ MAJ : 18-07-2008 | 20:45 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

H:\DOKUME~1\Sylvain\Cookies\sylvain@www.tabcrawler[1].txt

H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\02RJYE9J\kdr_srch_bottombar[1].jpg

H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\02RJYE9J\kdr_srch_upper_left_corner[1].jpg

H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\M3LXHVIA\addyn%7C3[1].0%7C516%7C1279344%7C0%7C170%7CADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=[group];misc=12132110

88484

 

-----------\\ Extensions

 

(Sylvain) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja-JP-mac

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ko

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-mk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-tr

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-uk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja-JP-mac

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ko

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-mk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-tr

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-uk

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN

(Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="H:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://www.google.be/"

"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

 

 

-----------\\ Fin du rapport a 22:53:25,82

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Impec. :P

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen rapide"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

gnnnee Junior Member

gnnnee

Posté(e)
  • Auteur
Posté(e)

Bonjour

et voilà !

 

rapport MBAM

 

Malwarebytes' Anti-Malware 1.22

Version de la base de données: 977

Windows 5.1.2600 Service Pack 2

 

13:29:22 22/07/2008

mbam-log-7-22-2008 (13-29-22).txt

 

Type de recherche: Examen rapide

Eléments examinés: 39479

Temps écoulé: 12 minute(s), 41 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 7

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7d76d0eb-ae56-4df4-affc-20aff4344ac6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7d76d0eb-ae56-4df4-affc-20aff4344ac6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{6ae02e1c-8859-4f57-9097-5a55a56a4caf} (Adware.BHO) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

H:\Programme\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

gnnnee Junior Member

gnnnee

Posté(e)
  • Auteur
Posté(e)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:19:36, on 23/07/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

 

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe

H:\WINDOWS\Explorer.EXE

H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe

H:\WINDOWS\system32\RUNDLL32.EXE

H:\WINDOWS\RTHDCPL.EXE

H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

H:\Programme\QuickTime\qttask.exe

H:\Programme\Java\jre1.6.0_01\bin\jusched.exe

H:\Programme\Winamp\winampa.exe

H:\WINDOWS\V0330Mon.exe

H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Programme\Windows Live\Messenger\MsnMsgr.Exe

H:\Programme\Internet Download Manager\IDMan.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

H:\Programme\Skype\Phone\Skype.exe

H:\WINDOWS\system32\nvsvc32.exe

H:\WINDOWS\System32\svchost.exe

H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

H:\Programme\Philips\SA28XX Device Manager\main.exe

H:\Programme\MagicDisc\MagicDisc.exe

H:\Programme\Skype\Plugin Manager\skypePM.exe

H:\Programme\Eidos\L'Entraîneur 2008\CM2008.exe

H:\Programme\Internet Download Manager\IEMonitor.exe

H:\Programme\Windows Live\Messenger\usnsvc.exe

H:\Programme\Mozilla Thunderbird\thunderbird.exe

H:\PROGRA~1\MOZILL~2\FIREFOX.EXE

H:\Programme\Winamp\winamp.exe

H:\Programme\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Programme\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll

O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe"

O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe

O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe

O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe

O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe

O4 - HKLM\..\Run: [avgnt] "H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [iDMan] H:\Programme\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: MagicDisc.lnk = H:\Programme\MagicDisc\MagicDisc.exe

O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe

O8 - Extra context menu item: Download all links with IDM - H:\Programme\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - H:\Programme\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - H:\Programme\Internet Download Manager\IEExt.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe

O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 8998 bytes

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...