Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

RESOLU et merci antivirus 2008

alma

Par alma
dans Analyses et éradication malwares

 Partager

Messages recommandés

alma Mega Power Member

alma

Posté(e)
  • Auteur
Posté(e)

voici les deux fichiers temps desirés ils sont tout de meme sortis

 

 

Logfile of random's system information tool (written by random/random)

Run by alain at 2008-08-30 18:17:51

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 11 GB (29%) free of 39 GB

Total RAM: 509 MB (46% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:18:03, on 30/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\QuickTime\QTTask.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Brother\Brmfcmon\BrMfimon.exe

C:\Program Files\Secunia\PSI (RC3)\psi.exe

C:\Program Files\WinZip\WZQKPICK.EXE

F:\Program Files\torrent\uTorrent.exe

F:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\DAP\DAP.EXE

C:\Documents and Settings\alain\Bureau\RSIT.exe

C:\Documents and Settings\alain\Bureau\alain.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\OFFICE\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.aliceadsl.fr

O15 - Trusted Zone: http://www.zebulon.fr

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203294740609

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_2_0.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: Norton Ghost - Symantec Corporation - F:\Program Files\ghost12\Agent\VProSvc.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

--

End of file - 9768 bytes

 

Scheduled tasks folder

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Maintenance en 1 clic.job

 

Registry dump

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-04-17 2436160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-02-19 654320]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-04-17 2436160]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\s [2008-08-30 801349632]

"NeroFilterCheck"=C:\WINDOWS\s [2008-08-30 801349632]

"nwiz"=C:\WINDOWS\s [2008-08-30 801349632]

"NvMediaCenter"=C:\WINDOWS\s [2008-08-30 801349632]

"ASUS Camera ScreenSaver"=C:\WINDOWS\A [2008-08-30 801349632]

"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-23 663552]

"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]

"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]

"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]

"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"*___MsiRebootRequired___"=C:\WINDOWS\s [2008-08-30 801349632]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\s [2008-08-30 801349632]

"NvMediaCenter"=C:\WINDOWS\s [2008-08-30 801349632]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-19 68856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-23 663552]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

C:\WINDOWS\s [2008-08-30 801349632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]

C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2008-02-19 190024]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]

C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2006-09-15 2048000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]

C:\WINDOWS\s [2008-08-30 801349632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]

C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-19 68856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^alain^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]

C:\WINDOWS\s [2008-08-30 801349632]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

 

C:\Documents and Settings\alain\Menu Démarrer\Programmes\Démarrage

Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="sockspy.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\s [2008-08-30 801349632]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=msapsspc.dll schannel.dll digest.dll msnsspc.dll

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Disabled:PMSRegisterFile"

"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Disabled:Render Manager"

"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Disabled:Studio"

"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Disabled:umi"

"F:\Program Files\torrent\uTorrent.exe"="F:\Program Files\torrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Disabled:maconfservice"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a0d7b4d-e061-11dc-8954-003005350bf8}]

shell\AutoRun\command - R:\InstallTomTomHOME.exe

 

 

File associations

 

.reg - open - regedit.exe "%1" %*

.scr - open - "%1" %*

 

List of files/folders created in the last three months

 

2008-08-30 18:11:21 ----D---- C:\rsit

2008-08-30 17:51:50 ----D---- C:\WINDOWS\LastGood

2008-08-30 10:54:25 ----D---- C:\Program Files\Sun

2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\javaws.exe

2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\javaw.exe

2008-08-30 10:54:04 ----A---- C:\WINDOWS\system32\java.exe

2008-08-30 10:45:41 ----D---- C:\Documents and Settings\alain\Application Data\vlc

2008-08-30 09:39:10 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip

2008-08-30 09:33:09 ----D---- C:\Program Files\VideoLAN

2008-08-30 09:20:48 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

2008-08-30 09:10:57 ----D---- C:\Program Files\Secunia

2008-08-30 00:23:46 ----A---- C:\WINDOWS\gmer.ini

2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer.exe

2008-08-30 00:23:44 ----A---- C:\WINDOWS\gmer.dll

2008-08-29 18:41:02 ----D---- C:\Documents and Settings\alain\Application Data\AdobeUM

2008-08-29 18:32:27 ----D---- C:\Program Files\Windows Installer Clean Up

2008-08-29 18:32:09 ----D---- C:\Program Files\MSECACHE

2008-08-29 18:00:39 ----D---- C:\WINDOWS\system32\Adobe

2008-08-29 15:03:48 ----N---- C:\WINDOWS\system32\BrfxD05a.dll

2008-08-28 22:41:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-08-28 19:22:11 ----D---- C:\Program Files\Avira

2008-08-28 19:22:11 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2008-08-28 14:43:15 ----D---- C:\WINDOWS\ShellNew

2008-08-28 10:50:03 ----D---- C:\Documents and Settings\alain\Application Data\Talkback

2008-08-28 10:47:39 ----D---- C:\Documents and Settings\alain\Application Data\Thunderbird

2008-08-27 21:46:21 ----D---- C:\SDFix

2008-08-27 20:25:53 ----D---- C:\Documents and Settings\alain\Application Data\Malwarebytes

2008-08-27 20:25:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-08-27 20:25:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-08-27 12:35:10 ----D---- C:\Program Files\Mozilla Firefox

2008-08-27 10:28:43 ----A---- C:\WINDOWS\system32\BASSMOD.dll

2008-08-27 10:09:40 ----A---- C:\WINDOWS\system32\WkExt32.dll

2008-08-27 10:09:40 ----A---- C:\WINDOWS\system32\WibuXpm4J32.dll

2008-08-27 10:09:39 ----A---- C:\WINDOWS\system32\wibuKJni.dll

2008-08-27 10:09:38 ----A---- C:\WINDOWS\system32\WkDos.exe

2008-08-27 10:09:28 ----A---- C:\WINDOWS\system32\WkWin32.dll

2008-08-27 10:09:21 ----D---- C:\Program Files\WIBU-SYSTEMS

2008-08-27 10:09:21 ----D---- C:\Program Files\WIBUKEY

2008-08-27 10:07:31 ----D---- C:\Program Files\QuickTime

2008-08-27 10:05:40 ----D---- C:\Program Files\Apple Software Update

2008-08-27 10:05:15 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-08-26 19:57:07 ----SHD---- C:\found.001

2008-08-26 17:18:43 ----D---- C:\Program Files\Zone Labs

2008-08-26 13:17:40 ----D---- C:\Documents and Settings\alain\Application Data\Uniblue

2008-08-26 13:11:58 ----A---- C:\WINDOWS\PlotFlow.INI

2008-08-26 13:07:17 ----A---- C:\WINDOWS\IsUninst.exe

2008-08-26 10:23:45 ----HDC---- C:\WINDOWS\ie7

2008-08-26 10:05:29 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$

2008-08-25 18:22:46 ----D---- C:\Program Files\PowerQuest

2008-08-25 10:54:10 ----A---- C:\WINDOWS\system32\msvcp71.dll.gz

2008-08-25 10:54:10 ----A---- C:\WINDOWS\system32\mfc71.dll.gz

2008-08-24 22:09:51 ----D---- C:\Documents and Settings\alain\Application Data\Acronis

2008-08-24 21:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis

2008-08-24 19:55:33 ----A---- C:\WINDOWS\system32\GEARAspi.dll

2008-08-24 19:02:48 ----D---- C:\Documents and Settings\alain\Application Data\Micro Application

2008-08-24 18:46:10 ----A---- C:\WINDOWS\system32\setupnt.dll

2008-08-22 20:19:14 ----D---- C:\Documentation en ligne

2008-08-22 20:16:40 ----D---- C:\$CTJTMP

2008-08-20 12:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-08-20 12:31:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-08-20 12:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$

2008-08-20 12:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-08-20 12:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-08-20 12:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-08-20 12:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-08-02 13:57:51 ----A---- C:\WINDOWS\removeark.exe

2008-08-02 12:12:16 ----D---- C:\Program Files\SigmaTel

2008-08-01 19:20:02 ----A---- C:\fpnlogger.ini

2008-08-01 19:05:35 ----D---- C:\Zelio-program

2008-08-01 19:03:46 ----A---- C:\WINDOWS\ZelioSoft.ini

2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2S.dll

2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2L.dll

2008-07-21 20:34:24 ----R---- C:\WINDOWS\system32\BrDctF2.dll

2008-07-21 20:34:19 ----N---- C:\WINDOWS\system32\BroSNMP.dll

2008-07-21 20:32:16 ----A---- C:\WINDOWS\maxlink.ini

2008-07-16 01:10:49 ----A---- C:\WINDOWS\brmx2001.ini

2008-07-16 01:10:37 ----N---- C:\WINDOWS\system32\Pdrvinst.dll

2008-07-16 00:34:59 ----N---- C:\WINDOWS\system32\BrSti07a.dll

2008-07-12 14:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-07-12 13:16:54 ----D---- C:\WINDOWS\system32\CatRoot_bak

2008-07-08 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-07-05 00:37:13 ----SHD---- C:\found.000

2008-07-05 00:27:23 ----RSHD---- C:\cmdcons

2008-07-05 00:27:23 ----A---- C:\WINDOWS\UPGRADE.TXT

2008-07-05 00:27:21 ----D---- C:\WINDOWS\setup.pss

2008-07-05 00:26:51 ----D---- C:\WINDOWS\setupupd

2008-07-04 23:21:33 ----D---- C:\Program Files\sisagp

2008-07-04 23:12:22 ----D---- C:\Program Files\Realtek AC97

2008-07-04 23:12:22 ----A---- C:\WINDOWS\system32\RTLCPL.EXE

2008-07-04 23:12:20 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll

2008-07-04 23:12:20 ----A---- C:\WINDOWS\SOUNDMAN.EXE

2008-07-04 23:12:18 ----A---- C:\WINDOWS\alcupd.exe

2008-07-04 23:12:18 ----A---- C:\WINDOWS\Alcrmv.exe

2008-07-04 22:28:27 ----D---- C:\Program Files\ma-config.com

2008-07-04 22:28:27 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com

2008-07-04 13:14:11 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe

2008-07-04 13:14:10 ----A---- C:\WINDOWS\system32\uxtuneup.dll

2008-07-04 11:34:55 ----A---- C:\WINDOWS\ASScrProlog.exe

2008-07-04 11:34:53 ----A---- C:\WINDOWS\LCD Demo.exe

2008-07-04 11:34:52 ----A---- C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe

2008-07-04 11:34:49 ----D---- C:\WINDOWS\Asus_LCD_ScreenSaver dir

2008-07-04 11:34:49 ----A---- C:\WINDOWS\impborl.dll

2008-07-04 11:34:49 ----A---- C:\WINDOWS\flashax.exe

2008-07-04 11:31:47 ----A---- C:\WINDOWS\Ascd_tmp.ini

2008-06-25 23:58:17 ----D---- C:\WINDOWS\pss

2008-06-23 21:07:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-06-13 18:09:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-06-13 18:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-06-13 18:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$

2008-06-13 18:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$

 

List of drivers

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\s [2008-08-30 801349632]

R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []

R1 InCDPass;InCDPass; C:\WINDOWS\S [2008-08-30 801349632]

R1 incdrm;InCD Reader; C:\WINDOWS\s [2008-08-30 801349632]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\s [2008-08-30 801349632]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\s [2008-08-30 801349632]

R1 KLIF;KLIF; C:\WINDOWS\s [2008-08-30 801349632]

R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []

R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []

R1 PQNTDrv;PQNTDrv; C:\WINDOWS\s [2008-08-30 801349632]

R1 ssmdrv;ssmdrv; C:\WINDOWS\s [2008-08-30 801349632]

R1 StarOpen;StarOpen; C:\WINDOWS\s [2008-08-30 801349632]

R1 vsdatant;vsdatant; C:\WINDOWS\S [2008-08-30 801349632]

R2 Aspi32;Aspi32; C:\WINDOWS\s [2008-08-30 801349632]

R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\s [2008-08-30 801349632]

R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\s [2008-08-30 801349632]

R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\S [2008-08-30 801349632]

R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\s [2008-08-30 801349632]

R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\s [2008-08-30 801349632]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\s [2008-08-30 801349632]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\s [2008-08-30 801349632]

R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\s [2008-08-30 801349632]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\s [2008-08-30 801349632]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\s [2008-08-30 801349632]

R3 nv;nv; C:\WINDOWS\s [2008-08-30 801349632]

R3 PSI;PSI; C:\WINDOWS\s [2008-08-30 801349632]

R3 ReallusionVirtualAudio;Reallusion Virtual Audio; C:\WINDOWS\s [2008-08-30 801349632]

R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\s [2008-08-30 801349632]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\s [2008-08-30 801349632]

R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\s [2008-08-30 801349632]

R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\s [2008-08-30 801349632]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\S [2008-08-30 801349632]

R4 InCDfs;InCD File System; C:\WINDOWS\s [2008-08-30 801349632]

S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []

S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []

S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []

S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\s [2008-08-30 801349632]

S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\s [2008-08-30 801349632]

S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\s [2008-08-30 801349632]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\s [2008-08-30 801349632]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 gmer;gmer; C:\WINDOWS\S [2008-08-30 801349632]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\s [2008-08-30 801349632]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\s [2008-08-30 801349632]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\s [2008-08-30 801349632]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\s [2008-08-30 801349632]

S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\s [2008-08-30 801349632]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\s [2008-08-30 801349632]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\s [2008-08-30 801349632]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\s [2008-08-30 801349632]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\s [2008-08-30 801349632]

S3 SlNtHal;SlNtHal; C:\WINDOWS\s [2008-08-30 801349632]

S3 streamip;BDA IPSink; C:\WINDOWS\s [2008-08-30 801349632]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\s [2008-08-30 801349632]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\s [2008-08-30 801349632]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\s [2008-08-30 801349632]

S3 V90drv;v90drv; C:\WINDOWS\s [2008-08-30 801349632]

S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\s [2008-08-30 801349632]

S3 WimFltr;WimFltr; C:\WINDOWS\s [2008-08-30 801349632]

S3 WISTechVIDCAP;Dazzle DVC170; C:\WINDOWS\s [2008-08-30 801349632]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\s [2008-08-30 801349632]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\s [2008-08-30 801349632]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\s [2008-08-30 801349632]

S4 IntelIde;IntelIde; C:\WINDOWS\s [2008-08-30 801349632]

 

List of services

 

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]

R2 GhostStartService;GhostStartService; C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [2002-08-14 200704]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-12 137200]

R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\s [2008-08-30 801349632]

S2 Brother XP spl Service;BrSplService; C:\WINDOWS\s [2008-08-30 801349632]

S2 Norton Ghost;Norton Ghost; F:\Program Files\ghost12\Agent\VProSvc.exe [2007-03-28 3290728]

S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\S [2008-08-30 801349632]

S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\s [2008-08-30 801349632]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 576680]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\s [2008-08-30 801349632]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\S [2008-08-30 801349632]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\s [2008-08-30 801349632]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

 

-----------------EOF-----------------

info.txt logfile of random's system information tool 2008-08-30 18:32:38

 

Uninstall list

 

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Alice Auto-diagnostic-->C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe

Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Asus_LCD_ScreenSaver-->"C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe"

Avery DesignPro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\setup.exe" -uninst

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

BIAS SoundSoap PE 2.1-->MsiExec.exe /I{42442CA9-90E6-4011-BB55-7C263F6D5EC1}

Brother BRAdmin Light 1.09-->C:\Program Files\InstallShield Installation Information\{DB75941E-30C4-4D97-B000-D17C764B998C}\Setup.exe -runfromtemp -l0x040c -removeonly -removeonly

Brother Driver Deployment Wizard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}\setup.exe" -l0x40c -uninst -removeonly

Brother MFL-Pro Suite-->"C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x040c Brunin03.dll -removeonly

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

CrazyTalk Cam Suite-->C:\Program Files\InstallShield Installation Information\{D1504C77-1B19-4AF0-8DEC-946666123B55}\setup.exe -runfromtemp -l0x040c -removeonly /remove

CrazyTalk v4.6 Messenger-->C:\Program Files\InstallShield Installation Information\{40B3D357-96DE-4889-A8F4-C533A39E3608}\setup.exe -runfromtemp -l0x040c -removeonly /remove

DivX 5.0.2 Bundle-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log

DivX Video Duplicator-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CCFADC3-60C4-4DD2-A843-171FAFB9467A}\setup.exe" -l0x40c ControlPanel

Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE

EVEREST Home Edition v2.20-->"F:\ENTRETIEN\EVEREST Home Edition\EVEREST Home Edition\unins000.exe"

FaceFilter Studio Brother Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}\Setup.exe" -l0x40c /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

HijackThis 2.0.2-->"C:\Documents and Settings\alain\Bureau\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}

Huge Pine USB to UART Driver -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F06FCDEC-5AB3-4927-A3E7-36AF98A8E05C}\setup.exe" -l0x40c -removeonly

InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL

IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"

J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel

L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE

LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U

Ma-Config.com-->MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}

Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}

Microsoft Baseline Security Analyzer 2.1-->MsiExec.exe /I{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}

Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Mozilla Firefox (3.0.1)-->F:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Nero 6-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL

Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL

NeroVision Express Content-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL

Norton Ghost-->MsiExec.exe /I{6975E810-C92F-45F0-0BFD-187B312F10E8}

Norton Ghost-->MsiExec.exe /I{B0255743-165B-4BD5-8DA8-37DFB9930012}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf

OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}

Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}

Photo et imagerie HP 1.0 - HP PSC - HP OfficeJet-->C:\Program Files\Hewlett-Packard\Digital Imaging\AiODriver\Drivers\Uninst\fra\hposcr01.exe -forcereboot -datfile hposcr01.dat

Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\Setup.exe" -l0x40c UNINSTALL

Pinnacle Systems USB-2 Device Drivers-->MsiExec.exe /X{9870C7AE-7C6A-478D-9A75-35827382220F}

PowerQuest BootMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B838AD63-FD0C-482C-B124-7116748BAC45}

PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}

proDAD Heroglyph 2.5-->"C:\Program Files\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph

proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene

QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}

ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407}

Secunia PSI (RC3)-->"C:\Program Files\Secunia\PSI (RC3)\uninstall.exe"

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

SiSAGP driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x40c

Smart Link 56K Voice Modem-->C:\WINDOWS\Modio\SLAMRNTV\slclean.exe

Studio 11 Bonus DVD-->C:\Program Files\InstallShield Installation Information\{45A1BF92-700A-4408-B95E-79F462E3D67D}\setup.exe -runfromtemp -l0x040c UNINSTALL -removeonly

Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x040c UNINSTALL -removeonly

Studio Ultimate-->C:\Program Files\InstallShield Installation Information\{CC874CBB-BD87-4126-9465-AE73BB62D6E0}\setup.exe -runfromtemp -l0x040c -removeonly

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}

VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}

VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe

VobSub v2.16 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"

WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}

WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}

Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

Zelio-Soft-->C:\WINDOWS\ISUN040C.EXE -F"Q:\PROGRAM FILES\ZELIO\UNINST.ISU"

 

Hosts File

 

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

 

Security center information

 

AV: Avira AntiVir PersonalEdition

FW: ZoneAlarm Firewall

 

Environment variables

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=1

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;"C:\Program Files\Symantec\Norton Ghost 2003\";C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel

"PROCESSOR_LEVEL"=15

"PROCESSOR_REVISION"=0207

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"tvdumpflags"=8

"windir"=%SystemRoot%

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

 

-----------------EOF-----------------

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Ok, on a les fichiers (complets).

 

Rends toi sur ce lien : Virus Total

  • Clique sur le bouton Parcourir...
  • Parcours tes dossiers jusque à ce fichier, si tu le trouves :

  • C:\windows\flashax.exe

  • Clique sur Envoyer le fichier, et si VirusTotal dit que le fichier a déjà été analysé, clique sur le bouton Reanalyse le fichier maintenant.
  • Laisse le site travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. Dans ce cas, il te faudra patienter sans réactualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté (en haut à gauche)
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image : txtvt.jpg
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    NB : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.

Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, auquel cas il faudra leur faire ignorer les alertes.

 

Tu auras sans doute besoin d'afficher les fichiers cachés et ceux du système :

http://www.libellules.ch/afficher_fichiers.php

alma Mega Power Member

alma

Posté(e)
  • Auteur
Posté(e)

he voici

 

Fichier flashax.exe reçu le 2008.08.30 18:44:37 (CET)

Antivirus Version Dernière mise à jour Résultat

AhnLab-V3 2008.8.29.0 2008.08.29 -

AntiVir 7.8.1.23 2008.08.30 -

Authentium 5.1.0.4 2008.08.30 -

Avast 4.8.1195.0 2008.08.30 -

AVG 8.0.0.161 2008.08.29 -

BitDefender 7.2 2008.08.30 -

CAT-QuickHeal 9.50 2008.08.29 -

ClamAV 0.93.1 2008.08.30 -

DrWeb 4.44.0.09170 2008.08.30 -

eSafe 7.0.17.0 2008.08.28 -

eTrust-Vet 31.6.6057 2008.08.29 -

Ewido 4.0 2008.08.30 -

F-Prot 4.4.4.56 2008.08.29 -

F-Secure 7.60.13501.0 2008.08.30 -

Fortinet 3.14.0.0 2008.08.30 -

GData 19 2008.08.30 -

Ikarus T3.1.1.34.0 2008.08.30 -

K7AntiVirus 7.10.433 2008.08.30 -

Kaspersky 7.0.0.125 2008.08.30 -

McAfee 5373 2008.08.29 -

Microsoft 1.3807 2008.08.25 -

NOD32v2 3401 2008.08.30 -

Norman 5.80.02 2008.08.29 -

Panda 9.0.0.4 2008.08.30 -

PCTools 4.4.2.0 2008.08.30 -

Prevx1 V2 2008.08.30 -

Rising 20.59.51.00 2008.08.30 -

Sophos 4.33.0 2008.08.30 -

Sunbelt 3.1.1592.1 2008.08.30 -

Symantec 10 2008.08.30 -

TheHacker 6.3.0.6.068 2008.08.30 -

TrendMicro 8.700.0.1004 2008.08.29 -

VBA32 3.12.8.4 2008.08.30 -

ViRobot 2008.8.30.1357 2008.08.30 -

VirusBuster 4.5.11.0 2008.08.30 -

Webwasher-Gateway 6.6.2 2008.08.30 -

Information additionnelle

File size: 606848 bytes

MD5...: a16126510106990df3e4445191adead8

SHA1..: 444b40b55c52b57472a6011ea7bdc5e2566e0242

SHA256: d3eb813e23cbbdc7c2b289e849064b1505f1d906b9c1d244d73a6f0702579598

SHA512: 7c5de3d51c9c3845237daf832cbff39b0d588826c1315ee944b528402c156a4e<br>945eb9f936fe0c9dcf455506a6c7b65bfe5aef39f02e91dbb4bbc3ffe9163df8

PEiD..: -

TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (58.5%)<br>InstallShield setup (18.7%)<br>Win32 Executable MS Visual C++ (generic) (16.3%)<br>Win32 Executable Generic (3.7%)<br>Win16/32 Executable Delphi generic (0.9%)

PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10065c0<br>timedatestamp.....: 0x32d64001 (Fri Jan 10 13:11:29 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf78c 0xf800 6.50 76d3a10694feea19b07d36ef95096717<br>.data 0x11000 0x941c 0x3400 1.90 14ad842169a441882dfc3613c64c88d0<br>.rsrc 0x1b000 0x7e000 0x7dc00 7.95 29661ae0cb7392a9d3a623bd184011b6<br>.reloc 0x99000 0x1848 0x1a00 5.58 531fb64130d5b5539ef767bd8109c292<br><br>( 6 imports ) <br>> ADVAPI32.dll: RegDeleteValueA, EqualSid, AllocateAndInitializeSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, FreeSid, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegOpenKeyA, RegQueryInfoKeyA<br>> KERNEL32.dll: lstrcatA, GetFileAttributesA, lstrlenA, lstrcmpiA, GetPrivateProfileStringA, GetCurrentProcess, GetPrivateProfileIntA, lstrcpyA, GetModuleFileNameA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek, _lopen, GetWindowsDirectoryA, CreateDirectoryA, GetSystemDirectoryA, GlobalUnlock, GlobalFree, GlobalLock, GlobalAlloc, LoadResource, CreateMutexA, GetLastError, SetEvent, CreateEventA, SetCurrentDirectoryA, TerminateThread, ResetEvent, CreateThread, GetVersionExA, FormatMessageA, FreeLibrary, GetProcAddress, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, LoadLibraryA, FreeResource, LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile, LocalAlloc, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, FindResourceA, GetDriveTypeA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, LocalFree, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetFileType, GetStdHandle, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, HeapFree, HeapAlloc, VirtualAlloc, GetLocaleInfoA, GetLocaleInfoW, FlushFileBuffers, SetStdHandle, CloseHandle, lstrcpynA, SetFilePointer, RtlUnwind<br>> GDI32.dll: GetDeviceCaps<br>> USER32.dll: PeekMessageA, LoadStringA, GetDesktopWindow, wsprintfA, ExitWindowsEx, CharPrevA, CharNextA, SetWindowLongA, GetWindowLongA, CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA, SendDlgItemMessageA, GetDlgItemTextA, EnableWindow, SendMessageA, SetDlgItemTextA, DispatchMessageA, MsgWaitForMultipleObjects, MessageBoxA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow, DialogBoxIndirectParamA, MessageBeep, EndDialog<br>> COMCTL32.dll: -<br>> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA<br><br>( 0 exports ) <br>

packers (F-Prot): CAB

 

Antivirus Version Dernière mise à jour Résultat

AhnLab-V3 2008.8.29.0 2008.08.29 -

AntiVir 7.8.1.23 2008.08.30 -

Authentium 5.1.0.4 2008.08.30 -

Avast 4.8.1195.0 2008.08.30 -

AVG 8.0.0.161 2008.08.29 -

BitDefender 7.2 2008.08.30 -

CAT-QuickHeal 9.50 2008.08.29 -

ClamAV 0.93.1 2008.08.30 -

DrWeb 4.44.0.09170 2008.08.30 -

eSafe 7.0.17.0 2008.08.28 -

eTrust-Vet 31.6.6057 2008.08.29 -

Ewido 4.0 2008.08.30 -

F-Prot 4.4.4.56 2008.08.29 -

F-Secure 7.60.13501.0 2008.08.30 -

Fortinet 3.14.0.0 2008.08.30 -

GData 19 2008.08.30 -

Ikarus T3.1.1.34.0 2008.08.30 -

K7AntiVirus 7.10.433 2008.08.30 -

Kaspersky 7.0.0.125 2008.08.30 -

McAfee 5373 2008.08.29 -

Microsoft 1.3807 2008.08.25 -

NOD32v2 3401 2008.08.30 -

Norman 5.80.02 2008.08.29 -

Panda 9.0.0.4 2008.08.30 -

PCTools 4.4.2.0 2008.08.30 -

Prevx1 V2 2008.08.30 -

Rising 20.59.51.00 2008.08.30 -

Sophos 4.33.0 2008.08.30 -

Sunbelt 3.1.1592.1 2008.08.30 -

Symantec 10 2008.08.30 -

TheHacker 6.3.0.6.068 2008.08.30 -

TrendMicro 8.700.0.1004 2008.08.29 -

VBA32 3.12.8.4 2008.08.30 -

ViRobot 2008.8.30.1357 2008.08.30 -

VirusBuster 4.5.11.0 2008.08.30 -

Webwasher-Gateway 6.6.2 2008.08.30 -

 

Information additionnelle

File size: 606848 bytes

MD5...: a16126510106990df3e4445191adead8

SHA1..: 444b40b55c52b57472a6011ea7bdc5e2566e0242

SHA256: d3eb813e23cbbdc7c2b289e849064b1505f1d906b9c1d244d73a6f0702579598

SHA512: 7c5de3d51c9c3845237daf832cbff39b0d588826c1315ee944b528402c156a4e<br>945eb9f936fe0c9dcf455506a6c7b65bfe5aef39f02e91dbb4bbc3ffe9163df8

PEiD..: -

TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (58.5%)<br>InstallShield setup (18.7%)<br>Win32 Executable MS Visual C++ (generic) (16.3%)<br>Win32 Executable Generic (3.7%)<br>Win16/32 Executable Delphi generic (0.9%)

PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10065c0<br>timedatestamp.....: 0x32d64001 (Fri Jan 10 13:11:29 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf78c 0xf800 6.50 76d3a10694feea19b07d36ef95096717<br>.data 0x11000 0x941c 0x3400 1.90 14ad842169a441882dfc3613c64c88d0<br>.rsrc 0x1b000 0x7e000 0x7dc00 7.95 29661ae0cb7392a9d3a623bd184011b6<br>.reloc 0x99000 0x1848 0x1a00 5.58 531fb64130d5b5539ef767bd8109c292<br><br>( 6 imports ) <br>> ADVAPI32.dll: RegDeleteValueA, EqualSid, AllocateAndInitializeSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, FreeSid, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegOpenKeyA, RegQueryInfoKeyA<br>> KERNEL32.dll: lstrcatA, GetFileAttributesA, lstrlenA, lstrcmpiA, GetPrivateProfileStringA, GetCurrentProcess, GetPrivateProfileIntA, lstrcpyA, GetModuleFileNameA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek, _lopen, GetWindowsDirectoryA, CreateDirectoryA, GetSystemDirectoryA, GlobalUnlock, GlobalFree, GlobalLock, GlobalAlloc, LoadResource, CreateMutexA, GetLastError, SetEvent, CreateEventA, SetCurrentDirectoryA, TerminateThread, ResetEvent, CreateThread, GetVersionExA, FormatMessageA, FreeLibrary, GetProcAddress, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, LoadLibraryA, FreeResource, LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile, LocalAlloc, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, FindResourceA, GetDriveTypeA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, LocalFree, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetFileType, GetStdHandle, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, HeapFree, HeapAlloc, VirtualAlloc, GetLocaleInfoA, GetLocaleInfoW, FlushFileBuffers, SetStdHandle, CloseHandle, lstrcpynA, SetFilePointer, RtlUnwind<br>> GDI32.dll: GetDeviceCaps<br>> USER32.dll: PeekMessageA, LoadStringA, GetDesktopWindow, wsprintfA, ExitWindowsEx, CharPrevA, CharNextA, SetWindowLongA, GetWindowLongA, CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA, SendDlgItemMessageA, GetDlgItemTextA, EnableWindow, SendMessageA, SetDlgItemTextA, DispatchMessageA, MsgWaitForMultipleObjects, MessageBoxA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow, DialogBoxIndirectParamA, MessageBeep, EndDialog<br>> COMCTL32.dll: -<br>> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA<br><br>( 0 exports ) <br>

packers (F-Prot): CAB

alma Mega Power Member

alma

Posté(e)
  • Auteur
Posté(e)

la connection tourne bien pas de pb

mais pourquoi ds le dernier rapport il y des trucs comme:

Norman 5.80.02 2008.08.29 -

Panda 9.0.0.4 2008.08.30 -

cela fait 3ans que je les ai virés

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Les derniers rapports sont clean.

 

Désinstalle SDFix par ajout/suppression de programmes. Si tu ne le trouves pas, efface ensuite le dossier C:\SDFix à la main.

 

Efface GMer et RSIT à la main.

 

Tu peux garder MBAM, c'est un outil tout public, contrairement à certains utilisés pour nettoyer la machine.

Le module résident (qui tourne à l'arrière plan) est payant, mais le programme fonctionne en mode gratuit, ce module ne s'active simplement pas. Du coup dans sa version gratuite il cohabite avec tout, en tant que scanneur à la demande.

 

Supprime les restes de Norton avec cet outil officiel, qui fera le travail.

 

Méfie toi tu p2p (µtorrent là, par exemple), nid à fichier infectés, et des sites de cracks, antivirus xp 2008, on l'attrape facilement là par une bannière piégée.

 

Voici un peu de lecture, une compilation de conseils pour éviter une réinfection et sécuriser la machine.

 

 

 

Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...