Ça sens le malware, mais pourtant.... [fini]

[Falkra]

Ce rapport est anormalement court. Inquiétant si c'est sorti comme ça.

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  

[arriabelle]

Log.txt

 

Logfile of random's system information tool 1.02 (written by random/random)

Run by Usager at 2008-10-06 02:55:12

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 23 GB (79%) free of 29 GB

Total RAM: 639 MB (47% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 02:59:19, on 2008-10-06

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Documents and Settings\Usager\Bureau\RSIT.exe

C:\Program Files\trend micro\Usager.exe

 

O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

 

--

End of file - 1490 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\Schedule Task Weekly.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\WINDOWS\system32\

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"NoSecCPL"=0

"NoDispCPL"=0

"NoDispScrSavPage"=0

"NoDispAppearancePage"=0

"NoDispSettingsPage"=0

"NoDevMgrPage"=0

"NoConfigPage"=0

"NoVirtMemPage"=0

"NoFileSysPage"=0

"NoNetSetup"=0

"NoNetSetupIDPage"=0

"NoNetSetupSecurityPage"=0

"NoWorkgroupContents"=0

"NoEntireNetwork"=0

"NoFileSharingControl"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

"NoDesktop"=0

"NoFolderOptions"=0

"RestrictRun"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=

"NoDrives"=

"NoDriveAutoRun"=

"NoFolderOptions"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"G:\eMule\emule.exe"="G:\eMule\emule.exe:*:Enabled:eMule"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

 

======List of files/folders created in the last 1 months======

 

2008-10-05 22:54:37 ----D---- C:\Documents and Settings\Usager\Application Data\Help

2008-10-05 02:30:32 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2008-10-05 02:30:17 ----D---- C:\Program Files\Google

2008-10-05 02:29:12 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2008-10-04 12:49:47 ----D---- C:\WINDOWS\system32\NtmsData

2008-10-04 02:23:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-10-03 17:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-09-30 17:50:09 ----A---- C:\iaa23_multi.exe

2008-09-30 12:53:36 ----HD---- C:\WINDOWS\PIF

2008-09-30 02:54:01 ----D---- C:\Program Files\Registry Easy

2008-09-29 23:32:30 ----SHD---- C:\RECYCLER

2008-09-29 21:29:04 ----A---- C:\ComboFix.txt

2008-09-29 20:55:29 ----D---- C:\WINDOWS\erdnt

2008-09-29 20:53:28 ----D---- C:\QooBox

2008-09-29 20:52:41 ----A---- C:\WINDOWS\Nircmd.exe

2008-09-29 20:52:40 ----A---- C:\WINDOWS\zip.exe

2008-09-29 20:52:40 ----A---- C:\WINDOWS\swreg.exe

2008-09-29 20:52:40 ----A---- C:\WINDOWS\grep.exe

2008-09-29 20:52:39 ----A---- C:\WINDOWS\VFind.exe

2008-09-29 20:52:39 ----A---- C:\WINDOWS\swxcacls.exe

2008-09-29 20:52:39 ----A---- C:\WINDOWS\SWSC.exe

2008-09-29 20:52:39 ----A---- C:\WINDOWS\sed.exe

2008-09-29 20:52:39 ----A---- C:\WINDOWS\fdsv.exe

2008-09-29 20:45:48 ----N---- C:\WINDOWS\SDUnInst.exe

2008-09-29 20:45:42 ----D---- C:\Program Files\Software by Design

2008-09-29 17:40:36 ----D---- C:\Program Files\trend micro

2008-09-29 11:36:32 ----A---- C:\WINDOWS\system32\o4Patch.exe

2008-09-29 11:36:31 ----A---- C:\WINDOWS\system32\IEDFix.C.exe

2008-09-29 11:36:30 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe

2008-09-29 11:36:29 ----A---- C:\WINDOWS\system32\404Fix.exe

2008-09-29 11:36:28 ----A---- C:\WINDOWS\system32\VACFix.exe

2008-09-29 11:36:27 ----A---- C:\WINDOWS\system32\IEDFix.exe

2008-09-29 11:36:26 ----A---- C:\WINDOWS\system32\WS2Fix.exe

2008-09-29 11:36:25 ----A---- C:\WINDOWS\system32\VCCLSID.exe

2008-09-29 11:36:23 ----A---- C:\WINDOWS\system32\dumphive.exe

2008-09-29 11:36:22 ----A---- C:\WINDOWS\system32\SrchSTS.exe

2008-09-29 11:36:20 ----A---- C:\WINDOWS\system32\Process.exe

2008-09-28 18:59:45 ----D---- C:\WINDOWS\Sun

2008-09-28 18:54:33 ----D---- C:\rsit

2008-09-28 13:58:40 ----D---- C:\getservice

2008-09-28 13:42:48 ----A---- C:\WINDOWS\gmer.ini

2008-09-28 13:42:44 ----A---- C:\WINDOWS\gmer_uninstall.cmd

2008-09-28 13:42:44 ----A---- C:\WINDOWS\gmer.dll

2008-09-28 13:42:43 ----A---- C:\WINDOWS\gmer.exe

2008-09-28 13:28:20 ----A---- C:\fixnavi.txt

2008-09-28 12:40:00 ----A---- C:\WINDOWS\system32\tmp.txt

2008-09-28 10:59:59 ----D---- C:\WINDOWS\CSC

2008-09-28 10:49:09 ----A---- C:\rapport.txt

2008-09-28 07:47:59 ----D---- C:\9297595297c71119df7abe

2008-09-28 07:40:08 ----D---- C:\WINDOWS\Prefetch

2008-09-28 05:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$

2008-09-28 05:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-09-28 05:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-09-28 05:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-09-28 04:56:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-09-28 04:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-09-28 04:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-09-28 04:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-09-28 04:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-09-28 04:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-09-28 04:43:39 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-09-28 03:32:39 ----D---- C:\WINDOWS\system32\fr-fr

2008-09-28 03:32:10 ----D---- C:\WINDOWS\l2schemas

2008-09-28 03:32:02 ----D---- C:\WINDOWS\system32\fr

2008-09-28 03:31:57 ----D---- C:\WINDOWS\system32\bits

2008-09-28 03:16:19 ----D---- C:\Program Files\Navilog1

2008-09-28 03:00:42 ----D---- C:\WINDOWS\ServicePackFiles

2008-09-28 01:52:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2008-09-27 12:08:48 ----D---- C:\Program Files\CCleaner

2008-09-27 02:41:21 ----D---- C:\Documents and Settings\Usager\Application Data\Malwarebytes

2008-09-27 02:40:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-09-26 23:53:42 ----A---- C:\WINDOWS\NeroDigital.ini

2008-09-26 09:44:46 ----D---- C:\Program Files\Mozilla Firefox

2008-09-25 23:04:22 ----D---- C:\Program Files\Trillian

2008-09-25 22:26:06 ----D---- C:\Documents and Settings\Usager\Application Data\Media Player Classic

2008-09-25 18:16:38 ----A---- C:\WINDOWS\system32\unrar.dll

2008-09-25 18:15:52 ----A---- C:\WINDOWS\system32\msvcp71.dll

2008-09-25 18:15:51 ----A---- C:\WINDOWS\system32\unicows.dll

2008-09-25 18:15:51 ----A---- C:\WINDOWS\system32\cpuinf32.dll

2008-09-25 18:15:18 ----A---- C:\WINDOWS\system32\oeminfo.ini

2008-09-25 18:10:03 ----A---- C:\WINDOWS\system32\TwnLib20.dll

2008-09-25 18:10:00 ----N---- C:\WINDOWS\system32\ImagXRA7.dll

2008-09-25 18:10:00 ----N---- C:\WINDOWS\system32\ImagXR7.dll

2008-09-25 18:10:00 ----N---- C:\WINDOWS\system32\ImagXpr7.dll

2008-09-25 18:09:59 ----N---- C:\WINDOWS\system32\ImagX7.dll

2008-09-25 18:09:58 ----A---- C:\WINDOWS\system32\NeroCheck.exe

2008-09-25 18:09:51 ----D---- C:\Program Files\Fichiers communs\Ahead

2008-09-25 18:09:50 ----D---- C:\Program Files\Ahead

2008-09-25 18:05:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2008-09-25 17:24:58 ----D---- C:\Program Files\MSXML 4.0

2008-09-25 16:48:41 ----D---- C:\Program Files\Microsoft

2008-09-25 16:44:12 ----D---- C:\Program Files\Fichiers communs\Windows Live

2008-09-25 16:38:53 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier

2008-09-25 16:38:00 ----A---- C:\WINDOWS\zllsputility_loc040c.dll

2008-09-25 16:38:00 ----A---- C:\WINDOWS\system32\imslsp_install_loc040c.dll

2008-09-25 16:38:00 ----A---- C:\WINDOWS\system32\imsinstall_loc040c.dll

2008-09-25 16:37:58 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll

2008-09-25 16:37:44 ----A---- C:\WINDOWS\zllsputility.exe

2008-09-25 16:37:43 ----A---- C:\WINDOWS\system32\SpOrder.dll

2008-09-25 16:35:42 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll

2008-09-25 16:35:41 ----A---- C:\WINDOWS\system32\vsregexp.dll

2008-09-25 16:35:35 ----A---- C:\WINDOWS\system32\zlcommdb.dll

2008-09-25 16:35:35 ----A---- C:\WINDOWS\system32\zlcomm.dll

2008-09-25 16:35:23 ----A---- C:\WINDOWS\system32\vswmi.dll

2008-09-25 16:35:20 ----A---- C:\WINDOWS\system32\zpeng24.dll

2008-09-25 16:35:20 ----A---- C:\WINDOWS\system32\vsxml.dll

2008-09-25 16:35:17 ----D---- C:\WINDOWS\system32\ZoneLabs

2008-09-25 16:35:17 ----D---- C:\Program Files\Zone Labs

2008-09-25 16:35:17 ----A---- C:\WINDOWS\system32\vspubapi.dll

2008-09-25 16:35:16 ----A---- C:\WINDOWS\system32\vsmonapi.dll

2008-09-25 16:33:52 ----A---- C:\WINDOWS\system32\vsinit.dll

2008-09-25 16:33:52 ----A---- C:\WINDOWS\system32\vsdata.dll

2008-09-25 16:33:51 ----D---- C:\WINDOWS\Internet Logs

2008-09-25 16:33:51 ----A---- C:\WINDOWS\system32\vsutil.dll

2008-09-25 16:31:46 ----D---- C:\Program Files\Windows Live

2008-09-25 12:06:27 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-09-25 12:06:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-09-25 02:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$

2008-09-25 01:59:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$

2008-09-25 01:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$

2008-09-25 01:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-09-25 01:57:36 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$

2008-09-25 00:44:26 ----A---- C:\WINDOWS\system32\WMAFile.dll

2008-09-25 00:44:26 ----A---- C:\WINDOWS\system32\AudioInfos.dll

2008-09-25 00:44:25 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL

2008-09-25 00:44:25 ----A---- C:\WINDOWS\system32\SSubTmr6.dll

2008-09-25 00:44:25 ----A---- C:\WINDOWS\system32\inetfr.DLL

2008-09-25 00:44:25 ----A---- C:\WINDOWS\system32\AudFile.dll

2008-09-25 00:44:24 ----A---- C:\WINDOWS\system32\VB6FR.DLL

2008-09-25 00:44:23 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL

2008-09-25 00:44:23 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL

2008-09-25 00:44:22 ----A---- C:\WINDOWS\system32\msxml4r.dll

2008-09-25 00:44:21 ----A---- C:\WINDOWS\system32\msxml4a.dll

2008-09-24 17:59:26 ----D---- C:\Documents and Settings\Usager\Application Data\MSNInstaller

2008-09-24 17:55:49 ----D---- C:\WINDOWS\system32\appmgmt

2008-09-24 17:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$

2008-09-24 17:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$

2008-09-24 17:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$

2008-09-24 17:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$

2008-09-24 17:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$

2008-09-24 17:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$

2008-09-24 17:48:57 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$

2008-09-24 17:47:45 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$

2008-09-24 17:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$

2008-09-24 17:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$

2008-09-24 17:45:47 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$

2008-09-24 17:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$

2008-09-24 17:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$

2008-09-24 17:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$

2008-09-24 17:25:31 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$

2008-09-24 17:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$

2008-09-24 17:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$

2008-09-24 17:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$

2008-09-24 17:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$

2008-09-24 17:23:20 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$

2008-09-24 17:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$

2008-09-24 17:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$

2008-09-24 17:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$

2008-09-24 17:21:06 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$

2008-09-24 14:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$

2008-09-24 14:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$

2008-09-24 14:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$

2008-09-24 14:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$

2008-09-24 14:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$

2008-09-24 14:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$

2008-09-24 14:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$

2008-09-24 14:26:26 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$

2008-09-24 14:25:38 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$

2008-09-24 14:20:42 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$

2008-09-24 14:19:42 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$

2008-09-24 14:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$

2008-09-24 14:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$

2008-09-24 14:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$

2008-09-24 14:16:49 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$

2008-09-24 14:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$

2008-09-24 14:15:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$

2008-09-24 14:15:06 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$

2008-09-24 14:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$

2008-09-24 14:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$

2008-09-24 14:13:15 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$

2008-09-24 14:12:50 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$

2008-09-24 14:12:21 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$

2008-09-24 14:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$

2008-09-24 14:11:12 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$

2008-09-24 14:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$

2008-09-24 14:09:41 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$

2008-09-24 14:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$

2008-09-24 14:08:30 ----N---- C:\WINDOWS\system32\difxapi.dll

2008-09-24 14:08:29 ----D---- C:\Program Files\VIA

2008-09-24 14:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$

2008-09-24 14:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$

2008-09-24 14:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$

2008-09-24 14:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$

2008-09-24 14:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$

2008-09-24 14:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$

2008-09-24 14:05:20 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$

2008-09-24 14:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$

2008-09-24 14:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$

2008-09-24 14:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$

2008-09-24 14:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$

2008-09-24 14:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$

2008-09-24 14:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$

2008-09-24 14:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$

2008-09-24 14:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$

2008-09-24 14:01:13 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$

2008-09-24 14:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$

2008-09-24 14:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$

2008-09-24 14:00:00 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$

2008-09-24 13:59:37 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$

2008-09-24 13:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$

2008-09-24 13:58:30 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$

2008-09-24 11:36:06 ----D---- C:\Documents and Settings\Usager\Application Data\Apple Computer

2008-09-24 11:35:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll

2008-09-24 11:30:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-09-24 11:28:35 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-09-23 22:10:31 ----A---- C:\WINDOWS\system32\muweb.dll

2008-09-23 22:10:31 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-09-23 22:10:31 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-09-23 19:56:20 ----SHD---- C:\WINDOWS\ftpcache

2008-09-23 15:16:45 ----D---- C:\Documents and Settings\Usager\Application Data\LimeWire

2008-09-23 14:19:38 ----A---- C:\WINDOWS\winamp.ini

2008-09-23 14:09:37 ----D---- C:\Documents and Settings\Usager\Application Data\Desktop Maestro

2008-09-23 11:47:35 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-09-23 11:01:55 ----HD---- C:\WINDOWS\system32\GroupPolicy

2008-09-23 10:30:16 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools

2008-09-23 10:07:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2008-09-23 10:07:19 ----D---- C:\Program Files\Registry Mechanic

2008-09-23 09:03:25 ----D---- C:\WINDOWS\Minidump

2008-09-23 08:52:03 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-09-23 08:50:40 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-09-22 22:25:21 ----D---- C:\Documents and Settings\Usager\Application Data\Opera

2008-09-22 22:24:28 ----D---- C:\Program Files\Opera

2008-09-21 23:43:06 ----N---- C:\WINDOWS\system32\ati2sgag.exe

2008-09-21 23:42:20 ----D---- C:\Program Files\ATI Technologies

2008-09-21 23:42:05 ----HD---- C:\Program Files\InstallShield Installation Information

2008-09-21 23:40:32 ----D---- C:\Program Files\Fichiers communs\InstallShield

2008-09-21 23:39:36 ----D---- C:\ATI

2008-09-21 23:37:53 ----A---- C:\WINDOWS\CTRegRun.exe

2008-09-21 23:36:58 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-09-21 23:36:38 ----A---- C:\WINDOWS\SBWIN.INI

2008-09-21 23:36:29 ----A---- C:\WINDOWS\system32\Ahqcpres.dll

2008-09-21 23:35:56 ----D---- C:\Program Files\Creative

2008-09-21 23:35:55 ----A---- C:\WINDOWS\IsUninst.exe

2008-09-21 23:29:30 ----D---- C:\Program Files\ma-config.com

2008-09-21 23:29:30 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com

2008-09-21 21:05:21 ----D---- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio

2008-09-21 21:00:39 ----D---- C:\Program Files\ReflexiveArcade

2008-09-21 20:57:25 ----D---- C:\Documents and Settings\Usager\Application Data\Gaijin Ent

2008-09-21 20:57:23 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia

2008-09-21 20:54:56 ----D---- C:\Program Files\BFG

2008-09-21 20:50:09 ----D---- C:\Documents and Settings\Usager\Application Data\WinRAR

2008-09-21 04:03:05 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

2008-09-20 13:22:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

2008-09-20 13:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$

2008-09-20 13:22:09 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$

2008-09-20 13:21:51 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$

2008-09-20 13:19:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-09-20 13:18:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-09-20 13:17:37 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$

2008-09-20 13:17:27 ----N---- C:\WINDOWS\system32\xmllite.dll

2008-09-20 13:14:34 ----A---- C:\WINDOWS\system32\MRT.exe

2008-09-20 13:14:22 ----D---- C:\WINDOWS\network diagnostic

2008-09-20 13:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$

2008-09-20 13:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$

2008-09-20 13:08:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$

2008-09-20 13:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$

2008-09-20 13:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$

2008-09-20 13:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-09-20 13:07:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$

2008-09-20 13:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$

2008-09-20 13:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$

2008-09-20 13:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$

2008-09-20 13:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$

2008-09-20 13:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$

2008-09-20 01:48:08 ----D---- C:\WINDOWS\system32\PreInstall

2008-09-20 01:48:06 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-09-20 01:48:05 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-09-20 01:47:16 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-09-20 01:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2008-09-20 01:47:12 ----HD---- C:\WINDOWS\$hf_mig$

2008-09-19 23:31:22 ----D---- C:\Documents and Settings\Usager\Application Data\Macromedia

2008-09-19 23:31:21 ----D---- C:\Documents and Settings\Usager\Application Data\Adobe

2008-09-19 23:28:13 ----D---- C:\Program Files\PhotoFiltre Studio

2008-09-19 23:27:06 ----D---- C:\Program Files\WinRAR

2008-09-19 23:13:46 ----A---- C:\WINDOWS\iun6002.exe

2008-09-19 16:28:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-09-19 11:30:51 ----D---- C:\Documents and Settings\Usager\Application Data\Mozilla

2008-09-19 11:28:49 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-09-19 11:28:49 ----D---- C:\Program Files\Adobe

2008-09-19 11:17:11 ----D---- C:\Program Files\Avira

2008-09-19 11:17:11 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2008-09-19 10:49:47 ----A---- C:\WINDOWS\system32\sfman32.dll

2008-09-19 10:49:46 ----A---- C:\WINDOWS\system32\sblfx.dll

2008-09-19 10:49:46 ----A---- C:\WINDOWS\system32\devldr32.exe

2008-09-19 10:49:46 ----A---- C:\WINDOWS\system32\devcon32.dll

2008-09-19 10:49:46 ----A---- C:\WINDOWS\system32\ctwdm32.dll

2008-09-19 07:38:37 ----A---- C:\WINDOWS\system32\atiraged.dll

 

======List of files/folders modified in the last 1 months======

 

2008-10-06 02:37:26 ----D---- C:\Program Files\Fichiers communs\Services

2008-10-06 01:55:27 ----D---- C:\WINDOWS\Temp

2008-10-05 23:09:23 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-05 22:54:58 ----A---- C:\WINDOWS\win.ini

2008-10-05 22:51:29 ----D---- C:\WINDOWS\system32\drivers

2008-10-05 18:47:41 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-05 16:13:28 ----HD---- C:\WINDOWS\inf

2008-10-05 03:01:53 ----SHD---- C:\WINDOWS\Installer

2008-10-05 02:59:02 ----RD---- C:\Program Files

2008-10-05 02:59:02 ----D---- C:\Program Files\Fichiers communs

2008-10-04 14:37:47 ----D---- C:\WINDOWS

2008-10-04 13:23:18 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-04 13:23:16 ----D---- C:\WINDOWS\system32

2008-10-04 00:49:03 ----A---- C:\WINDOWS\system.ini

2008-10-03 18:44:34 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-03 18:26:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-09-30 02:54:19 ----SD---- C:\WINDOWS\Tasks

2008-09-30 01:31:41 ----D---- C:\WINDOWS\Debug

2008-09-29 21:10:32 ----D---- C:\WINDOWS\AppPatch

2008-09-29 20:53:47 ----SHD---- C:\System Volume Information

2008-09-29 20:53:47 ----D---- C:\WINDOWS\system32\Restore

2008-09-28 13:24:46 ----RD---- C:\WINDOWS\Web

2008-09-28 07:38:48 ----D---- C:\WINDOWS\system32\Setup

2008-09-28 07:38:46 ----D---- C:\WINDOWS\system32\wbem

2008-09-28 07:38:44 ----RSD---- C:\WINDOWS\Fonts

2008-09-28 04:47:12 ----D---- C:\Program Files\Messenger

2008-09-28 04:47:01 ----D---- C:\WINDOWS\security

2008-09-28 03:48:09 ----D---- C:\WINDOWS\WinSxS

2008-09-28 03:40:37 ----D---- C:\Program Files\Windows Media Player

2008-09-28 03:40:06 ----D---- C:\WINDOWS\Help

2008-09-28 03:36:12 ----D---- C:\WINDOWS\ehome

2008-09-28 03:35:49 ----D---- C:\WINDOWS\system32\inetsrv

2008-09-28 03:35:41 ----D---- C:\WINDOWS\ime

2008-09-28 03:32:39 ----D---- C:\WINDOWS\system32\usmt

2008-09-28 03:32:20 ----D---- C:\Program Files\Internet Explorer

2008-09-28 03:31:57 ----D---- C:\WINDOWS\PeerNet

2008-09-28 03:31:53 ----D---- C:\Program Files\Movie Maker

2008-09-28 02:58:25 ----D---- C:\WINDOWS\system32\npp

2008-09-28 02:58:12 ----D---- C:\WINDOWS\msagent

2008-09-28 02:58:03 ----D---- C:\WINDOWS\srchasst

2008-09-28 02:57:55 ----D---- C:\Program Files\NetMeeting

2008-09-28 02:57:48 ----D---- C:\WINDOWS\system32\Com

2008-09-28 02:57:35 ----D---- C:\Program Files\Windows NT

2008-09-28 02:57:35 ----D---- C:\Program Files\Outlook Express

2008-09-28 02:57:12 ----D---- C:\Program Files\Fichiers communs\System

2008-09-28 02:53:58 ----D---- C:\WINDOWS\system32\oobe

2008-09-28 02:52:36 ----D---- C:\WINDOWS\system

2008-09-26 03:54:41 ----SD---- C:\Documents and Settings\Usager\Application Data\Microsoft

2008-09-26 03:54:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-09-26 03:54:41 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2008-09-25 23:32:41 ----D---- C:\WINDOWS\SoftwareDistribution

2008-09-25 16:46:09 ----D---- C:\WINDOWS\pchealth

2008-09-25 12:59:19 ----D---- C:\Program Files\MSN

2008-09-23 11:00:18 ----D---- C:\WINDOWS\system32\config

2008-09-23 10:34:29 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-09-23 09:56:56 ----RASH---- C:\boot.ini

2008-09-21 23:36:30 ----D---- C:\WINDOWS\Media

2008-09-19 11:30:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]

R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]

R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]

R3 DLH5X;Pilote NT de carte à base D-Link DL10050; C:\WINDOWS\system32\DRIVERS\DLH5XND5.sys [2001-08-17 26698]

R3 emu10k;Creative SB Live! series(WDM); C:\WINDOWS\system32\drivers\emu10k1f.sys [2001-08-14 775296]

R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlface.sys [2001-07-11 6912]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfman.sys [2001-08-31 36992]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 46848]

S3 atirage;atirage; C:\WINDOWS\system32\DRIVERS\atiragem.sys [2001-08-23 70784]

S3 azt2320;Pilote audio Aztech 2320 (WDM); C:\WINDOWS\system32\drivers\aztw2320.sys [2001-08-17 36992]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-09-28 85969]

S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 VIAudio;Contrôleur audio VIA AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2004-08-03 84480]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]

R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]

S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]

 

-----------------EOF-----------------

 

 

 

Info.txt

 

info.txt logfile of random's system information tool 1.02 2008-09-29 17:44:06

 

======Uninstall list======

 

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

AudioHQ-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\AudioHQ.isu"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}

Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

eMule-->"G:\eMule\Uninstall.exe"

Hidden Expedition Titanic-->G:\jeux\hidden expedition titanic\Uninstal.exe

Hide And Secret-->"G:\jeux\Hide And Secret\ReflexiveArcade\unins000.exe"

HijackThis 2.0.2-->"F:\setups\Sécurité\HijackThis.exe" /uninstall

Insaniquarium Deluxe 1.0-->C:\WINDOWS\iun6002.exe "G:\jeux\irunin.ini"

Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}

Mah Jong Quest-->"G:\jeux\Mah Jong Quest\unins000.exe"

Mahjong Towers II-->C:\WINDOWS\iun6002.exe "G:\jeux\Mahjong Towers II\irunin.ini"

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

Mystery Case Files - Ravenhearst (remove only)-->G:\jeux\Mystery Case Files - Ravenhearst\Uninstall.exe

Navilog1 3.6.5-->"C:\Program Files\Navilog1\unins000.exe"

Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

Opera 9.52-->MsiExec.exe /X{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}

PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall

VIA Le gestionnaire du dispositif de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

 

======Hosts File======

 

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition

FW: ZoneAlarm Firewall

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 5, GenuineIntel

"PROCESSOR_REVISION"=0605

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"tvdumpflags"=8

 

-----------------EOF-----------------

[Falkra]

Il n'y a plus rien dans ce rapport, as-tu supprimé toi-même les lignes O4 de HijackThis pour alléger le démarrage ?

[arriabelle]

Non, en plus le démarrage est assez long. En plus mon ordinateur est presque toujours à 100% de perfomance du pcu....

Modifié le 12 octobre 2008 par arriabelle

[arriabelle]

Je ne peux plus me connecter à internet en utilisant Opera maintenant et on dirais que même si il dis être à jour que mon antivirus (Antivir) ne détectes aucun virus... j'ai fait scanner un fichier sur virustotal et j'ai eu 26/35 comme détection, Antivir détectais le fichier comme un downloader mais quand j'ai fait scanner le dit fichier par antivir sur mon pc il n'as rien vu....

[Falkra]

Quel est le fichier mentionné ? (peux-tu donner son chemin et nom ?)