Se connecter / S'enregistrer
Votre question

Avast! Message suspect

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Octobre 2009 20:26:51

Bonjour à tous.

J'en est vraiment marre de ce problème, toutes les 10 secondes, une fenêtre venant d'Avast m'alerte en me disant qu'il y a trop de mails identiques envoyés dans un faible intervalle de temps, cette fenêtre s'affiche en permanence.

C'est sûrement un virus, j'ai même essayé d'arrêter le processus des gestionnaire des tâches mais ils disent que c'est impossible...

J'aimerai résoudre ce problème en comptant sur vous, merci d'avance.

Autres pages sur : avast message suspect

a b 8 Sécurité
31 Octobre 2009 14:06:48

Bonjour,

Certainement une infection. Faut penser par remplacer Avast! par AntiVir.

Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue  à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt  (qui sera affiché)
    ainsi que de info.txt  (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit  
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
    31 Octobre 2009 16:09:54

    Je te remercie, voilà ce que j'ai trouvé concernant log.txt :

    1. Logfile of random's system information tool 1.06 (written by random/random)
    2. Run by Administrateur at 2009-10-31 16:02:12
    3. Microsoft Windows XP Professionnel Service Pack 3
    4. System drive C: has 3 GB (8%) free of 38 GB
    5. Total RAM: 1023 MB (43% free)
    6.  
    7. Logfile of Trend Micro HijackThis v2.0.2
    8. Scan saved at 16:02:18, on 31/10/2009
    9. Platform: Windows XP SP3 (WinNT 5.01.2600)
    10. MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    11. Boot mode: Normal
    12.  
    13. Running processes:
    14. C:\WINDOWS\System32\smss.exe
    15. C:\WINDOWS\system32\winlogon.exe
    16. C:\WINDOWS\system32\services.exe
    17. C:\WINDOWS\system32\lsass.exe
    18. C:\WINDOWS\system32\svchost.exe
    19. C:\WINDOWS\System32\svchost.exe
    20. C:\WINDOWS\system32\svchost.exe
    21. C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    22. C:\Program Files\Alwil Software\Avast4\ashServ.exe
    23. C:\WINDOWS\system32\spoolsv.exe
    24. C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    25. C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    26. C:\WINDOWS\system32\svchost.exe
    27. C:\Program Files\Bonjour\mDNSResponder.exe
    28. C:\WINDOWS\system32\svchost.exe
    29. C:\WINDOWS\System32\svchost.exe
    30. C:\WINDOWS\System32\svchost.exe
    31. C:\WINDOWS\system32\PnkBstrA.exe
    32. C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    33. C:\WINDOWS\system32\svchost.exe
    34. C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    35. C:\WINDOWS\system32\svchost.exe
    36. C:\WINDOWS\explorer.exe
    37. C:\Program Files\Opera\opera.exe
    38. C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
    39. C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
    40.  
    41. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" rel="nofollow" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
    42. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://fmz.qiwa.com" rel="nofollow" target="_blank">http://fmz.qiwa.com</a>
    43. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" rel="nofollow" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
    44. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" rel="nofollow" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
    45. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.yoower.com/" rel="nofollow" target="_blank">http://www.yoower.com/</a>
    46. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    47. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    48. R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    49. F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Fichiers communs\svchost.exe,
    50. O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    51. O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (file missing)
    52. O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    53. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    54. O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    55. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    56. O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    57. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\qttask.exe" -atboottime
    58. O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    59. O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    60. O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    61. O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    62. O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    63. O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    64. O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    65. O4 - HKLM\..\Run: [VMSnap5] C:\WINDOWS\VMSnap5.EXE
    66. O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
    67. O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
    68. O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    69. O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    70. O4 - HKLM\..\Run: [Win32Update] C:\WINDOWS\system32\accwizm.exe
    71. O4 - HKLM\..\RunServices: [Win32Update] C:\WINDOWS\system32\accwizm.exe
    72. O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    73. O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    74. O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    75. O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    76. O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    77. O4 - HKUS\S-1-5-19\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE LOCAL')
    78. O4 - HKUS\S-1-5-19\..\RunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SERVICE LOCAL')
    79. O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE RÉSEAU')
    80. O4 - HKUS\S-1-5-18\..\Run: [autochk] rundll32.exe C:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16 (User 'SYSTEM')
    81. O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM')
    82. O4 - HKUS\S-1-5-18\..\RunServices: [Win32Update] C:\WINDOWS\system32\accwizm.exe (User 'SYSTEM')
    83. O4 - HKUS\.DEFAULT\..\Run: [autochk] rundll32.exe C:\DOCUME~1\LOCALS~1\protect.dll,_IWMPEvents@16 (User 'Default user')
    84. O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user')
    85. O4 - HKUS\.DEFAULT\..\RunServices: [Win32Update] C:\WINDOWS\system32\accwizm.exe (User 'Default user')
    86. O4 - Startup: Free Music Zilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
    87. O4 - Startup: H3 The Shadow of Death(TM).lnk = C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\RegisterSOD\Remind32.exe
    88. O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    89. O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    90. O4 - Global Startup: Phone Remote Control.lnk = C:\Documents and Settings\Administrateur\Mes documents\Bluetooth\PhoneRemoteControl.exe
    91. O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    92. O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    93. O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    94. O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    95. O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    96. O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - <a href="http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab" rel="nofollow" target="_blank">http://messenger.zone.msn.com/binary/msgrchkr.cab56986....</a>
    97. O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - <a href="http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab" rel="nofollow" target="_blank">http://messenger.zone.msn.com/MessengerGamesContent/Gam...</a>
    98. O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - <a href="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab" rel="nofollow" target="_blank">http://messenger.zone.msn.com/binary/MessengerStatsPACl...</a>
    99. O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    100. O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    101. O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    102. O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    103. O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    104. O23 - Service: avast! Antivirus avast!PlugPlay (avast!PlugPlay) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    105. O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    106. O23 - Service: Services de cryptographie CryptSvcsrservice (CryptSvcsrservice) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    107. O23 - Service: Service de rapport d'erreurs ERSvcusnjsvc (ERSvcusnjsvc) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    108. O23 - Service: Service HP CUE DeviceDiscovery hpqddsvcHTTPFilter (hpqddsvcHTTPFilter) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    109. O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    110. O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    111. O23 - Service: Net Driver HPZ12 Netwscsvc (Netwscsvc) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    112. O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    113. O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    114. O23 - Service: Plug-and-Play PlugPlayNetman (PlugPlayNetman) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    115. O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    116. O23 - Service: Accès à distance au Registre RemoteRegistryLmHosts (RemoteRegistryLmHosts) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    117. O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
    118. O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    119. O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    120. O23 - Service: StarWind AE Service StarWindServiceAEnapagent (StarWindServiceAEnapagent) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    121. O23 - Service: Telnet TlntSvrRemoteRegistry (TlntSvrRemoteRegistry) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    122. O23 - Service: Portable Media Serial Number Service WmdmPmSNBITS (WmdmPmSNBITS) - Unknown owner - C:\WINDOWS\system32\advpackw.exe (file missing)
    123. O23 - Service: Service Partage réseau du Lecteur Windows Media WMPNetworkSvcAlerter (WMPNetworkSvcAlerter) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    124. O23 - Service: Configuration automatique sans fil WZCSVC Driver HPZ12 (WZCSVC Driver HPZ12) - Unknown owner - C:\WINDOWS\system32\accwizm.exe
    125. O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    126.  
    127. --
    128. End of file - 10958 bytes
    129.  
    130. ======Scheduled tasks folder======
    131.  
    132. C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    133.  
    134. ======Registry dump======
    135.  
    136. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    137. &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll []
    138.  
    139. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    140. SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll []
    141.  
    142. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    143. {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll []
    144.  
    145. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    146. "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
    147. "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
    148. "EoEngine"= []
    149. "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
    150. "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
    151. "QuickTime Task"=C:\Program Files\QT Lite\qttask.exe [2009-01-05 413696]
    152. "ISUSPM Startup"=c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe -startup []
    153. "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
    154. "Device Detector"=DevDetect.exe -autorun []
    155. "nwiz"=nwiz.exe /install []
    156. "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    157. "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-07-07 167936]
    158. "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
    159. "VMSnap5"=C:\WINDOWS\VMSnap5.EXE [2007-01-08 49152]
    160. "Domino"=C:\WINDOWS\Domino.EXE [2007-01-08 49152]
    161. "BigDog305"=C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) []
    162. "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
    163. "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    164. "Win32Update"=C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    165.  
    166. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    167. "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-01-21 5724184]
    168. "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-07-26 323392]
    169. "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
    170. "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
    171. "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]
    172.  
    173. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
    174. C:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]
    175.  
    176. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
    177. C:\Program Files\ICQ6.5\ICQ.exe silent []
    178.  
    179. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]
    180. C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2008-07-28 575488]
    181.  
    182. C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    183. HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    184. Phone Remote Control.lnk - C:\Documents and Settings\Administrateur\Mes documents\Bluetooth\PhoneRemoteControl.exe
    185.  
    186. C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    187. Free Music Zilla.lnk - C:\Program Files\Free Music Zilla\FMZilla.exe
    188. H3 The Shadow of Death(TM).lnk - C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\RegisterSOD\Remind32.exe
    189. hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
    190.  
    191. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    192. C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064]
    193.  
    194. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    195. WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    196.  
    197. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    198. "dontdisplaylastusername"=1
    199. "legalnoticecaption"=
    200. "legalnoticetext"=
    201. "shutdownwithoutlogon"=1
    202. "undockwithoutlogon"=1
    203. "EnableLUA"=0
    204.  
    205. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    206. "NoDriveTypeAutoRun"=255
    207. "NoDesktopCleanupWizard"=1
    208. "NoInstrumentation"=1
    209. "NoResolveSearch"=1
    210. "NoResolveTrack"=1
    211. "NoSMBalloonTip"=1
    212. "NoSMConfigurePrograms"=1
    213. "NoStartMenuMFUprogramsList"=1
    214. "NoStrCmpLogical"=0
    215. "NoWelcomeScreen"=1
    216. "NoDrives"=0
    217.  
    218. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    219. "HonorAutoRunSetting"=
    220. "HideRunAsVerb"=
    221. "NoActiveDesktop"=
    222. "NoDriveTypeAutoRun"=
    223. "NoInstrumentation"=
    224. "NoResolveTrack"=
    225. "NoSetActiveDesktop"=
    226. "NoStartMenuMFUprogramsList"=
    227.  
    228. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    229. "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    230. "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    231. "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    232. "C:\Document de Samir\Azureus\Azureus\Azureus.exe"="C:\Document de Samir\Azureus\Azureus\Azureus.exe:*:Enabled:Azureus"
    233. "C:\Document de Samir\UltraVNC\winvnc.exe"="C:\Document de Samir\UltraVNC\winvnc.exe:*:Enabled:Serveur VNC pour Win32"
    234. "C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
    235. "C:\Program Files\eChanblard\emule.exe"="C:\Program Files\eChanblard\emule.exe:*:Enabled:eChanblard"
    236. "C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
    237. "C:\Program Files\Ascaron Entertainment\Sacred\Sacred.exe"="C:\Program Files\Ascaron Entertainment\Sacred\Sacred.exe:*:Enabled:Sacred"
    238. "C:\Documents and Settings\Administrateur\Mes documents\StapMania 4.0\StepMania CVS\Program\StepMania.exe"="C:\Documents and Settings\Administrateur\Mes documents\StapMania 4.0\StepMania CVS\Program\StepMania.exe:*:Enabled:StepMania"
    239. "C:\Documents and Settings\Administrateur\Mes documents\Téléchargement emule\Diablo II\[PC game] Diablo II + Lord of Destruction + editor (items and skills editor) FULL\Diablo II Lord of destruction\D2Loader-1.12.exe"="C:\Documents and Settings\Administrateur\Mes documents\Téléchargement emule\Diablo II\[PC game] Diablo II + Lord of Destruction + editor (items and skills editor) FULL\Diablo II Lord of destruction\D2Loader-1.12.exe:*:Enabled:Diablo II"
    240. "C:\Documents and Settings\Administrateur\Mes documents\jeux gba\VBA Link\VisualBoyAdvance.exe"="C:\Documents and Settings\Administrateur\Mes documents\jeux gba\VBA Link\VisualBoyAdvance.exe:*:Enabled:VisualBoyAdvance emulator"
    241. "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    242. "D:\setup\HPZnui01.exe"="D:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
    243. "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    244. "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    245. "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    246. "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    247. "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    248. "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
    249. "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
    250. "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
    251. "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
    252. "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
    253. "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
    254. "C:\Program Files\FRoG Creator V0.4\Serveur\Server.exe"="C:\Program Files\FRoG Creator V0.4\Serveur\Server.exe:*:Enabled:Server"
    255. "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    256. "C:\Documents and Settings\Administrateur\Mes documents\LimeWire\LimeWire.exe"="C:\Documents and Settings\Administrateur\Mes documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    257. "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
    258. "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    259. "C:\Program Files\Metin2_France\metin2.bin"="C:\Program Files\Metin2_France\metin2.bin:*:Enabled:metin2"
    260. "C:\Program Files\The Game Creators\FPS Creator\FPSC-Game.exe"="C:\Program Files\The Game Creators\FPS Creator\FPSC-Game.exe:*:Enabled:FPSC Game"
    261. "C:\Documents and Settings\Administrateur\Mes documents\Hamachi+Zsnes\zsnesw.exe"="C:\Documents and Settings\Administrateur\Mes documents\Hamachi+Zsnes\zsnesw.exe:*:Enabled:zsnesw"
    262. "C:\Documents and Settings\Administrateur\Mes documents\Jeux DS\Homebrew\Server.exe"="C:\Documents and Settings\Administrateur\Mes documents\Jeux DS\Homebrew\Server.exe:*:Enabled:Server"
    263. "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Call"
    264. "C:\Program Files\Pvm\Piano virtuel midi.exe"="C:\Program Files\Pvm\Piano virtuel midi.exe:*:Enabled:Piano virtuel midi"
    265. ""="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:rundll32"
    266. "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    267. "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    268. "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
    269. "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Solid State Networks Browser Plugin"
    270. "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    271. "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
    272. "C:\Documents and Settings\Administrateur\Mes documents\SNES\snes9x.exe"="C:\Documents and Settings\Administrateur\Mes documents\SNES\snes9x.exe:*:Enabled:Snes9XW"
    273. "C:\Documents and Settings\Administrateur\Mes documents\SNES\Snes9k\Snes9K.exe"="C:\Documents and Settings\Administrateur\Mes documents\SNES\Snes9k\Snes9K.exe:*:Enabled:Snes9K"
    274. "C:\Documents and Settings\Administrateur\Mes documents\Kaillera\kaillerasrv.exe"="C:\Documents and Settings\Administrateur\Mes documents\Kaillera\kaillerasrv.exe:*:Enabled:kaillerasrv"
    275. "C:\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    276. "C:\World of Warcraft\Launcher.exe"="C:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    277. "C:\World of Warcraft\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\World of Warcraft\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    278. "C:\World of Warcraft\World of Warcraft\Launcher.exe"="C:\World of Warcraft\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    279. "C:\Documents and Settings\Administrateur\Mes documents\Bluetooth\BlueSoleil\BlueSoleil.exe"="C:\Documents and Settings\Administrateur\Mes documents\Bluetooth\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
    280. "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
    281. "C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\Heroes3.exe"="C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\Heroes3.exe:*:Enabled:Heroes of Might and Magic® III"
    282. "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
    283.  
    284. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    285. "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    286. "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    287. "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    288. "D:\setup\HPZnui01.exe"="D:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
    289. "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    290. "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    291. "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    292. "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    293. "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    294. "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
    295. "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
    296. "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
    297. "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
    298. "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
    299. "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
    300.  
    301. [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e9996cd-f62e-11dd-94d6-000423313c54}]
    302. shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
    303.  
    304.  
    305. ======List of files/folders created in the last 1 months======
    306.  
    307. 2009-10-31 16:02:12 ----D---- C:\rsit
    308. 2009-10-27 02:02:16 ----D---- C:\Program Files\GameSpy Arcade
    309. 2009-10-27 01:17:08 ----D---- C:\Program Files\MP3
    310. 2009-10-27 01:15:28 ----D---- C:\Program Files\Warlords of the Wasteland
    311. 2009-10-27 01:15:28 ----D---- C:\Program Files\Fichiers communs\3DO Shared
    312. 2009-10-27 01:15:28 ----D---- C:\Program Files\Data
    313. 2009-10-26 23:47:50 ----D---- C:\Program Files\Mplayer
    314. 2009-10-26 23:47:35 ----D---- C:\WINDOWS\wb
    315. 2009-10-26 23:43:11 ----D---- C:\Program Files\3DO
    316. 2009-10-26 23:42:44 ----A---- C:\WINDOWS\IsUninst.exe
    317. 2009-10-25 23:53:45 ----D---- C:\Program Files\Divine Divinity
    318. 2009-10-25 23:53:34 ----A---- C:\WINDOWS\WININIT.INI
    319. 2009-10-24 19:11:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\FMZilla
    320. 2009-10-24 19:10:55 ----D---- C:\Program Files\Free Music Zilla
    321. 2009-10-24 01:11:42 ----AT---- C:\WINDOWS\system32\SIntfNT.dll
    322. 2009-10-24 01:11:42 ----AT---- C:\WINDOWS\system32\SIntf32.dll
    323. 2009-10-24 01:11:42 ----AT---- C:\WINDOWS\system32\SIntf16.dll
    324. 2009-10-24 01:03:01 ----D---- C:\Program Files\Diablo II
    325. 2009-10-14 21:39:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    326. 2009-10-14 21:38:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    327. 2009-10-14 21:38:52 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    328. 2009-10-14 21:31:17 ----D---- C:\Program Files\Trend Micro
    329. 2009-10-09 16:38:12 ----A---- C:\WINDOWS\system32\geyekrehwmqbrp.dll
    330. 2009-10-04 10:59:52 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
    331. 2009-10-04 10:59:36 ----D---- C:\Program Files\PC Drivers HeadQuarters
    332. 2009-10-04 10:56:38 ----D---- C:\Documents and Settings\Administrateur\Application Data\Nokia
    333. 2009-10-04 10:56:36 ----D---- C:\Documents and Settings\Administrateur\Application Data\PC Suite
    334. 2009-10-04 10:56:35 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    335. 2009-10-04 10:53:22 ----D---- C:\Program Files\Fichiers communs\PCSuite
    336. 2009-10-04 10:53:18 ----D---- C:\Program Files\Fichiers communs\Nokia
    337. 2009-10-04 10:53:00 ----D---- C:\Program Files\DIFX
    338. 2009-10-04 10:52:35 ----D---- C:\Program Files\PC Connectivity Solution
    339. 2009-10-04 10:51:52 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    340. 2009-10-04 10:51:51 ----D---- C:\Program Files\Nokia
    341. 2009-10-04 10:50:27 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    342.  
    343. ======List of files/folders modified in the last 1 months======
    344.  
    345. 2009-10-31 12:35:29 ----D---- C:\WINDOWS\Temp
    346. 2009-10-31 12:03:53 ----D---- C:\WINDOWS\system32\CatRoot2
    347. 2009-10-31 09:55:49 ----D---- C:\WINDOWS\system32
    348. 2009-10-31 00:27:24 ----D---- C:\WINDOWS\Minidump
    349. 2009-10-31 00:27:24 ----D---- C:\WINDOWS
    350. 2009-10-30 20:52:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\DNA
    351. 2009-10-30 18:38:15 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hamachi
    352. 2009-10-30 16:42:20 ----D---- C:\Program Files\DNA
    353. 2009-10-29 15:13:36 ----D---- C:\WINDOWS\system32\drivers
    354. 2009-10-29 15:03:55 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    355. 2009-10-29 04:03:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
    356. 2009-10-27 15:50:27 ----D---- C:\Program Files\Mozilla Firefox
    357. 2009-10-27 02:49:04 ----D---- C:\WINDOWS\system
    358. 2009-10-27 02:02:16 ----RD---- C:\Program Files
    359. 2009-10-27 01:15:28 ----D---- C:\Program Files\Fichiers communs
    360. 2009-10-25 09:18:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    361. 2009-10-25 03:11:15 ----A---- C:\WINDOWS\win.ini
    362. 2009-10-24 01:04:41 ----HD---- C:\WINDOWS\inf
    363. 2009-10-23 21:21:53 ----SHD---- C:\WINDOWS\Installer
    364. 2009-10-23 21:21:52 ----HD---- C:\Config.Msi
    365. 2009-10-23 21:14:04 ----D---- C:\Program Files\Project64 1.6
    366. 2009-10-20 16:08:59 ----D---- C:\Program Files\Fichiers communs\InstallShield
    367. 2009-10-19 11:48:57 ----D---- C:\Program Files\Pvm
    368. 2009-10-18 08:34:53 ----D---- C:\Program Files\Unlocker
    369. 2009-10-15 12:40:55 ----RSD---- C:\WINDOWS\Fonts
    370. 2009-10-04 11:00:39 ----RSD---- C:\WINDOWS\assembly
    371. 2009-10-04 10:54:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
    372.  
    373. ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    374.  
    375. R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
    376. R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    377. R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
    378. R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    379. R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 56108]
    380. R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    381. R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
    382. R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-08 281760]
    383. R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-08 25888]
    384. R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
    385. R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
    386. R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2006-08-15 100224]
    387. R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
    388. R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
    389. R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-05-31 25544]
    390. R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
    391. R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-04-16 49920]
    392. R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-04-16 16496]
    393. R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-04-16 21568]
    394. R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-28 116736]
    395. R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288]
    396. R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
    397. R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-08-15 578304]
    398. R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128]
    399. R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-24 30336]
    400. R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
    401. R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-09-27 25856]
    402. R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-09-27 15104]
    403. R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-09-27 26368]
    404. R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
    405. R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
    406. R3 ZSMC0305;Vimicro USB PC Camera (VC0305); C:\WINDOWS\System32\Drivers\usbVM305.sys [2007-01-08 391737]
    407. S1 Dup;Dup; \??\C:\WINDOWS\System32\DRIVERS\dup.sys []
    408. S3 a2rww5zu;a2rww5zu; C:\WINDOWS\system32\drivers\a2rww5zu.sys []
    409. S3 a7l9ydxa;a7l9ydxa; C:\WINDOWS\system32\drivers\a7l9ydxa.sys []
    410. S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2006-06-23 31488]
    411. S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
    412. S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
    413. S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-30 11988]
    414. S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-09-27 17024]
    415. S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    416. S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-09-27 5504]
    417. S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-09-27 85248]
    418. S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-09-27 10880]
    419. S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
    420. S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-05-14 32896]
    421. S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    422. S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
    423. S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-09-27 11136]
    424. S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-09-27 15232]
    425. S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
    426. S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
    427. S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-09-13 38528]
    428. S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-09-27 19200]
    429. S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944]
    430. S3 XDva279;XDva279; \??\C:\WINDOWS\system32\XDva279.sys []
    431. S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    432.  
    433. ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    434.  
    435. R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    436. R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    437. R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    438. R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    439. R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    440. R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    441. R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    442. R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    443. R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-03-06 66872]
    444. R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    445. R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    446. R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
    447. R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    448. S2 avast!PlugPlay;avast! Antivirus avast!PlugPlay; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    449. S2 CryptSvcsrservice;Services de cryptographie CryptSvcsrservice; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    450. S2 Dot3svcose;Configuration automatique de réseau câblé Dot3svcose; C:\WINDOWS\system32\advpack.dll [2008-08-28 124928]
    451. S2 ERSvcusnjsvc;Service de rapport d'erreurs ERSvcusnjsvc; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    452. S2 hpqddsvcHTTPFilter;Service HP CUE DeviceDiscovery hpqddsvcHTTPFilter; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    453. S2 Netwscsvc;Net Driver HPZ12 Netwscsvc; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    454. S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
    455. S2 PlugPlayNetman;Plug-and-Play PlugPlayNetman; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    456. S2 RemoteRegistryLmHosts;Accès à distance au Registre RemoteRegistryLmHosts; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    457. S2 StarWindServiceAEnapagent;StarWind AE Service StarWindServiceAEnapagent; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    458. S2 TlntSvrRemoteRegistry;Telnet TlntSvrRemoteRegistry; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    459. S2 WmdmPmSNBITS;Portable Media Serial Number Service WmdmPmSNBITS; C:\WINDOWS\system32\advpackw.exe srv []
    460. S2 WmdmPmSNThemes;Portable Media Serial Number Service WmdmPmSNThemes; C:\WINDOWS\system32\1041r.exe [2008-04-14 63488]
    461. S2 WMPNetworkSvcAlerter;Service Partage réseau du Lecteur Windows Media WMPNetworkSvcAlerter; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    462. S2 WZCSVC Driver HPZ12;Configuration automatique sans fil WZCSVC Driver HPZ12; C:\WINDOWS\system32\accwizm.exe [2008-04-14 61952]
    463. S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    464. S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    465. S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    466. S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
    467. S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    468. S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
    469. S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe [2009-03-14 69632]
    470. S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-12 2837916]
    471. S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
    472. S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
    473. S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
    474. S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    475. S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    476. S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
    477. S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    478. S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016]
    479.  
    480. -----------------EOF-----------------


    Puis concernant info.txt :

    1. info.txt logfile of random's system information tool 1.06 2009-10-31 16:02:22
    2.  
    3. ======Uninstall list======
    4.  
    5. -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    6. -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7. 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
    8. ACDSee for PENTAX 3.0-->MsiExec.exe /X{82515476-A57B-4C43-B642-5F396E20C648}
    9. Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
    10. Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
    11. Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
    12. Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
    13. Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    14. Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    15. Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    16. Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
    17. Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
    18. Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
    19. Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    20. Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    21. Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    22. Audacity 1.2.6-->"C:\Documents and Settings\Administrateur\Mes documents\audacity\Audacity\unins000.exe"
    23. avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    24. BlueSoleil-->MsiExec.exe /X{996D8BB8-9B47-46C7-92DC-DCCE64467AB8}
    25. Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    26. CamStudio-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EB371786-9449-4ED8-B47A-032467A58CAD} anything\anything
    27. CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    28. ClearType Tuning-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,ClearTypeCPL.Uninstall
    29. Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
    30. Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}
    31. CPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CPUZ.Uninstall
    32. CurrPorts-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CurrPorts.Uninstall
    33. DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    34. Dance eJay 7 Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D74C204-0451-463E-8B8E-F2E11504A675}\setup.exe" -l0x40c -removeonly
    35. Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
    36. Divine Divinity-->C:\PROGRA~1\DIVINE~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\DIVINE~1\UNINST~1\INSTALL.LOG
    37. Driver Detective-->MsiExec.exe /X{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}
    38. ePSXe-->"C:\Documents and Settings\Administrateur\Mes documents\ePSXe\ePSXe 1.6.0\desinstall\lancermoi.bat" "C:\Documents and Settings\Administrateur\Mes documents\ePSXe\ePSXe 1.6.0\desinstall\install.log" "C:\Documents and Settings\Administrateur\Mes documents\ePSXe\ePSXe 1.6.0"
    39. Favorit-->"c:\documents and settings\administrateur\local settings\application data\dzigvtq.exe" -uninstall
    40. Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
    41. Free Download Manager 2.5 build 758-->C:\Program Files\Free Download Manager\uninst.exe
    42. Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
    43. GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    44. GoRC-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GoRC.Uninstall
    45. GPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GPUZ.Uninstall
    46. Hamachi 1.0.2.2-->C:\Program Files\Hamachi\uninstall.exe
    47. HD Tune-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HDTune.Uninstall
    48. Heroes Chronicles: Warlords of the Wasteland-->C:\WINDOWS\IsUninst.exe -f"c:\program files\Warlords of the Wasteland\Heroes Chronicles Warlords of the Wasteland.isu" -c"C:\Program Files\Fichiers communs\3DO Shared\3DOUnInst.dll
    49. Heroes of Might and Magic V - Tribes of the East-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200092}\setup.exe" -l0x9
    50. Heroes of Might and Magic® III The Shadow of Death(TM)-->C:\WINDOWS\IsUninst.exe -f"C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\Uninst.isu" -c"C:\Documents and Settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\uninst.dll
    51. HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    52. HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
    53. HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    54. HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop
    55. HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
    56. HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
    57. HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
    58. HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
    59. HWMonitor-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HWMonitor.Uninstall
    60. HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
    61. Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    62. JkDefrag-->rundll32.exe advpack.dll,LaunchINFSection JKDEFRAG.INF,JkDefrag.Uninstall
    63. K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    64. Magic ISO Maker v5.3 (build 0214)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    65. MagicDisc 2.7.105-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
    66. Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    67. MemTest-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MemTest.Uninstall
    68. Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    69. Micrografx PhotoMagic 6-->C:\WINDOWS\mgxclean.exe Magic6.app
    70. Micrografx Windows Draw 6-->C:\WINDOWS\MGXCLEAN.EXE DRAW6.APP FONTS.APP
    71. Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
    72. Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    73. Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
    74. Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
    75. Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    76. Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    77. Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    78. Microsoft DirectX Control Panel 9.0c-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,DirectXCPL.Uninstall
    79. Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    80. Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    81. Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}
    82. Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    83. Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    84. Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    85. Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
    86. Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    87. Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    88. Mplayer.com-->"C:\Program Files\Mplayer\System\UNWISE32.EXE" /a C:\PROGRA~1\Mplayer\System\install.log
    89. MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    90. Nero Info Tool-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,InfoTool.Uninstall
    91. Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
    92. Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web.exe
    93. Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331}
    94. Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    95. NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    96. OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    97. Open Command Prompt Shell Extension-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CmdOpen.Uninstall
    98. Opera 10.00-->MsiExec.exe /X{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}
    99. Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
    100. Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
    101. Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    102. PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
    103. Phone Remote Control-->MsiExec.exe /I{F3B6CF89-B918-4DDE-A7F7-B4D4C3E6D033}
    104. PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    105. Pilote de clavier français enrichi-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\KBDFRAC2.INF, DefaultUninstall.ntx86
    106. PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
    107. PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    108. Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
    109. Pserv-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Pserv.Uninstall
    110. QT Lite 2.7.0-->"C:\Program Files\QT Lite\unins000.exe"
    111. Quicksys RegDefrag-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegDefrag.Uninstall
    112. QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    113. Real Alternative 1.8.4 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
    114. RegScanner-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegScanner.Uninstall
    115. RPG Maker VX 1.02-->"C:\Program Files\RPG Maker VX Vrai\unins000.exe"
    116. Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
    117. SoftwareUpdate 1.0-->"C:\Documents and Settings\Administrateur\Application Data\eoRezo\SoftwareUpdate\unins000.exe"
    118. Sysinternals Suite-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Sysinternals.Uninstall
    119. System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    120. Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
    121. Tweak UI-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,TweakUI.Uninstall
    122. Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    123. Utilitaires Gnu Unix-->rundll32.exe advpack.dll,LaunchINFSection KALUNIX.INF,Uninstall
    124. Vimicro USB PC Camera (VC0305)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe" -l0x40c
    125. VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    126. Windows Installer CleanUp-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MSI.Uninstall
    127. Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    128. Windows Live Safety Scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    129. WinHTTrack Website Copier 3.43-5-->"C:\Program Files\WinHTTrack\unins000.exe"
    130. WinPcap 3.1 beta3-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
    131. XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    132. Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
    133. Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
    134.  
    135. ======Security center information======
    136.  
    137. AV: avast! antivirus 4.8.1229 [VPS 091030-0] (disabled)
    138.  
    139. ======System event log======
    140.  
    141. Computer Name: SWEET-20DBC2A34
    142. Event Code: 7035
    143. Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
    144.  
    145. Record Number: 5
    146. Source Name: Service Control Manager
    147. Time Written: 20091017175940.000000+120
    148. Event Type: Informations
    149. User: AUTORITE NT\SYSTEM
    150.  
    151. Computer Name: SWEET-20DBC2A34
    152. Event Code: 7026
    153. Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
    154. eowxlx
    155.  
    156. Record Number: 4
    157. Source Name: Service Control Manager
    158. Time Written: 20091017175940.000000+120
    159. Event Type: erreur
    160. User:
    161.  
    162. Computer Name: SWEET-20DBC2A34
    163. Event Code: 7022
    164. Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
    165.  
    166. Record Number: 3
    167. Source Name: Service Control Manager
    168. Time Written: 20091017175940.000000+120
    169. Event Type: erreur
    170. User:
    171.  
    172. Computer Name: SWEET-20DBC2A34
    173. Event Code: 6005
    174. Message: Le service d'Enregistrement d'événement a démarré.
    175.  
    176. Record Number: 2
    177. Source Name: EventLog
    178. Time Written: 20091017175632.000000+120
    179. Event Type: Informations
    180. User:
    181.  
    182. Computer Name: SWEET-20DBC2A34
    183. Event Code: 6009
    184. Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
    185.  
    186. Record Number: 1
    187. Source Name: EventLog
    188. Time Written: 20091017175632.000000+120
    189. Event Type: Informations
    190. User:
    191.  
    192. =====Application event log=====
    193.  
    194. Computer Name: SWEET-20DBC2A34
    195. Event Code: 0
    196. Message:
    197. Record Number: 5
    198. Source Name: hpqcxs08
    199. Time Written: 20091017185634.000000+120
    200. Event Type: Informations
    201. User:
    202.  
    203. Computer Name: SWEET-20DBC2A34
    204. Event Code: 0
    205. Message:
    206. Record Number: 4
    207. Source Name: HPSLPSVC
    208. Time Written: 20091017185443.000000+120
    209. Event Type: Informations
    210. User:
    211.  
    212. Computer Name: SWEET-20DBC2A34
    213. Event Code: 0
    214. Message:
    215. Record Number: 3
    216. Source Name: YahooAUService
    217. Time Written: 20091017185442.000000+120
    218. Event Type: Informations
    219. User:
    220.  
    221. Computer Name: SWEET-20DBC2A34
    222. Event Code: 0
    223. Message:
    224. Record Number: 2
    225. Source Name: HPSLPSVC
    226. Time Written: 20091017185440.000000+120
    227. Event Type: Informations
    228. User:
    229.  
    230. Computer Name: SWEET-20DBC2A34
    231. Event Code: 1
    232. Message:
    233. Record Number: 1
    234. Source Name: Bonjour Service
    235. Time Written: 20091017185430.000000+120
    236. Event Type: Informations
    237. User:
    238.  
    239. ======Environment variables======
    240.  
    241. "ComSpec"=%SystemRoot%\system32\cmd.exe
    242. "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\GnuWin32;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QT Lite\QTSystem\
    243. "windir"=%SystemRoot%
    244. "FP_NO_HOST_CHECK"=NO
    245. "OS"=Windows_NT
    246. "PROCESSOR_ARCHITECTURE"=x86
    247. "PROCESSOR_LEVEL"=15
    248. "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel
    249. "PROCESSOR_REVISION"=0204
    250. "NUMBER_OF_PROCESSORS"=1
    251. "LANG"=EN
    252. "LANGUAGE"=EN
    253. "WGETRC"=C:\WINDOWS\system32\GnuWin32\etc\wgetrc
    254. "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    255. "TEMP"=%SystemRoot%\TEMP
    256. "TMP"=%SystemRoot%\TEMP
    257. "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    258. "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    259.  
    260. -----------------EOF-----------------



    Edit : J'ai mis en Code pour ne pas avoir de problème de Smiley, et on se repère mieux.
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    a b 8 Sécurité
    3 Novembre 2009 23:00:49

    Désolé pour le retard :/ 

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    4 Novembre 2009 18:34:50

    Merci pour la réponse.

    Voici son contenu :

    1. ComboFix 09-11-03.03 - Administrateur 04/11/2009 18:07.1.1 - NTFSx86
    2. Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.391 [GMT 1:00]
    3. Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
    4. AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
    5. AV: avast! antivirus 4.8.1229 [VPS 091103-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    6. * Un nouveau point de restauration a été créé
    7. .
    8.  
    9. (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    10. .
    11.  
    12. c:\documents and settings\Administrateur\Application Data\Desktopicon
    13. c:\documents and settings\Administrateur\Application Data\Desktopicon\eBayShortcuts.exe
    14. c:\program files\autorun.inf
    15. c:\program files\WinPCap
    16. c:\program files\WinPCap\daemon_mgm.exe
    17. c:\program files\WinPCap\INSTALL.LOG
    18. c:\program files\WinPCap\NetMonInstaller.exe
    19. c:\program files\WinPCap\npf_mgm.exe
    20. c:\program files\WinPCap\rpcapd.exe
    21. c:\program files\WinPCap\Uninstall.exe
    22. c:\windows\system32\2317921052.dat
    23. c:\windows\system32\accwizm.exe
    24. c:\windows\system32\advpack.dllo.exe
    25. c:\windows\system32\api.dat
    26. c:\windows\system32\drivers\npf.sys
    27. c:\windows\system32\geyekrdwyakspw.dat
    28. c:\windows\system32\geyekrehwmqbrp.dll
    29. c:\windows\system32\geyekrwdtvfnwu.dat
    30. c:\windows\system32\Packet.dll
    31. c:\windows\system32\pthreadVC.dll
    32. c:\windows\system32\WanPacket.dll
    33. c:\windows\system32\win.ini
    34. c:\windows\system32\wpcap.dll
    35.  
    36. .
    37. ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    38. .
    39.  
    40. -------\Legacy_DOT3SVCOSE
    41. -------\Legacy_ERSVCUSNJSVC
    42. -------\Legacy_geyekrwbltdmub
    43. -------\Legacy_HPQDDSVCHTTPFILTER
    44. -------\Legacy_NPF
    45. -------\Legacy_PLUGPLAYNETMAN
    46. -------\Legacy_REMOTEREGISTRYLMHOSTS
    47. -------\Legacy_STARWINDSERVICEAENAPAGENT
    48. -------\Legacy_TLNTSVRREMOTEREGISTRY
    49. -------\Legacy_WMDMPMSNBITS
    50. -------\Legacy_WMPNETWORKSVCALERTER
    51. -------\Legacy_WZCSVC_DRIVER_HPZ12
    52. -------\Service_Dot3svcose
    53. -------\Service_ERSvcusnjsvc
    54. -------\Service_geyekrwbltdmub
    55. -------\Service_hpqddsvcHTTPFilter
    56. -------\Service_NPF
    57. -------\Service_PlugPlayNetman
    58. -------\Service_RemoteRegistryLmHosts
    59. -------\Service_StarWindServiceAEnapagent
    60. -------\Service_TlntSvrRemoteRegistry
    61. -------\Service_WmdmPmSNBITS
    62. -------\Service_WMPNetworkSvcAlerter
    63. -------\Service_WZCSVC Driver HPZ12
    64. -------\Legacy_avast!PlugPlay
    65. -------\Legacy_CryptSvcsrservice
    66. -------\Legacy_Netwscsvc
    67. -------\Service_avast!PlugPlay
    68. -------\Service_CryptSvcsrservice
    69. -------\Service_Netwscsvc
    70.  
    71.  
    72. ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-04 au 2009-11-04 ))))))))))))))))))))))))))))))))))))
    73. .
    74.  
    75. 2009-11-01 01:16 . 2009-11-01 01:51 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Battle for Wesnoth 1.7.7
    76. 2009-11-01 00:19 . 2009-11-01 00:33 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Dictionnaire Freelang
    77. 2009-10-31 19:29 . 2009-11-01 01:29 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Battle for Wesnoth 1.5.12-1.6rc1
    78. 2009-10-31 15:16 . 2009-10-31 15:16 -------- d-----w- c:\windows\LastGood.Tmp
    79. 2009-10-31 15:16 . 2009-11-01 15:51 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    80. 2009-10-31 15:16 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
    81. 2009-10-31 15:16 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
    82. 2009-10-31 15:16 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
    83. 2009-10-31 15:16 . 2009-10-31 15:16 -------- d-----w- c:\program files\Avira
    84. 2009-10-31 15:16 . 2009-10-31 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    85. 2009-10-31 15:02 . 2009-10-31 15:02 -------- d-----w- C:\rsit
    86. 2009-10-27 01:02 . 2009-10-27 01:12 -------- d-----w- c:\program files\GameSpy Arcade
    87. 2009-10-27 00:17 . 2009-10-27 00:17 -------- d-----w- c:\program files\MP3
    88. 2009-10-27 00:15 . 2009-10-27 00:17 -------- d-----w- c:\program files\Warlords of the Wasteland
    89. 2009-10-27 00:15 . 2009-10-27 00:17 -------- d-----w- c:\program files\Fichiers communs\3DO Shared
    90. 2009-10-27 00:15 . 2009-10-27 00:17 -------- d-----w- c:\program files\Data
    91. 2009-10-26 22:47 . 2009-10-26 22:47 -------- d-----w- c:\program files\Mplayer
    92. 2009-10-26 22:47 . 2009-10-26 22:47 -------- d-----w- c:\windows\wb
    93. 2009-10-26 22:47 . 1996-09-30 19:32 9728 ----a-r- c:\windows\system\rnaph.dll
    94. 2009-10-26 22:47 . 1996-08-16 20:44 87552 ----a-r- c:\windows\system\url.dll
    95. 2009-10-26 22:43 . 2009-10-27 00:17 -------- d-----w- c:\program files\3DO
    96. 2009-10-26 22:42 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
    97. 2009-10-25 22:53 . 2009-10-26 00:21 -------- d-----w- c:\program files\Divine Divinity
    98. 2009-10-24 18:11 . 2009-10-24 18:11 -------- d-----w- c:\documents and settings\Administrateur\Application Data\FMZilla
    99. 2009-10-24 18:10 . 2009-11-01 23:44 -------- d-----w- c:\program files\Free Music Zilla
    100. 2009-10-24 00:11 . 2009-10-24 23:22 21840 ----atw- c:\windows\system32\SIntfNT.dll
    101. 2009-10-24 00:11 . 2009-10-24 23:22 17212 ----atw- c:\windows\system32\SIntf32.dll
    102. 2009-10-24 00:11 . 2009-10-24 23:22 12067 ----atw- c:\windows\system32\SIntf16.dll
    103. 2009-10-24 00:03 . 2009-10-31 17:35 -------- d-----w- c:\program files\Diablo II
    104. 2009-10-14 20:39 . 2009-10-14 20:39 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
    105. 2009-10-14 20:38 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    106. 2009-10-14 20:38 . 2009-10-14 20:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    107. 2009-10-14 20:38 . 2009-10-14 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    108. 2009-10-14 20:38 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    109. 2009-10-14 20:31 . 2009-10-14 20:31 -------- d-----w- c:\program files\Trend Micro
    110. 2009-10-13 21:04 . 2009-10-14 21:08 4457 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\dzigvtq.dat
    111. 2009-10-11 18:48 . 2009-10-11 18:48 21376 ----a-w- c:\windows\system32\drivers\dup.sys
    112. 2009-10-08 12:39 . 2009-10-08 12:39 -------- d-----r- c:\documents and settings\LocalService\Mes documents
    113.  
    114. .
    115. (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    116. .
    117. 2009-11-04 17:17 . 2009-11-04 17:17 32 --s-a-w- c:\windows\system32\2317921052.dat
    118. 2009-10-31 17:35 . 2008-11-07 20:08 -------- d-----w- c:\program files\Free Download Manager
    119. 2009-10-30 19:52 . 2009-07-26 22:12 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DNA
    120. 2009-10-30 17:38 . 2009-05-31 12:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Hamachi
    121. 2009-10-30 15:42 . 2009-07-26 22:12 -------- d-----w- c:\program files\DNA
    122. 2009-10-29 14:03 . 2008-11-01 12:20 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
    123. 2009-10-29 03:03 . 2008-12-28 18:30 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
    124. 2009-10-25 08:18 . 2008-04-14 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
    125. 2009-10-25 08:18 . 2008-04-14 12:00 500454 ----a-w- c:\windows\system32\perfh00C.dat
    126. 2009-10-23 20:14 . 2009-01-11 16:25 -------- d-----w- c:\program files\Project64 1.6
    127. 2009-10-20 15:08 . 2008-11-02 18:45 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    128. 2009-10-19 10:48 . 2008-11-26 19:47 -------- d-----w- c:\program files\Pvm
    129. 2009-10-18 07:34 . 2009-07-31 23:23 -------- d-----w- c:\program files\Unlocker
    130. 2009-10-09 18:19 . 2009-10-04 09:51 -------- d-----w- c:\program files\Nokia
    131. 2009-10-04 09:59 . 2009-10-04 09:59 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
    132. 2009-10-04 09:59 . 2009-10-04 09:59 -------- d-----w- c:\program files\PC Drivers HeadQuarters
    133. 2009-10-04 09:56 . 2009-10-04 09:56 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Nokia
    134. 2009-10-04 09:56 . 2009-10-04 09:56 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PC Suite
    135. 2009-10-04 09:56 . 2009-10-04 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
    136. 2009-10-04 09:54 . 2009-10-04 09:53 -------- d-----w- c:\program files\DIFX
    137. 2009-10-04 09:53 . 2009-10-04 09:53 -------- d-----w- c:\program files\Fichiers communs\PCSuite
    138. 2009-10-04 09:53 . 2009-10-04 09:53 -------- d-----w- c:\program files\Fichiers communs\Nokia
    139. 2009-10-04 09:52 . 2009-10-04 09:52 -------- d-----w- c:\program files\PC Connectivity Solution
    140. 2009-10-04 09:50 . 2009-10-04 09:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
    141. 2009-09-30 20:41 . 2008-11-07 20:08 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Free Download Manager
    142. 2009-09-30 20:41 . 2009-09-30 20:41 -------- d-----w- c:\program files\Opera
    143. 2009-09-29 18:47 . 2009-07-29 22:31 -------- d-----w- c:\program files\Sword of The New World
    144. 2009-09-28 17:19 . 2009-09-28 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth
    145. 2009-09-28 17:16 . 2009-02-19 00:53 -------- d-----w- c:\program files\DivX
    146. 2009-09-28 16:39 . 2009-09-28 16:39 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PhoneRemoteControl
    147. 2009-09-27 23:18 . 2009-09-27 02:45 -------- d-----w- c:\program files\Fichiers communs\Blizzard Entertainment
    148. 2009-09-27 20:47 . 2009-09-27 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment.temp
    149. 2009-09-27 02:47 . 2009-09-27 02:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
    150. 2009-09-24 18:14 . 2008-12-30 03:16 -------- d-----w- c:\program files\CamStudio
    151. 2009-09-24 18:11 . 2009-09-12 23:05 -------- d-----w- c:\program files\Chatango
    152. 2009-09-24 17:16 . 2009-09-18 17:12 -------- d-----w- c:\program files\MAME32k
    153. 2009-09-24 17:15 . 2009-08-01 22:29 -------- d-----w- c:\program files\Mario Forever Toolbar
    154. 2009-09-24 17:04 . 2009-09-24 17:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Media Player Classic
    155. 2009-09-24 17:03 . 2009-09-24 17:03 -------- d-----w- c:\program files\K-Lite Codec Pack
    156. 2009-09-23 17:39 . 2008-11-24 16:07 -------- d-----w- c:\program files\gPotato.eu
    157. 2009-09-21 17:37 . 2009-08-01 23:12 -------- d-----w- c:\program files\softendo.com
    158. 2009-09-21 17:31 . 2009-08-01 22:29 -------- d-----w- c:\program files\Mario Forever
    159. 2009-09-21 17:31 . 2009-09-05 02:37 -------- d-----w- c:\program files\Dofus
    160. 2009-09-20 18:05 . 2008-11-17 16:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss
    161. 2009-09-18 22:14 . 2009-09-18 22:14 -------- d-----w- c:\program files\RPG Maker VX Vrai
    162. 2009-09-09 20:32 . 2008-12-28 18:30 -------- d-----w- c:\program files\uTorrent
    163. 2009-08-30 15:22 . 2009-08-30 03:00 96 ---ha-w- c:\windows\system32\HsInfo.dat
    164. 2009-08-16 15:08 . 2009-09-24 17:03 178176 ----a-w- c:\windows\system32\unrar.dll
    165. 2009-08-08 15:13 . 2009-08-08 15:13 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
    166. 2009-08-08 15:02 . 2009-08-08 15:02 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
    167. 2009-08-08 15:02 . 2009-08-08 15:02 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
    168. 2006-04-11 16:15 . 2006-04-11 16:15 323584 ----a-w- c:\program files\AutoRun.exe
    169. 2006-04-10 22:11 . 2006-04-10 22:11 921656 ----a-w- c:\program files\Setup.bmp
    170. 2006-04-05 17:38 . 2006-04-05 17:38 50534 ----a-w- c:\program files\AutoRun.ico
    171. 2004-09-01 02:11 . 2004-09-01 02:11 245408 ----a-w- c:\program files\unicows.dll
    172. 2008-04-14 12:00 . 2008-04-14 12:00 63488 --sh--r- c:\windows\system32\1041r.exe
    173. .
    174.  
    175. ------- Sigcheck -------
    176.  
    177. [-] 2008-09-27 . 4BB6301D634C857A5089E8B24C5555E4 . 593408 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
    178.  
    179. [-] 2008-09-27 . AAC42FD16A1976DE9A0773E740597644 . 693248 . . [5.82] . . c:\windows\system32\comctl32.dll
    180.  
    181. [-] 2008-09-27 . B6BC3773B01BF85B880F56C198EEA90B . 3774464 . . [7.00.6000.20861] . . c:\windows\system32\mshtml.dll
    182.  
    183. [-] 2008-09-27 . 65A2D2BD594EB3E670CECFFEED75FB69 . 2331008 . . [5.1.2600.5586] . . c:\windows\system32\ntoskrnl.exe
    184.  
    185. [-] 2008-09-27 . EF31A8266AF7996746392E4F45502536 . 517632 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
    186.  
    187. [-] 2008-09-27 . 90B16FF3ACEC94B95BA95AA686442A47 . 879616 . . [7.00.6000.20861] . . c:\windows\system32\wininet.dll
    188.  
    189. [-] 2008-09-27 . BFBBBFE0913E6C9706F97598A6588B8F . 1573888 . . [6.00.2900.5634] . . c:\windows\explorer.exe
    190.  
    191. [-] 2008-09-27 . B3D95BCB6D0B033BEBFB81FADDA8B8AC . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
    192.  
    193. [-] 2008-09-27 . A3CA2B158B645447964ADC84FA7E6EE6 . 2207872 . . [5.1.2600.5586] . . c:\windows\system32\ntkrnlpa.exe
    194. .
    195. ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    196. .
    197. .
    198. *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    199. REGEDIT4
    200.  
    201. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    202. "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-01-21 5724184]
    203. "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-07-26 323392]
    204. "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
    205. "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
    206. "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
    207.  
    208. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    209. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
    210. "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
    211. "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
    212. "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
    213. "QuickTime Task"="c:\program files\QT Lite\qttask.exe" [2009-01-05 413696]
    214. "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
    215. "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
    216. "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    217. "VMSnap5"="c:\windows\VMSnap5.EXE" [2007-01-08 49152]
    218. "Domino"="c:\windows\Domino.EXE" [2007-01-08 49152]
    219. "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
    220. "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
    221. "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    222. "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-22 1622016]
    223.  
    224. [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    225. "JkDefrag"="advpack.dll" - c:\windows\system32\advpack.dll [2008-08-28 124928]
    226. "SweetRegistry"="advpack.dll" - c:\windows\system32\advpack.dll [2008-08-28 124928]
    227.  
    228. c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
    229. Free Music Zilla.lnk - c:\program files\Free Music Zilla\FMZilla.exe [2009-10-24 732352]
    230. H3 The Shadow of Death(TM).lnk - c:\documents and settings\Administrateur\Mes documents\Azureus Downloads\Heroes of Might and Magic III Complete\RegisterSOD\Remind32.exe [2009-10-26 67584]
    231. hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-5-31 619048]
    232.  
    233. c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    234. HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
    235.  
    236. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    237. "HideRunAsVerb"= 1 (0x1)
    238. "NoNetConnectDisconnect"= 1 (0x1)
    239. "NoResolveTrack"= 1 (0x1)
    240.  
    241. [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    242. "NoResolveTrack"= 1 (0x1)
    243. "NoSMBalloonTip"= 1 (0x1)
    244. "NoSMConfigurePrograms"= 1 (0x1)
    245. "NoStrCmpLogical"= 0 (0x0)
    246. "NoWelcomeScreen"= 1 (0x1)
    247.  
    248. [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    249. "ForceClassicControlPanel"= 1 (0x1)
    250. "NoResolveTrack"= 1 (0x1)
    251. "NoSMBalloonTip"= 1 (0x1)
    252. "NoSMConfigurePrograms"= 1 (0x1)
    253. "NoSMHelp"= 1 (0x1)
    254. "NoStrCmpLogical"= 0 (0x0)
    255. "NoWelcomeScreen"= 1 (0x1)
    256.  
    257. [HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^MagicDisc.lnk]
    258. path=c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\MagicDisc.lnk
    259. backup=c:\windows\pss\MagicDisc.lnkStartup
    260.  
    261. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    262. "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
    263.  
    264. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    265. "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    266. "%windir%\\system32\\sessmgr.exe"=
    267. "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    268. "c:\\Documents and Settings\\Administrateur\\Mes documents\\jeux gba\\VBA Link\\VisualBoyAdvance.exe"=
    269. "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    270. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    271. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    272. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    273. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    274. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    275. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    276. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
    277. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
    278. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
    279. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
    280. "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
    281. "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    282. "c:\\Documents and Settings\\Administrateur\\Mes documents\\Hamachi+Zsnes\\zsnesw.exe"=
    283. "c:\\Documents and Settings\\Administrateur\\Mes documents\\Jeux DS\\Homebrew\\Server.exe"=
    284. "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    285. "c:\\Program Files\\Pvm\\Piano virtuel midi.exe"=
    286. "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    287. "c:\\Program Files\\DNA\\btdna.exe"=
    288. "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    289. "c:\\Documents and Settings\\Administrateur\\Mes documents\\SNES\\snes9x.exe"=
    290. "c:\\Documents and Settings\\Administrateur\\Mes documents\\SNES\\Snes9k\\Snes9K.exe"=
    291. "c:\\Documents and Settings\\Administrateur\\Mes documents\\Kaillera\\kaillerasrv.exe"=
    292. "c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
    293. "c:\\Documents and Settings\\Administrateur\\Mes documents\\Azureus Downloads\\Heroes of Might and Magic III Complete\\Heroes3.exe"=
    294. "c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
    295.  
    296. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    297. "427:UDP"= 427:UDP:SLP_Port(427)
    298. "18831:TCP"= 18831:TCP:*:Disabled:SolidNetworkManager
    299. "18831:UDP"= 18831:UDP:*:Disabled:SolidNetworkManager
    300. "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    301.  
    302. R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19/10/2008 11:43 78416]
    303. R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [31/10/2009 16:16 108289]
    304. R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/10/2008 11:43 20560]
    305. R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [01/11/2008 21:00 6016]
    306. R3 ZSMC0305;Vimicro USB PC Camera (VC0305);c:\windows\system32\drivers\usbVM305.sys [08/08/2009 18:16 391737]
    307. S0 eowxlx;eowxlx;c:\windows\system32\drivers\bsskfst.sys --> c:\windows\system32\drivers\bsskfst.sys [?]
    308. S1 Dup;Dup;c:\windows\system32\drivers\dup.sys [11/10/2009 19:48 21376]
    309. S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
    310. S3 XDva279;XDva279;\??\c:\windows\system32\XDva279.sys --> c:\windows\system32\XDva279.sys [?]
    311.  
    312. --- Autres Services/Pilotes en mémoire ---
    313.  
    314. *NewlyCreated* - 00005D3B
    315. *NewlyCreated* - HELPSVC
    316. *NewlyCreated* - MBR
    317. *Deregistered* - 00005D3B
    318. *Deregistered* - mbr
    319.  
    320. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    321. HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    322. HPService REG_MULTI_SZ HPSLPSVC
    323. hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    324.  
    325. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{D10A0BD6-DEAB-423e-8A6B-373B4BDB3C7B}]
    326. rundll32.exe advpack.dll,LaunchINFSection c:\windows\INF\firefox.inf,PerUserStub
    327.  
    328. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
    329. rundll32 advpack.dll,LaunchINFSection c:\windows\INF\ie.inf,IE7Stub
    330.  
    331. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{Y101Y238-S37I-3BV5-F7I2-R5O5YR7RPE2W}]
    332. c:\program files\Fichiers communs\svchost.exe
    333. .
    334. Contenu du dossier 'Tâches planifiées'
    335.  
    336. 2009-02-08 c:\windows\Tasks\AppleSoftwareUpdate.job
    337. - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
    338. .
    339. .
    340. ------- Examen supplémentaire -------
    341. .
    342. uStart Page = hxxp://fmz.qiwa.com
    343. mStart Page = hxxp://<a href="http://www.yoower.com/" rel="nofollow" target="_blank">www.yoower.com/</a>
    344. uInternet Settings,ProxyOverride = *.local
    345. IE: &Search
    346. IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    347. IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
    348. IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
    349. IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
    350. IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
    351. FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\
    352. FF - prefs.js: browser.startup.homepage - hxxp://fmz.qiwa.com
    353.  
    354. ---- PARAMETRES FIREFOX ----
    355. FF - user.js: yahoo.homepage.dontask - true.
    356. - - - - ORPHELINS SUPPRIMES - - - -
    357.  
    358. HKLM-Run-ISUSPM Startup - c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
    359. HKLM-Run-BigDog305 - c:\windows\VM305_STI.EXE
    360. HKLM-Run-EoEngine - (no file)
    361. HKLM-Run-Device Detector - DevDetect.exe
    362. HKU-Default-Run-autochk - c:\docume~1\LOCALS~1\protect.dll
    363. HKU-Default-Run-Win32Update - c:\windows\system32\accwizm.exe
    364. HKU-Default-RunServices-Win32Update - c:\windows\system32\accwizm.exe
    365. AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
    366. AddRemove-dzigvtq - c:\documents and settings\administrateur\local settings\application data\dzigvtq.exe
    367. AddRemove-Free Download Manager - c:\program files\Free Download Manager\uninst.exe
    368. AddRemove-WinPcapInst - c:\program files\WinPcap\Uninstall.exe
    369. AddRemove-Yahoo! Companion - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
    370. AddRemove-Yahoo! Software Update - c:\progra~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
    371. AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
    372. AddRemove-NCsoft-Aion - c:\documents and settings\Administrateur\Mes documents\Downloads\Aion-Online-MMO-Full-Client-and-Patches-to-v1.0.2.13\NCSoft\Launcher\NCLauncher.exe
    373.  
    374.  
    375.  
    376. **************************************************************************
    377.  
    378. catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, <a href="http://www.gmer.net" rel="nofollow" target="_blank">http://www.gmer.net</a>
    379. Rootkit scan 2009-11-04 18:19
    380. Windows 5.1.2600 Service Pack 3 NTFS
    381.  
    382. Recherche de processus cachés ...
    383.  
    384. Recherche d'éléments en démarrage automatique cachés ...
    385.  
    386. Recherche de fichiers cachés ...
    387.  
    388. Scan terminé avec succès
    389. Fichiers cachés: 0
    390.  
    391. **************************************************************************
    392.  
    393. Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, <a href="http://www.gmer.net" rel="nofollow" target="_blank">http://www.gmer.net</a>
    394.  
    395. device: opened successfully
    396. user: MBR read successfully
    397. called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spgg.sys >>UNKNOWN [0x8678B938]<<
    398. kernel: MBR read successfully
    399. user & kernel MBR OK
    400. Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, <a href="http://www.gmer.net" rel="nofollow" target="_blank">http://www.gmer.net</a>
    401.  
    402. atapi.sys @ 0x0 0x0 bytes
    403.  
    404. \Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF7660B40 atapi.sys
    405. \Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF7660B40 atapi.sys
    406. \Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF7660B40 atapi.sys
    407. \Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF7660B40 atapi.sys
    408. \Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF7660B40 atapi.sys
    409. \Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF7660B40 atapi.sys
    410. \Driver\atapi IRP hooks detected !
    411.  
    412. **************************************************************************
    413.  
    414. [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
    415. "ImagePath"="c:\windows\system32\GameMon.des -service"
    416. .
    417. --------------------- DLLs chargées dans les processus actifs ---------------------
    418.  
    419. - - - - - - - > 'winlogon.exe'(1236)
    420. c:\windows\system32\SETUPAPI.dll
    421. c:\windows\system32\COMRes.dll
    422. c:\windows\system32\cscui.dll
    423.  
    424. - - - - - - - > 'lsass.exe'(1436)
    425. c:\windows\system32\scecli.dll
    426. c:\windows\system32\SETUPAPI.dll
    427.  
    428. - - - - - - - > 'explorer.exe'(496)
    429. c:\windows\system32\SHDOCVW.dll
    430. c:\windows\system32\nview.dll
    431. c:\windows\system32\NVWRSFR.DLL
    432. c:\program files\Unlocker\UnlockerHook.dll
    433. c:\windows\system32\COMRes.dll
    434. c:\windows\System32\cscui.dll
    435. c:\windows\system32\msi.dll
    436. c:\windows\system32\SETUPAPI.dll
    437. c:\windows\system32\NETSHELL.dll
    438. c:\windows\system32\credui.dll
    439. c:\windows\system32\MSVCP60.dll
    440. c:\windows\system32\eappprxy.dll
    441. c:\windows\system32\WPDShServiceObj.dll
    442. c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    443. c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    444. c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
    445. c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    446. c:\windows\system32\PortableDeviceTypes.dll
    447. c:\windows\system32\PortableDeviceApi.dll
    448. .
    449. ------------------------ Autres processus actifs ------------------------
    450. .
    451. c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    452. c:\program files\Alwil Software\Avast4\ashServ.exe
    453. c:\program files\Avira\AntiVir Desktop\avguard.exe
    454. c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    455. c:\program files\Bonjour\mDNSResponder.exe
    456. c:\windows\system32\PnkBstrA.exe
    457. c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    458. c:\windows\PCHealth\HelpCtr\Binaries\HelpSvc.exe
    459. c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    460. c:\program files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    461. c:\windows\system32\rundll32.exe
    462. c:\program files\Avira\AntiVir Desktop\update.exe
    463. c:\docume~1\ADMINI~1\MESDOC~1\AZUREU~1\HEROES~1\REGIST~1\ITP32.EXE
    464. c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    465. c:\program files\Alwil Software\Avast4\ashWebSv.exe
    466. c:\program files\PC Connectivity Solution\ServiceLayer.exe
    467. c:\windows\system32\wscntfy.exe
    468. c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    469. c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
    470. c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
    471. c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
    472. c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
    473. .
    474. **************************************************************************
    475. .
    476. Heure de fin: 2009-11-04 18:27 - La machine a redémarré
    477. ComboFix-quarantined-files.txt 2009-11-04 17:27
    478.  
    479. Avant-CF: 1 049 178 112 octets libres
    480. Après-CF: 1 115 557 888 octets libres
    481.  
    482. WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    483. [boot loader]
    484. timeout=2
    485. default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    486. [operating systems]
    487. c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    488. multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
    a b 8 Sécurité
    8 Novembre 2009 21:24:10

    Vraiment désolé, j'ai du mal niveau temps dernièrement.

    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    a b 8 Sécurité
    11 Novembre 2009 22:25:11

    Refais un scan Combofix. Tu utilises bien IE ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS