virus smitfraud-C

virus smitfraud-C
Brako	Le 11/01/2009 à 17:14
	Bonjour, Pour cette nouvelle année mon ordinateur a décidé de m'offrir un cadeaux au jolie nom de Smitfraud-C. Symptômes : - Fond d'écran du bureau bleu windows, impossible à modifier. - Alertes trojans fictive invitant à télécharger un antivirus. - Impossibilité d'ouvrir le gestionnaire des tâches. - Security center de windows est désactivé. - Impossible d'aller sur Internet avec Firefox (détournement DNS). - Internet explorer ouvre des onglets à l'infini - modification de différentes clés registre. - Impossibilité de lancer le mode sans échec. J'ai fait quelques recherche sur Internet, et j'ai trouvé un petit programme smitfraudfix crée pour détruire cette infection. Or une des étape (celle ou on efface les clés registre corrompues) nécessite de lancer windows en mode sans échec, mais le mode sans échec ne fonctionne pas .... avez-vous une idée ? -- Ce qui donne une éventuelle matière à suspecter une quelconque propagande ...
Mister_masque	Le 11/01/2009 à 21:26
	Salut, Ok, DNS.Changer, peut être Vundo, y a du travail. Sans MSE, sa va être coton, mais on va y arrivé Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau. Double-clique sur RSIT.exe afin de lancer RSIT. Clique sur Continue à l'écran Disclaimer en laissant les valeurs par défaut Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence. Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. --> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches). NB : Les deux rapports sont également sauvegardés dans le dossier: C:\rsit\ @++ --
Brako	Le 12/01/2009 à 12:12
	Bonjour et merci de ton aide, Les deux rapports : info.txt : info.txt logfile of random's system information tool 1.05 2009-01-12 11:59:20 ======Uninstall list====== -->C:\PROGRA~1\CALLOF~1\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~1\Uninstall\Install.log -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3} Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589} Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C} Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2} Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A} Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E} Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002} Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350} Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963} Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD} Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D95ED581-3C67-4BB4-AA50-DDCC6A97226D}\SETUP.EXE" -l0x40c Assistant de connexion WiFi neufbox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98B6F37A-57E2-4DF4-ABB6-FEB3E0A9A9B8}\setup.exe" -l0x40c -wifi -nokey Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AVK InternetSecurity-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9128E393-0013-4B04-BD72-73287A25B28C}\setup.exe" -l0x40c -removeonly Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c Battlefield 2 : Forces Spéciales-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x40c -removeonly Battlefield 2(TM) Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}\setup.exe" -l0x9 -removeonly Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly Call of Duty Game of the Year Edition-->C:\PROGRA~1\CALLOF~1\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~1\Uninstall\Install.log Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST Canon MP Navigator 1.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8653730A-683D-4C42-BB18-6471291D5DEA}\setup.exe" /SUUninstall Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Code de la route-->"C:\Program Files\Anuman Interactive\Code de la route\unins000.exe" Convert Image-->"C:\Program Files\Softinterface, Inc\Convert Image\unins000.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Cossacks - European Wars-->C:\WINDOWS\uncsetup.exe Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5} Dark Messiah -->C:\Program Files\InstallShield Installation Information\{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}\setup.exe -runfromtemp -l0x040c -removeonly dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat D-Day-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5207D5AE-BA51-4961-9483-B82FB5C4F6E1}\setup.exe" -l0x40c Uninstall Démo de Battlefield 2142-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD347316-609E-4149-983C-84B40338D38A}\setup.exe" -l0x40c -removeonly DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Easyscreen Screen Capture Trial-->"C:\Program Files\Easyscreen Screen Capture Trial\unins000.exe" Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu" EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything Ethnos 4.1-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Ethnos4\Uninst.isu" -c"C:\Program Files\Ethnos4\Uninst.dll" Fate/stay night English v2.0-->C:\Program Files\Fate/stay night\uninstall.exe Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62} Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\WINDOWS\SQL9_KB948109_ENU\Hotfix.exe /Uninstall GDR 3068 for SQL Server Tools and Workstation Components 2005 ENU (KB948109)-->C:\WINDOWS\SQLTools9_KB948109_ENU\Hotfix.exe /Uninstall Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" Graphics-Pad MD 41217-->Rmtablet KNL GTK+ 2.2.4-20040124 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\unins000.exe" Guide Routier France et Europe-->C:\PROGRA~1\ANUMAN~1\GUIDER~1\UNWISE.EXE C:\PROGRA~1\ANUMAN~1\GUIDER~1\INSTALL.LOG Hello Engines! Standard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51974F4F-7A40-48AE-99B8-243F34F17884}\Setup.exe" -l0x40c Hidden & Dangerous 2 Patch-->"C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\\patch-uninst.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HTML Help Workshop-->C:\Program Files\HTML Help Workshop\setup.exe Uninstall InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} J'apprends la guitare 2-->MsiExec.exe /I{1EEA2415-114A-4235-A5ED-6106E49099B6} J'apprends la guitare-->MsiExec.exe /I{16A81684-F7EE-11D6-B1B8-0050BAE10642} Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall La boite a couleurs version 1.6.14-->"C:\Program Files\LaBoiteACouleurs\unins000.exe" Lara Croft Tomb Raider : L’Ange des Ténèbres-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{93656878-FF8B-4935-99BB-F3F260037C57} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech MouseWare 9.79.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL Medal of Honor Airborne-->MsiExec.exe /X{25F28E39-FDBB-11DB-8314-0800200C9A66} Medal of Honor Batailles du Pacifique(tm)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}\Setup.exe" -l0x40c -removeonly Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft MSDN 2005 Express - FRA-->K:\program files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - FRA\install.exe Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791} Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{3F59A7E0-BC01-4435-9E93-C7D7015C21DA} Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Express - FRA-->K:\program files\Microsoft Visual Studio 8\Microsoft Visual C++ 2005 Express Edition - FRA\setup.exe Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04} Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (2.0.0.20)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5} Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NeroVision Express 3 SE-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL NeroVision Express Content-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL Notepad++-->C:\Program Files\Notepad++\uninstall.exe Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe" Oblivion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U PANZERS - Phase2-->C:\PROGRA~1\PANZER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~1\UNINST~1\INSTALL.LOG PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} Perfect Love-->"C:\Program Files\Perfect Love\unins000.exe" Project IGI-->C:\WINDOWS\unvise32.exe C:\Program Files\Eidos Interactive\Project IGI\uninstal.log QuickTime-->MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335} Ragnarok Online-->"C:\WINDOWS\IFinst27.exe" -UC:\Program Files\Gravity\RO\IFU24.inf RGSS de RMXP version 1.0.1-->"K:\program files\Bodom-Child - RaBBi\RGSS\unins000.exe" RMXP version 1.0.0.1-->"K:\program files\Bodom-Child - RaBBi\RMXP\unins000.exe" SAGA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Cryo\SAGA\Uninst.isu" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf Soldier Front-->C:\Program Files\InstallShield Installation Information\{8ADE24B2-DCA4-4A1E-8B52-A5B435522D9E}\setup.exe -runfromtemp -l0x0009 -removeonly Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot\unins000.exe" Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Stronghold Crusader-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" Talk to Me-->"C:\Program Files\Auralog\Talk to Me 7.0\Bin\unsetup.exe" -file "C:\Program Files\Auralog\Talk to Me 7.0\unsetup.aui" TestLAB 2006 Evaluation-->"C:\Program Files\AxBx\TestLAB 2006 Evaluation\unins000.exe" The GIMP 2.0.1-->"C:\Program Files\GIMP-2.0\unins000.exe" VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe VIMICRO USB PC Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe" -l0x9 Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E} Visual C++ 8.0 MFC (x86) WinSXS MSM-->MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E} Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM-->MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E} Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Messenger 5.1-->MsiExec.exe /I{A433AE09-2126-4dad-9CBD-C1B05DC42787} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe" Yahoo! Companion-->rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui ======Hosts File====== 88.198.6.227 l2authd.lineage2.com 88.198.6.227 l2authd.lineage2.com 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD ======Security center information====== AV: G DATA AntiVirenKit 2006 (outdated) FW: G DATA Personal Firewall System event log Computer Name: ZIGOMAR Event Code: 62470 Message: Invalid pixel format Record Number: 16796787 Source Name: ati2mtag Time Written: 20081220193539.000000+060 Event Type: warning User: Computer Name: ZIGOMAR Event Code: 62486 Message: Invalid parameters Record Number: 16796786 Source Name: ati2mtag Time Written: 20081220193539.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 62470 Message: Invalid pixel format Record Number: 16796785 Source Name: ati2mtag Time Written: 20081220193539.000000+060 Event Type: warning User: Computer Name: ZIGOMAR Event Code: 62486 Message: Invalid parameters Record Number: 16796784 Source Name: ati2mtag Time Written: 20081220193537.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 62470 Message: Invalid pixel format Record Number: 16796783 Source Name: ati2mtag Time Written: 20081220193537.000000+060 Event Type: warning User: Application event log Computer Name: ZIGOMAR Event Code: 9666 Message: Le transport du protocole Database Mirroring est désactivé ou il n'est pas configuré. Record Number: 40238 Source Name: MSSQL$SQLEXPRESS Time Written: 20081117224105.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 9666 Message: Le transport du protocole Service Broker est désactivé ou il n'est pas configuré. Record Number: 40237 Source Name: MSSQL$SQLEXPRESS Time Written: 20081117224104.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 3408 Message: La récupération est terminée. Ce message est fourni à titre d'information seulement. Aucune action n'est requise de la part de l'utilisateur. Record Number: 40236 Source Name: MSSQL$SQLEXPRESS Time Written: 20081117224104.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 17137 Message: Démarrage de la base de données 'tempdb'. Record Number: 40235 Source Name: MSSQL$SQLEXPRESS Time Written: 20081117224103.000000+060 Event Type: information User: Computer Name: ZIGOMAR Event Code: 17136 Message: Effacement de la base de données tempdb. Record Number: 40234 Source Name: MSSQL$SQLEXPRESS Time Written: 20081117224055.000000+060 Event Type: information User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\GTK\2.0\bin;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "VS80COMNTOOLS"=K:\program files\Microsoft Visual Studio 8\Common7\Tools\ "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip -----------------EOF----------------- log.txt : Logfile of random's system information tool 1.05 (written by random/random) Run by louis at 2009-01-12 11:57:21 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 85 GB (45%) free of 191 GB Total RAM: 1023 MB (21% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:59:03, on 12/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe C:\Program Files\AVK InternetSecurity\AVK\AVKService.exe C:\Program Files\AVK InternetSecurity\AVK\AVKWCtl.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\taskmagr.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\atwtusb.exe C:\WINDOWS\VM_STI.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\FlashGet\FlashGet.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Microsoft Security Adviser\msctrl.exe C:\Program Files\Microsoft Security Adviser\msavsc.exe C:\Program Files\Microsoft Security Adviser\msscan.exe C:\Program Files\Microsoft Security Adviser\msiemon.exe C:\Program Files\Microsoft Security Adviser\msfw.exe C:\Program Files\AVK InternetSecurity\AVKTray\AVKTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\program files\steam\steam.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spybot\TeaTimer.exe C:\Program Files\AVK InternetSecurity\Firewall\GDFwSvc.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Program Files\AVK InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\dumprep.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Microsoft Security Adviser\mssadv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\dwwin.exe C:\Documents and Settings\louis\Bureau\RSIT.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Program Files\trend micro\louis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vompi.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 88.198.6.227 l2authd.lineage2.com O1 - Hosts: 88.198.6.227 l2authd.lineage2.com O2 - BHO: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\AVK InternetSecurity\Webfilter\AvkWebIE.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: {d4470c9a-f6ea-a4a8-d2f4-d460aa0da6c8} - {8c6ad0aa-064d-4f2d-8a4a-ae6fa9c0744d} - C:\WINDOWS\system32\xyxndn.dll O2 - BHO: Skype Control Class - {9018F6A8-2495-45DF-9F16-C738F8F3C8FF} - C:\WINDOWS\system32\SkypeComm.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: (no name) - {f1a8b4cc-7fde-4665-98c6-e052b9e7a50b} - C:\WINDOWS\system32\godanihe.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\AVK InternetSecurity\Webfilter\AvkWebIE.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Site free.exe O4 - HKLM\..\Run: [odb] C:\WINDOWS\odb.exe O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe O4 - HKLM\..\Run: [joyehedeve] Rundll32.exe "C:\WINDOWS\system32\lejivaya.dll",s O4 - HKLM\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe O4 - HKLM\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe O4 - HKLM\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe O4 - HKLM\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe O4 - HKLM\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\AVK InternetSecurity\AVKTray\AVKTray.exe" O4 - HKLM\..\Run: [20994bc2] rundll32.exe "C:\WINDOWS\system32\mibevilo.dll",b O4 - HKLM\..\Run: [CPM23aa785e] Rundll32.exe "c:\windows\system32\fovayaga.dll",a O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\3076h.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\system32\3076h.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Assistant de connexion WiFi\Wizard\Agent_WiFi.exe O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_S445.tmp" /EF "HKCU" O4 - HKCU\..\Run: [FragFive] C:\DOCUME~1\louis\APPLIC~1\JUGSPI~1\Hope Dent Wipe.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe O4 - HKCU\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe O4 - HKCU\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe O4 - HKCU\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe O4 - HKCU\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot\TeaTimer.exe O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\3076h.exe O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\system32\3076h.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [joyehedeve] Rundll32.exe "C:\WINDOWS\system32\lejivaya.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: G DATA Firewall Tray.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://brakounet.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\lanefiki.dll C:\WINDOWS\system32\tagetega.dll c:\windows\system32\fovayaga.dll xyxndn.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fovayaga.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fovayaga.dll O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\louis\LOCALS~1\Temp\wndutl32.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Program Files\AVK InternetSecurity\AVK\AVKService.exe O23 - Service: Gardien d'AVK (AVKWCtl) - Unknown owner - C:\Program Files\AVK InternetSecurity\AVK\AVKWCtl.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - Unknown owner - C:\Program Files\AVK InternetSecurity\Firewall\GDFwSvc.exe O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O24 - Desktop Component 0: (no name) - http://www.ame-creative.fr/fond.html O24 - Desktop Component 1: (no name) - http://www.apocalypto-lefilm.fr/ O24 - Desktop Component 2: (no name) - http://www.ame-creative.fr/ O24 - Desktop Component 4: (no name) - http://www.ethanhaaswasright.com/ewr.php -- End of file - 19684 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] G DATA WebFilter - C:\Program Files\AVK InternetSecurity\Webfilter\AvkWebIE.dll [2005-10-11 286720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll [2004-05-24 275031] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-04-13 69632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\Spybot\SDHelper.dll [2008-08-14 1562448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c6ad0aa-064d-4f2d-8a4a-ae6fa9c0744d}] C:\WINDOWS\system32\xyxndn.dll [2009-01-12 136344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9018F6A8-2495-45DF-9F16-C738F8F3C8FF}] Skype Control Class - C:\WINDOWS\system32\SkypeComm.dll [2007-03-08 100352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}] ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2005-11-08 1132544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}] FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-04-13 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1a8b4cc-7fde-4665-98c6-e052b9e7a50b}] C:\WINDOWS\system32\godanihe.dll [1601-01-01 67882] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll [2004-05-24 275031] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2005-11-08 1132544] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\AVK InternetSecurity\Webfilter\AvkWebIE.dll [2005-10-11 286720] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-07 344064] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784] "atwtusb"=atwtusb.exe beta [] "BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960] "Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968] "Cmaudio"=RunDll32 cmicnfg.cpl [] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824] "Flashget"=C:\Program Files\FlashGet\FlashGet.exe [2007-04-16 1699840] "Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-22 620152] "Adobe_ID0EYTHM"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-12-11 286720] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-03-27 36352] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-05 44032] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "close surf mail dupe"=C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Site free.exe [2009-01-11 737280] "odb"=C:\WINDOWS\odb.exe [] "runsql"=C:\WINDOWS\runsql.exe [] "netsv32"=C:\WINDOWS\sv.exe [] "joyehedeve"=C:\WINDOWS\system32\lejivaya.dll [1601-01-01 67882] "msctrl.exe"=C:\Program Files\Microsoft Security Adviser\msctrl.exe [2009-01-07 12800] "msavsc.exe"=C:\Program Files\Microsoft Security Adviser\msavsc.exe [2009-01-07 12800] "msscan.exe"=C:\Program Files\Microsoft Security Adviser\msscan.exe [2009-01-07 12800] "msiemon.exe"=C:\Program Files\Microsoft Security Adviser\msiemon.exe [2009-01-07 12800] "msfw.exe"=C:\Program Files\Microsoft Security Adviser\msfw.exe [2009-01-07 12800] "mssadv.exe"= [] "AVKTray"=C:\Program Files\AVK InternetSecurity\AVKTray\AVKTray.exe [2005-10-11 208896] "20994bc2"=C:\WINDOWS\system32\mibevilo.dll [2009-01-10 90886] "CPM23aa785e"=c:\windows\system32\fovayaga.dll [2009-01-10 104069] "UpdateWin"=C:\WINDOWS\system32\3076h.exe [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "TVAgent WiFi"=C:\Program Files\Assistant de connexion WiFi\Wizard\Agent_WiFi.exe [] "Steam"=c:\program files\steam\steam.exe [2008-11-01 1410296] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] "EPSON Stylus DX7400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272] "FragFive"=C:\DOCUME~1\louis\APPLIC~1\JUGSPI~1\Hope Dent Wipe.exe [2009-01-04 540672] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2005-02-22 1611488] "msctrl.exe"=C:\Program Files\Microsoft Security Adviser\msctrl.exe [2009-01-07 12800] "msavsc.exe"=C:\Program Files\Microsoft Security Adviser\msavsc.exe [2009-01-07 12800] "msscan.exe"=C:\Program Files\Microsoft Security Adviser\msscan.exe [2009-01-07 12800] "msiemon.exe"=C:\Program Files\Microsoft Security Adviser\msiemon.exe [2009-01-07 12800] "msfw.exe"=C:\Program Files\Microsoft Security Adviser\msfw.exe [2009-01-07 12800] "mssadv.exe"= [] "SpybotSD TeaTimer"=C:\Program Files\Spybot\TeaTimer.exe [2008-08-18 1832272] "UpdateWin"=C:\WINDOWS\system32\3076h.exe [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe G DATA Firewall Tray.lnk - C:\Program Files\AVK InternetSecurity\Firewall\GDFirewallTray.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Documents and Settings\louis\Menu Démarrer\Programmes\Démarrage Xfire.lnk - C:\Program Files\Xfire\Xfire.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\WINDOWS\system32\lanefiki.dll C:\WINDOWS\system32\tagetega.dll c:\windows\system32\fovayaga.dll xyxndn.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-06-07 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fovayaga.dll [2009-01-10 104069] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fovayaga.dll [2009-01-10 104069] Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\louis\LOCALS~1\Temp\wndutl32.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\WINDOWS\system32\lanefiki.dll C:\WINDOWS\system32\tagetega.dll [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegedit"=0 "NoFind"=0 "NoRun"=0 "NoDesktop"=0 "NoClose"=0 "StartMenuLogOff"=0 "HideClock"=0 "DisableTaskMgr"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=1 "DisableRegistryTools"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSetActiveDesktop"=1 "NoActiveDesktopChanges"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoSetActiveDesktop"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe::Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger" "C:\Program Files\Call of Duty Game of the Year Edition\CoDMP.exe"="C:\Program Files\Call of Duty Game of the Year Edition\CoDMP.exe::Enabled:CoDMP" "C:\Program Files\id Software\Quake 4\Quake4.exe"="C:\Program Files\id Software\Quake 4\Quake4.exe::Enabled:Quake 4" "C:\Program Files\Raven\SOF PLATINUM\SoF.exe"="C:\Program Files\Raven\SOF PLATINUM\SoF.exe::Enabled:SoF" "C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe::Enabled:Xfire" "C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe"="C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe::Enabled:Battlefield 1942" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe::Enabled:Steam" "C:\Program Files\Xfire\ua_lsp_inst.exe"="C:\Program Files\Xfire\ua_lsp_inst.exe::Disabled:ua_lsp_inst" "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe::Enabled:GameSpy Arcade" "C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\hd2.exe"="C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\hd2.exe::Enabled:hd2" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe::Enabled:Microsoft DirectPlay8 Server" "C:\Program Files\Sunshin'Ro\Gravity\RO\Sunshin'Ro Update.exe"="C:\Program Files\Sunshin'Ro\Gravity\RO\Sunshin'Ro Update.exe::Enabled:Sunshin'Ro Update.exe" "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe::Enabled:Microsoft DirectPlay Helper" "C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe::Enabled:Stronghold Crusader" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent" "C:\Program Files\Steam\SteamApps\brakofrance\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\SteamApps\brakofrance\half-life 2 deathmatch\hl2.exe::Enabled:hl2" "C:\Program Files\Steam\SteamApps\brakofrance\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\brakofrance\counter-strike source\hl2.exe::Enabled:hl2" "C:\Program Files\Steam\SteamApps\brakofrance\day of defeat source\hl2.exe"="C:\Program Files\Steam\SteamApps\brakofrance\day of defeat source\hl2.exe::Enabled:hl2" "C:\Program Files\ulimehightrate\Gravity\RO\apeRO Patcher.exe"="C:\Program Files\ulimehightrate\Gravity\RO\apeRO Patcher.exe::Enabled:apeRO Loader" "C:\Program Files\SETI@home\SETI@home.exe"="C:\Program Files\SETI@home\SETI@home.exe::Enabled:SETI@home" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe::Disabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe::Disabled:Exécuter une DLL en tant qu'application" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe"="C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe::Enabled:WolfMP" "C:\Program Files\Bohemia Interactive\ArmA Demo\ArmADemo.exe"="C:\Program Files\Bohemia Interactive\ArmA Demo\ArmADemo.exe::Enabled:ArmA" "C:\Program Files\SCi\Conflict\Desert Storm\DesertStorm.exe"="C:\Program Files\SCi\Conflict\Desert Storm\DesertStorm.exe::Enabled:Conflict:Desert Storm" "C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe::Enabled:Battlefield 2" "C:\Program Files\Electronic Arts\Démo de Battlefield 2142\BF2142.exe"="C:\Program Files\Electronic Arts\Démo de Battlefield 2142\BF2142.exe::Enabled:Battlefield 2" "C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe::Enabled:FileZilla" "C:\Program Files\Kaisen-RO\Kaisen-RO Updater.exe"="C:\Program Files\Kaisen-RO\Kaisen-RO Updater.exe::Enabled:Kaisen-RO client" "C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe::Enabled:Flashget" "C:\ijji\ENGLISH\u_sf\soldierfront.exe"="C:\ijji\ENGLISH\u_sf\soldierfront.exe::Enabled:soldierfront" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe::Enabled:Bonjour" "C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe::Enabled:Adobe Version Cue CS3 Server" "C:\Program Files\EA GAMES\Battlefield 2 Demo\Bf2_w32ded.exe"="C:\Program Files\EA GAMES\Battlefield 2 Demo\Bf2_w32ded.exe::Enabled:Bf2_w32ded" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe::Enabled:eMule" "C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe"="C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe::Enabled:Adobe Flash CS3" "C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe::Enabled:Battlefield 2" "C:\Program Files\gPotato.eu\Rappelz\Launcher.exe"="C:\Program Files\gPotato.eu\Rappelz\Launcher.exe::Enabled:Rappelz" "C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe::Enabled:Medal of Honor Pacific Assault(tm)" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)" "C:\Program Files\FRoG Creator V0.4\Serveur\Server.exe"="C:\Program Files\FRoG Creator V0.4\Serveur\Server.exe::Enabled:Server" "C:\Documents and Settings\louis\Mes documents\bot\opencyc-1.0\server\cyc\run\bin\opencyc.exe"="C:\Documents and Settings\louis\Mes documents\bot\opencyc-1.0\server\cyc\run\bin\opencyc.exe::Enabled:opencyc" "C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe"="C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe::Enabled:Medal of Honor Airborne" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe::Disabled:Yahoo! FT Server" "C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe::Disabled:Yahoo! Messenger" "C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe::Enabled:logonui" "C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe::Enabled:winlogon" "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe::Enabled:Acrotray" "C:\Program Files\InterVideo\WinDVD\WinDVD.exe"="C:\Program Files\InterVideo\WinDVD\WinDVD.exe::Enabled:WinDVD" "C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe::Enabled:services" "C:\DOCUME~1\louis\LOCALS~1\Temp\60325cahp25cas.exe"="C:\DOCUME~1\louis\LOCALS~1\Temp\60325cahp25cas.exe::Enabled:Enabled" "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe::Enabled:Explorer" "C:\WINDOWS\SOUNDMAN.EXE"="C:\WINDOWS\SOUNDMAN.EXE::Enabled:SOUNDMAN" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29c229be-cf1b-11db-bd71-0060b3ce9c76}] shell\AutoRun\command - F:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e5dc4c7-bbd2-11dc-be93-0060b3ce9c76}] shell\AutoRun\command - F:\LaunchU3.exe ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2009-01-12 11:57:35 ----D---- C:\Program Files\trend micro 2009-01-12 11:57:21 ----D---- C:\rsit 2009-01-12 11:54:14 ----ASH---- C:\WINDOWS\system32\xyxndn.dll 2009-01-11 14:23:27 ----A---- C:\WINDOWS\system32\tmp.txt 2009-01-11 14:22:18 ----A---- C:\rapport.txt 2009-01-11 14:21:47 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\VACFix.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\swxcacls.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\o4Patch.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\IEDFix.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2009-01-11 14:21:46 ----A---- C:\WINDOWS\system32\404Fix.exe 2009-01-11 14:21:45 ----A---- C:\WINDOWS\system32\swsc.exe 2009-01-11 14:21:45 ----A---- C:\WINDOWS\system32\swreg.exe 2009-01-11 14:21:45 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2009-01-11 14:21:45 ----A---- C:\WINDOWS\system32\Process.exe 2009-01-11 14:21:45 ----A---- C:\WINDOWS\system32\dumphive.exe 2009-01-10 14:37:30 ----D---- C:\Program Files\Spybot 2009-01-10 14:30:52 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2009-01-10 14:30:51 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2009-01-10 14:30:49 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy) 2009-01-10 14:30:41 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2009-01-10 14:25:21 ----SH---- C:\WINDOWS\system32\olivebim.ini 2009-01-10 14:24:47 ----ASH---- C:\WINDOWS\system32\mrtnvi.dll 2009-01-09 21:16:13 ----SH---- C:\WINDOWS\system32\ovanosen.ini 2009-01-09 21:16:10 ----A---- C:\WINDOWS\system32\J0tJJ3Pu.exe.a_a 2009-01-09 21:16:10 ----A---- C:\WINDOWS\system32\J0tJJ3Pu.exe 2009-01-09 21:15:42 ----ASH---- C:\WINDOWS\system32\kcyrpi.dll 2009-01-08 22:22:32 ----SH---- C:\WINDOWS\system32\evatuyur.ini 2009-01-08 22:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\G DATA 2009-01-08 22:00:52 ----D---- C:\Program Files\CDRecordKit 2009-01-08 22:00:25 ----D---- C:\Program Files\Fichiers communs\G DATA 2009-01-08 21:40:13 ----A---- C:\WINDOWS\system32\onusewos.tmp 2009-01-07 22:57:03 ----D---- C:\Program Files\Microsoft Security Adviser 2009-01-07 22:56:59 ----A---- C:\0xf9.exe 2009-01-07 22:10:56 ----A---- C:\WINDOWS\system32\WNASPI32.DLL 2009-01-07 22:10:19 ----D---- C:\Program Files\AVK InternetSecurity 2009-01-07 21:27:22 ----SH---- C:\WINDOWS\system32\onusewos.ini 2009-01-06 22:39:15 ----SH---- C:\WINDOWS\system32\esuraboj.ini 2009-01-06 21:23:12 ----SH---- C:\WINDOWS\system32\ivisaruh.ini 2009-01-04 18:28:56 ----SH---- C:\WINDOWS\system32\ojowujap.ini 2009-01-04 17:35:42 ----D---- C:\Program Files\jugs ping move 2008-12-27 09:59:03 ----SH---- C:\WINDOWS\system32\igotapew.ini 2008-12-26 21:59:34 ----SH---- C:\WINDOWS\system32\uzukoboh.ini 2008-12-23 21:38:22 ----SH---- C:\WINDOWS\system32\iweyayes.ini 2008-12-20 18:24:30 ----SH---- C:\WINDOWS\system32\aresayum.ini 2008-12-19 22:48:22 ----SH---- C:\WINDOWS\system32\agezosih.ini 2008-12-17 13:53:17 ----SH---- C:\WINDOWS\system32\ayebigev.ini 2008-12-14 10:44:56 ----SH---- C:\WINDOWS\system32\uzifaguf.ini 2008-12-13 17:45:56 ----SH---- C:\WINDOWS\system32\ahirafed.ini ======List of files/folders modified in the last 1 months====== 2009-01-12 11:58:58 ----D---- C:\WINDOWS\Temp 2009-01-12 11:58:27 ----D---- C:\WINDOWS\Prefetch 2009-01-12 11:58:18 ----D---- C:\Program Files\FlashGet 2009-01-12 11:57:35 ----D---- C:\Program Files 2009-01-12 11:54:37 ----ASH---- C:\WINDOWS\system32\niyihifi.dll 2009-01-12 11:54:25 ----ASH---- C:\WINDOWS\system32\runasate.dll 2009-01-12 11:54:25 ----ASH---- C:\WINDOWS\system32\madudori.dll 2009-01-12 11:54:24 ----AD---- C:\WINDOWS\system32 2009-01-12 11:54:10 ----ASH---- C:\WINDOWS\system32\fugajezu.dll 2009-01-12 11:54:09 ----D---- C:\Program Files\Steam 2009-01-12 11:52:18 ----A---- C:\WINDOWS\ModemLog_PCI Soft Data Fax Modem with SmartCP.txt 2009-01-12 11:52:04 ----D---- C:\WINDOWS\Minidump 2009-01-12 11:52:04 ----D---- C:\WINDOWS 2009-01-11 16:27:19 ----D---- C:\Program Files\Mozilla Firefox 2009-01-11 16:23:24 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet 2009-01-11 16:21:54 ----D---- C:\WINDOWS\system32\LogFiles 2009-01-11 16:06:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-01-11 16:06:06 ----D---- C:\WINDOWS\system32\CatRoot2 2009-01-11 15:42:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-11 14:45:04 ----HD---- C:\WINDOWS\inf 2009-01-11 14:33:13 ----SD---- C:\WINDOWS\Tasks 2009-01-10 21:22:45 ----A---- C:\WINDOWS\WININIT.INI 2009-01-10 14:24:43 ----ASH---- C:\WINDOWS\system32\fovayaga.dll 2009-01-10 14:24:41 ----ASH---- C:\WINDOWS\system32\buyoyena.dll 2009-01-10 14:24:40 ----ASH---- C:\WINDOWS\system32\mibevilo.dll 2009-01-10 00:09:05 ----A---- C:\WINDOWS\NeroDigital.ini 2009-01-09 21:15:43 ----ASH---- C:\WINDOWS\system32\kelinepe.dll 2009-01-09 21:15:38 ----ASH---- C:\WINDOWS\system32\sujegaru.dll 2009-01-09 21:15:37 ----N---- C:\WINDOWS\system32\nesonavo.dll 2009-01-08 22:04:27 ----D---- C:\WINDOWS\system32\drivers 2009-01-08 22:00:25 ----D---- C:\Program Files\Fichiers communs 2009-01-08 21:39:23 ----N---- C:\WINDOWS\system32\ruyutave.dll 2009-01-08 21:39:22 ----ASH---- C:\WINDOWS\system32\kawolumi.dll 2009-01-07 22:10:01 ----HD---- C:\Program Files\InstallShield Installation Information 2009-01-07 21:27:16 ----N---- C:\WINDOWS\system32\sowesuno.dll 2009-01-07 21:27:14 ----ASH---- C:\WINDOWS\system32\lelizomo.dll 2009-01-06 22:39:10 ----ASH---- C:\WINDOWS\system32\jaduzumi.dll 2009-01-06 21:22:28 ----ASH---- C:\WINDOWS\system32\behubaza.dll 2009-01-06 21:22:26 ----N---- C:\WINDOWS\system32\hurasivi.dll 2009-01-04 18:28:49 ----N---- C:\WINDOWS\system32\pajuwojo.dll 2009-01-04 18:28:49 ----ASH---- C:\WINDOWS\system32\howiduga.dll 2009-01-04 17:36:33 ----D---- C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf 2009-01-04 17:36:27 ----D---- C:\Documents and Settings\louis\Application Data\jugs ping move 2009-01-04 17:30:00 ----ASH---- C:\WINDOWS\system32\metadomo.dll 2009-01-04 17:29:59 ----ASH---- C:\WINDOWS\system32\nebazifi.dll 2008-12-27 09:59:00 ----N---- C:\WINDOWS\system32\wepatogi.dll 2008-12-27 09:59:00 ----ASH---- C:\WINDOWS\system32\komabovo.dll 2008-12-26 21:59:01 ----ASH---- C:\WINDOWS\system32\zuziberi.dll 2008-12-23 21:37:34 ----ASH---- C:\WINDOWS\system32\wapozevo.dll 2008-12-23 21:37:33 ----ASH---- C:\WINDOWS\system32\fuzuhefu.dll 2008-12-20 18:21:33 ----ASH---- C:\WINDOWS\system32\piyadayi.dll 2008-12-20 18:21:32 ----N---- C:\WINDOWS\system32\muyasera.dll 2008-12-19 23:19:54 ----SHD---- C:\Config.Msi 2008-12-19 23:19:53 ----SHD---- C:\WINDOWS\Installer 2008-12-19 23:19:39 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-12-19 22:48:02 ----ASH---- C:\WINDOWS\system32\yohujoku.dll 2008-12-19 22:48:01 ----N---- C:\WINDOWS\system32\hisozega.dll 2008-12-17 13:52:59 ----ASH---- C:\WINDOWS\system32\ziyewila.dll 2008-12-17 13:52:58 ----ASH---- C:\WINDOWS\system32\wahotake.dll 2008-12-14 10:44:42 ----N---- C:\WINDOWS\system32\fugafizu.dll 2008-12-14 10:44:42 ----ASH---- C:\WINDOWS\system32\pinapuwe.dll 2008-12-13 17:45:52 ----N---- C:\WINDOWS\system32\defariha.dll 2008-12-13 17:45:52 ----ASH---- C:\WINDOWS\system32\senukare.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 FsVga;FsVga; C:\WINDOWS\system32\DRIVERS\fsvga.sys [2004-08-05 12416] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\prodrv04.sys [2007-08-31 114496] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488] R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys [] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2009-01-07 16512] R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544] R2 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\Lineage_II_-_Chronicle_5_-_m0o\Lineage II\system\npkcrypt.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-07 1235968] R3 GDInterceptor;GDInterceptor; \??\C:\WINDOWS\system32\interceptor.sys [] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys [] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168] R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729] R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801] R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2005-01-18 381312] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952] S1 aiptektp;HyperPen; C:\WINDOWS\system32\DRIVERS\aiptektp.sys [2004-07-07 22272] S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552] S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 cdrmkaun;cdrmkaun; \??\C:\DOCUME~1\louis\LOCALS~1\Temp\cdrmkaun.sys [] S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-05-17 25280] S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816] S3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-17 25505] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC301b;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-07 376832] R2 AVKProxy;AVKProxy; C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [2005-09-29 372736] R2 AVKService;AVK Service; C:\Program Files\AVK InternetSecurity\AVK\AVKService.exe [2004-09-28 299008] R2 AVKWCtl;Gardien d'AVK; C:\Program Files\AVK InternetSecurity\AVK\AVKWCtl.exe [2005-08-15 602112] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504] R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040] R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] R2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-15 654848] R3 GDFwSvc;Pare-feu personnel G DATA; C:\Program Files\AVK InternetSecurity\Firewall\GDFwSvc.exe [2005-09-05 1175552] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-03-19 68096] S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-09-04 107832] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] -----------------EOF----------------- -- Ce qui donne une éventuelle matière à suspecter une quelconque propagande ...
Mister_masque	Le 12/01/2009 à 13:00
	Ho mon dieu Infection Vundo, Lop, rogue et infection multiple. J'ai jamais vu un cas comparable. Désinstalle Spybot, tu as acheté Gdata ? ~~ Télécharge, installe et met à jour MalwareBytes. Aide: Un tutorial de MalwareBytes est disponible là Fait un examen complet de tout les lecteurs. Clique sur "Afficher les résultats" puis sur "Supprimer la sélection" et poste le rapport. ~~ Télécharge Lop S&D sur ton Bureau - Exécute le. - Sélectionne le français avec la touche "F" et appuie sur Entrée. - Un message de confirmation apparait, clique sur "Ok" - Sélectionne l'option 1 (Recherche) et appuie sur la touche Entrée. - La recherche s'effectue, patiente. Colle le rapport ici, pour cela : Menu Édition / Sélectionner Tout Menu Édition / copier Ici dans un nouveau message : clic droit / coller Bye bye --
Brako	Le 13/01/2009 à 14:39
	bonjour, Non je n'ai pas acheté Gdata (d'ailleurs je sais même pas ce que c'est ^^) J'ai un petit problème avec MalwareBytes : Après 15 heures de scan avec seulement la moitié des fichiers scannés, mon ordi a fini par planter..... Je pense pas que je puisse aller jusqu'au bout du scan ... Mais jusque qu'ici j'ai découvert 67 fichiers infectés par vundo dans system32, j'ai donc à nouveau fait le scan mais cette fois j'ai arrêté le processus après avoir découvert ces fichiers. Tu me dis ensuite de supprimer ces fichiers ("supprimer la sélection"), mais dans ces fichiers il y a un bon paquet avec l'extension .dll, Windows ne va t il pas être HS après la suppression de ces fichiers du system32 ? -- Ce qui donne une éventuelle matière à suspecter une quelconque propagande ...
Mister_masque	Le 13/01/2009 à 16:32
	Vundo doit vraiment bien ralentir le PC. Vundo fonctionne avec des .dll au nom aléatoire. Supprime tous ce qui est demandé avec MalwareBytes, fait lop S&D. Puis : Télécharge OTMoveIt3.exe (de Old_Timer) sur ton Bureau. Double-clique sur OTMoveIt3.exe pour le lancer. Assures toi que la case "Unregister Dll's and Ocx's" soit bien cochée. Copiez / collez les lignes suivantes (en vert) dans la fenêtre de gauche de OTMoveIt nommé "Paste List of Files/Folders to be moved" (zone fléché sur la capture :) Copie colle : :processes explorer.exe :files C:\Program Files\Microsoft Security Adviser\ C:\WINDOWS\odb.exe C:\WINDOWS\runsql.exe C:\WINDOWS\sv.exe c:\windows\system32\fovayaga.dll C:\WINDOWS\system32\lanefiki.dll :commands [EmptyTemp] [Start Explorer] Clique sur MoveIt! pour lancer la suppression. Si OTMoveIt propose de redémarrer votre PC, acceptez. Lorsque un résultat apparaît dans le cadre Results, cliquez sur Exit. Afficher le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles. ----------------------------- Désinstalle GData, via Poste de Travail >> Ajout/suppression Antivir est un antivirus gratuit et performant : Test: Avast-Antivir8-AVG8 Télécharge Antivir et installe le. Met le à jours en cliquant sur "Start a update" puis clique sur "Scan system now" pour faire un scan de ta machine. Si tu reçoit des messages d'alerte, parce que Antivir a trouvé des objets : Clique sur "Move to quarantine". Quand le scan est fini clique sur Report et envoie moi le rapport. Reposte un rapport RSIT (un nouveau). Rapport attendu: MalwareBytes Lop S&D OtmoveIt Antivir (rapport de scan) Un nouveau rapport RSIT Du travail en perspective, tu es sur la voix de la désinfection --
Brako	Le 13/01/2009 à 18:58
	Effectivement l'ordinateur rame beaucoup moins mais après le passage OTMoveIt3 il y a eu un "effet secondaire" : La barre de tâches n'affiche plus les icônes des programmes, de plus la plupart des raccourcis de démarrer -> programmes ont également disparus. Je n'arrive pas a désinstaller Gdata, il n'est pas dans ajout/suppression (pas que lui d'ailleurs il en manque pas mal) Lorsque je vais dans le dossier de Gdata dans C: pour trouver le exe de désinstallation et que je lance la désinstallation j'ai un message du genre : "accès refuser en raison d'un problème de sécurité" L'arrière plan du bureau et le gestionnaire de tâches sont toujours vérouillés. explorer.exe redémarre régulièrement. MalwareBytes : Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1645 Windows 5.1.2600 Service Pack 2 13/01/2009 16:32:24 mbam-log-2009-01-13 (16-32-24).txt Type de recherche: Examen complet (C:\\|) Eléments examinés: 20089 Temps écoulé: 5 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 5 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 5 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 49 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\mibevilo.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\fovayaga.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\lejivaya.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\xyxndn.dll (Trojan.Vundo.H) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c6ad0aa-064d-4f2d-8a4a-ae6fa9c0744d} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8c6ad0aa-064d-4f2d-8a4a-ae6fa9c0744d} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1a8b4cc-7fde-4665-98c6-e052b9e7a50b} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{f1a8b4cc-7fde-4665-98c6-e052b9e7a50b} (Trojan.Vundo.H) -> Delete on reboot. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\20994bc2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\joyehedeve (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm23aa785e (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\tagetega.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\tagetega.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\tagetega.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\fovayaga.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\fovayaga.dll -> Delete on reboot. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\xyxndn.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\betipafe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efapiteb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\busogeto.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\otegosub.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\defariha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ahirafed.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fugafizu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uzifaguf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gawodara.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\aradowag.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hisozega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\agezosih.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hurasivi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ivisaruh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lotipizo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ozipitol.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mibevilo.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\olivebim.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\muyasera.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\aresayum.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nesonavo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ovanosen.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nikalute.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\etulakin.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pajuwojo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ojowujap.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ruyutave.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\evatuyur.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sowesuno.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\onusewos.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tikiyabu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ubayikit.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tutepega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\agepetut.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedilune.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\enulidev.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\veketaha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ahatekev.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wepatogi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\igotapew.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yaluvufa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\afuvulay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yivozizi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\izizoviy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lejivaya.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\fovayaga.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\godanihe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Delete on reboot. Lop S&D : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz ) BIOS : Award Modular BIOS v6.00PG USER : louis ( Administrator ) BOOT : Normal boot Antivirus : G DATA AntiVirenKit 2006 16.0 (Activated) Firewall : G DATA Personal Firewall 1.0 (Activated) C:\ (Local Disk) - NTFS - Total:186 Go (Free:83 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) - FAT - Total:247 Mo (Free:0 Go) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [1] ( 13/01/2009\|17:40 ) --------------------\\ Listing des dossiers dans APPLIC~1 [17/08/2005\|10:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [29/03/2008\|11:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [17/08/2005\|12:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [30/03/2008\|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [09/03/2008\|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AGS Demo Game [17/08/2005\|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [15/09/2007\|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM [17/12/2007\|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [17/12/2007\|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [30/07/2007\|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bows 16 Skip Default [05/11/2007\|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [11/01/2009\|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [08/01/2009\|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\G DATA [21/03/2007\|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [03/02/2008\|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [19/03/2007\|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [12/01/2009\|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [09/04/2006\|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [01/11/2008\|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [10/10/2006\|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [23/05/2007\|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [17/08/2005\|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [04/10/2005\|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft [13/01/2009\|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [30/04/2008\|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir [30/04/2008\|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard [05/12/2005\|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [31/12/2007\|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [04/01/2009\|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf [05/11/2007\|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [18/06/2006\|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/03/2008\|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/08/2005\|10:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [17/08/2005\|12:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/01/2008\|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe [07/01/2008\|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\FlashGet [31/12/2005\|23:06] C:\DOCUME~1\INVIT~1\APPLIC~1\Help [17/08/2005\|10:50] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities [31/12/2005\|23:31] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia [01/11/2008\|15:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft [07/01/2008\|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla [07/01/2008\|15:45] C:\DOCUME~1\INVIT~1\APPLIC~1\Real [07/01/2008\|16:01] C:\DOCUME~1\INVIT~1\APPLIC~1\U3 [15/03/2008\|14:13] C:\DOCUME~1\INVIT~1\APPLIC~1\vlc [17/08/2005\|10:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [22/08/2007\|19:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire [19/06/2006\|09:40] C:\DOCUME~1\louis\APPLIC~1\.bittorrent [06/04/2008\|17:33] C:\DOCUME~1\louis\APPLIC~1\Adobe [12/07/2007\|08:40] C:\DOCUME~1\louis\APPLIC~1\AdobeUM [14/10/2006\|11:03] C:\DOCUME~1\louis\APPLIC~1\Ahead [17/12/2007\|18:43] C:\DOCUME~1\louis\APPLIC~1\Apple Computer [08/10/2005\|10:14] C:\DOCUME~1\louis\APPLIC~1\ArcSoft [05/11/2007\|17:09] C:\DOCUME~1\louis\APPLIC~1\Canon [12/07/2008\|10:54] C:\DOCUME~1\louis\APPLIC~1\Dev-Cpp [11/10/2007\|21:37] C:\DOCUME~1\louis\APPLIC~1\dvdcss [04/12/2007\|20:59] C:\DOCUME~1\louis\APPLIC~1\EPSON [29/11/2007\|22:41] C:\DOCUME~1\louis\APPLIC~1\F4 [25/04/2007\|18:05] C:\DOCUME~1\louis\APPLIC~1\FlashGet [12/03/2006\|17:36] C:\DOCUME~1\louis\APPLIC~1\Google [18/05/2008\|14:08] C:\DOCUME~1\louis\APPLIC~1\Hamachi [07/10/2005\|16:02] C:\DOCUME~1\louis\APPLIC~1\Help [17/08/2005\|10:50] C:\DOCUME~1\louis\APPLIC~1\Identities [12/07/2007\|20:58] C:\DOCUME~1\louis\APPLIC~1\ijjigame [12/07/2007\|08:23] C:\DOCUME~1\louis\APPLIC~1\InstallShield [07/11/2005\|15:16] C:\DOCUME~1\louis\APPLIC~1\InterTrust [08/09/2005\|18:57] C:\DOCUME~1\louis\APPLIC~1\InterVideo [04/01/2009\|17:36] C:\DOCUME~1\louis\APPLIC~1\jugs ping move [08/03/2008\|16:09] C:\DOCUME~1\louis\APPLIC~1\Lost Marble [18/11/2005\|16:30] C:\DOCUME~1\louis\APPLIC~1\Macromedia [12/01/2009\|14:16] C:\DOCUME~1\louis\APPLIC~1\Malwarebytes [03/07/2008\|18:44] C:\DOCUME~1\louis\APPLIC~1\Microsoft [28/01/2007\|10:41] C:\DOCUME~1\louis\APPLIC~1\Mozilla [28/02/2007\|19:08] C:\DOCUME~1\louis\APPLIC~1\Notepad++ [14/12/2007\|17:45] C:\DOCUME~1\louis\APPLIC~1\Nvu [12/07/2008\|10:15] C:\DOCUME~1\louis\APPLIC~1\Real [03/10/2005\|18:58] C:\DOCUME~1\louis\APPLIC~1\ScanSoft [19/12/2007\|16:49] C:\DOCUME~1\louis\APPLIC~1\SecuROM [22/02/2006\|21:14] C:\DOCUME~1\louis\APPLIC~1\Sun [14/09/2005\|14:24] C:\DOCUME~1\louis\APPLIC~1\Symantec [09/09/2005\|09:11] C:\DOCUME~1\louis\APPLIC~1\Template [28/10/2007\|21:26] C:\DOCUME~1\louis\APPLIC~1\U3 [19/04/2007\|20:55] C:\DOCUME~1\louis\APPLIC~1\vlc [29/03/2008\|14:06] C:\DOCUME~1\louis\APPLIC~1\Winamp [09/04/2006\|20:52] C:\DOCUME~1\louis\APPLIC~1\Yahoo! Messenger [26/12/2008\|22:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe [27/12/2008\|10:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\jugs ping move [24/11/2008\|07:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia [17/08/2005\|10:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [16/08/2007\|20:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [05/11/2008 23:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [13/01/2009 16:36][--ah-----] C:\WINDOWS\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\Program Files [21/01/2008\|21:15] C:\Program Files\ABBYY FineReader 6.0 Sprint [04/04/2007\|20:33] C:\Program Files\AceBIT [15/09/2005\|13:02] C:\Program Files\Activision Value [15/09/2007\|09:15] C:\Program Files\Adobe [11/07/2008\|19:57] C:\Program Files\AGEIA Technologies [17/08/2005\|11:23] C:\Program Files\Ahead [09/04/2006\|20:52] C:\Program Files\Alwil Software [06/01/2007\|14:19] C:\Program Files\Anuman Interactive [17/12/2007\|16:00] C:\Program Files\Apple Software Update [03/10/2005\|18:54] C:\Program Files\ArcSoft [20/10/2005\|19:16] C:\Program Files\Assistant de connexion WiFi [17/08/2005\|11:20] C:\Program Files\ATI Technologies [17/08/2006\|09:58] C:\Program Files\Auralog [08/01/2009\|22:04] C:\Program Files\AVK InternetSecurity [26/08/2007\|11:44] C:\Program Files\AxBx [25/12/2007\|16:16] C:\Program Files\Bethesda Softworks [15/09/2007\|08:46] C:\Program Files\Bonjour [01/05/2008\|11:15] C:\Program Files\Call of Duty Game of the Year Edition [03/10/2005\|18:55] C:\Program Files\Canon [18/07/2007\|08:07] C:\Program Files\CCleaner [08/01/2009\|22:00] C:\Program Files\CDRecordKit [29/03/2008\|10:51] C:\Program Files\Circle Developement [12/09/2005\|18:14] C:\Program Files\Codemasters [03/12/2005\|14:49] C:\Program Files\Command and Conquer Generals Data [17/08/2005\|10:46] C:\Program Files\ComPlus Applications [25/02/2006\|20:50] C:\Program Files\ComunX [17/08/2005\|11:19] C:\Program Files\CONEXANT [31/08/2007\|22:18] C:\Program Files\Cossacks [08/01/2006\|16:32] C:\Program Files\Creative [13/03/2006\|17:55] C:\Program Files\Cryo [13/02/2006\|18:44] C:\Program Files\Custom-Strike [12/07/2008\|10:18] C:\Program Files\Diablo II [12/09/2005\|18:19] C:\Program Files\directx [21/01/2008\|22:12] C:\Program Files\DivX [12/07/2008\|10:23] C:\Program Files\EA GAMES [12/07/2008\|11:40] C:\Program Files\e-anim701 [04/02/2007\|18:43] C:\Program Files\EasyPHP1-8 [19/10/2006\|15:27] C:\Program Files\Easyscreen Screen Capture Trial [29/07/2007\|18:56] C:\Program Files\Eidos Interactive [11/07/2008\|20:00] C:\Program Files\Electronic Arts [31/10/2007\|14:47] C:\Program Files\eMule [05/11/2007\|17:33] C:\Program Files\epson [01/12/2006\|17:41] C:\Program Files\Ethnos4 [03/07/2008\|20:17] C:\Program Files\Fate/stay night [08/01/2009\|22:00] C:\Program Files\Fichiers communs [10/01/2009\|14:30] C:\Program Files\File Scanner Library (Spybot - Search & Destroy) [12/07/2008\|10:48] C:\Program Files\FileZilla [11/09/2005\|15:41] C:\Program Files\Firefly Studios [13/01/2009\|17:40] C:\Program Files\FlashGet [30/09/2007\|21:07] C:\Program Files\flash-ro [04/09/2008\|18:12] C:\Program Files\Free [30/04/2008\|19:51] C:\Program Files\GIMP-2.0 [20/01/2007\|15:02] C:\Program Files\GlobFX Technologies [12/03/2006\|17:35] C:\Program Files\Google [03/02/2008\|10:18] C:\Program Files\gPotato.eu [19/08/2007\|19:43] C:\Program Files\Gravity [07/03/2008\|19:25] C:\Program Files\HTML Help Workshop [18/01/2006\|20:19] C:\Program Files\id Software [16/02/2006\|18:59] C:\Program Files\Illusion Softworks [26/08/2007\|17:56] C:\Program Files\Illustrate [07/01/2009\|22:10] C:\Program Files\InstallShield Installation Information [01/11/2008\|23:40] C:\Program Files\Internet Explorer [17/08/2005\|11:23] C:\Program Files\InterVideo [28/04/2008\|18:24] C:\Program Files\Java [04/01/2009\|17:35] C:\Program Files\jugs ping move [28/01/2007\|15:46] C:\Program Files\LaBoiteACouleurs [08/12/2006\|21:41] C:\Program Files\Lineage II [27/10/2006\|16:34] C:\Program Files\Logitech [12/01/2009\|14:16] C:\Program Files\Malwarebytes' Anti-Malware [25/07/2008\|17:46] C:\Program Files\Managed DirectX (0901) [18/10/2007\|16:20] C:\Program Files\MapThis [17/08/2005\|11:12] C:\Program Files\Messenger [06/04/2008\|08:36] C:\Program Files\Messenger Plus! Live [01/09/2007\|10:22] C:\Program Files\Microids [27/02/2008\|23:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [17/08/2005\|10:48] C:\Program Files\microsoft frontpage [10/10/2006\|17:29] C:\Program Files\Microsoft Office [07/01/2009\|22:57] C:\Program Files\Microsoft Security Adviser [09/07/2008\|17:40] C:\Program Files\Microsoft SQL Server [29/03/2008\|10:36] C:\Program Files\Microsoft SQL Server Compact Edition [17/08/2005\|11:21] C:\Program Files\Microsoft Works [10/10/2006\|17:28] C:\Program Files\Microsoft.NET [10/01/2009\|14:30] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) [08/03/2008\|16:11] C:\Program Files\Moho [01/10/2005\|14:44] C:\Program Files\Monte Cristo [12/07/2008\|11:37] C:\Program Files\MoonRO [17/08/2005\|10:46] C:\Program Files\Movie Maker [13/01/2009\|17:40] C:\Program Files\Mozilla Firefox [18/11/2005\|18:18] C:\Program Files\MSN [18/11/2005\|19:03] C:\Program Files\MSN Apps [17/08/2005\|10:45] C:\Program Files\MSN Gaming Zone [29/03/2008\|10:31] C:\Program Files\MSN Messenger [19/11/2006\|09:35] C:\Program Files\MSXML 4.0 [16/08/2007\|10:03] C:\Program Files\MSXML 6.0 [25/07/2008\|17:44] C:\Program Files\Musicalis [29/11/2006\|18:42] C:\Program Files\Namo [20/01/2007\|15:09] C:\Program Files\Netlor Studio [17/08/2005\|10:46] C:\Program Files\NetMeeting [28/02/2007\|19:03] C:\Program Files\Notepad++ [14/12/2007\|17:45] C:\Program Files\Nvu [17/08/2005\|10:45] C:\Program Files\Online Services [04/02/2007\|12:47] C:\Program Files\OpenAL [14/06/2007\|12:53] C:\Program Files\Outlook Express [01/11/2008\|19:18] C:\Program Files\PANZERS - Phase2 [17/06/2008\|18:36] C:\Program Files\Perfect Love [13/11/2005\|12:18] C:\Program Files\Post_Mortem Saves [17/12/2007\|16:02] C:\Program Files\QuickTime [08/09/2005\|16:39] C:\Program Files\Raccourcis de programmes [16/09/2005\|17:18] C:\Program Files\Raven [10/06/2007\|16:10] C:\Program Files\Real [29/03/2008\|11:02] C:\Program Files\Return to Castle Wolfenstein [03/10/2005\|18:57] C:\Program Files\ScanSoft [12/07/2008\|10:16] C:\Program Files\ScummVM [10/01/2009\|14:30] C:\Program Files\SDHelper (Spybot - Search & Destroy) [09/02/2006\|19:48] C:\Program Files\SeaTools Enterprise [27/11/2005\|15:26] C:\Program Files\Services en ligne [13/02/2006\|17:09] C:\Program Files\Softinterface, Inc [13/01/2009\|16:39] C:\Program Files\Spybot [12/01/2009\|14:08] C:\Program Files\Spybot - Search & Destroy [13/01/2009\|16:37] C:\Program Files\Steam [10/01/2009\|14:30] C:\Program Files\TeaTimer (Spybot - Search & Destroy) [08/01/2006\|23:09] C:\Program Files\THQ [12/01/2009\|11:59] C:\Program Files\trend micro [25/09/2005\|13:02] C:\Program Files\Ubi Soft [19/12/2007\|15:44] C:\Program Files\Ubisoft [25/07/2008\|17:41] C:\Program Files\Uninstall Information [19/04/2007\|20:50] C:\Program Files\VideoLAN [07/07/2006\|15:59] C:\Program Files\Vimicro [12/07/2008\|11:24] C:\Program Files\Voyage Century Online [10/09/2005\|08:38] C:\Program Files\Wanadoo Edition [29/03/2008\|14:06] C:\Program Files\Winamp [30/03/2008\|10:03] C:\Program Files\Windows Live [14/12/2007\|17:17] C:\Program Files\Windows Live Safety Center [25/12/2006\|20:19] C:\Program Files\Windows Media Connect 2 [25/12/2006\|20:19] C:\Program Files\Windows Media Player [17/08/2005\|10:45] C:\Program Files\Windows NT [17/08/2005\|10:46] C:\Program Files\WindowsUpdate [14/06/2006\|21:14] C:\Program Files\WinRAR [17/08/2005\|10:48] C:\Program Files\xerox [07/04/2007\|13:24] C:\Program Files\Xvid [29/03/2008\|11:03] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/09/2007\|09:17] C:\Program Files\Fichiers communs\Adobe [19/03/2007\|22:37] C:\Program Files\Fichiers communs\Adobe Systems Shared [17/08/2005\|11:22] C:\Program Files\Fichiers communs\Ahead [01/12/2006\|17:41] C:\Program Files\Fichiers communs\Borland Shared [15/09/2007\|09:13] C:\Program Files\Fichiers communs\Control Panels [10/10/2006\|17:28] C:\Program Files\Fichiers communs\DESIGNER [08/01/2009\|22:01] C:\Program Files\Fichiers communs\G DATA [30/04/2008\|19:55] C:\Program Files\Fichiers communs\GTK [05/11/2007\|17:37] C:\Program Files\Fichiers communs\InstallShield [22/02/2006\|21:06] C:\Program Files\Fichiers communs\Java [27/10/2006\|16:34] C:\Program Files\Fichiers communs\Logitech [15/09/2007\|08:38] C:\Program Files\Fichiers communs\Macrovision Shared [23/05/2007\|21:16] C:\Program Files\Fichiers communs\Merge Modules [19/12/2008\|23:19] C:\Program Files\Fichiers communs\Microsoft Shared [17/08/2005\|10:46] C:\Program Files\Fichiers communs\MSSoap [17/08/2005\|12:42] C:\Program Files\Fichiers communs\ODBC [12/07/2008\|10:15] C:\Program Files\Fichiers communs\Real [27/05/2008\|10:38] C:\Program Files\Fichiers communs\ScanSoft Shared [17/08/2005\|10:46] C:\Program Files\Fichiers communs\Services [17/08/2005\|12:42] C:\Program Files\Fichiers communs\SpeechEngines [14/06/2007\|12:53] C:\Program Files\Fichiers communs\System [26/02/2008\|20:02] C:\Program Files\Fichiers communs\WindowsLiveInstaller [11/07/2008\|19:56] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 58 Processes ) IEXPLORE.EXE ~ [PID:2632] IEXPLORE.EXE ~ [PID:3108] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\01 BONE.exe C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Site free.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Site free.exe C:\Program Files\Circle Developement C:\Program Files\Circle Developement\Uninstall.exe C:\DOCUME~1\louis\Cookies\louis@adultfriendfinder[1].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "close surf mail dupe"="C:\\Documents and Settings\\All Users\\Application Data\\Tick Find Close Surf\\Site free.exe" --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 75 [ 70 ## added by CiD ] /!\ 4 Not 127.0.0.1 !! --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-13 17:43:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 917 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\louis\Application Data\Microsoft\Office\R‚cent\[XBOX 360] Crackdown.doc.lnk [F:6][D:4]-> C:\DOCUME~1\louis\LOCALS~1\Temp [F:64][D:0]-> C:\DOCUME~1\louis\Cookies [F:250][D:4]-> C:\DOCUME~1\louis\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 13/01/2009\|17:46 - Option : [1] --------------------\\ Fin du rapport a 17:46:04 OtmoveIt : ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\Program Files\Microsoft Security Adviser moved successfully. File/Folder C:\WINDOWS\odb.exe not found. File/Folder C:\WINDOWS\runsql.exe not found. File/Folder C:\WINDOWS\sv.exe not found. File/Folder c:\windows\system32\fovayaga.dll not found. File/Folder C:\WINDOWS\system32\lanefiki.dll not found. ========== COMMANDS ========== User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\tmp00004c87\tmp00000000 scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\tmp000048ea\tmp00000000 scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\JETBE9C.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\JETEE09.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\JETEEE4.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\JETF126.tmp scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01132009_175020 Files moved on Reboot... File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. C:\WINDOWS\temp\tmp00004c87\tmp00000000 moved successfully. C:\WINDOWS\temp\tmp000048ea\tmp00000000 moved successfully. C:\WINDOWS\temp\JETBE9C.tmp moved successfully. C:\WINDOWS\temp\JETEE09.tmp moved successfully. C:\WINDOWS\temp\JETEEE4.tmp moved successfully. C:\WINDOWS\temp\JETF126.tmp moved successfully. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\louis\Local Settings\Application Data\Mozilla\Firefox\Profiles\jz5c0q33.default\Cache\_CACHE_MAP_ moved successfully. -- Ce qui donne une éventuelle matière à suspecter une quelconque propagande ...
Mister_masque	Le 13/01/2009 à 19:03
	Salut, Pas impossible que l'infection est corrompu des fichiers système. On va finir la désinfection et réparer, tu as bien ton CD de Windows (on formatera pas) ? Tu as un antivirus installé ? Si oui, désinstalle le puis installe Antivir. Relance Lop S&D et sélectionne l'option 2 ! Puis: - Télécharger HijackThis de Merijn sur ton bureau. - Clique sur Install pour exécuter HijackThis Si tu es sous Vista : Clique droit >> Exécuter en tant qu'administrateur - Double-clic sur HijackThis - Génère un rapport en suivant ces indications : - Exécute le et clique sur Do a scan and save log file. - Le rapport s'ouvre sous forme de Bloc-Note Colle le rapport ici, pour cela : Menu Édition / Sélectionner Tout Menu Édition / copier Ici dans un nouveau message : clic droit / coller Aide: N'hésite pas à consulter l'aide : Aide HJT si tu n'y arrives pas. @++ --
Brako	Le 13/01/2009 à 19:10
	Mister_masque a écrit : On va finir la désinfection et réparer, tu as bien ton CD de Windows (on formatera pas) ? Comme j'étais un boulet (il y encore pas si longtemps), lorsque j'ai acheté le PC je n'ai pas regardé si on m'avait fourni le CD .... c'est bête .... Bon je continue la désinfection on verra par la suite .... -- Ce qui donne une éventuelle matière à suspecter une quelconque propagande ...
Mister_masque	Le 13/01/2009 à 19:18
	Ok, sa serais bien de vérifier. Après, je vais être triplement vigilant dans mes procédure pour limiter la casse. Bon courage pour la suite :) --

Vous avez résolu votre problème avec VIC ? Faites-le savoir sur les réseaux sociaux !