Demande d'anaylse suite a linkbee page web intenpestive

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Demande d'anaylse suite a linkbee page web intenpestive

Messagede heros21 » 14 Aoû 2009, 10:56

Voila moi j'ai rien trouver mais je ne suis pas un spéblurpte.

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nero\Nero8\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\recycler\snss.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinFlip\WinFlip.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\clara\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/file ... 0c&Ext=rar
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [service] c:\recycler\snss.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\launcher.exe
O4 - HKCU\..\Run: [WinFlip] C:\Program Files\WinFlip\WinFlip.exe
O4 - HKCU\..\Run: [ViSplore] C:\Program Files\ViSplore\ViSplore.exe
O4 - HKCU\..\Run: [Buyertools Reminder] "C:\Program Files\Buyertools Reminder\Reminder.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
heros21
 
Messages: 3
Inscription: 14 Aoû 2009, 10:50

Messagede nickW » 14 Aoû 2009, 11:21

Bonjour,


Pourrais-tu, s'il te plaît, envoyer un log HijackThis complet?

Merci.


Au revoir

PS:
En bleu, ce sont des marques de politesse, dont tu sembles ignorer l'usage.
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede heros21 » 14 Aoû 2009, 11:28

Bonjour donc je sais pas si il est complet mais voila.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:54, on 14/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nero\Nero8\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\recycler\snss.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinFlip\WinFlip.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\clara\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/file ... 0c&Ext=rar
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [service] c:\recycler\snss.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\launcher.exe
O4 - HKCU\..\Run: [WinFlip] C:\Program Files\WinFlip\WinFlip.exe
O4 - HKCU\..\Run: [ViSplore] C:\Program Files\ViSplore\ViSplore.exe
O4 - HKCU\..\Run: [Buyertools Reminder] "C:\Program Files\Buyertools Reminder\Reminder.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

J'avais pas pris depuis le début désoler.
Merci de bien vouloir m'aider.
heros21
 
Messages: 3
Inscription: 14 Aoû 2009, 10:50

Messagede nickW » 15 Aoû 2009, 00:51

Bonsoir,


Le log HijackThis n'est pas assez détaillé.


Peux-tu suivre les instructions de ce sujet et envoyer les trois rapports demandés?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede heros21 » 15 Aoû 2009, 12:05

Bonjour voici se qui été demandé en précisant que j'ai passer malwarebytes et j'ai supprimer déja des fichiers suspect mais il faut voir si il reste rien.J'ai aussi changer d'antivirus j'ai mis antivir.Voici les rapport.

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2623
Windows 5.1.2600 Service Pack 3

15/08/2009 12:55:44
mbam-log-2009-08-15 (12-55-38).txt

Type de recherche: Examen rapide
Eléments examinés: 97744
Temps écoulé: 6 minute(s), 45 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


OTL logfile created on: 15/08/2009 12:57:08 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\clara\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,48 Mb Total Physical Memory | 425,76 Mb Available Physical Memory | 41,60% Memory free
2,41 Gb Paging File | 1,80 Gb Available in Paging File | 74,82% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72,05 Gb Total Space | 4,30 Gb Free Space | 5,97% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 2,09 Gb Free Space | 10,70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 48,83 Gb Total Space | 3,47 Gb Free Space | 7,11% Space Free | Partition Type: NTFS
Drive H: | 58,59 Gb Total Space | 3,59 Gb Free Space | 6,13% Space Free | Partition Type: NTFS
Drive I: | 45,23 Gb Total Space | 4,70 Gb Free Space | 10,39% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 1,54 Gb Free Space | 0,52% Space Free | Partition Type: NTFS

Computer Name: NEO
Current User Name: clara
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/05/03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2007/07/20 01:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2006/05/03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/14 04:34:04 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/02/28 13:03:48 | 01,083,176 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCD.exe
PRC - [2003/09/15 22:00:00 | 00,270,336 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
PRC - [2006/05/16 12:58:18 | 00,086,960 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
PRC - [2007/03/11 22:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [1999/12/13 10:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe
PRC - [2007/04/02 08:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2008/02/28 13:04:08 | 01,440,552 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
PRC - [2007/07/20 01:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/02/28 13:04:08 | 00,053,032 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
PRC - [2008/12/19 22:30:35 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2009/01/31 21:32:32 | 00,099,904 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
PRC - [2008/10/31 08:24:28 | 00,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008/10/31 08:24:28 | 01,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2009/06/01 13:41:45 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
PRC - [2007/07/20 01:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/10/31 08:24:26 | 01,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008/04/14 04:34:26 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/08/14 22:04:59 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/08/14 22:04:59 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/08/05 07:27:20 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/18 12:56:06 | 00,272,688 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
PRC - [2006/08/21 15:43:56 | 00,892,928 | ---- | M] () -- C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
PRC - [2009/08/15 12:42:40 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\clara\Bureau\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/04/14 04:33:18 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Running])
SRV - [2005/10/19 19:19:10 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/05/03 18:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2006/05/03 12:57:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999/12/13 10:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2007/04/02 08:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007/01/04 03:40:21 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/06/04 22:14:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/06/04 22:14:50 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2005/11/14 02:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/02/28 13:04:08 | 01,440,552 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
SRV - [2007/07/20 01:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
SRV - [2007/07/20 01:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2007/07/20 01:42:30 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
SRV - [2008/02/28 13:04:08 | 00,053,032 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv [Auto | Running])
SRV - [2006/11/08 17:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/02/28 17:07:48 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2005/02/09 13:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\pclepci.sys -- (PCLEPCI [Auto | Stopped])
SRV - [2006/11/08 17:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2008/12/19 22:30:35 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2009/01/31 21:32:32 | 00,099,904 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
SRV - [2008/10/31 08:24:28 | 00,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher [Auto | Running])
SRV - [2008/10/31 08:24:28 | 01,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4 [Auto | Running])
SRV - File not found -- -- (StarWindServiceAE [Auto | Stopped])
SRV - [2009/06/01 13:41:42 | 00,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2009/06/01 13:41:45 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Running])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
SRV - [2009/04/27 14:21:36 | 00,028,928 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2006/11/03 10:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2009/08/14 22:04:59 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/08/14 22:04:59 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 20:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2006/05/11 14:11:00 | 00,472,096 | ---- | M] (D-Link Corporation) -- C:\WINDOWS\System32\DRIVERS\A3AB.sys -- (A3AB [On_Demand | Running])
DRV - [2008/01/23 10:19:44 | 00,501,560 | ---- | M] (Protect Software GmbH) -- C:\WINDOWS\System32\drivers\acedrv11.sys -- (acedrv11 [Auto | Running])
DRV - [2007/10/26 12:20:40 | 04,124,352 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2005/12/11 12:55:38 | 00,028,195 | ---- | M] (Alpha Networks Inc.) -- C:\WINDOWS\System32\ANIO.SYS -- (ANIO [Auto | Running])
DRV - [2001/12/10 17:29:42 | 00,017,101 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32 [Auto | Running])
DRV - [2006/05/03 18:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2008/04/04 13:40:20 | 00,271,360 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])
DRV - [2008/04/13 20:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2007/02/16 02:57:04 | 00,034,760 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV - [2007/08/07 21:48:33 | 00,025,160 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV - [2008/04/13 20:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2001/08/17 23:02:32 | 00,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\hidgame.sys -- (hidgame [On_Demand | Stopped])
DRV - [2007/03/06 14:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2007/03/06 14:20:50 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2007/03/06 14:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2008/02/28 13:03:48 | 00,128,424 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDFs.sys -- (InCDfs [Disabled | Running])
DRV - [2008/02/28 13:03:58 | 00,038,952 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDPass.sys -- (InCDPass [System | Running])
DRV - [2008/02/28 13:03:58 | 00,040,360 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys -- (incdrm [System | Running])
DRV - [2006/07/17 16:59:50 | 00,006,528 | ---- | M] () -- C:\WINDOWS\System32\Drivers\KEYBOARDWD.SYS -- (KEYBOARDWDFilter [On_Demand | Running])
DRV - [2008/04/04 13:40:19 | 00,018,048 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])
DRV - [2007/07/20 01:37:56 | 02,109,592 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\LVcKap.sys -- (LVcKap [On_Demand | Running])
DRV - [2007/07/20 01:39:50 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys -- (LVMVDrv [On_Demand | Running])
DRV - [2007/05/11 17:30:04 | 01,921,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\lvpopflt.sys -- (lvpopflt [On_Demand | Running])
DRV - [2007/07/18 18:42:42 | 00,025,624 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
DRV - [2007/05/11 17:31:22 | 00,041,888 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2007/05/11 18:31:36 | 03,580,832 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\DRIVERS\lvuvc.sys -- (LVUVC [On_Demand | Running])
DRV - [2007/01/04 11:07:00 | 00,171,520 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
DRV - [2008/04/13 20:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2001/08/18 00:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2003/08/13 03:45:00 | 00,036,864 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvax.sys -- (nvax [On_Demand | Running])
DRV - [2003/06/07 00:53:16 | 00,070,656 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENET.sys -- (NVENET [On_Demand | Stopped])
DRV - [2003/08/13 03:45:00 | 00,311,552 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvapu.sys -- (nvnforce [On_Demand | Stopped])
DRV - [2003/03/19 09:51:00 | 00,018,688 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp [Boot | Running])
DRV - [2007/12/28 12:16:31 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
DRV - [2004/08/09 13:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06 [System | Running])
DRV - [2004/08/09 13:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02 [Boot | Running])
DRV - [2004/07/19 16:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1 [Boot | Running])
DRV - [2002/09/07 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/08/01 00:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/10/31 08:09:06 | 00,270,888 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys -- (SbFw [System | Running])
DRV - [2008/06/21 05:54:54 | 00,065,576 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\DRIVERS\sbfwim.sys -- (SBFWIMCL [On_Demand | Running])
DRV - [2008/06/21 05:54:54 | 00,066,600 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips [System | Running])
DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005/08/10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
DRV - [2003/12/01 17:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01 [Boot | Running])
DRV - [2005/05/16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2005/10/13 15:46:08 | 00,035,328 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03 [Boot | Running])
DRV - [2005/11/03 16:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running])
DRV - [2003/05/09 09:55:02 | 00,089,749 | R--- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r [Boot | Running])
DRV - [2003/02/12 06:37:48 | 00,009,600 | R--- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter [Boot | Running])
DRV - [2008/04/26 15:08:50 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009/06/17 21:00:31 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2008/06/20 13:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2008/04/13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2003/10/17 00:27:00 | 00,176,256 | R--- | M] (Marvell Semiconductor Inc.) -- C:\WINDOWS\System32\DRIVERS\yukonx86.sys -- (yukonx86 [On_Demand | Stopped])
DRV - [2009/03/24 16:07:58 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Stopped])
DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2009/08/14 22:05:00 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\S-1-5-21-1343024091-1844237615-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.14
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:3.22
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}:1.3.4
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.5
FF - prefs.js..extensions.enabledItems: splash@aldreneo.com:2.0.2
FF - prefs.js..extensions.enabledItems: doudehou@gmail.com:0.2.19
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: {0fa2149e-bb2c-4ac2-a8d3-479599819475}:1.5
FF - prefs.js..extensions.enabledItems: {139a120b-c2ea-41d2-bf70-542d9f063dfd}:2.03.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.11
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..extensions.enabledItems: stratareloaded@addons.mozilla.org:2.1.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/20 00:22:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/05 07:27:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/05 07:27:28 | 00,000,000 | ---D | M]

[2009/02/04 21:24:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Extensions
[2009/02/04 21:24:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/14 22:12:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions
[2009/02/13 00:25:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{05BF52F6-A4F9-48B9-84ED-F8D83762E619}
[2009/02/04 21:24:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{0fa2149e-bb2c-4ac2-a8d3-479599819475}
[2009/07/14 14:18:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/07/14 14:18:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}
[2009/02/04 21:24:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/04/24 10:27:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2b}
[2009/04/03 19:50:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2009/06/30 07:17:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/06/20 04:15:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/07/14 14:18:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2009/02/04 21:24:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66}
[2009/06/30 07:17:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/07/14 14:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/20 04:15:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009/02/04 21:24:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/06/30 07:17:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}
[2009/03/06 20:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\amin.eft_Shutdown@gmail.com
[2009/04/24 10:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\doudehou@gmail.com
[2009/04/24 10:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\doudehou@gmail.com-trash
[2009/07/14 14:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\elemhidehelper@adblockplus.org
[2009/02/04 21:24:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\FasterFox_Lite@BigRedBrent
[2009/07/14 14:18:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\piclens@cooliris.com
[2009/03/06 20:18:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\splash@aldreneo.com
[2009/06/30 07:17:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\stratareloaded@addons.mozilla.org
[2009/06/30 07:17:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.0x\mozapps\extensions
[2009/06/30 07:17:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.5x\mozapps\extensions
[2009/06/30 07:17:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\clara\Application Data\mozilla\Firefox\Profiles\zs31d8at.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.6x\mozapps\extensions
[2009/07/24 22:56:51 | 00,002,172 | ---- | M] () -- C:\Documents and Settings\clara\Application Data\Mozilla\FireFox\Profiles\zs31d8at.default\searchplugins\bing.xml
[2009/02/24 21:07:38 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\clara\Application Data\Mozilla\FireFox\Profiles\zs31d8at.default\searchplugins\binnewz-france.xml
[2009/02/04 21:27:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/05 07:27:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/05 07:27:19 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/05 07:27:19 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2008/11/07 23:09:10 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2004/07/02 15:51:00 | 00,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2009/01/16 20:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/05/12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/01/07 18:29:18 | 01,447,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/05 07:27:22 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/11/07 23:09:08 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2008/11/07 23:09:10 | 00,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2008/09/10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/01/23 14:09:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/01/23 14:09:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/01/23 14:09:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/01/23 14:09:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/01/23 14:09:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/09/10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2008/09/15 11:52:06 | 00,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2009/05/01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/06/24 14:31:33 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/06/24 14:31:33 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/06/24 14:31:33 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/06/24 14:31:33 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/06/24 14:31:33 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/06/24 14:31:33 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (292109 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10057 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-1343024091-1844237615-725345543-1003..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe ()
O9 - Extra Button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1343024091-1844237615-725345543-1003\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/21 00:49:10 | 00,000,095 | ---- | M] () - C:\autoexec.000 -- [ NTFS ]
O32 - AutoRun File - [2008/11/09 15:27:31 | 00,000,139 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{85821754-1392-11dd-9e50-001b11099bf4}\Shell - "" = AutoRun
O33 - MountPoints2\{85821754-1392-11dd-9e50-001b11099bf4}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
File not found -- C:\Documents and Settings\clara\Mes documents\clara.
[2009/08/15 12:42:39 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\clara\Bureau\OTL.exe
[2009/08/14 21:59:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/08/14 21:59:48 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/08/14 21:59:48 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/08/14 21:59:48 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/08/14 21:59:48 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/08/14 21:59:48 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/08/14 21:59:46 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/08/14 21:59:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/08/14 15:45:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Application Data\Malwarebytes
[2009/08/14 15:44:57 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/14 15:44:56 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/08/14 15:44:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/14 15:44:55 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/11 22:27:08 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/08/11 22:27:00 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009/08/10 14:05:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Bureau\Photo modifier
[2009/08/09 00:51:38 | 00,001,494 | ---- | C] () -- C:\Documents and Settings\clara\Bureau\Editeur KaraFun.lnk
[2009/08/09 00:51:38 | 00,000,616 | ---- | C] () -- C:\Documents and Settings\clara\Bureau\KaraFun.lnk
[2009/08/09 00:51:34 | 00,000,000 | ---D | C] -- C:\Program Files\KaraFun
[2009/08/06 13:23:41 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\clara\Bureau\HiJackThis.exe
[2009/08/05 19:33:33 | 00,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2009/07/25 09:29:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\VIRepair
[2009/07/22 22:27:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Application Data\ViSplore
[2009/07/22 22:27:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Application Data\ViStart
[2009/07/22 22:18:22 | 00,000,000 | ---D | C] -- C:\Program Files\ViSplore
[2009/07/22 22:18:19 | 00,000,000 | ---D | C] -- C:\Program Files\TrueTransparency
[2009/07/22 22:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\WinFlip
[2009/07/22 22:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Vista Rainbar
[2009/07/22 22:11:45 | 00,078,942 | ---- | C] () -- C:\WINDOWS\Icon_1.ico
[2009/07/22 22:11:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\VITrans
[2009/07/22 22:11:30 | 00,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2009/07/22 22:11:30 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2009/07/22 22:11:30 | 00,019,968 | ---- | C] (Dead Knight) -- C:\WINDOWS\System32\reico.exe
[2009/07/22 22:11:30 | 00,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2009/07/22 22:11:30 | 00,000,000 | ---D | C] -- C:\VTPFiles
[2009/07/22 22:10:17 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\scrnrdr.exe
[2009/07/20 19:24:48 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/07/20 01:19:05 | 00,816,562 | ---- | C] () -- C:\Documents and Settings\clara\Bureau\[6347]NeoGammaR6HBC.zip
[2009/07/20 00:30:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Local Settings\Application Data\WBFSManager
[2009/07/20 00:28:02 | 00,000,000 | ---D | C] -- C:\Program Files\WBFS
[2009/07/20 00:28:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Mes documents\WBFS Manager Covers
[2009/07/20 00:18:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/07/20 00:00:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\clara\Bureau\carte sd
[2009/07/18 20:30:00 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2009/07/18 20:30:00 | 00,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2009/07/17 21:03:33 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/06/28 23:47:17 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/20 23:56:49 | 00,000,247 | ---- | C] () -- C:\WINDOWS\w32dasm8.ini
[2009/04/20 19:02:40 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\Pbpr01sw.dll
[2009/04/19 23:53:03 | 00,000,030 | ---- | C] () -- C:\WINDOWS\SWPRODPB.INI
[2009/04/19 23:15:23 | 00,000,547 | ---- | C] () -- C:\WINDOWS\w32demo8.ini
[2009/04/03 19:52:20 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009/02/17 00:30:42 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2009/02/13 14:12:30 | 00,139,008 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2008/12/19 22:30:54 | 00,140,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/11/15 05:47:28 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008/11/15 05:46:42 | 00,006,651 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/09/16 22:52:04 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2008/08/26 18:44:18 | 00,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/26 12:02:59 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvGarmin.dll
[2008/08/26 12:02:59 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMagellan.dll
[2008/08/26 12:02:59 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSena.dll
[2008/08/26 12:02:59 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMlr.dll
[2008/08/26 12:02:59 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvLowrance.dll
[2008/08/26 12:02:59 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSilva.dll
[2008/08/26 12:02:59 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvPyx.dll
[2008/08/26 12:02:59 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvAvmap.dll
[2008/08/26 12:02:59 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSuu.dll
[2008/08/26 12:02:40 | 00,688,128 | ---- | C] () -- C:\WINDOWS\System32\BCGCB474.dll
[2008/08/26 12:02:40 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\ConversApi.dll
[2008/08/26 12:02:40 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\Polyclip.dll
[2008/08/26 12:02:40 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResFRA.dll
[2008/08/26 12:02:40 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\Ogc.dll
[2008/08/26 12:02:40 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\Nmea.dll
[2008/08/26 12:02:40 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\RCalcul.dll
[2008/08/26 12:00:06 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\CP30FW.DLL
[2008/05/21 20:11:25 | 00,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\KEYBOARDWD.SYS
[2008/05/18 11:50:43 | 00,000,120 | ---- | C] () -- C:\WINDOWS\csmash.ini
[2008/04/04 13:40:20 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008/04/04 13:40:19 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008/03/28 22:14:51 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/03/21 08:29:38 | 00,000,281 | ---- | C] () -- C:\WINDOWS\onlineeye.INI
[2008/02/18 22:00:45 | 00,205,824 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/02/18 21:27:07 | 00,205,824 | ---- | C] () -- C:\WINDOWS\pw32a.dll
[2008/02/10 23:43:56 | 00,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2008/01/21 21:51:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008/01/19 17:57:50 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2008/01/10 21:19:00 | 00,001,056 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/01/09 14:40:12 | 00,000,140 | ---- | C] () -- C:\WINDOWS\RealFlight.INI
[2008/01/09 14:40:00 | 00,000,238 | ---- | C] () -- C:\WINDOWS\emug3.ini
[2008/01/05 21:12:30 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/12/28 11:13:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/12/10 21:38:01 | 00,000,225 | ---- | C] () -- C:\WINDOWS\navigma.INI
[2007/11/28 14:21:39 | 00,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/11/28 14:17:47 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7K.DLL
[2007/11/26 21:56:28 | 00,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/11/24 13:59:45 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/11/23 19:17:54 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/11/22 23:22:36 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/11/22 20:32:32 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/11/22 06:32:30 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2007/11/22 06:18:27 | 00,018,253 | R--- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2007/11/22 06:17:07 | 00,003,611 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/11/22 06:17:06 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/11/14 06:57:54 | 00,223,744 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll
[2007/07/18 18:42:42 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/05/11 17:12:54 | 00,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/01/26 02:04:12 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 02:04:12 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006/04/25 21:25:56 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004/08/04 06:54:44 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2002/09/07 02:00:00 | 00,000,651 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/09/07 02:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
File not found -- C:\Documents and Settings\clara\Mes documents\clara.
[2009/08/15 12:56:00 | 00,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D4BF9121-E389-4D5D-8EF9-C7511B27CB99}.job
[2009/08/15 12:42:40 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\clara\Bureau\OTL.exe
[2009/08/15 12:19:38 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/15 12:19:28 | 00,182,784 | ---- | M] () -- C:\Documents and Settings\clara\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/15 12:00:03 | 00,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2009/08/15 11:55:30 | 00,000,565 | ---- | M] () -- C:\Documents and Settings\clara\Mes documents\Mes dossiers de partage.lnk
[2009/08/14 22:05:00 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/08/14 21:55:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/14 21:55:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/14 21:55:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2009/08/14 21:53:45 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/08/14 09:45:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/13 22:42:39 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/10 19:00:36 | 00,001,056 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/08/09 00:51:38 | 00,001,494 | ---- | M] () -- C:\Documents and Settings\clara\Bureau\Editeur KaraFun.lnk
[2009/08/09 00:51:38 | 00,000,616 | ---- | M] () -- C:\Documents and Settings\clara\Bureau\KaraFun.lnk
[2009/08/07 08:43:27 | 10,733,07648 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/08/06 13:23:47 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\clara\Bureau\HiJackThis.exe
[2009/08/05 11:00:38 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 11:00:38 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/07/28 00:26:40 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/07/22 22:21:30 | 00,071,120 | ---- | M] () -- C:\Documents and Settings\clara\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/22 22:20:48 | 00,255,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/22 22:11:45 | 00,078,942 | ---- | M] () -- C:\WINDOWS\Icon_1.ico
[2009/07/20 01:19:08 | 00,816,562 | ---- | M] () -- C:\Documents and Settings\clara\Bureau\[6347]NeoGammaR6HBC.zip
[2009/07/20 00:26:41 | 00,510,324 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/07/20 00:26:41 | 00,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/07/20 00:26:41 | 00,084,526 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/07/20 00:26:41 | 00,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/07/20 00:26:40 | 01,121,724 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009/07/19 18:45:00 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/07/19 15:15:02 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/07/18 20:30:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/07/18 20:30:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/07/17 21:03:33 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/17 21:03:33 | 00,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atl.dll
<End>


OTL Extras logfile created on: 15/08/2009 12:57:08 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\clara\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,48 Mb Total Physical Memory | 425,76 Mb Available Physical Memory | 41,60% Memory free
2,41 Gb Paging File | 1,80 Gb Available in Paging File | 74,82% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72,05 Gb Total Space | 4,30 Gb Free Space | 5,97% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 2,09 Gb Free Space | 10,70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 48,83 Gb Total Space | 3,47 Gb Free Space | 7,11% Space Free | Partition Type: NTFS
Drive H: | 58,59 Gb Total Space | 3,59 Gb Free Space | 6,13% Space Free | Partition Type: NTFS
Drive I: | 45,23 Gb Total Space | 4,70 Gb Free Space | 10,39% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 1,54 Gb Free Space | 0,52% Space Free | Partition Type: NTFS

Computer Name: NEO
Current User Name: clara
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1343024091-1844237615-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1723:TCP" = 1723:TCP:*:Enabled:@x
Mon PC N°1
My pc
  • Système d'exploitation + version :

    • Windows XP PRO
    • SP3
  • Configuration sécurité
    • Pare feu + version
      Sunbelt personnal firewall version 4.6.1861
    • Antivirus
      Avira 9
    • Anti-trojans
      Spybot 1.6, malawarebytes
    • Anti-spams
    • Anti-publicités et pop-up
    • Limitation droits utilisateurs
      Administrateur
    • Limitation services Windows
    • Contrôleur d'intégrité
    • Protection navigation
  • Surveillance système
  • Configuration optimisation système
    • Nettoyeur fichiers
      tuneup 2009,ccleaner
    • Nettoyeur registre
      tuneup 2009,ccleaner
  • Navigation internet
    • Type de connexion
      ADSL
    • Surveillance de la connexion
    • Navigateur
      firefox 3.5.2, explorer 8
    • Courrielleur
    • Messagerie instantanée
      MSN
    • Autres
heros21
 
Messages: 3
Inscription: 14 Aoû 2009, 10:50


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 18 invités