Tom's Guide > Forum > Sécurité - Virus > Pub intenpestive,virus

Pub intenpestive,virus

Forum Sécurité - Virus : Pub intenpestive,virus

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
djej68   25-06-2007 à 15:41:40

Bonjours:

Un ami est infecter il a des pub intenpestive,le pc est lent etc...
Voici son rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:40:46, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\system32\tdfotagt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3plus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Quantin\Bureau\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Heck sign dash cash] C:\Documents and Settings\All Users\Application Data\ErrorSkipHeckSign\Media grid.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Window Creative] C:\DOCUME~1\Quantin\APPLIC~1\COALGR~1\firstgrimlive.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://big68470.spaces.live.com//P [...] nPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn. [...] tPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{68394A03-7B36-419E-B545-4C14AD64590B}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44DF079-0D21-4D52-98B9-398961898F5E}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 11804 bytes

------------------------------ www.Hinsolite.com
Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
djej68   25-06-2007 à 17:18:02
- 0 +

Svp les helper pouriez vous me trouver une solution pour que je l'aide car quand il jou a des jeux en réseau il n'est jamais tranquille car il y'a des pub qui s'affiche et sa l'enléve du jeu et son pc beug je sais que vous etes trés occupé.merci

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 17:27:18
- 0 +

Bonjour,

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 17:46:58
- 0 +

Quand je clic sur runthis.bat sa fais rien je fais quoi?

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 17:47:41
- 0 +

Tu le fais bien en sans échec ?

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 18:08:51
- 0 +


SDFix: Version 1.88

Run by Quantin on 25/06/2007 at 17:54

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Quantin\Bureau\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\DOCUME~1\Quantin\LOCALS~1\Temp\GLFD.tmp.dll - Deleted
C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.a9.exe.conf - Deleted
C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.aa.exe.conf - Deleted
C:\WINDOWS\system\smss.exe - Deleted
C:\WINDOWS\system32\plugin1.dat - Deleted
C:\WINDOWS\system32\SysPr.prx - Deleted



Removing Temp Files...

ADS Check:

Checking C:\WINDOWS
C:\WINDOWS
No streams found.

Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.

Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Disabled:Windows© NetMeeting©"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Enabled:CrazyTalk"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\Quantin\Bureau\SDFix\backups\backups.zip

Listing Files with Hidden Attributes:

C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArtSmall.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Large.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Small.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\desktop.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Folder.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Thumbs.db
C:\Documents and Settings\Quantin\SendTo\WLM - big68@msn.com\Desktop.ini
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

Listing User Accounts:


Administrateur ASPNET HelpAssistant
Invit‚ Quantin SUPPORT_388945a0
La commande s'est termin‚e correctement.


Finished

------------------------------ www.Hinsolite.com
 Répondre à djej68
djej68   25-06-2007 à 18:09:23
- 0 +


SDFix: Version 1.88

Run by Quantin on 25/06/2007 at 17:54

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Quantin\Bureau\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\DOCUME~1\Quantin\LOCALS~1\Temp\GLFD.tmp.dll - Deleted
C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.a9.exe.conf - Deleted
C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.aa.exe.conf - Deleted
C:\WINDOWS\system\smss.exe - Deleted
C:\WINDOWS\system32\plugin1.dat - Deleted
C:\WINDOWS\system32\SysPr.prx - Deleted



Removing Temp Files...

ADS Check:

Checking C:\WINDOWS
C:\WINDOWS
No streams found.

Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.

Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Disabled:Windows© NetMeeting©"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Enabled:CrazyTalk"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\Quantin\Bureau\SDFix\backups\backups.zip

Listing Files with Hidden Attributes:

C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArtSmall.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Large.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Small.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\desktop.ini
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Folder.jpg
C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Thumbs.db
C:\Documents and Settings\Quantin\SendTo\WLM - big68@msn.com\Desktop.ini
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

Listing User Accounts:


Administrateur ASPNET HelpAssistant
Invit‚ Quantin SUPPORT_388945a0
La commande s'est termin‚e correctement.


Finished

------------------------------ www.Hinsolite.com
 Répondre à djej68
djej68   25-06-2007 à 18:16:34
- 0 +

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:18:04, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\system32\tdfotagt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Quantin\Bureau\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Heck sign dash cash] C:\Documents and Settings\All Users\Application Data\ErrorSkipHeckSign\Media grid.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Window Creative] C:\DOCUME~1\Quantin\APPLIC~1\COALGR~1\firstgrimlive.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://big68470.spaces.live.com//P [...] nPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn. [...] tPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{68394A03-7B36-419E-B545-4C14AD64590B}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44DF079-0D21-4D52-98B9-398961898F5E}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 11470 bytes

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 18:20:01
- 0 +

Re,

Télécharge LopResearch.zip
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier LopResearch puis double-clique sur le Scan.bat.
Un rapport sera généré, poste son contenu ici.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 18:26:45
- 0 +

Rapport fait à 18:28:07,15 le 25/06/2007

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\All Users\Application Data

25/05/2007 18:13 <REP> Spybot - Search & Destroy
17/05/2007 22:55 1755 QTSBandwidthCache
15/05/2007 18:20 <REP> Microsoft Games
05/05/2007 22:18 <REP> McAfee
05/05/2007 22:18 <REP> SiteAdvisor
11/03/2007 02:43 <REP> TEMP
10/01/2007 23:00 <REP> Skype
09/01/2007 23:27 <REP> Messenger Plus!
31/12/2006 19:59 <REP> Google
26/12/2006 22:26 <REP> ErrorSkipHeckSign
23/12/2006 13:52 <REP> Windows Genuine Advantage
23/12/2006 04:20 <REP> .
23/12/2006 04:20 <REP> ..
30/06/2006 04:06 <REP> Microsoft
30/06/2006 04:06 <REP> CyberLink
30/06/2006 04:06 <REP> Apple Computer
30/06/2006 04:06 <REP> Adobe
26/10/2005 05:40 62 desktop.ini
2 fichier(s) 1817 octets
16 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\Default User\Application Data

23/12/2006 04:20 <REP> ..
23/12/2006 04:20 <REP> .
22/12/2006 19:30 <REP> Adobe
22/12/2006 19:30 <REP> Apple Computer
22/12/2006 19:30 <REP> CyberLink
22/12/2006 19:30 <REP> SampleView
30/06/2006 04:06 <REP> Microsoft
30/06/2006 04:06 <REP> Identities
26/10/2005 05:40 62 desktop.ini
1 fichier(s) 62 octets
8 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\Quantin\Application Data

19/05/2007 16:01 <REP> Atari
15/05/2007 17:44 <REP> Microsoft Games
05/05/2007 22:18 <REP> SiteAdvisor
04/05/2007 23:08 <REP> Talkback
06/04/2007 14:52 <REP> Mozilla
06/04/2007 14:45 <REP> SecondLife
20/03/2007 22:32 <REP> Screenshot Sender
06/02/2007 20:59 <REP> OpenOffice.org2
06/02/2007 14:17 <REP> ATI
31/01/2007 01:07 <REP> Help
30/01/2007 23:36 2171 QuickZip45.ini
28/01/2007 15:08 <REP> Reallusion
27/01/2007 23:47 <REP> MessengerSkinner
23/01/2007 22:18 24 fc_location.txt
21/01/2007 21:18 <REP> MSNInstaller
10/01/2007 23:00 <REP> Skype
05/01/2007 22:44 <REP> teamspeak2
31/12/2006 19:58 <REP> Sun
31/12/2006 19:57 <REP> Google
26/12/2006 22:26 <REP> Coalgreatsave
23/12/2006 23:05 <REP> BitTorrent
23/12/2006 16:24 <REP> Macromedia
23/12/2006 11:07 <REP> InstallShield
22/12/2006 19:36 <REP> AdobeUM
22/12/2006 19:32 62 desktop.ini
22/12/2006 19:32 <REP> Adobe
22/12/2006 19:32 <REP> Apple Computer
22/12/2006 19:32 <REP> CyberLink
22/12/2006 19:32 <REP> Identities
22/12/2006 19:32 <REP> Microsoft
22/12/2006 19:32 <REP> SampleView
22/12/2006 19:32 <REP> ..
22/12/2006 19:32 <REP> .
3 fichier(s) 2257 octets
30 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\system

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\WINDOWS\Tasks

27/03/2007 23:51 284 AppleSoftwareUpdate.job
26/02/2007 20:03 272 A90FDD5391845603.job
30/06/2006 04:05 <REP> ..
30/06/2006 04:05 <REP> .
26/10/2005 10:52 6 SA.DAT
26/10/2005 05:33 65 desktop.ini
4 fichier(s) 627 octets
2 R‚p(s) 99ÿ553ÿ427ÿ456 octets libres

******************************************
Listing des dossiers dans C:\Program Files

3DO
Adobe
Adverts
Alwil Software
Antipub
Apple Software Update
Atari
ATI Technologies
AV Vcs 5.5 DIAMOND
Browster
Coalgreatsave
ComPlus Applications
CONEXANT
CyberLink
DaftTV
Diablo II
directx
Fichiers communs
Google
Hercules
Internet Explorer
Internet Radio
InternetGameBox
iPod
iTunes
Java
JCA2000
Lavalys
Messenger
Messenger Plus! Live
MessengerSkinner
microsoft frontpage
Microsoft Games
Movie Maker
Mozilla Firefox
MSN
MSN Gaming Zone
MSN Messenger
NetMeeting
Online Services
OpenOffice.org 2.1
otron.net
Outlook Express
QuickTime
Realtek AC97
Services en ligne
SiteAdvisor
Skype
Spybot - Search & Destroy
Teamspeak2_RC2
TrackMania Nations ESWC
Trust
Valve
VIA
VirtualDJ
Warcraft III
Windows Media Connect 2
Windows Media Player
Windows NT
WinRAR
World of Warcraft
WowCartographe
xerox
******************************************
Recherche des dossiers/fichiers LOP

C:\Program Files\Adverts Présent !
C:\WINDOWS\tasks\A90FDD5391845603.job Présent !
******************************************
Recherche d'infections connues

C:\WINDOWS\System32\Nvs2.inf Egdaccess possible !
******************************************
Vérification du fichier HOSTS

Fichier Hosts : Propre
*************** Fin du Rapport - Version 0.9 ****************

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 18:27:44
- 0 +

Re,

Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
prodel'info   25-06-2007 à 18:32:38
- 0 +

Angeldark il va t'aider ! Tu va résoudre ton problème !
VIVE ANGELDARK ET [:prodel'info:6]

------------------------------ http://x-design-x.xooit.com
Le design de l'humour

 

Répondre à prodel'info

djej68   25-06-2007 à 18:39:45
- 0 +

Rapport fait à 18:28:07,15 le 25/06/2007

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\All Users\Application Data

25/05/2007 18:13 <REP> Spybot - Search & Destroy
17/05/2007 22:55 1755 QTSBandwidthCache
15/05/2007 18:20 <REP> Microsoft Games
05/05/2007 22:18 <REP> McAfee
05/05/2007 22:18 <REP> SiteAdvisor
11/03/2007 02:43 <REP> TEMP
10/01/2007 23:00 <REP> Skype
09/01/2007 23:27 <REP> Messenger Plus!
31/12/2006 19:59 <REP> Google
26/12/2006 22:26 <REP> ErrorSkipHeckSign
23/12/2006 13:52 <REP> Windows Genuine Advantage
23/12/2006 04:20 <REP> .
23/12/2006 04:20 <REP> ..
30/06/2006 04:06 <REP> Microsoft
30/06/2006 04:06 <REP> CyberLink
30/06/2006 04:06 <REP> Apple Computer
30/06/2006 04:06 <REP> Adobe
26/10/2005 05:40 62 desktop.ini
2 fichier(s) 1817 octets
16 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\Default User\Application Data

23/12/2006 04:20 <REP> ..
23/12/2006 04:20 <REP> .
22/12/2006 19:30 <REP> Adobe
22/12/2006 19:30 <REP> Apple Computer
22/12/2006 19:30 <REP> CyberLink
22/12/2006 19:30 <REP> SampleView
30/06/2006 04:06 <REP> Microsoft
30/06/2006 04:06 <REP> Identities
26/10/2005 05:40 62 desktop.ini
1 fichier(s) 62 octets
8 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\Quantin\Application Data

19/05/2007 16:01 <REP> Atari
15/05/2007 17:44 <REP> Microsoft Games
05/05/2007 22:18 <REP> SiteAdvisor
04/05/2007 23:08 <REP> Talkback
06/04/2007 14:52 <REP> Mozilla
06/04/2007 14:45 <REP> SecondLife
20/03/2007 22:32 <REP> Screenshot Sender
06/02/2007 20:59 <REP> OpenOffice.org2
06/02/2007 14:17 <REP> ATI
31/01/2007 01:07 <REP> Help
30/01/2007 23:36 2171 QuickZip45.ini
28/01/2007 15:08 <REP> Reallusion
27/01/2007 23:47 <REP> MessengerSkinner
23/01/2007 22:18 24 fc_location.txt
21/01/2007 21:18 <REP> MSNInstaller
10/01/2007 23:00 <REP> Skype
05/01/2007 22:44 <REP> teamspeak2
31/12/2006 19:58 <REP> Sun
31/12/2006 19:57 <REP> Google
26/12/2006 22:26 <REP> Coalgreatsave
23/12/2006 23:05 <REP> BitTorrent
23/12/2006 16:24 <REP> Macromedia
23/12/2006 11:07 <REP> InstallShield
22/12/2006 19:36 <REP> AdobeUM
22/12/2006 19:32 62 desktop.ini
22/12/2006 19:32 <REP> Adobe
22/12/2006 19:32 <REP> Apple Computer
22/12/2006 19:32 <REP> CyberLink
22/12/2006 19:32 <REP> Identities
22/12/2006 19:32 <REP> Microsoft
22/12/2006 19:32 <REP> SampleView
22/12/2006 19:32 <REP> ..
22/12/2006 19:32 <REP> .
3 fichier(s) 2257 octets
30 R‚p(s) 99553431552 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\Documents and Settings\system

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 7C78-46A5

R‚pertoire de C:\WINDOWS\Tasks

27/03/2007 23:51 284 AppleSoftwareUpdate.job
26/02/2007 20:03 272 A90FDD5391845603.job
30/06/2006 04:05 <REP> ..
30/06/2006 04:05 <REP> .
26/10/2005 10:52 6 SA.DAT
26/10/2005 05:33 65 desktop.ini
4 fichier(s) 627 octets
2 R‚p(s) 99ÿ553ÿ427ÿ456 octets libres

******************************************
Listing des dossiers dans C:\Program Files

3DO
Adobe
Adverts
Alwil Software
Antipub
Apple Software Update
Atari
ATI Technologies
AV Vcs 5.5 DIAMOND
Browster
Coalgreatsave
ComPlus Applications
CONEXANT
CyberLink
DaftTV
Diablo II
directx
Fichiers communs
Google
Hercules
Internet Explorer
Internet Radio
InternetGameBox
iPod
iTunes
Java
JCA2000
Lavalys
Messenger
Messenger Plus! Live
MessengerSkinner
microsoft frontpage
Microsoft Games
Movie Maker
Mozilla Firefox
MSN
MSN Gaming Zone
MSN Messenger
NetMeeting
Online Services
OpenOffice.org 2.1
otron.net
Outlook Express
QuickTime
Realtek AC97
Services en ligne
SiteAdvisor
Skype
Spybot - Search & Destroy
Teamspeak2_RC2
TrackMania Nations ESWC
Trust
Valve
VIA
VirtualDJ
Warcraft III
Windows Media Connect 2
Windows Media Player
Windows NT
WinRAR
World of Warcraft
WowCartographe
xerox
******************************************
Recherche des dossiers/fichiers LOP

C:\Program Files\Adverts Présent !
C:\WINDOWS\tasks\A90FDD5391845603.job Présent !
******************************************
Recherche d'infections connues

C:\WINDOWS\System32\Nvs2.inf Egdaccess possible !
******************************************
Vérification du fichier HOSTS

Fichier Hosts : Propre
*************** Fin du Rapport - Version 0.9 ****************

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 18:47:55
- 0 +

Ce n'est pas le rapport demandé.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 18:48:36
- 0 +

Oui sa va mais il y'a quand meme quelque pub cid etc...

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 18:51:38
- 0 +

Oui mais ce n'est pas ce que j'ai démandé :)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 18:58:34
- 0 +

La je ne suis pas sur son pc je suis chez moi,oui il se comporte mieu.

------------------------------ www.Hinsolite.com
 Répondre à djej68
djej68   25-06-2007 à 19:38:23
- 0 +

Mais enfaite il avait quoi comme virus(troyen,ver)?

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 19:39:09
- 0 +

Tu as du mal comprendre ?!
Fais ce qu'il y a sur ce lien :
http://www.infos-du-net.com/forum/ [...] us#t201213

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 19:59:54
- 0 +

Mais la je ne suis plus chez lui.
Mais j'avais fais se que tu as dit.

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 20:01:29
- 0 +

Non, tu n'as pas fait le scan Navilog ou tu n'as pas posté le bon rapport :)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 20:06:37
- 0 +

A oups mais j'ai posté celui qui c'est affiché tanpis de toute façon il ma dit que sa allais mieu donc c'est pas grave.Merci.

Mais j'aurais une question mon pc est louche depuis quelque temps,tu aurais pas une solution de verifier apart un scan avec mon antivirus?

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   25-06-2007 à 21:05:18
- 0 +

Je veux le rapport :) On n'a pas du tout terminé !

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   25-06-2007 à 22:49:02
- 0 +

Oui pour le rapport je regarderais demain car je ne suis pas chez lui.
Mais pour mon pc tu as une solution pour savoir si il est infecter? apart le scan.

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   26-06-2007 à 11:04:49
- 0 +

A part les scans, non.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   26-06-2007 à 12:26:40
- 0 +

Ok cette aprem je vais voir chez mon ami pour faire l'étape que j'ai zappé mais pourtant j'ai eu un rapport et je les mis bizar bref je verais chez lui.

Je vais juste te poster mon scan hijackthis et dit moi si il y'a quelque chose de louche.

merci.

------------------------------ www.Hinsolite.com
 Répondre à djej68
djej68   26-06-2007 à 12:27:22
- 0 +

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:27:12, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\momo\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?0b23295e3ca04d43b2c4210580043c9e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?0b23295e3ca04d43b2c4210580043c9e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 8548 bytes

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   26-06-2007 à 12:30:24
- 0 +

Je veux le rapport N A V I L O G 1

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   26-06-2007 à 12:32:50
- 0 +

Mais tu n'a pas compris hier soir j'étais chez un ami qui avais des virus et la je ne suis plus chez lui donc je ne peut pas te donner son rapport navilog.

A moin que c'est moi qui n'a pas compris et que tu veut le rapport navilog de mon pc.

------------------------------ www.Hinsolite.com
 Répondre à djej68
Angeldark   26-06-2007 à 12:49:36
- 0 +

Ton pc est apparemment propre...

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
djej68   26-06-2007 à 12:50:54
- 0 +

Ok merci :).

------------------------------ www.Hinsolite.com
 Répondre à djej68
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Pub intenpestive,virus
Aller à :

Il y a 1466 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,428 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens