no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
rapport hijackthis,pc infecté virus tenace
alexandre, le dim. 14 déc. 2008 à 14:13:56
Logfile of random's system information tool 1.04 (written by random/random)
Run by alex at 2008-12-14 14:11:07
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 197 GB (41%) free of 477 GB
Total RAM: 2046 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:14, on 14/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Link\D-Link DWA-556 Wireless N PCIe Desktop Adapter\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\alex\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\alex.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tele2.fr/redirect/startpage/adsl/fra
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.tele2.fr/redirect/welcome/adsl/fra
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\AntiVirus\Webfilter\AVKWebIE.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\AntiVirus\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [swoyoqc] "c:\documents and settings\alex\local settings\application data\swoyoqc.exe" swoyoqc
O4 - HKLM\..\Policies\Explorer\Run: [ati2sgav] "C:\WINDOWS\system32\ati2sgav.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Global Startup: bios.bat
O4 - Global Startup: Windows.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Statistiques d'Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Program Files\D-Link\D-Link DWA-556 Wireless N PCIe Desktop Adapter\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: Planificateur G DATA (AVKService) - G DATA Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe
O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 9917 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G DATA WebFilter - C:\Program Files\G DATA\AntiVirus\Webfilter\AVKWebIE.dll [2008-11-24 656968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-08-08 691656]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\G DATA\AntiVirus\Webfilter\AVKWebIE.dll [2008-11-24 656968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-25 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2008-02-08 227856]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-07-11 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2007-05-10 270336]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2007-09-28 344064]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-06-28 2512128]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"G DATA AntiVirus Trayapplication"=C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe [2008-09-10 996424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"ati2sgav"=C:\WINDOWS\system32\ati2sgav.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"LClock"=C:\WINDOWS\lclock.exe [2004-12-08 65536]
"AtiTrayTools"=C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]
"BitComet"=C:\Program Files\BitComet\BitComet.exe /tray []
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-11-06 5724184]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-11-12 342336]
"BitTorrent"=C:\Program Files\BitTorrent\bittorrent.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2008-10-08 270128]
"swoyoqc"=c:\documents and settings\alex\local settings\application data\swoyoqc.exe swoyoqc []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
bios.bat
Windows.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-10-10 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-02-08 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=219
"ForceClassicControlPanel"=1
"NoSMBalloonTip"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-12-14 14:11:07 ----D---- C:\rsit
2008-12-12 18:58:22 ----D---- C:\Documents and Settings\All Users\Application Data\G DATA
2008-12-12 18:58:03 ----D---- C:\Program Files\G DATA
2008-12-12 18:58:03 ----D---- C:\Program Files\Fichiers communs\G DATA
2008-12-11 23:39:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-11 23:39:30 ----D---- C:\Program Files\Alwil Software
2008-12-11 18:49:44 ----D---- C:\WINDOWS\CSC
2008-12-10 18:01:43 ----D---- C:\Documents and Settings\alex\Application Data\Codemasters
2008-12-10 17:58:35 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-10 17:58:12 ----D---- C:\WINDOWS\system32\AGEIA
2008-12-10 17:58:12 ----D---- C:\Program Files\AGEIA Technologies
2008-12-10 17:58:02 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-08 18:09:51 ----A---- C:\menu.bat
2008-12-08 18:09:42 ----A---- C:\WINDOWS\scandisk.bat
2008-12-08 18:09:42 ----A---- C:\WINDOWS\bi.bat
2008-12-08 18:09:42 ----A---- C:\Windows.bat
2008-12-08 18:09:42 ----A---- C:\data.bat
2008-12-07 21:20:43 ----D---- C:\Program Files\Adobe
2008-12-04 23:25:38 ----D---- C:\Program Files\Left4Dead
2008-11-30 19:20:52 ----D---- C:\Program Files\CCleaner
2008-11-30 18:23:29 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2008-11-27 19:33:10 ----D---- C:\Program Files\Microsoft
2008-11-27 19:30:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
2008-11-17 21:29:49 ----D---- C:\Documents and Settings\alex\Application Data\skypePM
2008-11-17 21:27:56 ----D---- C:\Documents and Settings\alex\Application Data\Skype
2008-11-17 21:27:35 ----D---- C:\Program Files\Skype
2008-11-17 21:27:35 ----D---- C:\Program Files\Fichiers communs\Skype
2008-11-17 21:27:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

======List of files/folders modified in the last 1 months======

2008-12-14 14:10:47 ----D---- C:\WINDOWS\Temp
2008-12-14 14:06:16 ----D---- C:\Documents and Settings\alex\Application Data\uTorrent
2008-12-14 14:05:42 ----D---- C:\Documents and Settings\alex\Application Data\DNA
2008-12-14 13:57:44 ----D---- C:\Program Files\Mozilla Firefox
2008-12-14 13:49:11 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-14 13:47:06 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-12-14 13:45:40 ----D---- C:\Program Files\DNA
2008-12-12 19:03:58 ----D---- C:\WINDOWS\system32\drivers
2008-12-12 18:58:27 ----SHD---- C:\WINDOWS\Installer
2008-12-12 18:58:11 ----D---- C:\WINDOWS\system32
2008-12-12 18:58:03 ----RD---- C:\Program Files
2008-12-12 18:58:03 ----D---- C:\Program Files\Fichiers communs
2008-12-12 00:55:54 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-12 00:54:28 ----D---- C:\WINDOWS\system32\config
2008-12-11 22:59:36 ----SHD---- C:\System Volume Information
2008-12-11 22:59:36 ----D---- C:\WINDOWS\system32\Restore
2008-12-11 18:49:44 ----D---- C:\WINDOWS
2008-12-10 21:31:52 ----D---- C:\Program Files\eMule
2008-12-10 20:41:17 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-10 17:58:35 ----D---- C:\Documents and Settings\alex\Application Data\InstallShield
2008-12-10 17:58:24 ----D---- C:\WINDOWS\inf
2008-12-10 17:57:36 ----D---- C:\WINDOWS\system32\DirectX
2008-12-10 17:53:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-10 17:53:03 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-10 17:53:03 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-12-10 12:38:50 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-12-10 12:32:32 ----D---- C:\Program Files\Activision
2008-12-07 21:20:50 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-07 21:20:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-06 17:26:02 ----D---- C:\WINDOWS\Minidump
2008-12-06 15:24:39 ----D---- C:\WINDOWS\system
2008-12-06 15:21:41 ----D---- C:\Documents and Settings\alex\Application Data\Kaspersky_Key_Finder_(KKF
2008-12-05 19:23:40 ----A---- C:\WINDOWS\win.ini
2008-12-02 19:18:48 ----D---- C:\Program Files\Winamp
2008-11-30 18:55:25 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-11-27 19:39:11 ----D---- C:\Program Files\Windows Live
2008-11-27 19:39:08 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-11-27 19:33:00 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-27 19:33:00 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-11-25 13:38:31 ----SD---- C:\Documents and Settings\alex\Application Data\Microsoft
2008-11-16 21:29:47 ----D---- C:\Documents and Settings\alex\Application Data\Nero

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 atitray;atitray; \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 GRD;G DATA Rootkit Detector Driver; \??\C:\WINDOWS\system32\drivers\GRD.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2007-07-16 225664]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-28 279712]
R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-28 25888]
R3 AR5416;D-Link DwA-556 Xtreme N PCIe Desktop Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5416.sys [2007-04-21 1296256]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-07-21 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-10-10 3331072]
R3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-13 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-28 9600]
R3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-01 4620288]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-07-21 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-07-21 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-20 62592]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-20 19968]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-09-05 12212864]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2007-07-21 12416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-07-16 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-07-16 59264]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-07-16 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-29 57024]
S3 a38mmvem;a38mmvem; C:\WINDOWS\system32\drivers\a38mmvem.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\alex\LOCALS~1\Temp\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 ACS;Atheros Configuration Service; C:\Program Files\D-Link\D-Link DWA-556 Wireless N PCIe Desktop Adapter\acs.exe [2007-04-27 364628]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-10-10 581632]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 AVKProxy;G DATA AntiVirus Proxy; C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [2008-09-08 651848]
R2 AVKService;Planificateur G DATA; C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe [2008-09-08 386120]
R2 AVKWCtl;Gardien d'AntiVirus; C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe [2008-11-17 1226696]
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2008-02-08 227856]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-06-28 1049856]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-30 66872]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-09 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------
PrécédentLoicdem
déc. 08
alexandre
déc. 08
Suivant
REPONSES
Loicdem
déc. 08
jlpjlp
déc. 08
alexandre
déc. 08
Loicdem
déc. 08
Loicdem
déc. 08
alexandre
déc. 08
alexandre
déc. 08
alexandre
déc. 08
alexandre
déc. 08
alexandre
déc. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save