High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

AIDEZ MOI http://www.hide-my-ip.com/403.shtml

Dernière réponse le 25 mai 2009 à 17:06:38 negrissim, le 25 mai 2009 à 11:22:08 
 Signaler ce message aux modérateurs

Bonjour,
j'ai installer HIDE-MY-IP sur mon pc (pour pouvoir avoir access a des sites qui se trouve aux Etats Unis car mon IP ne me le permettait pas vu que je suis en ukrain....)
tout a bien fonctionne, je suis bien alle dans ces sites et fini le travail que j'avais a finir mais apres avoir ferme mon navigateur, je le relance un peu plus tard et la surprise general et que lorsque j'entre une URL de n'importe quel site, elle me dirige automqtique sur cette URL: http://www.hide-my-ip.com/403.shtml je suis depasse, j'ai tous fais ANTI-virus, anti trojan.... RIEN je DIS BIEN RIEN!!! j'ai meme installe d'autres navigateurs pour tester RIEN toujours redirige automatiquement vers cette URL: http://www.hide-my-ip.com/403.shtml ......j'ai meme eu a bloque les COOKIES venan de ce site mais helas!!! toujours >>>http://www.hide-my-ip.com/403.shtml je suis desepere la et je tiens avoir l'aide des membres de la communaute CCM.

merci d'avance de votre comprehension.

"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

Configuration: AMD CORE DUO + INTEL CORE TRIO/ 10Go RAM/ 5Go VIDEO /7T DD/ Ecran 30"

Meilleures réponses pour « AIDEZ MOI http://www.hide my ip.com/403.shtml » dans :
TCP/IP VoirQue signifie TCP/IP? TCP/IP est une suite de protocoles. Le sigle TCP/IP signifie «Transmission Control Protocol/Internet Protocol» et se prononce «T-C-P-I-P». Il provient des noms des deux protocoles majeurs de la suite de protocoles, c'est...
Port/Ports TCP/IP VoirL'utilité des ports De nombreux programmes TCP/IP peuvent être exécutés simultanément sur Internet (vous pouvez par exemple ouvrir plusieurs navigateurs simultanément ou bien naviguer sur des pages HTML tout en téléchargeant un fichier par FTP)....
Le protocole HTTP VoirIntroduction au protocole HTTP Le protocole HTTP (HyperText Transfer Protocol) est le protocole le plus utilisé sur Internet depuis 1990. La version 0.9 était uniquement destinée à transférer des données sur Internet (en particulier des pages Web...
Posez votre question Répondre

1

gen-hackman, le 25 mai 2009 à 11:43:03

Salut tu as essayé en désinstallant hide my IP ? G3и-н@¢км@и™©®

   
Répondre à gen-hackman

2

negrissim, le 25 mai 2009 à 11:49:09

Salut et merci de ta reponse mais oui je l'ai deja desinstale et meme supprime de la base de registre "La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

3

gen-hackman, le 25 mai 2009 à 11:50:18

Ok

Salut,


commences par ceci pour voir ce qu'il en est,avoir un diagnostic précis et donc repérer les infections possibles et les neutraliser:


Télécharges et installes le logiciel de diagnostic :

ici Hijackthis
ou ici Hijackthis
ou ici Hijackthis


1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

tuto pour utilisation :(merci balltrap34)
Regardes ici, c'est parfaitement expliqué en images ,

2- !! Déconnectes toi et fermes toute tes applications en cours !!

Cliques sur le raccourci du bureau pour lancer le prg :

S'il ne se lance pas clique ici

fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"

--->copies-colles le rapport généré pour analyse G3и-н@¢км@и™©®

   
Répondre à gen-hackman

4

negrissim, le 25 mai 2009 à 11:55:37

Ok je le fais tous de suite je te donne le resultat dans 10min "La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

5

gen-hackman, le 25 mai 2009 à 11:57:50

Ok ca te derangerait de modifier ta signature et la reduire à ceci ? :(par exemple)

La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE G3и-н@¢км@и™©®

   
Répondre à gen-hackman

6

negrissim, le 25 mai 2009 à 12:06:27

Voila le resultat du scanne!! ! 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:59, on 25.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\NMSAccessU.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbox.digsby.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://searchbox.digsby.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.55.63.27:58258
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AIEBHO.SiteWatcherBHO - {d9d423dd-80d0-48d8-9e8c-43ae08cf1ed8} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Sys_Kl] C:\Archivos de Programa\Sys_Kl\sys_kl.exe 1
O4 - HKLM\..\Run: [MAgent] C:\Program Files\Mail.Ru\Agent\MAgent.exe -LM
O4 - HKLM\..\Run: [FBI] C:\Program Files\BPK\FBI.exe
O4 - HKLM\..\RunOnce: [SpybotDeletingA4248] command /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Order now!.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7454] cmd /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Order now!.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2065] command /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC64] cmd /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [KillWatcher] C:\Program Files\KillSoft\KillWatcher\kwatch.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0
O4 - HKCU\..\RunOnce: [SpybotDeletingB3635] command /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Order now!.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6649] cmd /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Order now!.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9662] command /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8442] cmd /c del "C:\Documents and Settings\Admin\Главное меню\Программы\BlazingTools Perfect Keylogger\Perfect Keylogger Help.lnk"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Dйfinition Encarta - http://fr.encarta.msn.com/encnet/features/dictionary/quickDictionary.htm
O8 - Extra context menu item: &Tout tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Поиск@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/282
O8 - Extra context menu item: Словари@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/283
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS  AISULUU\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS  AISULUU\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll, C:\WINDOWS\system32\vksaver.dll
O23 - Service: McAfee Application Installer Cleanup (0276901237425767) (0276901237425767mcinstcleanup) - Unknown owner - C:\DOCUME~1\Admin\LOCALS~1\Temp\027690~1.EXE (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 16755 bytes
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

7

gen-hackman, le 25 mai 2009 à 12:10:43

Télécharge Ad-remover ( de C_XX ) sur ton bureau :


! Déconnecte toi et ferme toutes applications en cours !

Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

Au menu principal choisis l'option "L" et tape sur [entrée] .

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Aides en images (Installation)
Aides en images (Recherche)
G3и-н@¢км@и™©®

   
Répondre à gen-hackman

8

negrissim, le 25 mai 2009 à 12:22:02

Ok merci reponse dans 10 min "La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

9

gen-hackman, le 25 mai 2009 à 12:25:23

Si tu n as pas encore eu le temps d'executer ad-remover :

Désactiver le TeaTimer de Spybot (Merci à Nico):

Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.

* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.

=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé. G3и-н@¢км@и™©®

   
Répondre à gen-hackman

10

negrissim, le 25 mai 2009 à 12:52:59

Voila le scan AD-remover 

------- RAPPORT D'AD-REMOVER 1.1.4.3 | UNIQUEMENT XP/VISTA -------

Mit а jour part C_XX le 24/05/2009 а 15:20
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

Lancй а: 13:21:19, 25.05.2009 | Mode Normal
Exйcutй de: C:\Program Files\Ad-remover\
Systиme d'exploitation: Microsoft® Windows XP™  Service Pack 3 ?????? 5.1.2600
Nom du PC: CK2
Utilisateur actuel: Admin - Administrator

.
============== ЙLЙMENT(S) NEUTRALISЙ(S) ==============
.
.
HKCR\SearchSettings.BHO
HKCR\SearchSettings.BHO.1
HKCU\Software\AppDataLow\software\Dealio
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
HKLM\Software\Dealio
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
HKLM\Software\Search Settings
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
.
C:\Documents and Settings\Admin\Application Data\Dealio\res 
C:\Documents and Settings\Admin\Application Data\Dealio\temp 
C:\Documents and Settings\Admin\Application Data\Dealio\res\widgets.xml 
C:\Documents and Settings\Admin\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml 
C:\Documents and Settings\Admin\Application Data\Dealio 
C:\Documents and Settings\Admin\Application Data\Search Settings\kb128 
C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp 
C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp\ws-14385.log 
C:\Documents and Settings\Admin\Application Data\Search Settings\kb128\temp\ws-14388.log 
C:\Documents and Settings\Admin\Application Data\Search Settings 
C:\Program Files\Dealio Toolbar\config.ini 
C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll 
C:\Program Files\Dealio Toolbar\Res 
C:\Program Files\Dealio Toolbar\SearchSettingsKit.exe 
C:\Program Files\Dealio Toolbar\WidgiHelper.exe 
C:\Program Files\Dealio Toolbar\Res\amazon.gif 
C:\Program Files\Dealio Toolbar\Res\apple.gif 
C:\Program Files\Dealio Toolbar\Res\barnes.gif 
C:\Program Files\Dealio Toolbar\Res\bestbuy.gif 
C:\Program Files\Dealio Toolbar\Res\dealio_logo.gif 
C:\Program Files\Dealio Toolbar\Res\dealio_logo_hover.gif 
C:\Program Files\Dealio Toolbar\Res\ebay.gif 
C:\Program Files\Dealio Toolbar\Res\icon_settings.gif 
C:\Program Files\Dealio Toolbar\Res\macys.gif 
C:\Program Files\Dealio Toolbar\Res\newegg.gif 
C:\Program Files\Dealio Toolbar\Res\overstock.gif 
C:\Program Files\Dealio Toolbar\Res\search-button-hover.gif 
C:\Program Files\Dealio Toolbar\Res\search-button.gif 
C:\Program Files\Dealio Toolbar\Res\search-chevron-hover.gif 
C:\Program Files\Dealio Toolbar\Res\search-chevron.gif 
C:\Program Files\Dealio Toolbar\Res\search_amazon.gif 
C:\Program Files\Dealio Toolbar\Res\search_dealio.gif 
C:\Program Files\Dealio Toolbar\Res\search_ebay.gif 
C:\Program Files\Dealio Toolbar\Res\search_yahoo.gif 
C:\Program Files\Dealio Toolbar\Res\separator.gif 
C:\Program Files\Dealio Toolbar\Res\target.gif 
C:\Program Files\Dealio Toolbar\Res\walmart.gif 
C:\Program Files\Dealio Toolbar\Res\widgets.xml 
C:\Program Files\Dealio Toolbar 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome.manifest 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\install.rdf 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\SKIN 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\DStringsUtils.js 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.properties 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearch.xpt 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFBHOSearchHelperEngine.xpt 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\IFHelperPreferences.xpt 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll 
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome.manifest 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\install.rdf 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\chevron.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\chevron.xul 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\login.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\login.xul 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\parser.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\RssTickerWidget.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\searchbox.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\searchbox.xul 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgichevron.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgicomm.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgihandling.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgilisteners.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgitoolbarplugin.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgitoolbarplugin.xul 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\content\widgiui.js 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\searchbox.dtd 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\widgitoolbarplugin.dtd 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\widgitoolbarplugin.properties 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\locale\EN-US\yahoo-search.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\amazon.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\apple.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\barnes.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\bestbuy.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\chevron.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\dealio_logo.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\dealio_logo_hover.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\ebay.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\icon_settings.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\macys.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\newegg.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\overstock.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-button-hover.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-button.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-chevron-hover.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search-chevron.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\searchbox.css 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_amazon.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_dealio.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_ebay.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\search_yahoo.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\separator.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\target.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\walmart.gif 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\chrome\skin\widgitoolbarplugin.css 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\config.ini 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\IFBHOHelperWidgiToolbar.xpt 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\IFBHOWidgiToolbar.xpt 
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} 
C:\Program Files\Search Settings\kb128 
C:\Program Files\Search Settings\SearchSettings.exe 
C:\Program Files\Search Settings\kb128\res 
C:\Program Files\Search Settings\kb128\SearchSettings.dll 
C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll 
C:\Program Files\Search Settings\kb128\temp 
C:\Program Files\Search Settings 
C:\WINDOWS\Installer\48e88.msi 
C:\WINDOWS\Installer\48e91.msi 

(!) -- Fichiers temporaires supprimйs.

.
+-----------------| Scan additionnel:
.

---- Mozilla FireFox Version 3.0.10 ----

Nom du profil: ozg1yzim.default (Admin)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "ICQ Search"); 
(Prefs.js) user_pref("browser.search.selectedEngine", "Google"); 
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc7&p="); 
(Prefs.js) user_pref("browser.startup.homepage", "google.fr"); 
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10"); 
.
. 

---- Internet Explorer Version 8.0.6001.18702 ----

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp:blank

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

   Tabs: res://ieframe.dll/tabswelcome.htm

=========== Suspect (Cracks, Serials ... ) ==========

.

+---------------------------------------------------------------------------+

13251 Octet(s) - C:\Ad-Report-25.05.2009.log

18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
46 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE

Fin а: 13:42:52 | 25.05.2009
.
+-----------------| E.O.F
.
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

11

gen-hackman, le 25 mai 2009 à 12:55:17

Redemarres , puis :

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
G3и-н@¢км@и™©®

   
Répondre à gen-hackman

12

negrissim, le 25 mai 2009 à 13:34:50

Voila le scanner LOG:




<code>Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-05-25 14:29:22
Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (9%) free of 50 GB
Total RAM: 1014 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:29, on 25.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\NMSAccessU.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Admin\Рабочий стол\RSIT.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Archivos de Programa\Sys_Kl\sys_kl.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Mail.Ru\Agent\MAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\KillSoft\KillWatcher\kwatch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\Admin.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbox.digsby.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://searchbox.digsby.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 74.55.63.27:58258
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: Live-Foot Toolbar - {8f81d798-5b23-4832-abc3-a4f94b2f3d94} - C:\Program Files\Live-Foot\tbLive.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AIEBHO.SiteWatcherBHO - {d9d423dd-80d0-48d8-9e8c-43ae08cf1ed8} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Sys_Kl] C:\Archivos de Programa\Sys_Kl\sys_kl.exe 1
O4 - HKLM\..\Run: [MAgent] C:\Program Files\Mail.Ru\Agent\MAgent.exe -LM
O4 - HKLM\..\Run: [FBI] C:\Program Files\BPK\FBI.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [KillWatcher] C:\Program Files\KillSoft\KillWatcher\kwatch.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" 0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Dйfinition Encarta - http://fr.encarta.msn.com/encnet/features/dictionary/quickDictionary.htm
O8 - Extra context menu item: &Tout tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Tйlйcharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Поиск@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/282
O8 - Extra context menu item: Словари@Mail.Ru - res://c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll/283
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{1424B255-4C98-4F85-B370-6C350C2CBEAF}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll, C:\WINDOWS\system32\vksaver.dll
O23 - Service: McAfee Application Installer Cleanup (0276901237425767) (0276901237425767mcinstcleanup) - Unknown owner - C:\DOCUME~1\Admin\LOCALS~1\Temp\027690~1.EXE (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe
End of file - 16023 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Auslogics Console Defragmentation.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{6FFC594A-0049-4AA5-9E5B-6477C02D569B}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CA658A75-8FEA-4042-8114-3096A531FA0D}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{FD6B345F-FD14-423C-A152-7C1656A552CE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-09-24 756840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2008-11-06 68936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2007-05-18 71184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-05-16 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-03-19 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll [2009-04-25 680624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8f81d798-5b23-4832-abc3-a4f94b2f3d94}]
Live-Foot Toolbar - C:\Program Files\Live-Foot\tbLive.dll [2008-11-24 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-02-24 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9d423dd-80d0-48d8-9e8c-43ae08cf1ed8}]
AIEBHO.SiteWatcherBHO - C:\WINDOWS\system32\mscoree.dll [2007-10-24 282112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-16 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DBAB667-A486-421e-AFE4-CF07DD0088E5} - LEC - C:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll [2006-08-31 2834432]
{09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - c:\program files\Mail.Ru\Sputnik\MailRuSputnik.dll [2009-04-25 680624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2008-06-21 798720]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-05 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-05 162328]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-05 137752]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Sys_Kl"=C:\Archivos de Programa\Sys_Kl\sys_kl.exe [2006-09-13 414208]
"MAgent"=C:\Program Files\Mail.Ru\Agent\MAgent.exe [2009-04-25 6210744]
"FBI"=C:\Program Files\BPK\FBI.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"KillWatcher"=C:\Program Files\KillSoft\KillWatcher\kwatch.exe [2004-05-16 969728]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2001-02-20 8192]
"GridinSoft Trojan Killer"=C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe [2009-05-22 3805184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\CCleaner.exe [2008-05-28 1197296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2001-02-20 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\eMule.exe [2008-08-02 5484544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FBI]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
C:\Program Files\FlashGet\flashget.exe [2007-05-30 1986608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAgent]
C:\Program Files\Mail.Ru\Agent\MAgent.exe [2009-04-25 6210744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-03-16 1824040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-02-20 4363504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe [2007-05-18 37392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]
C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerGramo]
C:\Program Files\Monsters\PowerGramo\PowerGramo.exe [2009-02-15 847872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pragma5]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-03-06 24139560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\somnifero]
C:\Program Files\Rico Software\RS Somnнfero\somnifero.exe [2006-02-27 364629]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2009-02-24 171448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-19 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
C:\WINDOWS\system32\TPSMain.exe [2007-10-16 266240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe [2008-12-11 155904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Safely Remove]
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2008-02-05 1280512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBFireWall]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YMailAdvisor]
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe [2008-06-06 125208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-07-11 223984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Главное меню^Программы^Автозагрузка^Create virtual drive.lnk]
C:\WEBSER~1\etc\utils\Boot.exe [2003-03-22 6656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Главное меню^Программы^Автозагрузка^Free Music Zilla.lnk]
C:\PROGRA~1\FREEMU~1\FMZilla.exe [2009-02-10 732352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Net Send GUI.lnk]
C:\PROGRA~1\FOMINE~1\NETSEN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Total Commander.lnk]
C:\PROGRA~1\TOTALC~1\Totalcmd.exe [2008-12-31 1091768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\rserver30\newtstop.dll, C:\WINDOWS\system32\vksaver.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-25 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-06-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMConfigurePrograms"=1
"MaxRecentDocs"=16
"NoDriveAutoRun"=67108483
"NoSharedDocuments_XXX_Temp"=00000000
"NoUserNameInStartMenu"=1
"NoSharedDocuments"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoStrCmpLogical"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:FlashGet"
"D:\games\KONAMI\PES2009\pes2009.exe"="D:\games\KONAMI\PES2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"D:\games\valve\hl.exe"="D:\games\valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WebServers\usr\local\apache\Apache.exe"="C:\WebServers\usr\local\apache\Apache.exe:*:Enabled:Apache"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Total Commander\Totalcmd.exe"="C:\Program Files\Total Commander\Totalcmd.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Documents and Settings\Admin\Application Data\U3\0391D57123015927\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe"="C:\Documents and Settings\Admin\Application Data\U3\0391D57123015927\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\FlashGet\flashget.exe"="D:\FlashGet\flashget.exe:*:Enabled:FlashGet"
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\games\KONAMI\PES2009\GCP2009.exe"="D:\games\KONAMI\PES2009\GCP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe"="D:\DOCUMENTS\DOCUMENTS AISULUU\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Mail.Ru\Agent\magent.exe"="C:\Program Files\Mail.Ru\Agent\magent.exe:*:Enabled:Mail.Ru Агент"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Rico Software\RS Somnнfero\somnifero.exe"="C:\Program Files\Rico Software\RS Somnнfero\somnifero.exe:*:Enabled:somnifero"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e5de7ea-10d0-11de-aee6-df71460e96c6}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e5de7eb-10d0-11de-aee6-df71460e96c6}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e5de7ec-10d0-11de-aee6-df71460e96c6}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e5de7ed-10d0-11de-aee6-df71460e96c6}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{759f7b26-027b-11de-930e-001e334514d3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3fe87b3-3099-11de-b463-001e334514d3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open -

======List of files/folders created in the last 2 months======

2009-05-25 13:57:34 ----D---- C:\rsit
2009-05-25 13:17:59 ----D---- C:\Program Files\Ad-remover
2009-05-25 12:56:21 ----D---- C:\Program Files\Trend Micro
2009-05-25 12:11:29 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
2009-05-25 12:11:14 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-05-25 12:11:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-25 11:57:04 ----D---- C:\Program Files\GridinSoft Trojan Killer
2009-05-25 11:50:09 ----D---- C:\Program Files\Microsoft Windows OneCare Live
2009-05-24 23:39:27 ----D---- C:\Documents and Settings\Admin\Application Data\Opera
2009-05-24 23:38:09 ----D---- C:\Program Files\Opera
2009-05-24 21:14:46 ----A---- C:\WINDOWS\wininit.ini
2009-05-24 19:40:54 ----D---- C:\WINDOWS\dp_wsed
2009-05-24 14:47:58 ----A---- C:\WINDOWS\system32\securenet.dll
2009-05-23 13:19:09 ----D---- C:\Program Files\Mindscape
2009-05-23 09:00:19 ----A---- C:\WINDOWS\system32\dijpg.dll
2009-05-23 08:58:57 ----D---- C:\Program Files\Rico Software
2009-05-21 19:52:52 ----D---- C:\Program Files\AIDA32 - Enterprise System Information
2009-05-21 19:34:35 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-05-21 19:34:35 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-05-21 19:34:33 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-05-21 19:34:31 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-05-21 19:34:31 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-05-21 19:34:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-05-21 19:34:27 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-05-21 19:28:31 ----D---- C:\Direct X 9.c
2009-05-21 11:36:36 ----D---- C:\WINDOWS\system32\IMAGES
2009-05-21 11:24:07 ----A---- C:\WINDOWS\CK.txt
2009-05-21 11:20:42 ----D---- C:\Archivos de Programa
2009-05-19 20:02:20 ----D---- C:\Documents and Settings\Admin\Application Data\Thunderbird
2009-05-18 12:35:40 ----D---- C:\Documents and Settings\Admin\Application Data\Thinstall
2009-05-18 12:21:12 ----D---- C:\Program Files\Common Files\Common Share
2009-05-18 12:18:49 ----D---- C:\Program Files\Aplus FLV to MP3 Converter
2009-05-18 12:17:19 ----D---- C:\Mp3 Output
2009-05-18 12:17:15 ----A---- C:\WINDOWS\system32\NCMedia.dll
2009-05-18 12:17:15 ----A---- C:\WINDOWS\system32\libmp3lame-0.dll
2009-05-18 12:17:14 ----D---- C:\Program Files\Smallvideosoft
2009-05-12 15:03:22 ----A---- C:\Logfile.txt
2009-05-12 14:59:33 ----D---- C:\Documents and Settings\All Users\Application Data\SysDll
2009-05-12 14:59:31 ----D---- C:\Documents and Settings\All Users\Application Data\SysDir
2009-05-12 14:59:02 ----D---- C:\Documents and Settings\All Users\Application Data\The Best KeyLogger
2009-05-11 13:12:03 ----D---- C:\Documents and Settings\Admin\Application Data\gtk-2.0
2009-05-11 12:50:27 ----D---- C:\Documents and Settings\Admin\Application Data\Talkback
2009-05-10 14:57:04 ----RA---- C:\WINDOWS\system32\memorybar.exe
2009-05-10 13:38:44 ----D---- C:\Program Files\KillSoft
2009-05-09 11:09:03 ----D---- C:\Program Files\xp-AntiSpy
2009-05-08 18:30:07 ----D---- C:\WINDOWS\system32\LogFiles
2009-05-07 15:57:57 ----A---- C:\WINDOWS\cdplayer.ini
2009-05-02 19:29:50 ----D---- C:\Program Files\Microsoft
2009-05-02 19:29:28 ----D---- C:\Program Files\Windows Live SkyDrive
2009-05-02 19:28:55 ----D---- C:\Program Files\Windows Live
2009-05-02 19:16:34 ----D---- C:\Program Files\Common Files\Windows Live
2009-05-01 22:34:15 ----A---- C:\WINDOWS\DaemonPlugin.INI
2009-04-30 07:38:04 ----D---- C:\Program Files\Avira
2009-04-30 07:38:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-04-28 19:09:36 ----D---- C:\Program Files\ma-config.com
2009-04-28 19:09:35 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-04-28 18:12:17 ----D---- C:\Program Files\SystemRequirementsLab
2009-04-28 18:12:04 ----D---- C:\Documents and Settings\Admin\Application Data\SystemRequirementsLab
2009-04-28 15:11:19 ----D---- C:\Documents and Settings\Admin\Application Data\DivX
2009-04-27 19:47:13 ----D---- C:\Program Files\ICQ6Toolbar
2009-04-27 19:46:52 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2009-04-27 17:48:14 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-04-27 17:48:14 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-04-27 17:48:14 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-04-27 17:48:14 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-04-27 17:48:14 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-04-27 17:48:13 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-04-27 17:48:12 ----N---- C:\WINDOWS\system32\px.dll
2009-04-27 17:47:30 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-27 17:47:29 ----D---- C:\Program Files\DivX
2009-04-25 22:01:52 ----D---- C:\WINDOWS\system32\windows media
2009-04-25 22:01:41 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-25 22:01:40 ----HD---- C:\WINDOWS\msdownld.tmp
2009-04-25 22:01:31 ----D---- C:\Program Files\Windows Media Components
2009-04-25 21:45:51 ----D---- C:\Program Files\TVAnts
2009-04-24 10:28:50 ----A---- C:\WINDOWS\system32\shell32.dll
2009-04-24 09:50:04 ----D---- C:\Documents and Settings\All Users\Application Data\WebcamMax
2009-04-24 09:50:04 ----D---- C:\Documents and Settings\Admin\Application Data\WebcamMax
2009-04-24 09:42:45 ----D---- C:\Program Files\WebcamMax
2009-04-22 21:34:05 ----D---- C:\WINDOWS\system32\Adobe
2009-04-22 16:56:12 ----D---- C:\skin
2009-04-22 16:56:10 ----D---- C:\graphics
2009-04-22 03:13:03 ----RASH---- C:\BOOTSECT.BAK
2009-04-22 03:13:02 ----H---- C:\Boot.BAK
2009-04-22 03:13:00 ----SHD---- C:\Boot
2009-04-19 13:05:23 ----D---- C:\Documents and Settings\Admin\Application Data\Mra
2009-04-19 13:05:02 ----D---- C:\Program Files\Mail.Ru
2009-04-16 21:51:27 ----D---- C:\Program Files\Common Files\Skype
2009-04-16 21:51:23 ----RD---- C:\Program Files\Skype
2009-04-15 23:24:40 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-04-15 23:24:38 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2009-04-15 23:24:38 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2009-04-15 23:24:38 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2009-04-15 23:24:38 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2009-04-15 23:24:38 ----A---- C:\WINDOWS\system32\DivX.dll
2009-04-15 18:01:51 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\igxprd32.dll
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\igfxtray.exe
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\igfxpers.exe
2009-04-15 17:58:54 ----A---- C:\WINDOWS\system32\hccutils.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igmedkrn.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igfxress.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igfxpph.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igfxdev.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\igfxCoIn_v4833.dll
2009-04-15 17:58:53 ----A---- C:\WINDOWS\system32\hkcmd.exe
2009-04-15 17:58:49 ----A---- C:\WINDOWS\system32\igxpun.exe
2009-04-15 17:50:51 ----D---- C:\WINDOWS\system32\Lang
2009-04-15 00:00:56 ----D---- C:\WINDOWS\system32\appmgmt
2009-04-14 00:34:17 ----A---- C:\WINDOWS\NDSTray.INI
2009-04-14 00:00:04 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
2009-04-13 19:48:34 ----D---- C:\Documents and Settings\Admin\Application Data\Toshiba
2009-04-13 19:42:27 ----A---- C:\WINDOWS\NDSBrow.INI
2009-04-13 19:14:56 ----D---- C:\Program Files\Synaptics
2009-04-13 19:14:56 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-04-13 19:14:56 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-04-13 19:14:56 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-04-13 19:00:57 ----A---- C:\WINDOWS\system32\TPSAddin.dll
2009-04-13 19:00:56 ----A---- C:\WINDOWS\system32\TPwrCfg.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPwrReg.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPSTrace.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPSMainCtl.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPSMain.exe
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPSDel.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPSBattM.exe
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\TPeculiarity.dll
2009-04-13 19:00:55 ----A---- C:\WINDOWS\system32\CpuPerf.dll
2009-04-13 18:54:01 ----D---- C:\Program Files\TOSHIBA
2009-04-13 18:46:21 ----D---- C:\Program Files\ltmoh
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\tosmreg.ini
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\tosmreg.exe
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\cseltbl.ini
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\csellang.ini
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\csellang.dll
2009-04-13 18:46:21 ----A---- C:\WINDOWS\system32\cselect.exe
2009-04-13 18:45:45 ----N---- C:\WINDOWS\agrsmdel.exe
2009-04-13 18:45:45 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-04-13 18:45:44 ----A---- C:\WINDOWS\system32\agrscoin.dll
2009-04-13 18:41:30 ----D---- C:\TD08TBF
2009-04-13 18:40:56 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2009-04-13 18:20:40 ----D---- C:\Documents and Settings\Admin\Application Data\ManyCam
2009-04-13 18:20:39 ----D---- C:\Program Files\ManyCam 2.4
2009-04-13 07:29:11 ----D---- C:\Dev-Pas
2009-04-11 19:08:53 ----D---- C:\Program Files\CamStudio
2009-04-11 18:54:48 ----D---- C:\Program Files\MSECache
2009-04-11 18:52:53 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2009-04-11 18:52:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-04-11 10:17:20 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-04-10 15:26:27 ----D---- C:\Program Files\Rational Rose Ent
2009-04-08 09:01:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-08 09:01:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-08 09:01:40 ----A---- C:\WINDOWS\system32\java.exe
2009-04-08 02:21:02 ----D---- C:\Documents and Settings\Admin\Application Data\vlc
2009-04-08 02:17:30 ----D---- C:\Documents and Settings\Admin\Application Data\MozillaControl
2009-04-08 02:13:47 ----D---- C:\Program Files\VideoLAN
2009-04-08 01:29:32 ----D---- C:\Documents and Settings\All Users\Application Data\TVU Networks
2009-04-03 13:53:34 ----D---- C:\WINDOWS\setup.pss
2009-04-03 13:53:34 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-03-29 12:05:08 ----A---- C:\rollback.ini
2009-03-29 11:14:24 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2009-03-29 10:58:24 ----D---- C:\WINDOWS\Internet Logs
2009-03-29 10:56:50 ----D---- C:\WINDOWS\ie8updates
2009-03-29 10:51:48 ----HDC---- C:\WINDOWS\ie8
2009-03-27 13:13:28 ----D---- C:\Program Files\Power Translator 11
2009-03-26 11:03:10 ----A---- C:\WINDOWS\system32\libexpatw.dll

======List of files/folders modified in the last 2 months======

2009-05-25 14:30:03 ----D---- C:\WINDOWS\Temp
2009-05-25 14:29:19 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-25 14:15:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-25 14:04:48 ----D---- C:\WINDOWS
2009-05-25 14:04:08 ----D---- C:\WINDOWS\system32\drivers
2009-05-25 14:04:08 ----D---- C:\WINDOWS\system32
2009-05-25 13:46:47 ----D---- C:\Program Files\Mozilla Firefox
2009-05-25 13:37:19 ----SHD---- C:\WINDOWS\Installer
2009-05-25 13:35:58 ----AD---- C:\Program Files
2009-05-25 11:59:52 ----D---- C:\WINDOWS\system32\ShellExt
2009-05-25 10:27:10 ----D---- C:\Program Files\Power Data Recovery
2009-05-24 23:09:58 ----D---- C:\WINDOWS\Prefetch
2009-05-24 23:00:42 ----D---- C:\Documents and Settings\Admin\Application Data\Skype
2009-05-24 21:52:38 ----HD---- C:\WINDOWS\inf
2009-05-24 20:38:51 ----SD---- C:\WINDOWS\Tasks
2009-05-24 20:29:46 ----D---- C:\Program Files\eMule
2009-05-24 20:24:56 ----D---- C:\Program Files\Google
2009-05-24 20:24:56 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-05-24 19:47:55 ----AD---- C:\Program Files\Common Files\Microsoft Shared
2009-05-24 19:47:55 ----AD---- C:\Program Files\Common Files
2009-05-24 18:22:44 ----D---- C:\Documents and Settings\Admin\Application Data\skypePM
2009-05-24 14:42:47 ----RSH---- C:\boot.ini
2009-05-24 14:42:47 ----A---- C:\WINDOWS\win.ini
2009-05-24 14:42:47 ----A---- C:\WINDOWS\system.ini
2009-05-21 20:30:30 ----D---- C:\Program Files\Free Music Zilla
2009-05-21 19:38:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-21 19:38:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-21 19:38:11 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-05-21 19:37:21 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-21 19:36:49 ----D---- C:\WINDOWS\system
2009-05-21 19:34:43 ----D---- C:\WINDOWS\system32\DirectX
2009-05-21 19:33:01 ----RSD---- C:\WINDOWS\assembly
2009-05-21 14:38:56 ----D---- C:\Program Files\FlashGet
2009-05-20 15:42:18 ----D---- C:\WINDOWS\WinSxS
2009-05-19 20:02:40 ----D---- C:\Documents and Settings\Admin\Application Data\Mozilla
2009-05-14 21:23:31 ----D---- C:\Program Files\Digsby
2009-05-11 15:43:35 ----D---- C:\Program Files\CommentCaMarche
2009-05-09 08:03:58 ----D---- C:\WINDOWS\Microsoft.NET
2009-05-02 20:59:17 ----D---- C:\Program Files\Microsoft Silverlight
2009-05-02 19:56:21 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2009-05-02 19:29:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-02 19:29:04 ----RSD---- C:\WINDOWS\Fonts
2009-05-01 22:33:31 ----D---- C:\Documents and Settings\Admin\Application Data\DAEMON Tools
2009-04-29 15:39:30 ----D---- C:\Program Files\IpTv Player
2009-04-28 00:25:47 ----D---- C:\Documents and Settings\Admin\Application Data\ICQ
2009-04-27 16:18:32 ----SHD---- C:\System Volume Information
2009-04-26 14:22:26 ----D---- C:\Documents and Settings\Admin\Application Data\VSO
2009-04-26 02:12:46 ----D---- C:\WINDOWS\pss
2009-04-22 21:55:30 ----D---- C:\Program Files\Windows Media Player
2009-04-22 16:56:24 ----D---- C:\Program Files\ICQ6.5
2009-04-20 04:04:05 ----D---- C:\Program Files\The KMPlayer
2009-04-20 02:45:00 ----D---- C:\WINDOWS\system32\config
2009-04-20 02:44:37 ----D---- C:\WINDOWS\system32\wbem
2009-04-20 02:44:36 ----D---- C:\WINDOWS\Registration
2009-04-20 02:06:58 ----D---- C:\Documents and Settings
2009-04-19 18:26:54 ----D---- C:\Program Files\Notepad++
2009-04-19 18:07:31 ----A---- C:\WINDOWS\ODBC.INI
2009-04-19 17:50:25 ----D---- C:\Program Files\Wandering IPs
2009-04-19 17:37:25 ----D---- C:\Documents and Settings\Admin\Application Data\RaimaRadioPro
2009-04-17 11:52:50 ----D---- C:\WINDOWS\system32\CPLDAPU
2009-04-16 21:51:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-04-15 21:25:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-14 23:56:46 ----D---- C:\Documents and Settings\Admin\Application Data\Lavasoft
2009-04-13 19:28:23 ----D---- C:\Program Files\Intel
2009-04-13 19:14:47 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-13 19:00:56 ----D---- C:\WINDOWS\Help
2009-04-13 18:46:21 ----D---- C:\WINDOWS\Driver Cache
2009-04-13 18:45:15 ----D---- C:\Program Files\WinRAR
2009-04-11 19:41:40 ----D---- C:\WINDOWS\Debug
2009-04-11 19:06:19 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
2009-04-11 19:01:25 ----D---- C:\WINDOWS\system32\DRM
2009-04-11 19:00:39 ----D---- C:\WINDOWS\SoftwareDistribution
2009-04-11 18:59:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-11 18:55:10 ----D---- C:\Program Files\Microsoft Office
2009-04-11 09:42:00 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-04-08 09:01:25 ----D---- C:\Program Files\Java
2009-04-08 01:57:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-07 21:23:00 ----D---- C:\Program Files\Unlocker
2009-04-06 11:40:05 ----D---- C:\Program Files\Internet Explorer
2009-04-03 09:55:48 ----D---- C:\WINDOWS\system32\Restore
2009-04-03 02:20:20 ----D---- C:\WINDOWS\system32\ias
2009-03-29 15:26:42 ----D---- C:\Downloads
2009-03-29 11:30:22 ----D---- C:\WINDOWS\system32\ru-ru
2009-03-29 11:30:20 ----D---- C:\WINDOWS\Media
2009-03-29 10:56:47 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-26 10:43:18 ----D---- C:\Documents and Settings\Admin\Application Data\codeblocks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40704]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-15 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-15 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-15 55936]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-10-11 62848]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-25 5761760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-15 163584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-31 117888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
R3 usbccgp;Драйвер универсального родительского

   
Répondre à negrissim

13

negrissim, le 25 mai 2009 à 13:36:57

Et voila le scanne info.txt : 


info.txt logfile of random's system information tool 1.06 2009-05-25 13:58:05

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe
Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Enterprise System Information\unins000.exe"
AIMP2-->C:\Program Files\AIMP2\uninst.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assist TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c 
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x9  -removeonly
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Avira RootKit Detection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FD25FCD-6F39-4686-AFBB-7056EBAE5E68}\setup.exe" -l0x9 
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0019
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CDClose-->C:\WINDOWS\system32\ShellExt\CDClosedel.bat
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CommentCaMarche 2.0.7-->"C:\Program Files\CommentCaMarche\unins000.exe"
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
Dico-clic MSN Encarta-->MsiExec.exe /I{D632745C-D15E-4F2B-B2F0-F0C542302417}
Digsby-->C:\Program Files\Digsby\uninstall.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Gif Animator-->C:\Program Files\Easy Gif Animator\Uninstall.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FastStone Image Viewer 3.5-->"C:\Program Files\FSImgViewer\unins000.exe"
FlashGet 1.8.6.1008-->C:\Program Files\FlashGet\uninst.exe
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
Freez FLV to MP3 Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
Gamingaccess Community Patch 2.5 - Full Version 2.5-->D:\games\KONAMI\PES2009\Uninstall-GCP.exe
Glary Utilities Pro 2.4-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google &#1055;&#1083;&#1072;&#1085;&#1077;&#1090;&#1072; &#1047;&#1077;&#1084;&#1083;&#1103;-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HashTab 2.1.0-->C:\WINDOWS\system32\ShellExt\htdel32.bat
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
IpTv Player-->MsiExec.exe /I{946C4D10-23F7-4A24-A959-7CE31D81D6AF}
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
K-Lite Mega Codec Pack 1.65-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LEC Translate-->MsiExec.exe /X{0C123C63-84FD-4D13-96E7-EEB5C11893F2}
Live-Foot Toolbar-->C:\PROGRA~1\LIVE-F~1\UNWISE.EXE   /U C:\PROGRA~1\LIVE-F~1\INSTALL.LOG  
LMSOFT Web Creator Pro 4-->C:\PROGRA~1\LMSOFT~1\UNWISE.EXE C:\PROGRA~1\LMSOFT~1\INSTALL.LOG
Ma-Config.com-->MsiExec.exe /X{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Mail.Ru &#1040;&#1075;&#1077;&#1085;&#1090; 5.4 (&#1089;&#1073;&#1086;&#1088;&#1082;&#1072; 2647, &#1076;&#1083;&#1103; &#1074;&#1089;&#1077;&#1093; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1077;&#1081;)-->C:\Program Files\Mail.Ru\Agent\magentsetup.exe -uninstalllm
Mail.Ru &#1057;&#1087;&#1091;&#1090;&#1085;&#1080;&#1082; 2.0.1.90-->c:\program files\mail.ru\sputnik\SputnikInstaller.exe  -uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe"
McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe
Microsoft .NET Framework 1.1 Russian Language Pack-->MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Office - &#1087;&#1088;&#1086;&#1092;&#1077;&#1089;&#1089;&#1080;&#1086;&#1085;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1074;&#1099;&#1087;&#1091;&#1089;&#1082; &#1074;&#1077;&#1088;&#1089;&#1080;&#1080; 2003-->MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Express Edition - FRA-->MsiExec.exe /X{15473D70-D791-3B5E-B174-2FD19EC0D017}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Express - Fran&#1079;ais-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition - FRA\setup.exe
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Mindjet MindManager Pro 7-->MsiExec.exe /I{BEA0F6C2-EC26-4366-90AE-D5E4CE7FD5EB}
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla ActiveX Control 1.9.0.5-->"C:\Program Files\Mozilla ActiveX Control 1.9.0.5\unins000.exe"
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->H:\Apps\PortableThunderbird\App\thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{8E719AE4-286B-4F01-8DA1-6270B0BF819D}
Music MP3 Get-->"C:\Program Files\MusicMP3Get\uninst.exe"
Notebook Hardware Control 2.0 Pre-Release-06-->C:\Program Files\Notebook Hardware Control\uninst.exe
Notepad Pro v1.4-->C:\Program Files\Notepad Pro\unInstall.exe
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Outil de t&#1081;l&#1081;chargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PCDJ Red-->C:\PROGRA~1\VISIOS~1\PCDJRE~1\UNWISE.EXE C:\PROGRA~1\VISIOS~1\PCDJRE~1\INSTALL.LOG
PDF-XChange 3.0-->"C:\Program Files\Mindjet\MindManager 7\PDF-XChange\unins000.exe"
Photoshine 2.0-->"C:\Program Files\Photoshine\unins000.exe"
Pixie 2.0-->"C:\Program Files\Pixie2\Uninstal.exe"
Power Data Recovery 4.1.1-->C:\Program Files\Power Data Recovery\Uninstall.exe
PowerGramo Professional-->C:\Program Files\Monsters\PowerGramo\Uninstall.exe
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x19  -removeonly
REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x19
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9  -removeonly
RS Somn&#1085;fero-->"C:\Program Files\Rico Software\RS Somn&#1085;fero\desinstalar.exe"
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Seven Remix XP 1.0.1-->C:\WINDOWS\NiwradSoft Shell Pack\uninst.exe
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Snagit 9.1-->MsiExec.exe /I{0E6ED660-498C-42F7-9EF4-FB0C96DFC01A}
Spider-Man 2-->D:\games\d\UNWISE.EXE D:\games\d\INSTALL.LOG
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StrongDC++-->"C:\Program Files\StrongDC++\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Best KeyLogger-->MsiExec.exe /I{35CC7AF2-E546-41F3-A214-D1F3AA549940}
The Sims 2 - Sims 2 Bon Voyage-->"D:\games\The Sims 2 - Sims 2 Bon Voyage\unins000.exe"
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Power Saver-->C:\Program Files\InstallShield Installation Information\{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}\setup.exe -runfromtemp -l0x0019 -uninst -removeonly
TOSHIBA Software Modem-->Tosmreg -U
Total Commander 7.04 PowerPack-->"C:\Program Files\Total Commander\uninstall.exe"
Trojan Killer 2.0-->"C:\Program Files\GridinSoft Trojan Killer\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
USB Disk Security 5.0.0.85-->"C:\Program Files\USB Disk Security\unins000.exe"
USB Safely Remove 3.3-->"C:\Program Files\USB Safely Remove\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VDownloader  0.81-->"C:\Program Files\VDOWNLOADER\unins000.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vista Drive Icon-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\VistaDrv.inf,Uninstall
Vista Games 1.3 XP-->C:\Program Files\Vista Games\Freecell\uninst.exe
VKSaver-->"C:\Program Files\VKSaver\uninstall.exe"
VSO Image Resizer 1.1.16-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Wandering IPs-->"C:\Program Files\Wandering IPs\uninstall.exe"
WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player 9 Series TweakMP PowerToy-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tweakmp.inf,DefaultUninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (RUS)-->MsiExec.exe /X{D83A3DFC-8528-4E31-93DC-0A41C477109C}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Rights Management Client Backwards Compatibility SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client with Service Pack 2-->MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView Shell Extension 2.6.0-->"C:\Program Files\XnView\ShellEx\unins000.exe"
xp-AntiSpy 3.97-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Mail Advisor-->C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
&#1040;&#1088;&#1093;&#1080;&#1074;&#1072;&#1090;&#1086;&#1088; WinRAR (&#1090;&#1086;&#1083;&#1100;&#1082;&#1086; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077;)-->C:\Program Files\WinRAR\uninstall.exe
&#1044;&#1086;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1077;&#1083;&#1100;&#1085;&#1099;&#1077; &#1072;&#1087;&#1087;&#1083;&#1077;&#1090;&#1099;-->"C:\WINDOWS\system32\CPLDAPU\unins000.exe"
&#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
&#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
&#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
&#1054;&#1073;&#1085;&#1086;&#1074;&#1083;&#1077;&#1085;&#1080;&#1077; &#1076;&#1083;&#1103; Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
&#1055;&#1072;&#1082;&#1077;&#1090; &#1086;&#1073;&#1077;&#1089;&#1087;&#1077;&#1095;&#1077;&#1085;&#1080;&#1103; &#1089;&#1086;&#1074;&#1084;&#1077;&#1089;&#1090;&#1080;&#1084;&#1086;&#1089;&#1090;&#1080; &#1076;&#1083;&#1103; &#1074;&#1099;&#1087;&#1091;&#1089;&#1082;&#1072; 2007 &#1089;&#1080;&#1089;&#1090;&#1077;&#1084;&#1099; Microsoft Office-->MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}

======Hosts File======

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: CK2
Event Code: 10005
Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
&#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 16120
Source Name: DCOM
Time Written: 20090510210639.000000+180
Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
User: CK2\Admin

Computer Name: CK2
Event Code: 10005
Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
&#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 16119
Source Name: DCOM
Time Written: 20090510210638.000000+180
Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
User: CK2\Admin

Computer Name: CK2
Event Code: 10005
Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
&#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 16118
Source Name: DCOM
Time Written: 20090510210635.000000+180
Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
User: CK2\Admin

Computer Name: CK2
Event Code: 10005
Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
&#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 16117
Source Name: DCOM
Time Written: 20090510210633.000000+180
Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
User: CK2\Admin

Computer Name: CK2
Event Code: 10005
Message: &#1054;&#1096;&#1080;&#1073;&#1082;&#1072; DCOM "%1058" &#1087;&#1088;&#1080; &#1087;&#1086;&#1087;&#1099;&#1090;&#1082;&#1077; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1083;&#1091;&#1078;&#1073;&#1099; StiSvc &#1089; &#1072;&#1088;&#1075;&#1091;&#1084;&#1077;&#1085;&#1090;&#1072;&#1084;&#1080; ""
&#1076;&#1083;&#1103; &#1079;&#1072;&#1087;&#1091;&#1089;&#1082;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 16116
Source Name: DCOM
Time Written: 20090510210630.000000+180
Event Type: &#1086;&#1096;&#1080;&#1073;&#1082;&#1072;
User: CK2\Admin

=====Application event log=====

Computer Name: VORTEX
Event Code: 1800
Message: &#1057;&#1083;&#1091;&#1078;&#1073;&#1072; &#1094;&#1077;&#1085;&#1090;&#1088;&#1072; &#1086;&#1073;&#1077;&#1089;&#1087;&#1077;&#1095;&#1077;&#1085;&#1080;&#1103; &#1073;&#1077;&#1079;&#1086;&#1087;&#1072;&#1089;&#1085;&#1086;&#1089;&#1090;&#1080; Windows &#1079;&#1072;&#1087;&#1091;&#1097;&#1077;&#1085;&#1072;.

Record Number: 762
Source Name: SecurityCenter
Time Written: 20090307122042.000000+120
Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
User: 

Computer Name: VORTEX
Event Code: 0
Message: 
Record Number: 761
Source Name: PTsup5
Time Written: 20090307122042.000000+120
Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
User: 

Computer Name: VORTEX
Event Code: 1
Message: 
Record Number: 760
Source Name: Bonjour Service
Time Written: 20090307122042.000000+120
Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
User: 

Computer Name: VORTEX
Event Code: 0
Message: 
Record Number: 759
Source Name: PTsup5
Time Written: 20090307122042.000000+120
Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
User: 

Computer Name: VORTEX
Event Code: 1002
Message: &#1054;&#1073;&#1086;&#1083;&#1086;&#1095;&#1082;&#1072; &#1085;&#1077;&#1086;&#1078;&#1080;&#1076;&#1072;&#1085;&#1085;&#1086; &#1079;&#1072;&#1074;&#1077;&#1088;&#1096;&#1080;&#1083;&#1072; &#1088;&#1072;&#1073;&#1086;&#1090;&#1091;, &#1080; &#1087;&#1088;&#1086;&#1075;&#1088;&#1072;&#1084;&#1084;&#1072; "Explorer.exe" &#1073;&#1099;&#1083;&#1072; &#1087;&#1077;&#1088;&#1077;&#1079;&#1072;&#1087;&#1091;&#1097;&#1077;&#1085;&#1072;.

Record Number: 758
Source Name: Winlogon
Time Written: 20090307105720.000000+120
Event Type: &#1080;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103;
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\JRun4\verity\k2\_nti40\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VS90COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\
"VERITY_CFG"=C:\JRun4\verity\k2\common\verity.cfg
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

14

negrissim, le 25 mai 2009 à 13:39:21

Merde je t'ai file tous les info sur mon Pc j'espere que tu sais se que tu fais ^^? "La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; 
DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, 
et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci:
 quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile,
 alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

15

gen-hackman, le 25 mai 2009 à 13:39:51

######## | XP _ Instal & recherche | #######


Telecharge et install UsbFix (de C_XX & Chiquitine29)

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau .

# Choisi l option 1 ( Recherche )

# Laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.



G3и-н@¢км@и™©®

   
Répondre à gen-hackman

16

negrissim, le 25 mai 2009 à 14:07:56

Voila le rapport USB::
comment desinfecter maintenant? 



############################## [ UsbFix V3.025 | Scan ]

# User : Admin (&#1040;&#1076;&#1084;&#1080;&#1085;&#1080;&#1089;&#1090;&#1088;&#1072;&#1090;&#1086;&#1088;&#1099;) # CK2
# Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 15:02:09 | 25.05.2009

# Intel(R) Pentium(R) Dual  CPU  T2370  @ 1.73GHz
# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : AntiVir Desktop 9.0.1.26 [ Enabled | Updated ]

# C:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (4,46 Go free) [WIN XP SP3] # NTFS
# D:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (22,02 Go free) [MULTIMEDIA] # NTFS
# E:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 21,97 Go (1,55 Go free) [PROGRAM & GAMES] # NTFS
# F:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 29,39 Go (19,03 Go free) [Win 7even] # NTFS
# G:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
# H:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 981,72 Mo (328,94 Mo free) [AISULUU] # FAT
# I:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
# J:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 1,95 Mo (1,42 Mo free) [AISULUU 2] # FAT
# K:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 3,67 Go (144,84 Mo free) [CK7UP] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [  Registre Startup ]

HKCU_Main:   "Local Page"="C:\\WINDOWS\\SYSTEM32\\blank.htm" 
HKCU_Main:   "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" 
HKCU_Main:   "Start Page"="about:blank" 
HKCU_Main:   "Window Title"="" 
HKLM_logon:  "Userinit"="C:\\WINDOWS\\SYSTEM32\\Userinit.exe," 
HKLM_logon:  "DefaultUserName"="Admin" 
HKLM_logon:  "AltDefaultUserName"="Admin" 
HKLM_Run:    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= 

################## [ Fichiers # Dossiers infectieux ]

Found ! D:\update.exe  
Found ! H:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini  
Found ! J:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini  

################## [ Registre # Cl&#1081;s Run infectieuses ]

Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe    

################## [ Registre # Mountpoints2 ]

HKCU\...\Explorer\MountPoints2\{1e5de7ea-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
HKCU\...\Explorer\MountPoints2\{1e5de7eb-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
HKCU\...\Explorer\MountPoints2\{1e5de7ec-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
HKCU\...\Explorer\MountPoints2\{1e5de7ed-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
HKCU\...\Explorer\MountPoints2\{759f7b26-027b-11de-930e-001e334514d3}\Shell\AutoRun\Command  
HKCU\...\Explorer\MountPoints2\{b3fe87b3-3099-11de-b463-001e334514d3}\Shell\AutoRun\Command  

################## [ Informations # Fichier Suspect ]


################## [ Cracks # Keygens # Serials ]

# -> Nothing found !  

################## [ ! Fin du rapport # UsbFix V3.025 ! ]
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

17

^^Marie^^, le 25 mai 2009 à 14:19:59

Bonjour negrissim,

Tu eux suivre les indications qu'ils te sont données

Par contre ta signature est Hors Charte

Bonne continuation

++ Je suis entrée dans CCM, La cigarette dans une main,
Les ©Tongs© dans l’autre main, 
Les ***** nus sous la chemise

 

   
Répondre à ^^Marie^^

18

gen-hackman, le 25 mai 2009 à 14:19:59

######## | Suppression | ########

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# choisi l option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )


######### | Désinstallation | #######


# Double clic sur le raccourci UsbFix présent sur ton bureau

# Choisi l option Désinstaller .... G3и-н@¢км@и™©®

   
Répondre à gen-hackman

19

negrissim, le 25 mai 2009 à 15:53:31

Voila le resultat que faire maintenant ??? 


############################## [ UsbFix V3.025 | Cleaning ]

# User : Admin (&#1040;&#1076;&#1084;&#1080;&#1085;&#1080;&#1089;&#1090;&#1088;&#1072;&#1090;&#1086;&#1088;&#1099;) # CK2
# Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:32:56 | 25.05.2009

# Intel(R) Pentium(R) Dual  CPU  T2370  @ 1.73GHz
# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : AntiVir Desktop 9.0.1.26 [ Enabled | Updated ]

# C:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (4,47 Go free) [WIN XP SP3] # NTFS
# D:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 48,84 Go (22,02 Go free) [MULTIMEDIA] # NTFS
# E:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 21,97 Go (1,55 Go free) [PROGRAM & GAMES] # NTFS
# F:\ # &#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1078;&#1077;&#1089;&#1090;&#1082;&#1080;&#1081; &#1076;&#1080;&#1089;&#1082; # 29,39 Go (19,03 Go free) [Win 7even] # NTFS
# G:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
# H:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 981,72 Mo (328,94 Mo free) [AISULUU] # FAT
# I:\ # &#1050;&#1086;&#1084;&#1087;&#1072;&#1082;&#1090;-&#1076;&#1080;&#1089;&#1082;
# J:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 1,95 Mo (1,42 Mo free) [AISULUU 2] # FAT
# K:\ # &#1057;&#1098;&#1077;&#1084;&#1085;&#1099;&#1081; &#1076;&#1080;&#1089;&#1082; # 3,67 Go (144,84 Mo free) [CK7UP] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SYSTEM32\Userinit.exe
C:\WINDOWS\Explorer.EXE

################## [ Fichiers # Dossiers infectieux ]

Deleted ! D:\update.exe    
Deleted ! H:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini    
Deleted ! J:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini    
Deleted ! K:\autorun.inf    
Deleted ! K:\start.exe    
Deleted ! K:\recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx    

################## [ Registre # Cl&#1081;s Run infectieuses ]

Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe    

################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ea-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7eb-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ec-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
Deleted ! HKCU\...\Explorer\MountPoints2\{1e5de7ed-10d0-11de-aee6-df71460e96c6}\Shell\AutoRun\Command  
Deleted ! HKCU\...\Explorer\MountPoints2\{b3fe87b3-3099-11de-b463-001e334514d3}\Shell\AutoRun\Command  

################## [ Listing des fichiers pr&#1081;sent ]

[25.05.2009 13:42|--a------|13472] - C:\Ad-Report-25.05.2009.log
[24.02.2009 16:46|---------|0] - C:\AUTOEXEC.BAT
[11.04.2009 19:25|---h-----|379] - C:\Boot.BAK
[24.05.2009 14:42|-r-hs----|523] - C:\boot.ini
[15.04.2008 15:00|-r-hs----|4952] - C:\Bootfont.bin
[13.12.2008 10:03|-rahs----|377151] - C:\bootmgr
[22.04.2009 03:13|-rahs----|8192] - C:\BOOTSECT.BAK
[24.02.2009 16:46|---------|0] - C:\CONFIG.SYS
[24.02.2009 17:17|---------|3218] - C:\instLog.txt
[24.02.2009 16:46|-r-hs----|0] - C:\IO.SYS
[08.12.1992 06:00|--a------|17728] - C:\LISEZMOI
[08.12.1992 06:00|--a------|4895] - C:\LISEZMOI.COM
[08.12.1992 06:00|--a------|12438] - C:\LISTEFIC.DOC
[12.05.2009 15:03|--a------|0] - C:\Logfile.txt
[24.02.2009 16:46|-r-hs----|0] - C:\MSDOS.SYS
[15.04.2008 15:00|-r-hs----|47564] - C:\NTDETECT.COM
[15.04.2008 15:00|-r-hs----|251152] - C:\ntldr
[26.02.2009 10:11|---h-----|21] - C:\qpmd8378.bin
[13.04.2009 07:19|--a------|959] - C:\rollback.ini
[08.12.1992 06:00|--a------|23044] - C:\UNZIP.EXE
[25.05.2009 16:34|--a------|4266] - C:\UsbFix.txt
[21.04.2009 15:49|--a------|70] - D:\dual boot tuto.txt
[21.04.2009 15:41|--a------|43584264] - D:\kavwks8.0.0.1015en.exe
[05.02.2009 22:22|-rahs----|0] - D:\khs
[?|?|?] - D:\pagefile.sys
[21.04.2009 20:02|--a------|76705704] - D:\pavp2009cw7.exe
[24.04.2009 13:34|--ahs----|32256] - D:\Thumbs.db
[23.05.2009 08:51|--a------|188416] - D:\Vista-ShutdownTimer.exe
[11.12.2006 13:56|--a------|180224] - D:\Vista-ShutdownTimer.exe.old
[04.03.2009 12:56|--a------|22065576] - E:\ccm-2.0.7.exe
[23.03.2009 08:27|--a------|102400] - E:\chromechannel-2.0.exe
[28.04.2009 10:50|--a------|8810992] - E:\chrome_installer.exe
[08.01.2009 18:06|--a------|15885067] - E:\digsby_setup.exe
[19.03.2009 03:22|--a------|707080] - E:\FMZsetup.exe
[19.03.2009 23:14|--a------|967928] - E:\Fraps 2.9.2 [Par Ratiatum.com].exe
[19.03.2009 23:08|--a------|1444697] - E:\GAG 4.9 [Par Ratiatum.com].zip
[19.03.2009 23:12|--a------|2085262] - E:\highgrow420[Par.Ratiatum.com].zip
[05.02.2009 22:22|-rahs----|0] - E:\khs
[17.01.2009 12:09|--a------|3639966] - E:\MusicMP3Get-2.0.1.2.Setup.exe
[06.01.2009 22:54|--a------|2351003] - E:\notebook-hardware-control_notebook_hardware_control_v2.0_anglais_38491.zip
[?|?|?] - E:\pagefile.sys
[19.03.2009 22:45|--a------|13334000] - E:\RealPlayer11GOLD (1).exe
[23.05.2009 08:58|--a------|1140701] - E:\rssomnifero.exe
[09.05.2009 11:08|--a------|359935] - E:\SafeXP.zip
[19.03.2009 23:02|--a------|11297508] - E:\Seven_Remix_XP_1_01_by_Niwradsoft.exe
[30.03.2009 14:48|--a------|23552808] - E:\SkypeSetup.exe
[19.03.2009 03:23|--a------|66531] - E:\vksaver-install.exe
[09.05.2009 11:08|--a------|414745] - E:\xp-AntiSpy_setup-french.exe
[15.10.2008 19:11|--a------|24] - F:\autoexec.bat
[15.10.2008 19:11|--a------|10] - F:\config.sys
[09.05.2009 07:25|--ahs----|797413376] - F:\hiberfil.sys
[?|?|?] - F:\pagefile.sys
[07.12.2008 17:46|--a------|1342] - H:\BOOTEX.LOG
[10.04.2009 15:19|--a------|77] - H:\history.data
[02.09.2008 11:03|--a------|46080] - H:\JavaLab2-PZ.doc
[01.03.2009 15:56|--a------|540768256] - H:\ROSE_ENTERPRISE.iso
[21.11.2008 17:52|--a------|126976] - H:\‡&#1118;_&#1074; § &#1031;&#1072; &#1028;&#1074;&#1025;&#1028;&#1025;.doc
[15.04.2008 14:00|--a------|36222] - H:\README.HTM
[15.04.2008 14:00|--a------|98665] - H:\SETUPXP.HTM
[18.11.2006 12:22|--a------|64512] - H:\JavaLab5-PZ.doc
[12.10.2008 13:26|--a------|19258] - H:\‹ &#1038;1.docx
[05.10.2006 15:04|--a------|53248] - H:\JavaLab3-PZ.doc
[12.10.2006 15:58|--a------|28672] - H:\JavaLab4-PZ.doc
[02.09.2008 11:03|--a------|46080] - H:\JavaLab1-PZ.doc
[21.11.2008 17:45|--a------|24064] - H:\Co¤&#1168;&#1072;¦ ­&#1025;&#1168;.doc
[21.11.2008 17:37|--a------|24064] - H:\‘&#1031;&#1025;&#1073;®&#1028; «&#1025;&#1074;&#1168;&#1072; &#1074;&#1075;&#1072;&#1083;.doc
[18.03.2009 13:02|--a------|197418] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘&#1028;&#1075;&#1072;&#1073; &#1028; ).mdl
[22.12.2008 13:22|--a------|508416] - H:\&#1033;&#1075;&#1072;&#1073; &#1028; &#1119;&#1033;€&#1034;“&#1033;!.doc
[11.03.2009 13:12|--a------|183973] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘&#1028;&#1075;&#1072;&#1073; &#1028; ).md~
[16.02.2009 10:59|--a------|119808] - H:\&#1106;&#1107;&#1106;_&#1033;&#1034;-507.doc
[18.03.2009 21:52|--a------|1912] - H:\Metelab.RAR
[25.03.2009 12:53|--a------|179010] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘ &#1073;&#1074;&#1075;¤&#1168;­&#1074;).md~.mdl
[25.03.2009 12:48|--a------|179010] - H:\&#1039;&#1072;&#1025;¬&#1168;&#1072;(&#1026;&#1039;&#1033;‘ &#1073;&#1074;&#1075;¤&#1168;­&#1074;).md~.md~
[09.05.2009 10:00|--a------|154112] - H:\&#1034; &#1072;&#1028;&#1168;&#1074;&#1025;­&#1032;.doc referat.doc
[12.10.2008 13:26|--a------|19258] - H:\‹ &#1038;1 - &#1028;®&#1031;&#1025;&#1087;.docx
[22.04.2009 19:45|--a------|372736] - J:\”&#1072; &#1032;¬&#1168;­&#1074;.shs
[25.02.2009 23:37|--a------|41] - J:\pmp_usb.ini
[03.12.2008 21:14|--a------|26112] - J:\524354.doc
[18.11.2008 20:23|--a------|109568] - J:\laba 3.doc
[25.02.2009 23:37|-r-h-----|474] - J:\winamp_cache_0001.xml
[22.05.2009 13:58|--a------|1377] - K:\start.ini
[08.07.2008 20:19|--a------|23708] - K:\Licence-fr.txt

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# K:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
"La PAROLE est d'OR, le SILENCE est d'ARGENT, le BRUIT est de BRONZE; DIEU est la QUESTION dont NOUS SOMMES LA REPONSE." 

Ceux qui te mettent dans la merde ne le font pas toujours pour ton Malheur, et ceux qui t'en sortent ne le font pas pour ton Bonheur, mais surtout ceci: quand tu es dans la merde: TAIS TOI. !!!
L'avantage d'etre intelligent, c'est qu'on peut toujours faire l'imbecile, alors que l'inverse est impossible.
  
                                                                      cK

   
Répondre à negrissim

20

 gen-hackman, le 25 mai 2009 à 17:06:38

Ok supprimes ceci :

c:\rsit

redemarre et relances rsit stp G3и-н@¢км@и™©®

   
Répondre à gen-hackman
Posez votre question Répondre
Ils ont besoin de votre aide