Contaminé a minima par Brastk.exe

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Contaminé a minima par Brastk.exe

Messagede alto » 21 Oct 2008, 21:06

Bonjour
Mon PC a été contaminé (a minima !!!) par Bratsk.exe (XP Antispyware 2009).
J'ai suivi les conseil du site http://net-studio.org/fr/application/brastk.php mais j'ai tjs des pbs.
Je ne peux plus accéder aux principaux sites Web d'anti-virus, anti-spyware,.....
Mon AV ne veux plus de mettre à jour (F-Secure Client Security 7.10)
Les recherche sur Google sont farfelues... Mon PC est lent...

J'ai suivi votre méthode PAD mais j'ai tjs les même soucis.
Ci-joints les fihiers HJT2.txt et Nav1.txt

*****************************************************************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:39, on 20/10/2165
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Cobian Backup 8\cbService.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Temp\Resultat Toto Jacke\azedfrt.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: karna.dat
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\Cobian Backup 8\cbService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Astase ThalliumBackup Client Background Service (thpassivesvc) - Astase - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe

--
End of file - 9722 bytes

***********************************************************************************************************

Search Navipromo version 3.6.6 commencé le 20/10/2165 à 23:13:38,65

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spéblurpte !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Les parents"

Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers :

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Les parents\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xx\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxxx\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxxxx\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Les parents\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xx\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxx\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxxxx\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Les parents\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xx\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxxx\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\xxxxxx\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Scan Catchme non réalisé.
Droits limités sur la session actuelle.

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Les parents\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\xx\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\xxxx\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\xxxxxx\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\Les parents\locals~1\applic~1" :


* Dans "C:\DOCUME~1\xx\locals~1\applic~1" :


* Dans "C:\DOCUME~1\xxxx\locals~1\applic~1" :


* Dans "C:\DOCUME~1\xxxxx\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 20/10/2165 à 23:18:11,08 ***
****************************************************************************************

Merci d'avance pour votre aide....
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede nickW » 21 Oct 2008, 22:24

Bonsoir,


En effet, ton PC est infecté. Peux-tu faire ce qui suit:

Au vu de la longueur de la procédure, je te conseille de l'imprimer, d'enregistrer la page dans un fichier HTML (c'est la meilleure solution), ou d'en sélectionner toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC (Note: tu n'auras pas accès à Internet et des redémarrages sont possibles).
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection.


Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).
Sous Windows XP, pour vérifier si un compte a les droits "Administrateur":
Démarrer---->Paramètres---->Panneau de configuration---->Comptes d'utilisateurs
A côté de l'icône représentant certains comptes (hormis celui nommé "Administrateur"), il est indiqué "Administrateur de l'ordinateur"
C'est l'un de ces comptes qu'il faudra utiliser en mode sans échec.



Étape 1: Affichage tous fichiers
Vérifier que ton PC affiche bien tous les fichiers
http://assiste.com.free.fr/p/comment/co ... aches.html


Étape 2: OTListIt (de OldTimer), téléchargement
Télécharger OTListIt.exe depuis http://oldtimer.geekstogo.com/OTListIt.exe
Enregistrer ce fichier sur le Bureau.


Étape 3: SDFix (de Andy Manchesta)
Télécharger SDFix.exe depuis l'un des trois liens ci-dessous:
http://downloads.andymanchesta.com/Remo ... /SDFix.exe
http://download.bleepingcomputer.com/an ... /SDFix.exe
http://sdfix.net/SDFix.exe
Enregistrer ce fichier sur le Bureau.
Faire un double clic sur SDFix.exe pour lancer l'extraction de l'outil dans un dossier SDFix placé à la racine de la partition système (par défaut "C:\").
A la fin de l'installation, une fenêtre du Bloc-notes s'ouvre pour afficher le contenu du fichier "Installed.txt". Fermer cette fenêtre du Bloc-notes.


Étape 4: Mode sans échec
Faire redémarrer le PC en mode sans échec en utilisant la méthode F8 (F5 sur certains PCs). Impératif: ne pas utiliser la méthode "msconfig"!
Voir http://assiste.com.free.fr/p/comment/co ... echec.html
Fermer le plus possible de fenêtres.
Pas de connexion Internet ouverte, pas d'Internet Explorer ouvert.


Étape 5: SDFix
Ouvrir le dossier SDFix qui a été créé à la racine de la partition système, et faire un double clic sur RunThis.bat pour lancer l'outil.

Image

Appuyer sur la touche Y puis faire Entrée, pour lancer l'exécution.
Selon l'infection détectée, un redémarrage immédiat est parfois nécessaire. Accepter, et faire redémarrer le PC en mode sans échec.
L'outil va supprimer les services de certains trojans, effectuer aussi quelques réparations du Registre. Ensuite, il demandera d'appuyer sur une touche pour faire redémarrer le PC.
Appuyer sur n'importe quelle touche pour faire redémarrer le PC (en mode normal).
Le système va mettre plus de temps que d'habitude pour redémarrer car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil va terminer le nettoyage puis afficher Finished.

Image

Appuyer sur n'importe quelle touche pour fermer l'outil et charger les icônes du Bureau.
Une fenêtre du Bloc-notes va s'ouvrir, affichant le rapport de SDFix.
Fermer cette fenêtre.


Étape 6: OTListIt (de OldTimer)
Le PC doit être en mode normal.
Fermer toutes les fenêtres de programme ouvertes.
Faire un double clic sur OTListIt.exe pour lancer l'outil.
Cocher la case située devant Scan All Users.
Cliquer sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt.


Étape 7: Résultats
Envoyer en réponse:
*- le rapport de SDFix (contenu du fichier Report.txt situé dans le dossier SDFix)

Envoyer ensuite en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede alto » 22 Oct 2008, 20:26

Bonjour

J'ai un pb, je n'arrive pas à démarrer en mode sans échec sans "utiliser la méthode "msconfig !"
Or tu insistes sur le fait de ne pas utiliser cette méthode...

Le PC ce bloque lorsque j'ai le menu avec les modes de démarrage (touche F5 pour ce qui me concerne)
De plus je ne récupère pas tjs les différents modes de démarrage...

Que fais-je ???

Merci
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede nickW » 23 Oct 2008, 00:22

Bonsoir,

Le démarrage en mode sans échec peut être long (jusqu'à 20 ou 30 minutes).

As-tu attendu assez longtemps?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede alto » 23 Oct 2008, 09:52

Désolé, effectivement je n'ai attendu que 5 à 10 mn.....
Je retente le coup ce soir....

Merci
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede alto » 23 Oct 2008, 19:55

Re-Désolé.....

En étant un peu plus précis, suite à l'activation du mode sans échec (F5) l'écran avec le menu de choix pour démarrer en mode sans échec s'affiche mais j'ai l'impression que le PC se fige : je ne peux pas choisir le mode sans échec...
Le clavier ne répond pas, la touche "Enter" non plus.......
J'ai patienté à deux reprises de 1h à 1h30 et rien.......

Normal ???
Encore merci pour les conseils
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede alto » 23 Oct 2008, 20:48

Des nouvelles du front...
Suite à mon mail ci-dessous j'ai redémarré mon PC...
Finalement démarrage très rapide, mon AV F-Secure Client Security semble OK (FW, AV, AntiSpyware), je n'ai plus de croix rouge. La mise à jour de sa base de signature s'est effectuée ....
Le 1er lancement des applis (FireFox 3.0.3, OpenOffice 3.0,...) sont long mais la deuxième fois plus rapide..
Je peux accéder au download des site Anti-Virus Kasperky, F-secure,... ce qui n'était pas le cas avant....

Je n'ai pas l'impression que j'ai réalisé l'étape 4 complètement....Dois-je néanmoins effectuer les étapes 5-6-7 en mode normal ???
Connexion avec un utilisateur Administrateur, sans connexion Internet ??

Encore merci
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede nickW » 24 Oct 2008, 00:59

Bonsoir,

L'étape 5 ne peut pas fonctionner en mode normal.

Les étapes 6 et 7 (création et envoi des rapports) seraient bien utiles ..... :wink:

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede alto » 25 Oct 2008, 00:21

Bonsoir,

Après avoir réalisé l'étape 6, j'ai un pb car dans le dossier SDFix, je ne trouve pas de fichier "report.txt".
Sinon ci-joint le premier rapport OTListIT.

OTListIt logfile created on: 25/10/2008 01:10:14 - Run 2
OTListIt by OldTimer - Version 1.0.10.0 Folder = C:\Documents and Settings\Les parents\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,25 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 63,82% Memory free
2,98 Gb Paging File | 2,56 Gb Available in Paging File | 85,68% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 20,86 Gb Free Space | 28,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PLESSIX-1
Current User Name: Les parents
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2004/09/07 17:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2002/04/12 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe
[2001/12/13 01:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe
[2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
[2008/09/10 16:50:26 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2002/11/27 14:38:32 | 00,061,440 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe
[2007/09/27 13:37:12 | 00,499,200 | ---- | M] (Luis Cobian) -- C:\Program Files\Cobian Backup 8\cbService.exe
[2007/08/27 15:17:26 | 00,047,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
[2007/08/27 15:21:40 | 00,113,320 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMA32.EXE
[2007/08/27 15:17:26 | 00,366,704 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
[2007/12/17 12:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
[2007/08/27 15:21:46 | 00,232,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMB32.EXE
[2005/04/22 04:54:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2007/08/27 15:21:38 | 00,182,952 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSM32.EXE
[2004/08/04 02:55:02 | 00,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
[2008/02/08 16:11:24 | 00,646,144 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe
[2007/08/27 15:21:26 | 00,125,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FCH32.EXE
[2005/07/22 11:42:46 | 01,519,616 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
[2004/12/16 18:49:14 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[2007/08/27 15:21:26 | 00,391,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FAMEH32.EXE
[2007/08/27 15:17:34 | 00,043,696 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
[2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2008/10/10 19:36:32 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2007/04/23 04:00:00 | 00,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
[2007/08/27 15:20:12 | 00,473,712 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe
[2007/04/11 15:32:22 | 00,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
[2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
[2007/08/27 15:22:18 | 00,162,472 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FNRB32.exe
[2007/08/27 15:17:36 | 00,425,584 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
[2007/08/27 15:15:46 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
[2007/08/27 15:22:16 | 00,101,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FIH32.exe
[2007/08/27 15:19:10 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
[2007/08/27 15:17:10 | 00,324,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
[2001/08/23 18:47:30 | 00,032,256 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\BrmfRsmg.exe
[2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/10/22 20:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/05/12 12:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0 [Auto | Running])
[2004/10/22 14:42:44 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Stopped])
[2008/09/10 16:50:26 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2002/11/27 14:38:32 | 00,061,440 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe -- (brmfrmps [Auto | Running])
[2002/04/12 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service [Auto | Running])
[2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/09/27 13:37:12 | 00,499,200 | ---- | M] (Luis Cobian) -- C:\Program Files\Cobian Backup 8\cbService.exe -- (CobBMService [Auto | Running])
[2007/08/27 15:17:26 | 00,047,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
[2007/08/27 15:22:18 | 00,162,472 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FNRB32.exe -- (F-Secure Network Request Broker [On_Demand | Running])
[2008/10/18 19:13:36 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2007/08/27 15:15:46 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
[2007/08/27 15:19:10 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
[2007/08/27 15:21:40 | 00,113,320 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMA32.EXE -- (FSMA [Auto | Running])
[2007/12/17 12:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe -- (fsssvc [Auto | Running])
[2004/09/07 17:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2008/09/10 17:39:48 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
[2005/04/22 04:54:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2004/08/04 02:55:02 | 00,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe -- (SLService [Auto | Running])
[2008/02/08 15:44:14 | 01,952,256 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe -- (ThalliumServer [Disabled | Stopped])
[2008/02/08 16:11:24 | 00,646,144 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe -- (thpassivesvc [Auto | Running])
[2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/11/03 10:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2002/09/05 22:41:20 | 00,667,543 | R--- | M] (Avance Logic, Inc.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2004/08/19 22:07:10 | 00,041,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/07/27 12:20:46 | 00,028,205 | ---- | M] (Alpha Networks Inc.) -- C:\WINDOWS\system32\ANIO.sys -- (ANIO [Auto | Running])
[2006/09/27 18:31:44 | 00,274,816 | ---- | M] (Guillemont Corporation) -- C:\WINDOWS\system32\drivers\HDvid.sys -- (APL531 [On_Demand | Running])
[2001/08/17 22:12:12 | 00,002,944 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt [On_Demand | Running])
[2001/08/17 22:12:20 | 00,060,416 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrSerWdm.sys -- (BrSerWDM [On_Demand | Running])
[2001/08/17 22:12:20 | 00,011,008 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys -- (BrUsbMdm [On_Demand | Running])
[2001/08/17 22:12:22 | 00,010,368 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn [On_Demand | Running])
[2006/09/28 17:05:54 | 00,022,656 | ---- | M] (Guillemot Corporation) -- C:\WINDOWS\system32\drivers\camfilt.sys -- (camfilt [On_Demand | Running])
[2007/08/27 15:18:04 | 00,039,792 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter [Disabled | Stopped])
[2007/08/27 15:17:44 | 00,062,064 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
[2007/08/27 15:20:46 | 00,070,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\HIPS\fshs.sys -- (F-Secure HIPS [System | Running])
[2007/08/27 15:18:08 | 00,025,200 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
[2007/08/27 15:19:00 | 00,060,272 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
[2007/10/17 14:53:16 | 00,043,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr.sys -- (fssfltr [Auto | Running])
[2004/08/04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2004/09/07 17:27:22 | 00,091,136 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2004/09/07 17:27:38 | 00,028,544 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass [System | Running])
[2004/08/04 00:45:14 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2007/04/11 15:32:30 | 00,020,496 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
[2007/04/11 15:32:38 | 00,063,248 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou [On_Demand | Stopped])
[2007/04/11 15:32:52 | 00,034,832 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
[2007/04/11 15:32:58 | 00,036,112 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
[2007/04/11 15:33:06 | 00,079,376 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])
[2004/08/19 22:07:10 | 00,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys -- (mf [On_Demand | Running])
[2001/08/17 23:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2005/07/04 09:32:58 | 00,364,544 | R--- | M] (MSI) -- C:\WINDOWS\System32\msicpl.dll -- (MSICPL [On_Demand | Stopped])
[2001/08/18 00:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2004/08/04 00:41:40 | 00,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5 [On_Demand | Running])
[2004/08/04 00:41:38 | 01,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm [On_Demand | Stopped])
[2004/08/04 00:41:40 | 00,180,360 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax [On_Demand | Stopped])
[2005/04/22 04:54:00 | 03,095,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2003/12/05 11:46:36 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2004/08/19 22:04:26 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/29 04:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/04 00:41:40 | 00,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent [Boot | Running])
[2005/06/04 21:07:56 | 00,319,104 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61 [On_Demand | Running])
[2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/08/04 01:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp [Boot | Running])
[2004/08/04 00:41:44 | 00,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr [On_Demand | Running])
[2004/08/04 00:41:46 | 00,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal [On_Demand | Stopped])
[2004/08/04 00:41:46 | 00,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup [On_Demand | Running])
[2004/08/04 01:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Running])
[2006/11/02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Running])
[2004/08/19 22:12:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\S-1-5-21-1454471165-484763869-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\S-1-5-21-1454471165-484763869-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (844 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 10.0.0.2 dss2.siteadvisor.com
O1 - Hosts: 10.0.0.3 dss1.siteadvisor.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004..\Run: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (SmartShopper Networks)
O9 - Extra Button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (SmartShopper Networks)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: www.rendezvousfacile.com (https in Sites de confiance)
O15 - HKCU\..Trusted Sites: 27 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..Trusted Sites: www.rendezvousfacile.com (https in Sites de confiance)
O15 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..Trusted Sites: 27 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab (AhnASP Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler: - bwfile-8876480 - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - wlmailhtml - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls" = karna.dat-20 WinNT
>File not found --
>File not found --

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}" (HKLM) -- C:\Program Files\SpywareGuard\spywareguard.dll ()

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/02/08 20:56:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[2165/10/22 21:02:48 | 00,000,000 | ---D | C] -- C:\SDFix
[2165/10/22 21:00:17 | 01,554,567 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SDFix.exe
[2165/10/22 21:00:05 | 00,418,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe
[2165/10/22 20:57:56 | 00,418,816 | ---- | C] (OldTimer Tools) -- C:\OTListIt.exe
[2165/10/22 20:57:55 | 01,554,567 | ---- | C] () -- C:\SDFix.exe
[2165/10/21 23:42:45 | 00,000,128 | ---- | C] () -- C:\WINDOWS\System32\perf.dat
[2165/10/21 23:20:21 | 04,758,201 | ---- | C] () -- C:\WINDOWS\System32\ahnszhs.szd
[2165/10/21 23:20:21 | 02,908,259 | ---- | C] () -- C:\WINDOWS\System32\ahnszns.szd
[2165/10/21 23:20:21 | 00,070,528 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2165/10/21 23:20:20 | 05,590,351 | ---- | C] () -- C:\WINDOWS\System32\ahnszds.szd
[2165/10/21 22:57:44 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\xp-AntiSpy.lnk
[2165/10/21 22:57:43 | 00,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy
[2165/10/21 22:21:54 | 01,525,632 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2165/10/21 22:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AhnLab
[2165/10/21 22:14:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Malwarebytes
[2165/10/21 22:14:41 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2165/10/21 22:14:41 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2165/10/21 22:14:38 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2165/10/21 22:14:37 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2165/10/21 22:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2165/10/21 21:29:52 | 00,077,921 | ---- | C] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2165/10/21 21:27:48 | 00,000,000 | ---D | C] -- C:\Program Files\AhnLab
[2165/10/21 21:03:51 | 00,003,284 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCS{D5D1A8DA-1241-4F48-A176-10938E85BD9B}
[2165/10/21 19:44:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
[2165/10/21 19:00:46 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareBlaster.lnk
[2165/10/21 19:00:45 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2165/10/21 18:59:12 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard LiveUpdate.lnk
[2165/10/21 18:59:12 | 00,000,650 | ---- | C] () -- C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk
[2165/10/21 18:59:12 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard.lnk
[2165/10/21 18:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2165/10/21 18:47:13 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Watch.lnk
[2165/10/21 18:47:13 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2165/10/21 18:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2165/10/21 18:46:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2165/10/21 18:44:10 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2165/10/20 23:08:40 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2165/10/20 23:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2165/10/20 22:45:55 | 00,002,832 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2165/10/20 22:45:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Bureau\SmitfraudFix
[2008/10/20 19:02:36 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\CCleaner.lnk
[2008/10/20 19:02:36 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/10/20 17:49:17 | 00,020,840 | ---- | C] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/19 17:15:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2008/10/19 17:14:40 | 00,130,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/19 15:34:18 | 01,568,275 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\fsdiag.tar.gz
[2008/10/19 15:32:28 | 00,018,572 | ---- | C] () -- C:\WINDOWS\sodegis.db
[2008/10/19 15:32:28 | 00,017,855 | ---- | C] () -- C:\WINDOWS\mujuruvap.reg
[2008/10/19 15:32:28 | 00,017,260 | ---- | C] () -- C:\WINDOWS\ejuhubada.dl
[2008/10/19 15:32:28 | 00,014,852 | ---- | C] () -- C:\WINDOWS\aqakykyxit.db
[2008/10/19 15:32:27 | 00,015,575 | ---- | C] () -- C:\WINDOWS\icikygite.inf
[2008/10/19 15:19:48 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSmtyl.dat
[2008/10/18 19:14:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/10/18 19:13:36 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Macrovision Shared
[2008/10/18 19:12:50 | 00,000,844 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Photoshop Elements 6.0.lnk
[2008/10/18 12:04:00 | 00,000,000 | ---D | C] -- C:\Nathan Vacances CP
[2008/10/17 20:47:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\OpenOffice.org
[2008/10/17 20:33:13 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.0.lnk
[2008/10/17 20:28:44 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2008/10/17 20:28:07 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2008/10/17 20:17:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Bureau\OpenOffice.org 3.0 (fr) Installation Files
[2008/10/13 17:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Yahoo!
[2008/10/13 17:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2008/10/11 20:48:09 | 00,000,886 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\EMPLOI DU TEMPS CAMILLE.ods.lnk
[2008/10/10 19:37:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Logitech
[2008/10/10 19:37:06 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\LogiShared
[2008/10/10 19:36:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/10/10 19:36:51 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2008/10/10 19:36:40 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/10/10 19:36:35 | 00,002,074 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
[2008/10/10 19:36:30 | 00,127,034 | R--- | C] (BackWeb Technologies Inc. ) -- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
[2008/10/10 19:35:07 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2008/10/10 19:34:55 | 00,001,681 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Paramètres de la souris et du clavier Logitech.lnk
[2008/10/10 19:34:30 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2008/10/10 19:34:29 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/10/10 19:33:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/10/10 19:33:36 | 00,036,112 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LMouFilt.Sys
[2008/10/10 19:33:35 | 01,419,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01005.dll
[2008/10/10 19:33:35 | 00,034,832 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidFilt.Sys
[2008/10/10 19:33:12 | 00,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
[2008/10/10 19:32:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008/10/10 19:32:46 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2008/10/10 19:32:41 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Logitech
[2008/10/10 19:31:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008/10/10 19:29:46 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2008/10/10 19:29:46 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2008/10/10 19:29:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2008/10/10 19:29:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2008/10/01 12:47:49 | 00,000,667 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\Dofus.lnk
[2008/10/01 12:47:49 | 00,000,000 | ---D | C] -- C:\Program Files\Dofus
[2008/09/30 07:54:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008/09/25 18:35:17 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/09/25 18:35:16 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/09/25 18:35:16 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008/09/25 18:25:43 | 00,000,000 | ---D | C] -- C:\coktel


========== Files - Modified Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2165/10/21 23:42:45 | 00,000,128 | ---- | M] () -- C:\WINDOWS\System32\perf.dat
[2165/10/21 22:57:44 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\xp-AntiSpy.lnk
[2165/10/21 22:14:41 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2165/10/21 21:29:52 | 00,077,921 | ---- | M] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2165/10/21 21:04:30 | 00,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{D5D1A8DA-1241-4F48-A176-10938E85BD9B}
[2165/10/21 21:03:39 | 00,000,844 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2165/10/21 20:27:53 | 00,000,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2165/10/21 19:00:46 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareBlaster.lnk
[2165/10/21 18:59:12 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard LiveUpdate.lnk
[2165/10/21 18:59:12 | 00,000,650 | ---- | M] () -- C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk
[2165/10/21 18:59:12 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard.lnk
[2165/10/21 18:47:13 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Watch.lnk
[2165/10/21 18:47:13 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2165/10/20 23:08:40 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2165/10/20 22:45:56 | 00,002,832 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2165/10/20 21:45:13 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Safari.lnk
[2165/10/20 20:46:42 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2165/10/20 20:46:42 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2165/10/20 20:46:42 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2008/10/25 01:03:00 | 00,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2008/10/25 00:38:09 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/10/22 20:49:28 | 01,554,567 | ---- | M] () -- C:\SDFix.exe
[2008/10/22 20:49:28 | 01,554,567 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SDFix.exe
[2008/10/22 20:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\OTListIt.exe
[2008/10/22 20:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe
[2008/10/22 01:14:00 | 01,525,632 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2008/10/21 19:20:00 | 04,758,201 | ---- | M] () -- C:\WINDOWS\System32\ahnszhs.szd
[2008/10/21 19:16:00 | 05,590,351 | ---- | M] () -- C:\WINDOWS\System32\ahnszds.szd
[2008/10/21 19:15:00 | 02,908,259 | ---- | M] () -- C:\WINDOWS\System32\ahnszns.szd
[2008/10/20 23:11:00 | 00,070,528 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2008/10/20 19:02:36 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\CCleaner.lnk
[2008/10/20 17:49:17 | 00,020,840 | ---- | M] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/19 17:14:40 | 00,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/19 15:34:18 | 01,568,275 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\fsdiag.tar.gz
[2008/10/19 15:32:28 | 00,018,572 | ---- | M] () -- C:\WINDOWS\sodegis.db
[2008/10/19 15:32:28 | 00,017,855 | ---- | M] () -- C:\WINDOWS\mujuruvap.reg
[2008/10/19 15:32:28 | 00,017,260 | ---- | M] () -- C:\WINDOWS\ejuhubada.dl
[2008/10/19 15:32:28 | 00,014,852 | ---- | M] () -- C:\WINDOWS\aqakykyxit.db
[2008/10/19 15:32:27 | 00,015,575 | ---- | M] () -- C:\WINDOWS\icikygite.inf
[2008/10/19 15:19:48 | 00,000,164 | ---- | M] () -- C:\WINDOWS\System32\TDSSmtyl.dat
[2008/10/19 14:27:17 | 00,002,405 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Pando.lnk
[2008/10/18 19:12:51 | 00,000,844 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Photoshop Elements 6.0.lnk
[2008/10/18 19:02:44 | 00,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/18 11:25:32 | 00,000,577 | ---- | M] () -- C:\Documents and Settings\Les parents\Mes documents\Mes dossiers de partage.lnk
[2008/10/17 20:33:13 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.0.lnk
[2008/10/16 20:25:46 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/16 20:25:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/14 19:01:14 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/10/11 20:47:38 | 00,000,886 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\EMPLOI DU TEMPS CAMILLE.ods.lnk
[2008/10/10 19:36:36 | 00,002,074 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
[2008/10/10 19:36:28 | 00,127,034 | R--- | M] (BackWeb Technologies Inc. ) -- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
[2008/10/10 19:35:07 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2008/10/10 19:34:55 | 00,001,681 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Paramètres de la souris et du clavier Logitech.lnk
[2008/10/10 19:34:30 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2008/10/10 19:34:29 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/10/10 19:33:12 | 00,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
[2008/10/07 21:19:40 | 16,721,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/10/04 12:31:49 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/03 19:12:27 | 06,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2008/10/03 19:12:27 | 06,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/10/02 20:56:33 | 02,107,620 | -H-- | M] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\IconCache.db
[2008/10/01 12:47:49 | 00,000,667 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\Dofus.lnk
[2008/09/25 18:35:17 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/09/25 18:35:16 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/09/25 18:35:16 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll

<End>
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede alto » 25 Oct 2008, 00:23

Re-bonsoir,

Ci-joint le deuxième rapport...


OTListIt Extras logfile created on: 25/10/2008 01:10:14 - Run 2
OTListIt by OldTimer - Version 1.0.10.0 Folder = C:\Documents and Settings\Les parents\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,25 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 63,82% Memory free
2,98 Gb Paging File | 2,56 Gb Available in Paging File | 85,68% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 20,86 Gb Free Space | 28,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PLESSIX-1
Current User Name: Les parents
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2006/10/10 14:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2008/10/10 19:36:32 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/10/10 14:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007/10/02 18:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
[2008/06/02 17:02:54 | 06,210,888 | ---- | M] (Pando Networks) -- C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application
[2008/02/15 23:09:01 | 00,219,952 | ---- | M] () -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
[2007/09/19 05:33:46 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
[2008/05/01 22:51:34 | 02,292,816 | ---- | M] () -- C:\Program Files\Jaman Player\jamdownloader.exe:*:Enabled:Jaman Downloader
[2008/05/01 22:54:12 | 00,181,760 | ---- | M] (Caphyon LTD) -- C:\Program Files\Jaman Player\jaman-updater.exe:*:Enabled:Jaman Updater
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/09/10 17:39:54 | 14,228,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008/10/10 19:36:32 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0003040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}" = Windows Live Toolbar
"{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar)
"{0EA44599-1E9D-4517-A088-9588A9FAB211}" = AirPlus G
"{0EB97A1E-5F3D-4A21-9EA6-C859930A0A2E}" = F-Secure Client Security
"{1237A07B-DE5C-4DC4-9CE9-6DD5453BC3F5}" = SA31xx Device Manager & Media Converter
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20E03939-AF6C-4c9a-8D77-F2D15B315A7D}" = AhnLab SpyZero
"{2B0DF4DE-05FE-11D8-B671-00C04F4351FF}" = Taxi 2
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33565C22-2E44-4B36-9147-23912E838F81}" = Wireless Audio Device Manager
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3677FD57-D0DE-47CD-942E-99913D04C135}" = Windows Live OneCare Contrôle parental
"{3DFF4274-EBB0-4356-9692-972965018954}" = Windows Live Writer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5713F069-610A-11D6-9103-00E029591716}" = Brother MFL-Pro Suite
"{577B1B8C-ADB1-11D5-9C7E-0003476D4878}" = Action Man Destruction X (mini-game)
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63C606CE-567E-4CB0-82F4-97E2EAE326A9}" = Jaman Player
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6645FC20-C4CD-11D5-B5A0-0050DA208A93}" = ArcSoft PhotoPrinter 4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Panneau de configuration MobileMe
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar)
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A70FA218-6598-4AC9-813D-63597C5DD068}" = Galerie de photos Windows Live
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}" = PaperPort 8.0 SE
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}" = Pando
"{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD4C3C09-6EE6-4BFB-A0CA-AD80CE71A6D7}" = Fort Boyard - le Jeu
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBA288D1-2ACE-11D6-B2F7-0002A5E32BEF}" = Démo de Disney Peter Pan Aventures au Pays Imaginaire
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E572B060-C98B-4984-A48E-E4FA56265903}" = SA31xx Device Manager & Media Converter
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E87DA9F9-AA68-4E37-8816-3348A079FAB9}" = Totally Spies, le blues du monstre
"{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}" = VirginMega.Fr Premium
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0CFDC72-63D2-4086-A54F-1514494394A0}" = Hercules DualPix HD Webcam
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"Adibou V.3.00 on C" = Adibou V.3.00 on C
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"AhnLab MyV3" = AhnLab MyV3
"AhnLab Smart Update i" = AhnLab Smart Update i
"Astase UltraBackup 2007_is1" = Astase UltraBackup 2007
"Astase UltraBackup_is1" = UltraBackup 4.26
"Clue" = Clue
"CobBackup8" = Cobian Backup 8
"Dofus 1.25.0" = Dofus 1.25.0
"Enjoy 6e" = Enjoy 6e
"FPFarm" = La Petite Famille à la ferme
"FreeAngel_is1" = FreeAngel version 0.85
"F-Secure Anti-Virus" = F-Secure Client Security - Protection virus et logiciels espions
"F-Secure E-mail Scanning" = F-Secure Anti-Virus Client Security - Analyse courrier élect.
"F-Secure HIPS" = F-Secure Client Security - Contrôle du système
"F-Secure Internet Shield" = F-Secure Client Security - Protection Internet
"F-Secure Protocol Scanner" = F-Secure Client Security - Analyse du trafic Web
"Furnish Pro" = Furnish Pro
"Heart Of Darkness - Mini-Jeu" = Heart Of Darkness - Mini-Jeu
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{0EA44599-1E9D-4517-A088-9588A9FAB211}" = AirPlus G
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.7.5 Full
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.3)" = Mozilla Firefox (3.0.3)
"Mozilla Thunderbird (2.0.0.17)" = Mozilla Thunderbird (2.0.0.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NATHAN Vacances CP V.1.00 (C:)" = NATHAN Vacances CP V.1.00 (C:)
"Navilog1_is1" = Navilog1 3.6.6
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pharaon" = Pharaon
"Philips Media Manager 3.3.12.0004" = Philips Media Manager 3.3.12.0004
"pkdx2_is4.0.10_is1" = Pkd-X 2
"Quick Zip_is1" = Quick Zip 4.60.019
"Sethi et la couronne d'Egypte" = Sethi et la couronne d'Egypte
"SmartShopper" = SmartShopper
"SpywareBlaster_is1" = SpywareBlaster 4.1
"SpywareGuard_is1" = SpywareGuard v2.2
"Tomb Raider II" = Tomb Raider II
"Tomb Raider: Legend" = Tomb Raider: Legend 1.0
"TUGZip_is1" = TUGZip 3.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wormux" = Wormux (remove only)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/10/2008 16:41:28 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 156 2008-10-24 22:41:28+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of com/sun/jndi/toolkit/ctx/AtomicDirContext.class
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 16:52:46 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 157 2008-10-24 22:52:46+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Sauvegarde Claire\07 juillet
20h 29m\Sauvegarde.zip\DONNEE\dossier_support.mdb was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 24/10/2008 16:52:46 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 158 2008-10-24 22:52:46+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of DONNEE/eg2000.css was aborted due to exceeded scanning
time limit. The file may be in use or reading it was too slow (e.g. network connection
was under stress).

Error - 24/10/2008 18:50:36 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 159 2008-10-25 00:49:16+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Program Files\F-Secure\FSAUA\subscriptions\avh_libradb
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:03 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 160 2008-10-25 00:49:18+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Documents and Settings\Les
parents\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\sessionstore-1.js
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:03 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 161 2008-10-25 00:49:50+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Documents and Settings\Les
parents\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\sessionstore-1.js
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:04 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 162 2008-10-25 00:49:53+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Program Files\F-Secure\common\ALERTS\a8572.tmp
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:05 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 163 2008-10-25 00:50:36+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\EmbeddedThalliumBackup\thserver\logfiles\servicelog.log
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:05 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 164 2008-10-25 00:50:38+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Program Files\F-Secure\common\ALERTS\a8592.tmp
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 24/10/2008 18:51:08 | Computer Name = PLESSIX-1 | Source = F-Secure Anti-Virus | ID = 103
Description = 165 2008-10-25 00:50:41+02:00 plessix-1 PLESSIX-1\Les parents
F-Secure Anti-Virus Scanning of \Device\HarddiskVolume1\Documents and Settings\Les
parents\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\sessionstore-1.js
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

[ System Events ]
Error - 02/03/1999 11:26:26 | Computer Name = PLESSIX-1 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Beep

Error - 02/03/1999 11:53:11 | Computer Name = PLESSIX-1 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Beep

Error - 02/03/1999 15:12:35 | Computer Name = PLESSIX-1 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Beep

Error - 02/03/1999 15:18:59 | Computer Name = PLESSIX-1 | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 0013468AEA85. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).

Error - 02/03/1999 15:20:43 | Computer Name = PLESSIX-1 | Source = Print | ID = 6161
Description = Impossible d'imprimer le document Invités appartenant à Les parents
sur l'imprimante Brother MFC-4820C USB Printer. Type de données : NT EMF 1.008.
Taille du fichier spoule en octets : 25736. Nombre d'octets imprimés : 0. Nombre
de pages dans le document : 1. Nombre de pages imprimées : 0. Ordinateur client
: \\PLESSIX-1. Le code d'erreur Win32 renvoyé par le processeur d'impression était
: 2 (0x2).

Error - 24/10/2008 03:18:42 | Computer Name = PLESSIX-1 | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.4 sur
la carte réseau d'adresse réseau 0013468AEA85.

Error - 24/10/2008 10:40:20 | Computer Name = PLESSIX-1 | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 0013468AEA85. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).

Error - 24/10/2008 12:21:04 | Computer Name = PLESSIX-1 | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 0013468AEA85. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).

Error - 24/10/2008 12:37:56 | Computer Name = PLESSIX-1 | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 0013468AEA85. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).

Error - 24/10/2008 14:01:10 | Computer Name = PLESSIX-1 | Source = F-Secure Gatekeeper | ID = 327681
Description =


<End>

**************************

Encore Merci....
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 44 invités

cron