Pb avec Internet Explorer 7.0

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede Dawoued73 » 23 Fév 2009, 10:14

rapport de SystemLook

SystemLook v1.0 by jpshortstuff (11.02.09)
Log created at 10:11 on 23/02/2009 by Administrateur (Administrator - Elevation successful)

========== dir ==========

C:\WINDOWS - Parameters: "/nbrastk*.* "

---Files---
None found.

---Folders---
$hf_mig$ d--h-- <16>
$MSI31Uninstall_KB893803$ d--h-c <17>
$MSI31Uninstall_KB893803v2$ d--h-c <18>
$NtServicePackUninstall$ d--h-c <07>
$NtServicePackUninstallIDNMitigationAPIs$ d--h-c <09>
$NtServicePackUninstallNLSDownlevelMapping$ d--h-c <09>
$NtUninstallKB314405$ d--h-- <16>
$NtUninstallKB810217$ d--h-- <16>
$NtUninstallKB817611$ d--h-- <16>
$NtUninstallKB822827$ d--h-- <16>
$NtUninstallKB823182$ d--h-- <16>
$NtUninstallKB824105$ d--h-- <16>
$NtUninstallKB824141$ d--h-- <16>
$NtUninstallKB824146$ d--h-- <16>
$NtUninstallKB825119$ d--h-- <16>
$NtUninstallKB826939$ d--h-- <16>
$NtUninstallKB826959$ d--h-- <16>
$NtUninstallKB828028$ d--h-- <16>
$NtUninstallKB828035$ d--h-- <16>
$NtUninstallKB828741$ d--h-- <16>
$NtUninstallKB834707$ d--h-c <16>
$NtUninstallKB835732$ d--h-- <16>
$NtUninstallKB867282$ d--h-c <18>
$NtUninstallKB873333$ d--h-c <18>
$NtUninstallKB873339$ d--h-c <19>
$NtUninstallKB883939$ d--h-c <19>
$NtUninstallKB885250$ d--h-c <18>
$NtUninstallKB885835$ d--h-c <19>
$NtUninstallKB885836$ d--h-c <19>
$NtUninstallKB885884$ d--h-c <18>
$NtUninstallKB886185$ d--h-c <19>
$NtUninstallKB887472$ d--h-c <18>
$NtUninstallKB887742$ d--h-c <18>
$NtUninstallKB888113$ d--h-c <18>
$NtUninstallKB888302$ d--h-c <18>
$NtUninstallKB890046$ d--h-c <19>
$NtUninstallKB890047$ d--h-c <18>
$NtUninstallKB890175$ d--h-c <18>
$NtUninstallKB890859$ d--h-c <17>
$NtUninstallKB890923$ d--h-c <17>
$NtUninstallKB891781$ d--h-c <18>
$NtUninstallKB893066$ d--h-c <17>
$NtUninstallKB893086$ d--h-c <17>
$NtUninstallKB893756$ d--h-c <06>
$NtUninstallKB894391$ d--h-c <06>
$NtUninstallKB896358$ d--h-c <19>
$NtUninstallKB896422$ d--h-c <19>
$NtUninstallKB896423$ d--h-c <06>
$NtUninstallKB896424$ d--h-c <14>
$NtUninstallKB896428$ d--h-c <19>
$NtUninstallKB896688$ d--h-c <18>
$NtUninstallKB896727$ d--h-c <06>
$NtUninstallKB898458$ d--h-c <19>
$NtUninstallKB898461$ d--h-c <18>
$NtUninstallKB899587$ d--h-c <06>
$NtUninstallKB899588$ d--h-c <06>
$NtUninstallKB899589$ d--h-c <18>
$NtUninstallKB899591$ d--h-c <06>
$NtUninstallKB900485$ d--h-c <05>
$NtUninstallKB900725$ d--h-c <18>
$NtUninstallKB901017$ d--h-c <18>
$NtUninstallKB901214$ d--h-c <17>
$NtUninstallKB902400$ d--h-c <18>
$NtUninstallKB903235$ d--h-c <17>
$NtUninstallKB904706$ d--h-c <18>
$NtUninstallKB904942$ d--h-c <09>
$NtUninstallKB905414$ d--h-c <18>
$NtUninstallKB905749$ d--h-c <18>
$NtUninstallKB905915$ d--h-c <19>
$NtUninstallKB908519$ d--h-c <17>
$NtUninstallKB908531$ d--h-c <16>
$NtUninstallKB910437$ d--h-c <19>
$NtUninstallKB911280$ d--h-c <17>
$NtUninstallKB911562$ d--h-c <16>
$NtUninstallKB911564$ d--h-c <06>
$NtUninstallKB911565$ d--h-c <06>
$NtUninstallKB911567$ d--h-c <16>
$NtUninstallKB911927$ d--h-c <06>
$NtUninstallKB912812$ d--h-c <16>
$NtUninstallKB912919$ d--h-c <18>
$NtUninstallKB913446$ d--h-c <06>
$NtUninstallKB913580$ d--h-c <17>
$NtUninstallKB914388$ d--h-c <16>
$NtUninstallKB914389$ d--h-c <17>
$NtUninstallKB914440$ d--h-c <09>
$NtUninstallKB915865$ d--h-c <09>
$NtUninstallKB916281$ d--h-c <17>
$NtUninstallKB916595$ d--h-c <16>
$NtUninstallKB917159$ d--h-c <16>
$NtUninstallKB917344$ d--h-c <17>
$NtUninstallKB917422$ d--h-c <16>
$NtUninstallKB917734_WMP9$ d--h-c <17>
$NtUninstallKB917953$ d--h-c <17>
$NtUninstallKB918118$ d--h-c <07>
$NtUninstallKB918439$ d--h-c <17>
$NtUninstallKB918899$ d--h-c <16>
$NtUninstallKB919007$ d--h-c <17>
$NtUninstallKB920213$ d--h-c <09>
$NtUninstallKB920213_0$ d--h-c <18>
$NtUninstallKB920214$ d--h-c <17>
$NtUninstallKB920670$ d--h-c <16>
$NtUninstallKB920683$ d--h-c <16>
$NtUninstallKB920685$ d--h-c <17>
$NtUninstallKB920872$ d--h-c <17>
$NtUninstallKB921398$ d--h-c <16>
$NtUninstallKB921503$ d--h-c <16>
$NtUninstallKB921883$ d--h-c <17>
$NtUninstallKB922582$ d--h-c <17>
$NtUninstallKB922616$ d--h-c <17>
$NtUninstallKB922760$ d--h-c <18>
$NtUninstallKB922819$ d--h-c <10>
$NtUninstallKB923191$ d--h-c <10>
$NtUninstallKB923414$ d--h-c <10>
$NtUninstallKB923689$ d--h-c <17>
$NtUninstallKB923694$ d--h-c <17>
$NtUninstallKB923723$ d--h-c <07>
$NtUninstallKB923980$ d--h-c <18>
$NtUninstallKB924191$ d--h-c <10>
$NtUninstallKB924270$ d--h-c <18>
$NtUninstallKB924496$ d--h-c <10>
$NtUninstallKB924667$ d--h-c <07>
$NtUninstallKB925398_WMP64$ d--h-c <17>
$NtUninstallKB925486$ d--h-c <16>
$NtUninstallKB925902$ d--h-c <10>
$NtUninstallKB926255$ d--h-c <17>
$NtUninstallKB926436$ d--h-c <07>
$NtUninstallKB927779$ d--h-c <07>
$NtUninstallKB927802$ d--h-c <07>
$NtUninstallKB927891$ d--h-c <17>
$NtUninstallKB928255$ d--h-c <07>
$NtUninstallKB928843$ d--h-c <07>
$NtUninstallKB929123$ d--h-c <18>
$NtUninstallKB929338$ d--h-c <07>
$NtUninstallKB930178$ d--h-c <16>
$NtUninstallKB930916$ d--h-c <10>
$NtUninstallKB931261$ d--h-c <16>
$NtUninstallKB931784$ d--h-c <16>
$NtUninstallKB931836$ d--h-c <07>
$NtUninstallKB932168$ d--h-c <16>
$NtUninstallKB932823-v3$ d--h-c <17>
$NtUninstallKB933360$ d--h-c <16>
$NtUninstallKB933729$ d--h-c <10>
$NtUninstallKB935839$ d--h-c <18>
$NtUninstallKB935840$ d--h-c <18>
$NtUninstallKB936021$ d--h-c <16>
$NtUninstallKB936357$ d--h-c <16>
$NtUninstallKB936782_WMP9$ d--h-c <16>
$NtUninstallKB937894$ d--h-c <11>
$NtUninstallKB938464$ d--h-c <07>
$NtUninstallKB938464_0$ d--h-c <10>
$NtUninstallKB938828$ d--h-c <16>
$NtUninstallKB938829$ d--h-c <16>
$NtUninstallKB941202$ d--h-c <10>
$NtUninstallKB941568$ d--h-c <11>
$NtUninstallKB941569$ d--h-c <11>
$NtUninstallKB941644$ d--h-c <18>
$NtUninstallKB941693$ d--h-c <07>
$NtUninstallKB942763$ d--h-c <11>
$NtUninstallKB943055$ d--h-c <18>
$NtUninstallKB943460$ d--h-c <11>
$NtUninstallKB943485$ d--h-c <18>
$NtUninstallKB944653$ d--h-c <11>
$NtUninstallKB945553$ d--h-c <07>
$NtUninstallKB946026$ d--h-c <18>
$NtUninstallKB946648$ d--h-c <07>
$NtUninstallKB946648_0$ d--h-c <18>
$NtUninstallKB948590$ d--h-c <07>
$NtUninstallKB948881$ d--h-c <07>
$NtUninstallKB950749$ d--h-c <16>
$NtUninstallKB950760$ d--h-c <17>
$NtUninstallKB950762$ d--h-c <07>
$NtUninstallKB950762_0$ d--h-c <17>
$NtUninstallKB950974$ d--h-c <07>
$NtUninstallKB950974_0$ d--h-c <18>
$NtUninstallKB951066$ d--h-c <07>
$NtUninstallKB951066_0$ d--h-c <17>
$NtUninstallKB951072-v2$ d--h-c <17>
$NtUninstallKB951376$ d--h-c <07>
$NtUninstallKB951376-v2$ d--h-c <07>
$NtUninstallKB951376-v2_0$ d--h-c <17>
$NtUninstallKB951376_0$ d--h-c <17>
$NtUninstallKB951698$ d--h-c <07>
$NtUninstallKB951698_0$ d--h-c <17>
$NtUninstallKB951748$ d--h-c <07>
$NtUninstallKB951748_0$ d--h-c <08>
$NtUninstallKB951978$ d--h-c <16>
$NtUninstallKB952069_WM9$ d--h-c <18>
$NtUninstallKB952287$ d--h-c <07>
$NtUninstallKB952287_0$ d--h-c <17>
$NtUninstallKB952954$ d--h-c <07>
$NtUninstallKB952954_0$ d--h-c <18>
$NtUninstallKB953839$ d--h-c <18>
$NtUninstallKB954211$ d--h-c <16>
$NtUninstallKB954459$ d--h-c <19>
$NtUninstallKB954600$ d--h-c <18>
$NtUninstallKB955069$ d--h-c <19>
$NtUninstallKB955839$ d--h-c <18>
$NtUninstallKB956391$ d--h-c <16>
$NtUninstallKB956802$ d--h-c <18>
$NtUninstallKB956803$ d--h-c <16>
$NtUninstallKB956841$ d--h-c <16>
$NtUninstallKB957095$ d--h-c <16>
$NtUninstallKB957097$ d--h-c <19>
$NtUninstallKB958644$ d--h-c <17>
$NtUninstallKB958687$ d--h-c <19>
$NtUninstallQ329390$ d--h-- <16>
$NtUninstallQ331060$ d--h-- <16>
addins d----- <16>
AppPatch d----- <16>
Config d----- <16>
Connection Wizard d----- <16>
CSC d--hs- <07>
Cursors d----- <16>
Debug d----- <16>
Downloaded Installations d----- <08>
Downloaded Program Files d---s- <16>
Driver Cache d----- <16>
EHome d----- <07>
Fonts dr--s- <16>
Help d----- <16>
ie7 d--h-c <09>
ie7updates d----- <09>
ime d----- <16>
inf d--h-- <16>
Installer d--hs- <16>
java d----- <16>
l2schemas d----- <06>
Media d----- <16>
Minidump d----- <15>
msagent d----- <16>
msdownld.tmp d--h-- <07>
mui d----- <16>
network diagnostic d----- <09>
Notices d----- <12>
Offline Web Pages dr---- <16>
PCHealth d----- <16>
peernet d----- <07>
Prefetch d----- <07>
provisioning d----- <07>
RegisteredPackages d----- <16>
Registration d----- <16>
repair d----- <16>
Resources d----- <16>
SchCache d----- <09>
security d----- <16>
ServicePackFiles d----- <07>
ShellNew d----- <10>
SoftwareDistribution d----- <07>
srchasst d----- <16>
STRADA d----- <08>
Sun d----- <07>
system d----- <16>
system32 d----- <16>
Tasks d---s- <16>
Temp d----- <16>
twain_32 d----- <16>
WBEM d----- <09>
Web dr---- <16>
WinSxS d----- <16>

C:\WINDOWS - Parameters: "/nkarna*.* "

---Files---
None found.

---Folders---
$hf_mig$ d--h-- <16>
$MSI31Uninstall_KB893803$ d--h-c <17>
$MSI31Uninstall_KB893803v2$ d--h-c <18>
$NtServicePackUninstall$ d--h-c <07>
$NtServicePackUninstallIDNMitigationAPIs$ d--h-c <09>
$NtServicePackUninstallNLSDownlevelMapping$ d--h-c <09>
$NtUninstallKB314405$ d--h-- <16>
$NtUninstallKB810217$ d--h-- <16>
$NtUninstallKB817611$ d--h-- <16>
$NtUninstallKB822827$ d--h-- <16>
$NtUninstallKB823182$ d--h-- <16>
$NtUninstallKB824105$ d--h-- <16>
$NtUninstallKB824141$ d--h-- <16>
$NtUninstallKB824146$ d--h-- <16>
$NtUninstallKB825119$ d--h-- <16>
$NtUninstallKB826939$ d--h-- <16>
$NtUninstallKB826959$ d--h-- <16>
$NtUninstallKB828028$ d--h-- <16>
$NtUninstallKB828035$ d--h-- <16>
$NtUninstallKB828741$ d--h-- <16>
$NtUninstallKB834707$ d--h-c <16>
$NtUninstallKB835732$ d--h-- <16>
$NtUninstallKB867282$ d--h-c <18>
$NtUninstallKB873333$ d--h-c <18>
$NtUninstallKB873339$ d--h-c <19>
$NtUninstallKB883939$ d--h-c <19>
$NtUninstallKB885250$ d--h-c <18>
$NtUninstallKB885835$ d--h-c <19>
$NtUninstallKB885836$ d--h-c <19>
$NtUninstallKB885884$ d--h-c <18>
$NtUninstallKB886185$ d--h-c <19>
$NtUninstallKB887472$ d--h-c <18>
$NtUninstallKB887742$ d--h-c <18>
$NtUninstallKB888113$ d--h-c <18>
$NtUninstallKB888302$ d--h-c <18>
$NtUninstallKB890046$ d--h-c <19>
$NtUninstallKB890047$ d--h-c <18>
$NtUninstallKB890175$ d--h-c <18>
$NtUninstallKB890859$ d--h-c <17>
$NtUninstallKB890923$ d--h-c <17>
$NtUninstallKB891781$ d--h-c <18>
$NtUninstallKB893066$ d--h-c <17>
$NtUninstallKB893086$ d--h-c <17>
$NtUninstallKB893756$ d--h-c <06>
$NtUninstallKB894391$ d--h-c <06>
$NtUninstallKB896358$ d--h-c <19>
$NtUninstallKB896422$ d--h-c <19>
$NtUninstallKB896423$ d--h-c <06>
$NtUninstallKB896424$ d--h-c <14>
$NtUninstallKB896428$ d--h-c <19>
$NtUninstallKB896688$ d--h-c <18>
$NtUninstallKB896727$ d--h-c <06>
$NtUninstallKB898458$ d--h-c <19>
$NtUninstallKB898461$ d--h-c <18>
$NtUninstallKB899587$ d--h-c <06>
$NtUninstallKB899588$ d--h-c <06>
$NtUninstallKB899589$ d--h-c <18>
$NtUninstallKB899591$ d--h-c <06>
$NtUninstallKB900485$ d--h-c <05>
$NtUninstallKB900725$ d--h-c <18>
$NtUninstallKB901017$ d--h-c <18>
$NtUninstallKB901214$ d--h-c <17>
$NtUninstallKB902400$ d--h-c <18>
$NtUninstallKB903235$ d--h-c <17>
$NtUninstallKB904706$ d--h-c <18>
$NtUninstallKB904942$ d--h-c <09>
$NtUninstallKB905414$ d--h-c <18>
$NtUninstallKB905749$ d--h-c <18>
$NtUninstallKB905915$ d--h-c <19>
$NtUninstallKB908519$ d--h-c <17>
$NtUninstallKB908531$ d--h-c <16>
$NtUninstallKB910437$ d--h-c <19>
$NtUninstallKB911280$ d--h-c <17>
$NtUninstallKB911562$ d--h-c <16>
$NtUninstallKB911564$ d--h-c <06>
$NtUninstallKB911565$ d--h-c <06>
$NtUninstallKB911567$ d--h-c <16>
$NtUninstallKB911927$ d--h-c <06>
$NtUninstallKB912812$ d--h-c <16>
$NtUninstallKB912919$ d--h-c <18>
$NtUninstallKB913446$ d--h-c <06>
$NtUninstallKB913580$ d--h-c <17>
$NtUninstallKB914388$ d--h-c <16>
$NtUninstallKB914389$ d--h-c <17>
$NtUninstallKB914440$ d--h-c <09>
$NtUninstallKB915865$ d--h-c <09>
$NtUninstallKB916281$ d--h-c <17>
$NtUninstallKB916595$ d--h-c <16>
$NtUninstallKB917159$ d--h-c <16>
$NtUninstallKB917344$ d--h-c <17>
$NtUninstallKB917422$ d--h-c <16>
$NtUninstallKB917734_WMP9$ d--h-c <17>
$NtUninstallKB917953$ d--h-c <17>
$NtUninstallKB918118$ d--h-c <07>
$NtUninstallKB918439$ d--h-c <17>
$NtUninstallKB918899$ d--h-c <16>
$NtUninstallKB919007$ d--h-c <17>
$NtUninstallKB920213$ d--h-c <09>
$NtUninstallKB920213_0$ d--h-c <18>
$NtUninstallKB920214$ d--h-c <17>
$NtUninstallKB920670$ d--h-c <16>
$NtUninstallKB920683$ d--h-c <16>
$NtUninstallKB920685$ d--h-c <17>
$NtUninstallKB920872$ d--h-c <17>
$NtUninstallKB921398$ d--h-c <16>
$NtUninstallKB921503$ d--h-c <16>
$NtUninstallKB921883$ d--h-c <17>
$NtUninstallKB922582$ d--h-c <17>
$NtUninstallKB922616$ d--h-c <17>
$NtUninstallKB922760$ d--h-c <18>
$NtUninstallKB922819$ d--h-c <10>
$NtUninstallKB923191$ d--h-c <10>
$NtUninstallKB923414$ d--h-c <10>
$NtUninstallKB923689$ d--h-c <17>
$NtUninstallKB923694$ d--h-c <17>
$NtUninstallKB923723$ d--h-c <07>
$NtUninstallKB923980$ d--h-c <18>
$NtUninstallKB924191$ d--h-c <10>
$NtUninstallKB924270$ d--h-c <18>
$NtUninstallKB924496$ d--h-c <10>
$NtUninstallKB924667$ d--h-c <07>
$NtUninstallKB925398_WMP64$ d--h-c <17>
$NtUninstallKB925486$ d--h-c <16>
$NtUninstallKB925902$ d--h-c <10>
$NtUninstallKB926255$ d--h-c <17>
$NtUninstallKB926436$ d--h-c <07>
$NtUninstallKB927779$ d--h-c <07>
$NtUninstallKB927802$ d--h-c <07>
$NtUninstallKB927891$ d--h-c <17>
$NtUninstallKB928255$ d--h-c <07>
$NtUninstallKB928843$ d--h-c <07>
$NtUninstallKB929123$ d--h-c <18>
$NtUninstallKB929338$ d--h-c <07>
$NtUninstallKB930178$ d--h-c <16>
$NtUninstallKB930916$ d--h-c <10>
$NtUninstallKB931261$ d--h-c <16>
$NtUninstallKB931784$ d--h-c <16>
$NtUninstallKB931836$ d--h-c <07>
$NtUninstallKB932168$ d--h-c <16>
$NtUninstallKB932823-v3$ d--h-c <17>
$NtUninstallKB933360$ d--h-c <16>
$NtUninstallKB933729$ d--h-c <10>
$NtUninstallKB935839$ d--h-c <18>
$NtUninstallKB935840$ d--h-c <18>
$NtUninstallKB936021$ d--h-c <16>
$NtUninstallKB936357$ d--h-c <16>
$NtUninstallKB936782_WMP9$ d--h-c <16>
$NtUninstallKB937894$ d--h-c <11>
$NtUninstallKB938464$ d--h-c <07>
$NtUninstallKB938464_0$ d--h-c <10>
$NtUninstallKB938828$ d--h-c <16>
$NtUninstallKB938829$ d--h-c <16>
$NtUninstallKB941202$ d--h-c <10>
$NtUninstallKB941568$ d--h-c <11>
$NtUninstallKB941569$ d--h-c <11>
$NtUninstallKB941644$ d--h-c <18>
$NtUninstallKB941693$ d--h-c <07>
$NtUninstallKB942763$ d--h-c <11>
$NtUninstallKB943055$ d--h-c <18>
$NtUninstallKB943460$ d--h-c <11>
$NtUninstallKB943485$ d--h-c <18>
$NtUninstallKB944653$ d--h-c <11>
$NtUninstallKB945553$ d--h-c <07>
$NtUninstallKB946026$ d--h-c <18>
$NtUninstallKB946648$ d--h-c <07>
$NtUninstallKB946648_0$ d--h-c <18>
$NtUninstallKB948590$ d--h-c <07>
$NtUninstallKB948881$ d--h-c <07>
$NtUninstallKB950749$ d--h-c <16>
$NtUninstallKB950760$ d--h-c <17>
$NtUninstallKB950762$ d--h-c <07>
$NtUninstallKB950762_0$ d--h-c <17>
$NtUninstallKB950974$ d--h-c <07>
$NtUninstallKB950974_0$ d--h-c <18>
$NtUninstallKB951066$ d--h-c <07>
$NtUninstallKB951066_0$ d--h-c <17>
$NtUninstallKB951072-v2$ d--h-c <17>
$NtUninstallKB951376$ d--h-c <07>
$NtUninstallKB951376-v2$ d--h-c <07>
$NtUninstallKB951376-v2_0$ d--h-c <17>
$NtUninstallKB951376_0$ d--h-c <17>
$NtUninstallKB951698$ d--h-c <07>
$NtUninstallKB951698_0$ d--h-c <17>
$NtUninstallKB951748$ d--h-c <07>
$NtUninstallKB951748_0$ d--h-c <08>
$NtUninstallKB951978$ d--h-c <16>
$NtUninstallKB952069_WM9$ d--h-c <18>
$NtUninstallKB952287$ d--h-c <07>
$NtUninstallKB952287_0$ d--h-c <17>
$NtUninstallKB952954$ d--h-c <07>
$NtUninstallKB952954_0$ d--h-c <18>
$NtUninstallKB953839$ d--h-c <18>
$NtUninstallKB954211$ d--h-c <16>
$NtUninstallKB954459$ d--h-c <19>
$NtUninstallKB954600$ d--h-c <18>
$NtUninstallKB955069$ d--h-c <19>
$NtUninstallKB955839$ d--h-c <18>
$NtUninstallKB956391$ d--h-c <16>
$NtUninstallKB956802$ d--h-c <18>
$NtUninstallKB956803$ d--h-c <16>
$NtUninstallKB956841$ d--h-c <16>
$NtUninstallKB957095$ d--h-c <16>
$NtUninstallKB957097$ d--h-c <19>
$NtUninstallKB958644$ d--h-c <17>
$NtUninstallKB958687$ d--h-c <19>
$NtUninstallQ329390$ d--h-- <16>
$NtUninstallQ331060$ d--h-- <16>
addins d----- <16>
AppPatch d----- <16>
Config d----- <16>
Connection Wizard d----- <16>
CSC d--hs- <07>
Cursors d----- <16>
Debug d----- <16>
Downloaded Installations d----- <08>
Downloaded Program Files d---s- <16>
Driver Cache d----- <16>
EHome d----- <07>
Fonts dr--s- <16>
Help d----- <16>
ie7 d--h-c <09>
ie7updates d----- <09>
ime d----- <16>
inf d--h-- <16>
Installer d--hs- <16>
java d----- <16>
l2schemas d----- <06>
Media d----- <16>
Minidump d----- <15>
msagent d----- <16>
msdownld.tmp d--h-- <07>
mui d----- <16>
network diagnostic d----- <09>
Notices d----- <12>
Offline Web Pages dr---- <16>
PCHealth d----- <16>
peernet d----- <07>
Prefetch d----- <07>
provisioning d----- <07>
RegisteredPackages d----- <16>
Registration d----- <16>
repair d----- <16>
Resources d----- <16>
SchCache d----- <09>
security d----- <16>
ServicePackFiles d----- <07>
ShellNew d----- <10>
SoftwareDistribution d----- <07>
srchasst d----- <16>
STRADA d----- <08>
Sun d----- <07>
system d----- <16>
system32 d----- <16>
Tasks d---s- <16>
Temp d----- <16>
twain_32 d----- <16>
WBEM d----- <09>
Web dr---- <16>
WinSxS d----- <16>

C:\WINDOWS\system32 - Parameters: "/nTDSS*.* "

---Files---
None found.

---Folders---
1025 d----- <16>
1028 d----- <16>
1031 d----- <16>
1033 d----- <16>
1036 d----- <16>
1037 d----- <16>
1041 d----- <16>
1042 d----- <16>
1054 d----- <16>
2052 d----- <16>
3076 d----- <16>
3com_dmi d----- <16>
appmgmt d----- <11>
bits d----- <06>
CatRoot d----- <16>
CatRoot2 d----- <16>
Com d----- <16>
config d----- <16>
dhcp d----- <16>
DirectX d----- <16>
dllcache dr-hs- <16>
drivers d----- <16>
DRVSTORE d----c <11>
export d----- <16>
fr d----- <06>
fr-fr d----- <09>
ias d----- <16>
icsxml d----- <16>
IME d----- <16>
inetsrv d----- <16>
Macromed d----- <16>
Microsoft d---s- <16>
MsDtc d----- <16>
mui d----- <16>
npp d----- <16>
oobe d----- <16>
PreInstall d----- <18>
ras d----- <16>
ReinstallBackups d----- <16>
Restore d----- <16>
RNBOSENT d----- <14>
Setup d----- <16>
ShellExt d----- <16>
SoftwareDistribution d----- <10>
spool d----- <16>
usmt d----- <16>
wbem d----- <16>
wins d----- <16>
xircom d----- <16>

C:\WINDOWS\system32\Drivers - Parameters: "/nTDSS*.* "

---Files---
None found.

---Folders---
disdn d----- <16>
etc d----- <16>

C:\WINDOWS\system32 - Parameters: "/nbrastk*.* "

---Files---
None found.

---Folders---
1025 d----- <16>
1028 d----- <16>
1031 d----- <16>
1033 d----- <16>
1036 d----- <16>
1037 d----- <16>
1041 d----- <16>
1042 d----- <16>
1054 d----- <16>
2052 d----- <16>
3076 d----- <16>
3com_dmi d----- <16>
appmgmt d----- <11>
bits d----- <06>
CatRoot d----- <16>
CatRoot2 d----- <16>
Com d----- <16>
config d----- <16>
dhcp d----- <16>
DirectX d----- <16>
dllcache dr-hs- <16>
drivers d----- <16>
DRVSTORE d----c <11>
export d----- <16>
fr d----- <06>
fr-fr d----- <09>
ias d----- <16>
icsxml d----- <16>
IME d----- <16>
inetsrv d----- <16>
Macromed d----- <16>
Microsoft d---s- <16>
MsDtc d----- <16>
mui d----- <16>
npp d----- <16>
oobe d----- <16>
PreInstall d----- <18>
ras d----- <16>
ReinstallBackups d----- <16>
Restore d----- <16>
RNBOSENT d----- <14>
Setup d----- <16>
ShellExt d----- <16>
SoftwareDistribution d----- <10>
spool d----- <16>
usmt d----- <16>
wbem d----- <16>
wins d----- <16>
xircom d----- <16>

C:\WINDOWS\system32 - Parameters: "/nDelSelf*.* "

---Files---
None found.

---Folders---
1025 d----- <16>
1028 d----- <16>
1031 d----- <16>
1033 d----- <16>
1036 d----- <16>
1037 d----- <16>
1041 d----- <16>
1042 d----- <16>
1054 d----- <16>
2052 d----- <16>
3076 d----- <16>
3com_dmi d----- <16>
appmgmt d----- <11>
bits d----- <06>
CatRoot d----- <16>
CatRoot2 d----- <16>
Com d----- <16>
config d----- <16>
dhcp d----- <16>
DirectX d----- <16>
dllcache dr-hs- <16>
drivers d----- <16>
DRVSTORE d----c <11>
export d----- <16>
fr d----- <06>
fr-fr d----- <09>
ias d----- <16>
icsxml d----- <16>
IME d----- <16>
inetsrv d----- <16>
Macromed d----- <16>
Microsoft d---s- <16>
MsDtc d----- <16>
mui d----- <16>
npp d----- <16>
oobe d----- <16>
PreInstall d----- <18>
ras d----- <16>
ReinstallBackups d----- <16>
Restore d----- <16>
RNBOSENT d----- <14>
Setup d----- <16>
ShellExt d----- <16>
SoftwareDistribution d----- <10>
spool d----- <16>
usmt d----- <16>
wbem d----- <16>
wins d----- <16>
xircom d----- <16>

C:\WINDOWS\system32 - Parameters: "/nkarna*.* "

---Files---
None found.

---Folders---
1025 d----- <16>
1028 d----- <16>
1031 d----- <16>
1033 d----- <16>
1036 d----- <16>
1037 d----- <16>
1041 d----- <16>
1042 d----- <16>
1054 d----- <16>
2052 d----- <16>
3076 d----- <16>
3com_dmi d----- <16>
appmgmt d----- <11>
bits d----- <06>
CatRoot d----- <16>
CatRoot2 d----- <16>
Com d----- <16>
config d----- <16>
dhcp d----- <16>
DirectX d----- <16>
dllcache dr-hs- <16>
drivers d----- <16>
DRVSTORE d----c <11>
export d----- <16>
fr d----- <06>
fr-fr d----- <09>
ias d----- <16>
icsxml d----- <16>
IME d----- <16>
inetsrv d----- <16>
Macromed d----- <16>
Microsoft d---s- <16>
MsDtc d----- <16>
mui d----- <16>
npp d----- <16>
oobe d----- <16>
PreInstall d----- <18>
ras d----- <16>
ReinstallBackups d----- <16>
Restore d----- <16>
RNBOSENT d----- <14>
Setup d----- <16>
ShellExt d----- <16>
SoftwareDistribution d----- <10>
spool d----- <16>
usmt d----- <16>
wbem d----- <16>
wins d----- <16>
xircom d----- <16>

-=End Of File=-
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede Dawoued73 » 23 Fév 2009, 10:16

rapport de SmitFraudFix

SmitFraudFix v2.398

Rapport fait à 10:08:27,46, 23/02/2009
Executé à partir de C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\KeyConfiguration\Password.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.DOMAINE


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.DOM\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.DOMAINE\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.DOM\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Google\googletoolbar1.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 80.10.246.2
DNS Server Search Order: 80.10.246.129

HKLM\SYSTEM\CCS\Services\Tcpip\..\{625C7A89-C64F-4A4A-928B-D3337895AA05}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CS1\Services\Tcpip\..\{625C7A89-C64F-4A4A-928B-D3337895AA05}: NameServer=80.10.246.2,80.10.246.129


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede Dawoued73 » 23 Fév 2009, 10:18

rapport principal de OTListIt2

OTListIt logfile created on: 23/02/2009 10:12:51 - Run 4
OTListIt2 by OldTimer - Version 2.0.0.17 Folder = C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,24 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 56,77% Memory free
1,46 Gb Paging File | 0,87 Gb Available in Paging File | 59,56% Paging File free
Paging file location(s): C:\pagefile.sys 372 744;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 28,17 Gb Free Space | 75,62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC1
Current User Name: Administrateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 60 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2004/06/14 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe
PRC - [2001/12/13 01:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe
PRC - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe
PRC - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2004/09/16 10:23:31 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2009/01/08 08:23:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/02/26 11:00:00 | 00,106,586 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2003/03/21 06:00:00 | 00,233,595 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe
PRC - [2003/02/26 11:00:00 | 00,127,058 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
PRC - [2003/03/21 06:00:00 | 00,127,050 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
PRC - [2006/12/21 19:15:56 | 00,624,376 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optproxy.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/01/08 08:23:48 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2003/03/21 06:00:00 | 00,090,182 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
PRC - [2009/02/16 15:50:08 | 00,139,347 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
PRC - [2009/02/16 15:50:06 | 00,933,888 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2009/02/16 15:50:05 | 00,404,536 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optgui.exe
PRC - [2009/02/16 15:50:09 | 00,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2009/02/16 15:50:10 | 00,053,248 | ---- | M] (Alcor Micro, Corp.) -- C:\WINDOWS\system32\DrvMon.exe
PRC - [2009/02/16 15:48:26 | 00,073,728 | ---- | M] () -- C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
PRC - [2009/02/16 15:50:08 | 00,212,992 | ---- | M] () -- C:\Program Files\KeyConfiguration\Password.exe
PRC - [2007/08/16 15:17:24 | 00,098,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
PRC - [2007/08/16 15:19:02 | 05,728,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/16 15:50:07 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/02/16 15:50:07 | 00,118,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
PRC - [2009/02/18 10:21:40 | 00,491,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware [Auto | Running])
SRV - [2009/01/27 16:59:40 | 00,421,496 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Auto | Running])
SRV - [2004/06/14 01:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service [Auto | Running])
SRV - [2004/09/16 10:23:31 | 00,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA [Auto | Running])
SRV - [2008/04/14 03:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/01/08 08:23:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/02/26 11:00:00 | 00,106,586 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework [Auto | Running])
SRV - [2003/03/21 06:00:00 | 00,233,595 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\Mcshield.exe -- (McShield [Auto | Running])
SRV - [2003/03/21 06:00:00 | 00,127,050 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -- (McTaskManager [Auto | Running])
SRV - [2006/12/21 19:15:56 | 00,624,376 | ---- | M] (Orange) -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER [Auto | Running])
SRV - [2007/08/16 15:17:24 | 00,098,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
SRV - [2003/08/01 17:28:24 | 00,474,624 | ---- | M] (Constantin Kaplinsky) -- C:\Program Files\TightVNC\WinVNC.exe -- (winvnc [Auto | Stopped])
SRV - [2007/08/23 14:32:00 | 00,261,120 | ---- | M] () -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2001/08/17 15:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Stopped])
DRV - [2002/05/08 19:44:42 | 00,105,472 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\DRIVERS\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2002/04/01 15:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2000/07/24 00:01:00 | 00,019,537 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar [Auto | Running])
DRV - [2006/04/12 17:42:09 | 00,008,864 | ---- | M] () -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA [Auto | Running])
DRV - [2005/12/05 06:20:46 | 00,080,384 | ---- | M] (OMNIKEY) -- C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys -- (cxbu0wdm [On_Demand | Running])
DRV - [2003/09/18 02:44:00 | 00,145,408 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2004/08/03 21:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -- (i81x [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -- (iAimFP0 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -- (iAimFP1 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -- (iAimFP2 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -- (iAimFP3 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -- (iAimFP4 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -- (iAimTV0 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -- (iAimTV1 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -- (iAimTV3 [On_Demand | Stopped])
DRV - [2004/08/03 21:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -- (iAimTV4 [On_Demand | Stopped])
DRV - [2003/08/04 00:15:04 | 00,091,419 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2003/03/21 06:00:00 | 00,084,448 | ---- | M] (Network Associates, Inc.) -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1 [On_Demand | Running])
DRV - [2003/04/24 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2000/10/24 04:39:00 | 00,073,216 | ---- | M] () -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel [Auto | Running])
DRV - [2003/08/29 14:09:00 | 00,578,304 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2001/08/23 16:20:50 | 00,006,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\serscan.sys -- (StillCam [On_Demand | Running])
DRV - [2001/08/17 16:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 16:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2002/04/04 07:32:06 | 00,028,416 | R--- | M] (LSI Logic) -- C:\WINDOWS\System32\DRIVERS\symmpi.sys -- (Symmpi [Disabled | Stopped])
DRV - [2001/08/17 16:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 16:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2003/08/04 00:16:08 | 00,120,094 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Running])
DRV - [2003/08/04 00:16:00 | 00,096,858 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Invalid data type.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-2447563937-1575804264-685246572-500\S-1-5-21-2447563937-1575804264-685246572-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (267356 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 www.180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 www.180solutions.com
O1 - Hosts: 127.0.0.1 bis.180solutions.com
O1 - Hosts: 127.0.0.1 config.180solutions.com
O1 - Hosts: 127.0.0.1 cts.180solutions.com
O1 - Hosts: 127.0.0.1 downloads.180solutions.com
O1 - Hosts: 127.0.0.1 installs.180solutions.com
O1 - Hosts: 127.0.0.1 nowhere.180solutions.com
O1 - Hosts: 127.0.0.1 ping.180solutions.com
O1 - Hosts: 127.0.0.1 tv.180solutions.com
O1 - Hosts: 127.0.0.1 uploads.180solutions.com
O1 - Hosts: 127.0.0.1 public.zangocash.com
O1 - Hosts: 127.0.0.1 www.public.zangocash.com
O1 - Hosts: 127.0.0.1 static.zangocash.com
O1 - Hosts: 127.0.0.1 www.static.zangocash.com
O1 - Hosts: 127.0.0.1 www.zangocash.com
O1 - Hosts: 127.0.0.1 zangocash.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 2search.com
O1 - Hosts: 9260 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {D32D1A46-A6B3-496B-9981-1E2D520F8597} - C:\WINDOWS\system32\iifgEtqq.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60 (Emsi Software GmbH)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" (Network Associates, Inc.)
O4 - HKLM..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe (Orange)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE (Network Associates, Inc.)
O4 - HKLM..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper (Constantin Kaplinsky)
O4 - HKCU..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe (Alcor Micro, Corp.)
O4 - HKU\S-1-5-21-2447563937-1575804264-685246572-500..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe (Alcor Micro, Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Password.lnk = C:\Program Files\KeyConfiguration\Password.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Controle Parental\bin\lsp.dll ()
O15 - HKLM\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 29 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2447563937-1575804264-685246572-500\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4C57C98A-E582-46E4-8FD8-5EBDC94CEA39} http://www.mindjet.com/viewer/eng/MjMmViewer.cab (Mindjet MindManager Viewer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{625C7A89-C64F-4A4A-928B-D3337895AA05}\\NameServer = 80.10.246.2,80.10.246.129
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e8fe0f3c-c54d-11da-a558-0002e3533810}\Shell - "" = AutoRun
O33 - MountPoints2\{e8fe0f3c-c54d-11da-a558-0002e3533810}\Shell\AutoRun\command - "" = E:\loader.exe -- File not found

========== Files/Folders - Created Within 60 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/02/23 10:08:44 | 00,002,976 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/02/18 14:19:56 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/02/18 14:16:14 | 00,001,564 | ---- | C] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\FindyKill.lnk
[2009/02/18 14:16:09 | 00,000,000 | ---D | C] -- C:\Program Files\FindyKill
[2009/02/17 08:11:14 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Spybot - Search & Destroy.lnk
[2009/02/16 16:33:53 | 00,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\a-squared Anti-Malware.lnk
[2009/02/16 16:33:39 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware
[2009/02/16 16:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Mes documents\a-squared
[2009/02/16 15:50:10 | 00,053,248 | ---- | C] (Alcor Micro, Corp.) -- C:\WINDOWS\System32\DrvMon.exe
[2009/02/16 15:46:12 | 00,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\a-squared Free.lnk
[2009/02/16 15:46:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Mes documents\a-squared Free
[2009/02/16 15:36:45 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/02/16 09:57:30 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/02/13 16:17:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/02/13 11:58:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC
[2009/02/13 11:20:27 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/02/13 08:51:49 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/02/13 08:20:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/02/13 08:12:34 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\CCleaner.lnk
[2009/02/13 08:12:34 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/02/12 10:26:31 | 00,000,512 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/12 10:24:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/11 18:13:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/02/11 18:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Local Settings\Application Data\Mozilla
[2009/02/11 08:36:32 | 00,000,000 | ---D | C] -- C:\quarantine
[2008/12/30 16:30:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.DOMAINE\Application Data\WinRAR

========== Files - Modified Within 60 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/02/23 10:08:45 | 00,002,976 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/02/23 10:02:33 | 00,000,588 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Mes documents\Mes dossiers de partage.lnk
[2009/02/23 09:24:10 | 00,000,621 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/23 08:43:44 | 00,002,539 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Microsoft Excel.lnk
[2009/02/23 07:57:18 | 00,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd
[2009/02/23 07:55:40 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/23 07:54:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/23 07:54:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/23 07:54:53 | 00,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/02/20 09:29:17 | 03,790,350 | -H-- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Local Settings\Application Data\IconCache.db
[2009/02/19 10:26:00 | 00,000,512 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/02/18 14:16:14 | 00,001,564 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\FindyKill.lnk
[2009/02/17 12:00:26 | 00,001,475 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Explorateur Windows.lnk
[2009/02/17 08:11:14 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Spybot - Search & Destroy.lnk
[2009/02/16 16:33:53 | 00,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\a-squared Anti-Malware.lnk
[2009/02/16 15:50:10 | 00,053,248 | ---- | M] (Alcor Micro, Corp.) -- C:\WINDOWS\System32\DrvMon.exe
[2009/02/16 15:50:07 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/02/16 15:46:12 | 00,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\a-squared Free.lnk
[2009/02/13 08:12:34 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Bureau\CCleaner.lnk
[2009/02/12 11:49:42 | 00,772,642 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/12 11:49:42 | 00,367,658 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/02/12 11:49:42 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/12 11:49:42 | 00,048,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/02/12 11:49:42 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/11 18:13:01 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/02/10 09:23:07 | 00,000,478 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2009/01/30 09:10:39 | 00,018,488 | ---- | M] () -- C:\Documents and Settings\Administrateur.DOMAINE\Application Data\GDIPFONTCACHEV1.DAT
<End>
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede Dawoued73 » 26 Fév 2009, 08:25

J'espère qu'on va arriver à traiter ce soucis car c'est vraiment pénible de ne pas pouvoir naviguer à sa guise.
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede nickW » 27 Fév 2009, 01:33

Bonsoir,

Je t'ai envoyé un MP (Message Privé).

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede nickW » 27 Fév 2009, 17:13

Bonjour,

Nouveau MP (Message Privé).

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede Dawoued73 » 04 Mar 2009, 08:18

J'ai répondu à tes MP nickW et malheureusement l'affaire est toujours à suivre .....
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede nickW » 04 Mar 2009, 23:05

Bonsoir,

Peux-tu envoyer deux nouveaux logs:

Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec).


Étape 1: Gmer
Télécharger gmer.zip depuis la page http://www.gmer.net/files.php
Décompresser (clic droit, Extraire tout) sur le Bureau l'archive gmer.zip ainsi téléchargée.
Fermer absolument toutes les applications, les connexions et les navigateurs.

Note: L'antivirus peut émettre des alertes lors de l'exécution (sur gmer.exe ou gmer.sys): il faudra les ignorer et continuer la procédure.

Faire un double clic sur gmer.exe pour lancer l'outil.

Vérifier que toutes les cases de la colonne de droite sont cochées sauf
Sections
AT/EAT
les lecteurs autres que C:\
"Show all"

comme ceci:
Image

puis cliquer sur le bouton Scan.

Attendre sans rien faire d'autre (... c'est un peu long...).
Les clés de Registre & fichiers scannés s'affichent en bas de la fenêtre.

Lorsque l'outil a terminé (il n'y a plus de défilement en bas de la fenêtre), cliquer sur le bouton Save ....

Une fenêtre du Bloc-notes va s'ouvrir, contenant le fichier rapport.
Note: Dans le Bloc-notes, vérifier dans le menu Format que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sur le Bureau sous le nom gmer-090304.txt.
Fermer la fenêtre Gmer (clic sur OK).


Étape 2: DDS (de sUBs)
Télécharger DDS depuis l'un des liens ci-dessous:
http://www.techsupportforum.com/sectools/sUBs/dds
http://download.bleepingcomputer.com/sUBs/dds.scr
http://www.forospyware.com/sUBs/dds
Enregistrer le fichier sur le Bureau.

Faire un double clic sur l'icône de DDS pour le lancer.
S'il y a un avertissement de sécurité "Fichier ouvert", cliquer sur Exécuter.

Une fenêtre à fond noir "D.D.S." va s'ouvrir, aucune action n'est nécessaire, l'analyse est en cours.

Lorsque l'outil a terminé, deux fenêtres du Bloc-notes vont s'ouvrir.

Enregistrer sur le Bureau les deux fichiers ouverts dans ces fenêtres du Bloc-notes sous les noms DDS-090304.txt et Attach-090304.txt


Étape 3: Résultats
Envoyer en réponse:
*- le rapport de Gmer (contenu du fichier gmer-090304.txt).
*- les deux rapports de DDS (contenu des fichiers DDS-090304.txt et Attach-090304.txt).

(si nécessaire, en fonction de la longueur des logs, envoyer deux messages)

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede Dawoued73 » 06 Mar 2009, 08:27

Il m'est impossible de lancer l'application gmer (quand je clique dessus rien ne se passe) !
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

Messagede Dawoued73 » 06 Mar 2009, 08:28

Rapport DDS :

DDS (Ver_09-02-01.01) - NTFSx86
Run by Administrateur at 8:25:26,58 on 06/03/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1271.625 [GMT 1:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\KeyConfiguration\Password.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Administrateur.DOMAINE\Bureau\Nettoyage PC\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.fr/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://go.compaq.com/1Q00CDT/040C/bl8.asp
mSearchAssistant = hxxp://www.google.com/ie
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {d32d1a46-a6b3-496b-9981-1e2d520f8597} - c:\windows\system32\iifgEtqq.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [DrvMon.exe] c:\windows\system32\DrvMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [srmclean] c:\cpqs\scom\srmclean.exe
mRun: [SetRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe"
mRun: [WinVNC] "c:\program files\tightvnc\WinVNC.exe" -servicehelper
mRun: [SSBkgdUpdate] "c:\program files\fichiers communs\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
mRun: [OPTENET_GUI] c:\progra~1\contro~1\bin\optgui.exe
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [a-squared] "c:\program files\a-squared anti-malware\a2guard.exe" /d=60
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\imaget~1.lnk - c:\program files\sony corporation\image transfer\SonyTray.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\password.lnk - c:\program files\keyconfiguration\Password.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\controle parental\bin\lsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {4C57C98A-E582-46E4-8FD8-5EBDC94CEA39} - hxxp://www.mindjet.com/viewer/eng/MjMmViewer.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
TCP: {625C7A89-C64F-4A4A-928B-D3337895AA05} = 80.10.246.2,80.10.246.129
Notify: igfxcui - igfxsrvc.dll

============= SERVICES / DRIVERS ===============

R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared anti-malware\a2service.exe [2009-2-16 425080]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-2-16 421496]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2004-9-13 106586]
R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\Mcshield.exe [2003-3-21 233595]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\VsTskMgr.exe [2003-3-21 127050]
R2 OPTENET_FILTER;Orange Contrôle Parental;c:\program files\controle parental\bin\optproxy.exe [2007-6-27 624376]
R3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [2005-12-5 80384]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2003-3-21 84448]
S2 ksi32sk;ksi32sk;\??\c:\windows\system32\drivers\ksi32sk.sys --> c:\windows\system32\drivers\ksi32sk.sys [?]

=============== Created Last 30 ================

2009-02-27 08:04 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-27 08:04 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-27 08:04 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-27 08:04 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-23 10:08 2,976 a------- c:\windows\system32\tmp.reg
2009-02-18 14:19 <DIR> --d----- C:\_OTMoveIt
2009-02-18 14:16 <DIR> --d----- c:\program files\FindyKill
2009-02-16 16:33 <DIR> --d----- c:\program files\a-squared Anti-Malware
2009-02-16 15:50 53,248 a------- c:\windows\system32\DrvMon.exe
2009-02-16 15:36 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-02-16 09:57 <DIR> --d----- c:\program files\a-squared Free
2009-02-13 11:20 <DIR> --d----- c:\program files\Navilog1
2009-02-13 08:51 <DIR> --d----- C:\VundoFix Backups
2009-02-13 08:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Grisoft
2009-02-13 08:12 <DIR> --d----- c:\program files\CCleaner
2009-02-11 08:36 <DIR> --d----- C:\quarantine

==================== Find3M ====================

2009-02-26 09:48 18,488 ac------ c:\docume~1\admini~1.dom\applic~1\GDIPFONTCACHEV1.DAT
2009-02-16 15:50 633,632 a------- c:\windows\system32\dllcache\iexplore.exe
2009-02-12 11:49 367,658 a------- c:\windows\system32\perfh00C.dat
2009-02-12 11:49 48,616 a------- c:\windows\system32\perfc00C.dat
2009-01-08 08:23 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-11 11:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2007-02-16 11:21 168 -c-shr-- c:\windows\system32\42C6CC4523.sys
2007-02-16 11:21 2,516 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-09-29 08:19 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\historique\history.ie5\mshist012008092920080930\index.dat

============= FINISH: 8:26:15,44 ===============
Dawoued73
 
Messages: 25
Inscription: 13 Fév 2009, 12:31
Localisation: Pontcharra (38)

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 33 invités