Sujet Précédent Sujet Suivant

Surabaya

Fermé
abdel - 20 mai 2009 à 02:18
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009 - 31 mai 2009 à 18:22
Bonjour, voici les resultats obtenu apres scanner mon ordi par hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:52:18, on 19/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealJukebox\tsystray.exe
C:\Program Files\Real\RealOne Player\realplay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Menara\dslmon.exe
C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe Online.com
C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Adobe update.com
C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\DOCUME~1\hp\LOCALS~1\Temp\lpqm.exe
C:\DOCUME~1\hp\LOCALS~1\Temp\snjfd.exe
C:\DOCUME~1\hp\LOCALS~1\Temp\vwhu.exe
C:\DOCUME~1\hp\LOCALS~1\Temp\winviwvs.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\DOCUME~1\hp\LOCALS~1\Temp\xffb.exe
C:\DOCUME~1\hp\LOCALS~1\Temp\pceo.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.menara.ma/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.menara.ma/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Menara
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {34EDFCA9-D4FF-9CAE-DF22-CA6B60E2ED17} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: (no name) - {D5B72AED-E54A-11D6-B1B2-444553540000}B1B2-444553540000} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [yrqppzmoglbmnutwb] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\isctovdbxk.dll"
O4 - HKLM\..\Run: [ZNsoft Optimizer Xp] C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\ZNsoft Xp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [RealJukeboxSystray] "c:\Program Files\Real\RealJukebox\tsystray.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [LiteCity] C:\DOCUME~1\hp\APPLIC~1\BROWSE~1\SkipBias.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Online.com
O4 - Startup: Adobe update.com
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u10-windows-i586-jc.cab&AuthParam=1580987764_a5235be86e79daca0cfb05ddc36bfbcd&ext=.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71BA674A-663F-49DA-92FE-8E035C1A530A}: NameServer = 62.251.229.223 62.251.229.237
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Bosco - Module Esclave (slave) - Unknown owner - C:\Program Files\Bosco\slave.exe (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.animationsgis.com/Images/anges/estelleange25.gif
O24 - Desktop Component 1: (no name) - http://www.animationsgis.com/Images/anges/olly_angecoeur.gif
O24 - Desktop Component 2: (no name) - http://www.animationsgis.com/Images/anges/kelly_ange5.gif
O24 - Desktop Component 3: (no name) - http://www.animationsgis.com/Images/anges/hermasyvonne_ange9.gif
O24 - Desktop Component 4: (no name) - http://www.moziga.biz/images/play.gif

67 réponses

Précédent
Réponse 61 / 67
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
30 mai 2009 à 23:25
Re,

tu te moques de moi !!!!!!!!!!!!!!

Je les veux ici.
0
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
30 mai 2009 à 23:57
se moquer de vous ?!!!! je ne sais pourkoi vous dites ca?
ComboFix 09-05-30.03 - hp 30/05/2009 21:36.9 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.247.114 [GMT 0:00]
Lancé depuis: c:\documents and settings\hp\Bureau\antitruc.exe
Commutateurs utilisés :: c:\documents and settings\hp\Bureau\CFscript.txt
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5
-------\Service_abp470n5


((((((((((((((((((((((((((((( Fichiers créés du 2009-04-28 au 2009-05-30 ))))))))))))))))))))))))))))))))))))
.

2009-05-26 23:15 . 2009-05-26 23:17 -------- d-----w C:\UsbFix
2009-05-26 20:07 . 2009-05-26 20:07 -------- d-----w c:\documents and settings\hp\Application Data\Malwarebytes
2009-05-26 20:06 . 2009-05-26 20:06 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-25 17:09 . 2009-05-25 17:09 426 ----a-w c:\documents and settings\hp\Autoexec.bat
2009-05-22 00:25 . 2009-05-22 00:25 -------- d-----w c:\documents and settings\hp\Application Data\Auslogics
2009-05-22 00:25 . 2009-05-22 00:25 -------- d-----w c:\program files\Auslogics
2009-05-21 19:28 . 2009-05-21 19:46 -------- d-----w c:\program files\Navilog1
2009-05-21 18:30 . 2009-05-22 18:17 -------- d--h--w C:\ToolBar SD
2009-05-20 04:15 . 2009-05-20 04:15 1277024 ----a-w c:\documents and settings\hp\Application Data\Real\Update\setup\data\gtb\GOOGLE_TOOLBAR\googletoolbarinstaller.exe
2009-05-20 04:14 . 2009-05-20 04:14 233472 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
2009-05-20 04:14 . 2009-05-20 04:14 176128 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
2009-05-20 04:14 . 2009-05-20 04:14 1281120 ----a-w c:\documents and settings\hp\Application Data\Real\Update\setup\data\gtb_gds\GOOGLE_TOOLBAR\googletoolbarinstaller.exe
2009-05-20 04:14 . 2009-05-20 04:14 834152 ----a-w c:\documents and settings\hp\Application Data\Real\Update\setup\data\gds\GOOGLE_DESKTOP\gdssetup.exe
2009-05-20 04:14 . 2009-05-20 04:14 88064 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
2009-05-20 04:14 . 2009-05-20 04:14 6418872 ----a-w c:\documents and settings\hp\Application Data\Real\Update\setup\data\ff\firefoxgoogletoolbarsetup.exe
2009-05-20 04:14 . 2009-05-20 04:14 132640 ----a-w c:\documents and settings\hp\Application Data\Real\Update\setup\schedule.exe
2009-05-20 04:14 . 2009-05-20 04:14 88576 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
2009-05-17 18:32 . 2009-05-17 18:32 -------- d-----w c:\program files\WS_FTP
2009-05-17 17:53 . 2007-02-13 16:20 253008 ----a-w c:\windows\adirasx64.exe
2009-05-17 17:53 . 2007-02-07 16:51 169496 ----a-w c:\windows\system32\drivers\adiusbawx64.sys
2009-05-17 17:53 . 2007-02-07 16:50 118552 ----a-w c:\windows\system32\drivers\adiusbaw.sys
2009-05-17 17:53 . 2007-01-04 13:46 146968 ----a-w c:\windows\system32\drivers\e4usbawx64.sys
2009-05-17 17:53 . 2006-02-15 10:15 176128 ----a-w c:\windows\autoclk.exe
2009-05-17 17:53 . 2007-01-04 13:47 71832 ----a-w c:\windows\system32\drivers\e4ldrx64.sys
2009-05-17 17:53 . 2002-09-26 16:42 24576 ----a-w c:\windows\enddisk32.exe
2009-05-17 17:53 . 2007-02-07 16:50 58264 ----a-w c:\windows\system32\drivers\adildrx64.sys
2009-05-17 17:53 . 2007-02-07 16:50 56088 ----a-w c:\windows\system32\drivers\adildr.sys
2009-05-17 17:53 . 2006-12-22 13:18 316416 ----a-w c:\windows\system32\unaddrv.x64.exe
2009-05-17 17:52 . 2009-05-17 17:52 -------- d-----w c:\program files\SAGEM
2009-05-17 17:52 . 2009-05-17 17:52 -------- d-----w c:\documents and settings\hp\Application Data\InstallShield
2009-05-10 23:15 . 2009-05-10 23:15 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-10 22:26 . 2009-05-10 22:26 -------- d-----w c:\program files\Messenger Plus! Live
2009-05-08 15:10 . 2009-05-30 21:41 -------- d-----w c:\program files\Eraser
2009-05-07 23:41 . 2009-05-07 23:41 10134 ----a-r c:\documents and settings\hp\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
2009-05-07 23:41 . 2009-05-07 23:41 -------- d-----w c:\program files\HP
2009-05-01 22:39 . 2009-05-01 22:39 -------- d-----w c:\program files\ToniArts

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 23:01 . 2008-10-18 13:38 65432 ----a-w c:\documents and settings\hp\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-26 21:26 . 2008-11-09 18:37 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-05-26 19:29 . 2009-05-19 23:30 -------- d-----w c:\program files\Trend Micro
2009-05-22 22:49 . 2009-05-20 02:19 -------- d-----w c:\program files\a-squared Free
2009-05-20 04:14 . 2009-05-18 12:30 -------- d-----w c:\program files\AMT
2009-05-20 04:14 . 2009-04-23 20:57 -------- d-----w c:\program files\iTunes
2009-05-20 04:14 . 2009-05-20 04:14 83968 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
2009-05-20 04:13 . 2009-05-20 04:13 270336 ----a-w c:\documents and settings\hp\Application Data\LimeWire\browser\xulrunner\updater.exe
2009-05-20 01:39 . 2009-05-20 01:39 -------- d-----w c:\documents and settings\hp\Application Data\Windows Search
2009-05-20 01:38 . 2009-05-20 01:38 -------- d-----w c:\documents and settings\hp\Application Data\Windows Desktop Search
2009-05-20 01:02 . 2002-09-07 01:00 81596 ----a-w c:\windows\system32\perfc00C.dat
2009-05-20 01:02 . 2002-09-07 01:00 484240 ----a-w c:\windows\system32\perfh00C.dat
2009-05-20 01:01 . 2009-05-20 01:01 -------- d-----w c:\program files\Windows Desktop Search
2009-05-17 20:15 . 2008-10-12 17:00 -------- d-----w c:\program files\Menara
2009-05-17 18:36 . 2008-10-12 16:22 -------- d-----w c:\program files\Fichiers communs\Real
2009-05-17 18:35 . 2008-10-14 19:40 8552 ----a-w c:\windows\system32\drivers\asctrm.sys
2009-05-17 17:52 . 2008-10-12 17:04 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-28 17:34 . 2009-04-28 17:29 -------- d-----w c:\documents and settings\hp\Application Data\agi
2009-04-28 17:32 . 2009-04-28 17:32 -------- d-----w c:\documents and settings\LocalService\Application Data\agi
2009-04-28 17:29 . 2009-04-28 17:29 -------- d-----w c:\documents and settings\All Users\Application Data\agi
2009-04-28 17:27 . 2009-04-28 17:27 339968 ----a-w c:\windows\system32\pythoncom25.dll
2009-04-28 17:27 . 2009-04-28 17:27 2117632 ----a-w c:\windows\system32\python25.dll
2009-04-28 17:27 . 2009-04-28 17:27 114688 ----a-w c:\windows\system32\pywintypes25.dll
2009-04-28 17:27 . 2009-02-20 18:31 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-25 21:12 . 2009-04-25 20:59 -------- d-----w c:\program files\ElcomSoft
2009-04-25 21:09 . 2009-04-25 21:09 39424 ----a-w c:\windows\zipinst.exe
2009-04-25 00:12 . 2009-01-26 18:48 206400 ----a-w c:\documents and settings\hp\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2009-04-25 00:12 . 2009-01-26 18:48 156208 ----a-w c:\documents and settings\hp\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2009-04-25 00:12 . 2009-01-26 18:48 392728 ----a-w c:\documents and settings\hp\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2009-04-23 21:01 . 2009-04-23 21:01 -------- d-----w c:\documents and settings\hp\Application Data\Apple Computer
2009-04-23 21:01 . 2009-04-23 20:59 -------- d-----w c:\program files\QuickTime
2009-04-23 20:57 . 2009-04-23 20:56 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-23 20:56 . 2008-10-12 17:00 -------- d-----w c:\program files\Fichiers communs\InstallShield
2009-04-21 19:55 . 2009-04-20 21:46 -------- d-----w c:\program files\VideoLAN
2009-04-20 21:54 . 2009-04-20 21:54 -------- d-----w c:\documents and settings\hp\Application Data\dvdcss
2009-04-18 21:06 . 2009-04-18 21:06 -------- d-----w c:\documents and settings\All Users\Application Data\AVS4YOU
2009-04-17 21:21 . 2009-04-17 21:21 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-12 19:47 . 2009-04-12 19:45 -------- d-----w c:\program files\Google
2009-04-12 01:14 . 2009-02-21 20:23 -------- d-----w c:\documents and settings\hp\Application Data\Smart PC Solutions
2009-04-12 01:14 . 2009-02-21 20:23 -------- d-----w c:\program files\Smart PC Solutions
2009-04-11 23:31 . 2009-04-11 23:31 5376 ----a-w c:\windows\system32\drivers\MS1000.sys
2009-04-11 20:52 . 2008-11-11 21:48 -------- d-----w c:\documents and settings\hp\Application Data\VoipBuster
2009-04-11 20:38 . 2009-04-11 20:35 -------- d-----w c:\documents and settings\hp\Application Data\InternetCalls
2009-04-11 20:18 . 2009-04-11 20:14 -------- d-----w c:\documents and settings\hp\Application Data\NetAppel
2009-04-11 02:01 . 2009-04-11 02:01 213504 ----a-w c:\documents and settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
2009-03-08 22:39 . 2009-03-08 22:39 904680 ----a-w c:\documents and settings\hp\Application Data\MSNInstaller\msnauins.exe
2009-03-08 04:34 . 2004-08-19 21:09 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 04:34 . 2004-08-19 21:09 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 04:33 . 2004-08-19 21:09 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 04:33 . 2004-08-19 21:09 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 04:32 . 2004-08-19 21:09 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 04:32 . 2004-08-19 21:09 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 04:31 . 2004-08-19 21:09 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 04:31 . 2004-08-19 21:08 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 04:31 . 2004-08-19 21:10 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 04:22 . 2002-09-07 01:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2004-08-19 21:09 286720 ----a-w c:\windows\system32\pdh.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1768960]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3987808]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-12 39408]
"Eraser"="c:\program files\Eraser\eraser.exe" [2003-07-25 679936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-04-23 229376]
"RealTray"="c:\program files\Real\RealOne Player\realplay.exe" [2009-05-17 181760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\hp\Menu D‚marrer\Programmes\D‚marrage\
Notification de cadeaux MSN.lnk - c:\documents and settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-4-11 213504]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\Menara\dslmon.exe [2008-10-12 909312]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\aMSN\\bin\\wish.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\ToniArts\\EasyCleaner\\EasyClea.exe"=
"c:\\Program Files\\Windows Live\\Toolbar\\wltuser.exe"=
"c:\\WINDOWS\\system32\\SearchProtocolHost.exe"=
"c:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe"=
"c:\\WINDOWS\\system32\\WISPTIS.EXE"=
"c:\\Program Files\\QuickTime\\qttask.exe"=
"c:\\Program Files\\Menara\\dslmon.exe"=
"c:\\Documents and Settings\\hp\\Application Data\\Microsoft\\Notification de cadeaux MSN\\lsnfier.exe"=
"c:\\Program Files\\Eraser\\eraser.exe"=

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [08/03/2009 22:41 55152]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [12/10/2008 17:03 114616]
S2 AGWinService;AG Windows Service;"c:\program files\AGI\common\win32\PythonService.exe" --> c:\program files\AGI\common\win32\PythonService.exe [?]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [12/10/2008 17:03 63555]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [02/08/2005 21:10 32512]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - ABP470N5
.
Contenu du dossier 'Tâches planifiées'

2009-05-30 c:\windows\Tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]

2009-05-30 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-29 22:18]
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-procexp90.Sys


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.bladinet.net/
mWindow Title =
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-30 21:44
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\windows\system32\drivers\gmepnn.sys 5669 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2236)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\fr-fr\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msls31.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2009-05-30 21:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-30 21:53

Avant-CF: 12 329 701 376 octets libres
Après-CF: 12 559 863 808 octets libres

253 --- E O F --- 2009-05-27 01:27
0
Réponse 62 / 67
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 00:11
OTL logfile created on: 30/05/2009 03:24:40 - Run 4
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\hp\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

247,48 Mb Total Physical Memory | 83,66 Mb Available Physical Memory | 33,81% Memory free
653,60 Mb Paging File | 177,46 Mb Available in Paging File | 27,15% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 11,88 Gb Free Space | 60,85% Space Free | Partition Type: NTFS
Drive D: | 18,75 Gb Total Space | 18,31 Gb Free Space | 97,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 953,73 Mb Total Space | 951,34 Mb Free Space | 99,75% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP-7E00783F7641
Current User Name: hp
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

[color=orange]========== Processes (SafeList) ==========[/color]

PRC - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/14 02:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/23 21:00:55 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2009/05/17 18:35:21 | 00,181,760 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealOne Player\realplay.exe
PRC - [2009/02/06 18:51:28 | 03,987,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2003/07/25 11:15:48 | 00,679,936 | ---- | M] (-) -- C:\Program Files\Eraser\eraser.exe
PRC - [2006/06/13 11:34:54 | 00,909,312 | ---- | M] () -- C:\Program Files\Menara\dslmon.exe
PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/05/29 23:02:41 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winfkdpes.exe
PRC - [2009/05/29 23:02:44 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winsowdc.exe
PRC - [2002/08/21 05:13:12 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2009/05/29 23:38:07 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\ldhd.exe
PRC - [2009/05/30 00:48:33 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\wingtxh.exe
PRC - [2009/05/30 01:24:05 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winpqiay.exe
PRC - [2009/05/30 01:59:19 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\nikkra.exe
PRC - [2009/05/30 02:34:27 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winbctyr.exe
PRC - [2009/05/30 03:09:42 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\bolrf.exe
PRC - [2009/05/28 00:29:39 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hp\Bureau\OTL.exe

[color=orange]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- -- (AGWinService [Auto | Stopped])
SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/04/17 01:42:08 | 00,264,688 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/14 02:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,143,360 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - File not found -- -- (iPodService [Disabled | Stopped])
SRV - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/07/28 20:28:22 | 00,162,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005/08/02 21:18:49 | 00,159,744 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - File not found -- -- (winvnc [Auto | Stopped])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
0
Réponse 63 / 67
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 00:12
[color=orange]========== Processes (SafeList) ==========[/color]

PRC - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/14 02:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/04/23 21:00:55 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2009/05/17 18:35:21 | 00,181,760 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealOne Player\realplay.exe
PRC - [2009/02/06 18:51:28 | 03,987,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2003/07/25 11:15:48 | 00,679,936 | ---- | M] (-) -- C:\Program Files\Eraser\eraser.exe
PRC - [2006/06/13 11:34:54 | 00,909,312 | ---- | M] () -- C:\Program Files\Menara\dslmon.exe
PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/05/29 23:02:41 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winfkdpes.exe
PRC - [2009/05/29 23:02:44 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winsowdc.exe
PRC - [2002/08/21 05:13:12 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2009/05/29 23:38:07 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\ldhd.exe
PRC - [2009/05/30 00:48:33 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\wingtxh.exe
PRC - [2009/05/30 01:24:05 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winpqiay.exe
PRC - [2009/05/30 01:59:19 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\nikkra.exe
PRC - [2009/05/30 02:34:27 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\winbctyr.exe
PRC - [2009/05/30 03:09:42 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\hp\Local Settings\temp\bolrf.exe
PRC - [2009/05/28 00:29:39 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hp\Bureau\OTL.exe

[color=orange]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- -- (AGWinService [Auto | Stopped])
SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/04/17 01:42:08 | 00,264,688 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/14 02:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,143,360 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - File not found -- -- (iPodService [Disabled | Stopped])
SRV - [2008/11/09 18:26:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/07/28 20:28:22 | 00,162,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005/08/02 21:18:49 | 00,159,744 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - File not found -- -- (winvnc [Auto | Stopped])
SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=orange]========== Driver Services (SafeList) ==========[/color]

DRV - File not found -- -- (abp470n5 [Disabled | Running])
DRV - [2006/04/01 12:30:46 | 00,100,224 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2009/05/17 18:35:35 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2006/04/01 12:33:16 | 00,134,272 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Stopped])
DRV - [2006/05/04 17:20:20 | 00,114,616 | R--- | M] (Analog Devices Inc.) -- C:\WINDOWS\system32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Running])
DRV - [2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2005/02/02 01:21:04 | 00,014,408 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/03/02 17:55:04 | 00,063,555 | R--- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (IKANLOADER2 [Auto | Stopped])
DRV - [2008/04/13 18:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])
DRV - [2005/08/02 21:10:13 | 00,032,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF [On_Demand | Stopped])
DRV - [2008/04/13 18:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])
DRV - [2002/09/07 01:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnknb.sys -- (NwlnkNb [Auto | Running])
DRV - [2002/09/07 01:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])
DRV - [2008/04/13 18:34:12 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwrdr.sys -- (NWRDR [On_Demand | Stopped])
DRV - [2002/09/07 01:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/04/13 16:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2006/04/01 12:30:48 | 00,578,304 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])

[color=orange]========== Standard Registry (SafeList) ==========[/color]


[color=orange]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bladinet.net/
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 3E DE 1D 6C C0 C9 01 [binary data]
IE - HKU\S-1-5-21-343818398-1960408961-839522115-1003\S-1-5-21-343818398-1960408961-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
0
Réponse 64 / 67
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 00:13
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealOne Player\realplay.exe SYSTEMBOOTHIDEPLAYER (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide (-)
O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-1960408961-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk = C:\Program Files\Menara\dslmon.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\hp\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-343818398-1960408961-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?8f4ca0d0e1e64f9880ca97f50b1810a0 (Microsoft Corporation)
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?8f4ca0d0e1e64f9880ca97f50b1810a0 (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Protocole de transport compatible NWLink IPX/SPX/NetBIOS] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} https://sdlc-esd.oracle.com/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u10-windows-i586-jc.cab&AuthParam=1580987764_a5235be86e79daca0cfb05ddc36bfbcd&ext=.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} https://www.f-secure.com/en/home/support (F-Secure Online Scanner 3.3)
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner 4.0 Launcher)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/12 01:39:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/25 21:53:00 | 00,000,378 | RHS- | M] () - F:\Autorun.inf -- [ FAT ]
O33 - MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\AutoPlaY\command - "" = F:\naat.pif -- [2009/05/26 23:14:56 | 00,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\AutoRun\command - "" = F:\naat.pif -- [2009/05/26 23:14:56 | 00,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\Explore\commAnd - "" = F:\naat.pif -- [2009/05/26 23:14:56 | 00,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{87f7e4c1-ebd2-11dd-a7d2-4d6564696130}\Shell\opEN\COmmANd - "" = F:\naat.pif -- [2009/05/26 23:14:56 | 00,222,207 | RHS- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/30 03:24:27 | 00,000,000 | ---D | M]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 67
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 00:14
color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]

[4 C:\WINDOWS\*.tmp files]
[2009/05/29 18:40:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Local Settings\temp
[2009/05/29 18:19:36 | 00,154,624 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/05/29 18:12:16 | 03,202,624 | R--- | C] () -- C:\Documents and Settings\hp\Bureau\antitruc.exe
[2009/05/28 00:29:38 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\hp\Bureau\OTL.exe
[2009/05/28 00:25:56 | 00,000,345 | ---- | C] () -- C:\Raccourci vers _OTL.lnk
[2009/05/27 19:43:51 | 00,152,934 | ---- | C] (changelog.fr ) -- C:\Documents and Settings\hp\Bureau\OAD.exe
[2009/05/27 08:25:56 | 00,000,000 | R--D | C] -- C:\Documents and Settings\hp\Mes documents\Mes vidéos
[2009/05/26 23:15:46 | 00,001,336 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\UsbFix V3.026.lnk
[2009/05/26 23:15:40 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/05/26 21:46:33 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\HijackThis.lnk
[2009/05/26 20:07:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Malwarebytes
[2009/05/26 20:06:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/25 21:48:10 | 00,114,688 | R--- | C] () -- C:\Documents and Settings\hp\Bureau\SOIT TRANSMIS .scr
[2009/05/25 21:47:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Bureau\الضرب و الجرح و العنف
** - C:\Documents and Settings\hp\Bureau\????? ? ????? ? ?????
[2009/05/24 20:46:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/05/22 22:45:24 | 00,000,212 | ---- | C] () -- C:\Boot.bak
[2009/05/22 22:45:20 | 00,263,488 | ---- | C] () -- C:\cmldr
[2009/05/22 22:45:17 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/22 22:31:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/22 01:46:42 | 00,250,304 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\cc_20090522_014630.reg
[2009/05/22 00:25:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Auslogics
[2009/05/22 00:25:05 | 00,000,801 | ---- | C] () -- C:\Documents and Settings\hp\Bureau\AusLogics Disk Defrag.lnk
[2009/05/22 00:25:04 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2009/05/21 19:28:06 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2009/05/21 19:28:05 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2009/05/21 18:30:00 | 00,000,000 | -H-D | C] -- C:\ToolBar SD
[2009/05/20 04:17:12 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/05/20 04:17:12 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/05/20 02:19:41 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/05/20 01:39:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Windows Search
[2009/05/20 01:38:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\Windows Desktop Search
[2009/05/20 01:02:40 | 00,001,837 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk
[2009/05/20 01:01:51 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/05/20 00:58:45 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/05/20 00:58:45 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/05/20 00:58:45 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/05/19 23:30:04 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/18 16:13:43 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\Nouveau Document Microsoft Word.doc
[2009/05/18 12:30:32 | 00,000,000 | ---D | C] -- C:\Program Files\AMT
[2009/05/17 18:35:35 | 00,000,141 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Real.com Guide.url
[2009/05/17 18:32:32 | 00,000,000 | ---D | C] -- C:\Program Files\WS_FTP
[2009/05/17 17:53:18 | 00,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe
[2009/05/17 17:53:18 | 00,169,496 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbawx64.sys
[2009/05/17 17:53:18 | 00,146,968 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\e4usbawx64.sys
[2009/05/17 17:53:18 | 00,118,552 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbaw.sys
[2009/05/17 17:53:18 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbawx64.cat
[2009/05/17 17:53:18 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbaw.cat
[2009/05/17 17:53:18 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbawx64.cat
[2009/05/17 17:53:18 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbaw.cat
[2009/05/17 17:53:11 | 00,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe
[2009/05/17 17:53:10 | 00,071,832 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\e4ldrx64.sys
[2009/05/17 17:53:10 | 00,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe
[2009/05/17 17:53:10 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldrx64.cat
[2009/05/17 17:53:10 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldr.cat
[2009/05/17 17:53:09 | 00,316,416 | ---- | C] (Analog Devices.) -- C:\WINDOWS\System32\unaddrv.x64.exe
[2009/05/17 17:53:09 | 00,058,264 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildrx64.sys
[2009/05/17 17:53:09 | 00,056,088 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildr.sys
[2009/05/17 17:53:09 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildrx64.cat
[2009/05/17 17:53:09 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildr.cat
[2009/05/17 17:52:28 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM
[2009/05/17 17:52:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Application Data\InstallShield
[2009/05/16 21:33:43 | 00,142,848 | ---- | C] () -- C:\Documents and Settings\hp\Mes documents\UN MICRI DANS 15 ANS.doc
[2009/05/10 23:15:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/05/10 22:28:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\hp\Mes documents\Mes Historiques de Conversation
[2009/05/10 22:26:28 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2009/05/08 20:28:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/05/08 15:10:19 | 00,000,000 | ---D | C] -- C:\Program Files\Eraser
[2009/05/07 23:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/05/01 22:39:49 | 00,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2009/04/28 17:27:29 | 00,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/04/28 17:27:29 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/04/25 20:59:26 | 00,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini
[2009/04/18 21:04:44 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/18 21:04:44 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/11 23:31:09 | 00,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\MS1000.sys
[2009/02/11 02:48:02 | 00,002,638 | ---- | C] () -- C:\WINDOWS\System32\assuntos.dll
[2009/02/11 02:47:38 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\total.dll
[2009/02/11 02:47:23 | 00,000,517 | ---- | C] () -- C:\WINDOWS\System32\links.dll
[2009/02/11 02:47:19 | 00,020,543 | ---- | C] () -- C:\WINDOWS\System32\frases.dll
[2009/02/11 02:47:17 | 00,045,121 | ---- | C] () -- C:\WINDOWS\System32\logs.dll
[2009/02/11 02:47:16 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\config.dll
[2009/02/11 02:47:11 | 00,000,033 | ---- | C] () -- C:\WINDOWS\System32\errox32.dll
[2008/10/14 19:44:53 | 00,000,050 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2008/10/14 19:44:46 | 00,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2008/10/12 17:03:05 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2008/10/12 17:03:03 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2008/10/12 17:03:00 | 00,000,989 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2008/10/12 17:02:59 | 00,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2008/10/12 17:02:59 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2008/10/12 16:15:12 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/26 22:23:32 | 00,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 22:23:30 | 00,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 22:23:28 | 00,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/01/14 16:47:06 | 00,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2005/08/02 21:24:01 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2003/04/01 10:58:02 | 00,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/07 01:00:00 | 00,001,091 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/09/07 01:00:00 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini

[color=orange]========== Files - Modified Within 30 Days ==========[/color]

[4 C:\WINDOWS\*.tmp files]
[2009/05/30 00:31:28 | 00,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job
[2009/05/29 18:54:05 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/05/29 18:53:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\hp\Local Settings\desktop.ini
[2009/05/29 18:53:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/29 18:53:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/29 18:35:43 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/29 18:12:16 | 03,202,624 | R--- | M] () -- C:\Documents and Settings\hp\Bureau\antitruc.exe
[2009/05/28 00:29:39 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hp\Bureau\OTL.exe
[2009/05/28 00:25:56 | 00,000,345 | ---- | M] () -- C:\Raccourci vers _OTL.lnk
[2009/05/27 19:43:51 | 00,152,934 | ---- | M] (changelog.fr ) -- C:\Documents and Settings\hp\Bureau\OAD.exe
[2009/05/27 08:20:40 | 00,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/26 23:15:46 | 00,001,336 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\UsbFix V3.026.lnk
[2009/05/26 21:48:28 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\HijackThis.lnk
[2009/05/26 21:26:25 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/24 20:47:59 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/24 16:01:49 | 00,154,624 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/05/23 22:16:55 | 00,002,573 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\Microsoft Office Word 2003.lnk
[2009/05/22 22:45:24 | 00,000,282 | RHS- | M] () -- C:\boot.ini
[2009/05/22 01:47:04 | 00,250,304 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\cc_20090522_014630.reg
[2009/05/22 00:25:06 | 00,000,801 | ---- | M] () -- C:\Documents and Settings\hp\Bureau\AusLogics Disk Defrag.lnk
[2009/05/21 19:28:06 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2009/05/20 22:09:36 | 00,142,848 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\UN MICRI DANS 15 ANS.doc
[2009/05/20 04:17:12 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/20 04:17:12 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/05/20 01:02:40 | 00,001,837 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk
[2009/05/20 01:02:13 | 01,026,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/20 01:02:13 | 00,484,240 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/05/20 01:02:13 | 00,081,596 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/05/18 16:29:11 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\hp\Mes documents\Nouveau Document Microsoft Word.doc
[2009/05/18 12:54:42 | 00,001,091 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/17 20:15:36 | 00,001,422 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Menara ADSL.lnk
[2009/05/17 20:15:33 | 00,001,524 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
[2009/05/17 20:15:31 | 00,002,292 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Messagerie avec Menara.lnk
[2009/05/17 20:15:29 | 00,001,533 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Internet avec Menara.lnk
[2009/05/17 20:15:27 | 00,001,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Configurateur de messagerie.lnk
[2009/05/17 18:35:35 | 00,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\RealPlayer Basic.lnk
[2009/05/17 18:35:35 | 00,000,141 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Real.com Guide.url
[2009/05/17 18:35:17 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/05/17 18:29:04 | 00,000,169 | ---- | M] () -- C:\WINDOWS\adidsl.ini
[2009/05/10 16:19:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/08 20:45:57 | 00,000,212 | ---- | M] () -- C:\Boot.bak
[2009/05/07 07:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/03 01:37:42 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/02 02:52:57 | 00,395,650 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/02 02:52:57 | 00,059,890 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[color=orange]========== LOP Check ==========[/color]

[2009/05/26 20:06:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/10/12 16:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/04/28 17:29:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2009/04/23 20:57:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/18 21:06:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/01/17 22:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeHotBabesScreensaver
[2009/04/12 19:47:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/02/20 17:50:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/05/26 20:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/10 23:15:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/05/27 01:27:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/10/14 19:33:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2008/10/12 16:29:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/02/22 22:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/27 01:04:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/10/16 16:04:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2008/10/12 16:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/10/12 03:21:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2008/10/12 01:39:27 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
[2009/05/26 20:07:16 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\hp\Application Data
[2008/11/10 16:38:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Adobe
[2009/04/28 17:34:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\agi
[2009/04/23 21:01:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Apple Computer
[2009/05/22 00:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Auslogics
[2009/02/26 23:34:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Copernic
[2009/04/20 21:54:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\dvdcss
[2009/01/17 22:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\FreeHotBabesScreensaver
[2008/10/15 18:27:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Globe7
[2009/02/20 23:20:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Google
[2008/10/15 18:07:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Help
[2008/10/12 01:47:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Identities
[2009/05/17 17:52:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InstallShield
[2009/04/11 20:38:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InternetCalls
[2008/10/14 19:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\InterTrust
[2009/02/22 21:13:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\LimeWire
[2008/10/13 01:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Macromedia
[2009/05/26 20:07:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Malwarebytes
[2009/05/19 15:33:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\hp\Application Data\Microsoft
[2009/04/25 23:15:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Mozilla
[2009/03/08 22:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\MSNInstaller
[2009/04/11 20:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\NetAppel
[2008/10/14 19:39:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Real
[2009/02/24 01:15:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Skype
[2009/04/12 01:14:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Smart PC Solutions
[2008/11/09 18:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Sun
[2008/10/18 21:31:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\teamspeak2
[2009/04/11 20:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\VoipBuster
[2009/05/20 01:38:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Windows Desktop Search
[2009/05/20 01:39:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\hp\Application Data\Windows Search
[2008/10/12 01:46:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2009/04/28 17:32:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\agi
[2009/02/24 20:31:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/10/12 01:45:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2009/02/24 20:31:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2002/09/07 01:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/29 18:53:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/30 00:31:28 | 00,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4DF9536E-79E9-41D1-B7BA-D4BB961EFCBD}.job
[2009/05/29 18:54:05 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

[color=orange]========== Purity Check ==========[/color]


[color=orange]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
< End of report >
0
Réponse 66 / 67
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 00:18
voila , ca marche la !!!!!
0
Réponse 67 / 67
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
31 mai 2009 à 10:11
Bonjour,

non, je n'ai pas tout.
0
abdel__ Messages postés 57 Date d'inscription jeudi 21 mai 2009 Statut Membre Dernière intervention 31 mai 2009
31 mai 2009 à 17:29
la tu me tape sur le nerfs toi !!! c'est quoi cette maniere !!! t'auras rien je ne veux plus de ton aide!!! ca a durer sans resultats . ou ca a devenu plus pire!!! tu m'a suivi sur un autre site , ou je voulais demander l'aide d'un autre , fou moi la paix ............. degage..........
0

Discussions similaires

Virus Surabaya
Aiondar -
Malekal_morte- -

7 réponses
Virus Surabaya in my birthday
smith31 -
badre110 -

17 réponses
Surabaya
pinkpathart -
Malekal_morte- -

21 réponses
virus surabaya 81u3f4nt45y
antari.mostafa -
cooboy -

7 réponses
Surabaya virus
Lebloleen -
lilidurhone -

22 réponses