Avast ou Avira
roketride
-
sheogorath68 -
sheogorath68 -
Bonjour,
Voilà le problème:
Je ne peux plus faire de mise à jours, ouvrir mes photos, ouvrir ou installer des logiciels et Windows se fige sans m'afficher une fenêtre d'erreur, je suis obliger d'aller dans le processus pour redémarrer Windows (virus)
Beaucoup sur le forum conseillait de prendre Avira comme anti-virus, donc j'ai désinstaller Avast pour Avira.
Le soucis c'est que lorsque je lançais Avast et que je mettait en quarantaine puis je supprimais les virus le problème était résolu (fonctionnement nikel), sauf que, si je redémarrais le soucis étais toujours existant.
question : je vais réinstaller Avast mais comment supprimer les virus avec Avast définitivement ?
parce que Avira sont scan est beaucoup trop long, je suis 15,4 % depuis plus d'heure ( il est rester bloqué)
Voilà le problème:
Je ne peux plus faire de mise à jours, ouvrir mes photos, ouvrir ou installer des logiciels et Windows se fige sans m'afficher une fenêtre d'erreur, je suis obliger d'aller dans le processus pour redémarrer Windows (virus)
Beaucoup sur le forum conseillait de prendre Avira comme anti-virus, donc j'ai désinstaller Avast pour Avira.
Le soucis c'est que lorsque je lançais Avast et que je mettait en quarantaine puis je supprimais les virus le problème était résolu (fonctionnement nikel), sauf que, si je redémarrais le soucis étais toujours existant.
question : je vais réinstaller Avast mais comment supprimer les virus avec Avast définitivement ?
parce que Avira sont scan est beaucoup trop long, je suis 15,4 % depuis plus d'heure ( il est rester bloqué)
A voir également:
- Avast ou Avira
- Désinstaller avast - Télécharger - Antivirus & Antimalwares
- Avast gratuit - Télécharger - Antivirus & Antimalwares
- Avira antivirus - Télécharger - Antivirus & Antimalwares
- Desinstaller avast secure browser ✓ - Forum Virus
- Vpn avast avis - Guide
83 réponses
re !
J'ai réinstaller comme vous me l'aviez demandé et j'ai toujours le même message d'erreur..
donc j'ai essayer en mode sans échec et le soucis c'est qu'n mode sans echec mon pc s'éteint certainement du a une surchauffe.
je pense que ce ne sera pas possible d'utilisé ce logiciel.
En temps j'ai désinstallé avira pour avast car celui ci met en quarantaine les virus et autres .. et par ce fait je peux utilisé windows correctement ( apres le redemarrage de window, les soucis réapparaissent)
là je sais pas plus quoi faire je suis perdu...
Merci de votre aide, ya t-il un autre solution?
merci d'avance pour votre patience
J'ai réinstaller comme vous me l'aviez demandé et j'ai toujours le même message d'erreur..
donc j'ai essayer en mode sans échec et le soucis c'est qu'n mode sans echec mon pc s'éteint certainement du a une surchauffe.
je pense que ce ne sera pas possible d'utilisé ce logiciel.
En temps j'ai désinstallé avira pour avast car celui ci met en quarantaine les virus et autres .. et par ce fait je peux utilisé windows correctement ( apres le redemarrage de window, les soucis réapparaissent)
là je sais pas plus quoi faire je suis perdu...
Merci de votre aide, ya t-il un autre solution?
merci d'avance pour votre patience
Re,
Fait ceci : ( Je les déjà dit auparavant )
● Télécharge Yog_Fix de Batch_Man sur ton Bureau.
● Double-clique dessus et choisis l'option 1 ( Recherche )
● Attend que le scan se fasse, un rapport va s'ouvrir.
● Poste le dans ta prochaine réponse.
PS: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt
Fait ceci : ( Je les déjà dit auparavant )
● Télécharge Yog_Fix de Batch_Man sur ton Bureau.
● Double-clique dessus et choisis l'option 1 ( Recherche )
● Attend que le scan se fasse, un rapport va s'ouvrir.
● Poste le dans ta prochaine réponse.
PS: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt
/!\stop
Message pour Helper-Mask : Suis de près le topic et ne panique pas :-)
tu as dèjà utilisé yoogfix, poste 52:
https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#52
il te reste pus qu'à passer navilog et toolbar s&d, poste 42 :-)
https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#42
Message pour Helper-Mask : Suis de près le topic et ne panique pas :-)
tu as dèjà utilisé yoogfix, poste 52:
https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#52
il te reste pus qu'à passer navilog et toolbar s&d, poste 42 :-)
https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#42
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Effectivement =s
Stp suit les etapes du poste 42 : https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#42
Par ce que si non je risque de me perdre encore ^^
Merci Électricien69 ;-)
Stp suit les etapes du poste 42 : https://forums.commentcamarche.net/forum/affich-14448655-avast-ou-avira?page=3#42
Par ce que si non je risque de me perdre encore ^^
Merci Électricien69 ;-)
voila le rapport :
Yoog_Fix 3.0.1 de Batch_Man | gael (Administrateur)
Debut a 22:53 le 22/09/2009
Microsoft® Windows Vista(6.0.6000)
Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Ram : 2045,6 Mo
Normal boot
Antivirus: avast! antivirus 4.8.1351 [VPS 090921-0] 4.8.1351 (Not activated)
UAC : OFF
Lancé de "C:\Users\gael\Desktop\Downloads\Yoog_Fix.bat"
C:\ [Fixed] - NTFS - (Total:189279 Mo/Free:447 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Option [1] 2 3 Recherche / Suppression
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]
------------[Suspects]
Aucun fichier suspect trouvé
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse de Firefox]
------------[Analyse de Firefox]
Mozilla Firefox 3.5.3 (fr)
Répertoire d'installation : C:\Program Files\Mozilla Firefox
Path: C:\Users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default
[gael\..\prefs.js] keyword.URL: "http://www.offos.com/..."
[gael\..\prefs.js] browser.search.selectedEngine: "GoogIe"
------------[Extensions Firefox]
[gael] justintvpublisher@justin(43).tv = Justin.tv Publisher
[gael] justintvpublisher@justin(88).tv = Justin.tv Publisher
[gael] justintvpublisher@justin.tv = Justin.tv Publisher
[gael] nasanightlaunch@example.com = NASA Night Launch
[gael] seetooaddon@seetoo.com = SeeToo Addon
[gael] {635abd67-4fe9-1b23-4f01-e679fa7484c1} = Yahoo! Toolbar
[gael] {bb628310-0ab7-11db-9cd8-0800200c9a66} = Ma-config.com
[gael] {E9A1DEE0-C623-4439-8932-001E7D17607D} = Ask Toolbar for Firefox
[gael] {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} = Sothink Web Video Downloader for Firefox
------------[Mozilla Plugins]
Path = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\Windows\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe® Flash® Player Plugin
Vendor = Adobe Systems Incorporated
Version = 10.0.22.87
ProductName = DNA
Version = 1.0.0.1
Vendor = BitTorrent, Inc.
Path = C:\Program Files\DNA\plugins\npbtdna.dll
Path = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
XPTPath = C:\Program Files\DivX\DivX Web Player\npdivx32.xpt
GeckoVersion = 1.00
Version = 1.0.0
Vendor = DivX,Inc.
ProductName = DivX Web Player
Path = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
Vendor = Google Inc.
Version = 13
Vendor = Yahoo!
Version = 1.0.0.1
Path = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
------------[Plugins de recherche]
[gael] voila.xml = https://www.118712.fr/sortir.html
[Program Files] amazon-france.xml = https://www.amazon.fr/
[Program Files] cnrtl-tlfi-fr.xml = https://www.cnrtl.fr/lexicographie/
[Program Files] eBay-france.xml = http://search.ebay.fr/
[Program Files] google.xml = https://www.google.com/
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/
------------[Listing de dossiers]
[10/09/2009 06:54 | 23544 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll
[10/09/2009 06:54 | 137208 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll
[01/05/2009 23:02 | 1044480 bytes] C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[10/04/2007 17:21 | 163256 bytes] C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[12/05/2009 20:46 | 1650992 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[07/01/2009 18:29 | 1447280 bytes] C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[10/09/2009 06:54 | 65016 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[10/03/2007 01:16 | 189496 bytes] C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[01/05/2009 23:02 | 200704 bytes] C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]
Internet Explorer : 7.0.6000.16757
L1 = HKLM\..\Main.Start Page = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Main.Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKCU\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKCU\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\.DEFAULT\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\.DEFAULT\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-18\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\S-1-5-18\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Main.Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L2 = HKCU\..\Internet Settings.ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
NoAdd-ons = res://ieframe.dll/noaddon.htm
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm
SecurityRisk = res://ieframe.dll/securityatrisk.htm
Tabs = res://ieframe.dll/tabswelcome.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
Home = 0x10e
blank = res://mshtml.dll/blank.htm
PostNotCached = res://ieframe.dll/repost.htm
--------[Browser Helper Object]
BHO: {0EEDB912-C5FA-486F-8334-57288578C627},@SANS NOM=(valeur non définie)
BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed},@SANS NOM=AskBar BHO
BHO: {60DF4425-F36F-42D7-AECF-A409EBE4558C},@SANS NOM=(valeur non définie)
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43},@SANS NOM=(valeur non définie)
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=(valeur non définie)
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D},@SANS NOM=(valeur non définie)
--------[SearchScopes]
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
--------[Extensions]
Ghost Navigator: C:\Program Files\Ghost Navigator2_8\Ghost - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
--------[Clé Run]
------------[Autres infections]
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Autres rapports]
[21/09/2009 21:02] C:\Yoog_Fix\Logs\Rapport_21_09_2009_n2.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 11:19] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n3.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 21:17] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n4.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 22:56] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n5.txt - (Choix 1 : Recherche / Suppression)
-------------------------->>
Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_22_09_2009_5.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html
Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com
+--------------[Fin à 22h 56min]
Yoog_Fix 3.0.1 de Batch_Man | gael (Administrateur)
Debut a 22:53 le 22/09/2009
Microsoft® Windows Vista(6.0.6000)
Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Ram : 2045,6 Mo
Normal boot
Antivirus: avast! antivirus 4.8.1351 [VPS 090921-0] 4.8.1351 (Not activated)
UAC : OFF
Lancé de "C:\Users\gael\Desktop\Downloads\Yoog_Fix.bat"
C:\ [Fixed] - NTFS - (Total:189279 Mo/Free:447 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Option [1] 2 3 Recherche / Suppression
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]
------------[Suspects]
Aucun fichier suspect trouvé
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse de Firefox]
------------[Analyse de Firefox]
Mozilla Firefox 3.5.3 (fr)
Répertoire d'installation : C:\Program Files\Mozilla Firefox
Path: C:\Users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default
[gael\..\prefs.js] keyword.URL: "http://www.offos.com/..."
[gael\..\prefs.js] browser.search.selectedEngine: "GoogIe"
------------[Extensions Firefox]
[gael] justintvpublisher@justin(43).tv = Justin.tv Publisher
[gael] justintvpublisher@justin(88).tv = Justin.tv Publisher
[gael] justintvpublisher@justin.tv = Justin.tv Publisher
[gael] nasanightlaunch@example.com = NASA Night Launch
[gael] seetooaddon@seetoo.com = SeeToo Addon
[gael] {635abd67-4fe9-1b23-4f01-e679fa7484c1} = Yahoo! Toolbar
[gael] {bb628310-0ab7-11db-9cd8-0800200c9a66} = Ma-config.com
[gael] {E9A1DEE0-C623-4439-8932-001E7D17607D} = Ask Toolbar for Firefox
[gael] {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} = Sothink Web Video Downloader for Firefox
------------[Mozilla Plugins]
Path = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\Windows\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe® Flash® Player Plugin
Vendor = Adobe Systems Incorporated
Version = 10.0.22.87
ProductName = DNA
Version = 1.0.0.1
Vendor = BitTorrent, Inc.
Path = C:\Program Files\DNA\plugins\npbtdna.dll
Path = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
XPTPath = C:\Program Files\DivX\DivX Web Player\npdivx32.xpt
GeckoVersion = 1.00
Version = 1.0.0
Vendor = DivX,Inc.
ProductName = DivX Web Player
Path = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
Vendor = Google Inc.
Version = 13
Vendor = Yahoo!
Version = 1.0.0.1
Path = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
------------[Plugins de recherche]
[gael] voila.xml = https://www.118712.fr/sortir.html
[Program Files] amazon-france.xml = https://www.amazon.fr/
[Program Files] cnrtl-tlfi-fr.xml = https://www.cnrtl.fr/lexicographie/
[Program Files] eBay-france.xml = http://search.ebay.fr/
[Program Files] google.xml = https://www.google.com/
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/
------------[Listing de dossiers]
[10/09/2009 06:54 | 23544 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll
[10/09/2009 06:54 | 137208 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll
[01/05/2009 23:02 | 1044480 bytes] C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[10/04/2007 17:21 | 163256 bytes] C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[12/05/2009 20:46 | 1650992 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[07/01/2009 18:29 | 1447280 bytes] C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[10/09/2009 06:54 | 65016 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[10/03/2007 01:16 | 189496 bytes] C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[01/05/2009 23:02 | 200704 bytes] C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]
Internet Explorer : 7.0.6000.16757
L1 = HKLM\..\Main.Start Page = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Main.Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKCU\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKCU\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\.DEFAULT\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\.DEFAULT\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-18\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\S-1-5-18\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Main.Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L2 = HKCU\..\Internet Settings.ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
NoAdd-ons = res://ieframe.dll/noaddon.htm
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm
SecurityRisk = res://ieframe.dll/securityatrisk.htm
Tabs = res://ieframe.dll/tabswelcome.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
Home = 0x10e
blank = res://mshtml.dll/blank.htm
PostNotCached = res://ieframe.dll/repost.htm
--------[Browser Helper Object]
BHO: {0EEDB912-C5FA-486F-8334-57288578C627},@SANS NOM=(valeur non définie)
BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed},@SANS NOM=AskBar BHO
BHO: {60DF4425-F36F-42D7-AECF-A409EBE4558C},@SANS NOM=(valeur non définie)
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43},@SANS NOM=(valeur non définie)
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=(valeur non définie)
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D},@SANS NOM=(valeur non définie)
--------[SearchScopes]
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
--------[Extensions]
Ghost Navigator: C:\Program Files\Ghost Navigator2_8\Ghost - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
--------[Clé Run]
------------[Autres infections]
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Autres rapports]
[21/09/2009 21:02] C:\Yoog_Fix\Logs\Rapport_21_09_2009_n2.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 11:19] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n3.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 21:17] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n4.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 22:56] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n5.txt - (Choix 1 : Recherche / Suppression)
-------------------------->>
Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_22_09_2009_5.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html
Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com
+--------------[Fin à 22h 56min]
bonsoir,
Navilog ne fonctionne pas sur mon pc et même en mode sans échec ! je vous envoi quand meme les autres rapport? merci
Pour ce qui est de mes plusieurs antivirus, j'ai desactiver bit defender et window defender, est ce que c'est bon?
je n'est que avast et psybot and destroy.
j'ai remarqué que je ne fais plus de mise à jour vista depuis le 16/02/2009 et le pack windows vista SP1 ne veut pas s'installé sur mon ordinateur. Dois le telecharger sur leurs sites? car peu etre le bug vient du fait que je ne téléchargement pas SP1. merci de vos reponse .....
et de votre patience..
Navilog ne fonctionne pas sur mon pc et même en mode sans échec ! je vous envoi quand meme les autres rapport? merci
Pour ce qui est de mes plusieurs antivirus, j'ai desactiver bit defender et window defender, est ce que c'est bon?
je n'est que avast et psybot and destroy.
j'ai remarqué que je ne fais plus de mise à jour vista depuis le 16/02/2009 et le pack windows vista SP1 ne veut pas s'installé sur mon ordinateur. Dois le telecharger sur leurs sites? car peu etre le bug vient du fait que je ne téléchargement pas SP1. merci de vos reponse .....
et de votre patience..
Voila ce que j'ai eu avec Navilogue, il a trouvé un dossier suspect, on est sur la bonne voie? Merci
je vous envoie le rapport yoog_fix une fois terminer.
Fix Navipromo version 4.0.2 commencé le 23/09/2009 22:22:08,86
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : gael ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 090923-0] 4.8.1351 (Not Activated)
C:\ (Local Disk) - NTFS - Total:184 Go (Free:83 Go)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\gael\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat OOO-Favorit supprimé !
*** Fichiers suspects non supprimés par Navilog1 ***
!! Fichiers légitimes possibles, à contrôler avant suppression !!
Fichiers suspects dans "c:\users\gael\appdata\local" :
gymagvqjc.exe trouvé !
*** Scan terminé 24/09/2009 1:00:25,71 ***
je vous envoie le rapport yoog_fix une fois terminer.
Fix Navipromo version 4.0.2 commencé le 23/09/2009 22:22:08,86
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : gael ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 090923-0] 4.8.1351 (Not Activated)
C:\ (Local Disk) - NTFS - Total:184 Go (Free:83 Go)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\gael\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat OOO-Favorit supprimé !
*** Fichiers suspects non supprimés par Navilog1 ***
!! Fichiers légitimes possibles, à contrôler avant suppression !!
Fichiers suspects dans "c:\users\gael\appdata\local" :
gymagvqjc.exe trouvé !
*** Scan terminé 24/09/2009 1:00:25,71 ***
voila le rapport yoog_fix..
Yoog_Fix 3.0.1 de Batch_Man | gael (Administrateur)
Debut a 1:43 le 24/09/2009
Microsoft® Windows Vista(6.0.6000)
Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Ram : 2045,6 Mo
Normal boot
Antivirus: avast! antivirus 4.8.1351 [VPS 090923-0] 4.8.1351 (Not activated)
UAC : OFF
Lancé de "C:\Users\gael\Desktop\Yoog_Fix.bat"
C:\ [Fixed] - NTFS - (Total:189279 Mo/Free:3830 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Option [1] 2 3 Recherche / Suppression
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]
------------[Suspects]
Aucun fichier suspect trouvé
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse de Firefox]
------------[Analyse de Firefox]
Mozilla Firefox 3.5.3 (fr)
Répertoire d'installation : C:\Program Files\Mozilla Firefox
Path: C:\Users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default
------------[Extensions Firefox]
[gael] justintvpublisher@justin(43).tv = Justin.tv Publisher
[gael] justintvpublisher@justin(88).tv = Justin.tv Publisher
[gael] {635abd67-4fe9-1b23-4f01-e679fa7484c1} = Yahoo! Toolbar
[gael] {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} = Sothink Web Video Downloader for Firefox
------------[Mozilla Plugins]
Path = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\Windows\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe® Flash® Player Plugin
Vendor = Adobe Systems Incorporated
Version = 10.0.22.87
ProductName = DNA
Version = 1.0.0.1
Vendor = BitTorrent, Inc.
Path = C:\Program Files\DNA\plugins\npbtdna.dll
Path = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
XPTPath = C:\Program Files\DivX\DivX Web Player\npdivx32.xpt
GeckoVersion = 1.00
Version = 1.0.0
Vendor = DivX,Inc.
ProductName = DivX Web Player
Path = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
Vendor = Google Inc.
Version = 13
Vendor = Yahoo!
Version = 1.0.0.1
Path = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
------------[Plugins de recherche]
[Program Files] amazon-france.xml = https://www.amazon.fr/
[Program Files] cnrtl-tlfi-fr.xml = https://www.cnrtl.fr/lexicographie/
[Program Files] eBay-france.xml = http://search.ebay.fr/
[Program Files] google.xml = https://www.google.com/
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/
------------[Listing de dossiers]
[10/09/2009 06:54 | 23544 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll
[10/09/2009 06:54 | 137208 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll
[01/05/2009 23:02 | 1044480 bytes] C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[10/04/2007 17:21 | 163256 bytes] C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[12/05/2009 20:46 | 1650992 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[07/01/2009 18:29 | 1447280 bytes] C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[10/09/2009 06:54 | 65016 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[10/03/2007 01:16 | 189496 bytes] C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[01/05/2009 23:02 | 200704 bytes] C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]
Internet Explorer : 7.0.6000.16757
L1 = HKLM\..\Main.Start Page = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Main.Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKCU\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKCU\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\.DEFAULT\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\.DEFAULT\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-18\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\S-1-5-18\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Main.Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L2 = HKCU\..\Internet Settings.ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
NoAdd-ons = res://ieframe.dll/noaddon.htm
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm
SecurityRisk = res://ieframe.dll/securityatrisk.htm
Tabs = res://ieframe.dll/tabswelcome.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
Home = 0x10e
blank = res://mshtml.dll/blank.htm
PostNotCached = res://ieframe.dll/repost.htm
--------[Browser Helper Object]
BHO: {0EEDB912-C5FA-486F-8334-57288578C627},@SANS NOM=(valeur non définie)
BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed},@SANS NOM=AskBar BHO
BHO: {53707962-6F74-2D53-2644-206D7942484F},@SANS NOM=(valeur non définie)
BHO: {60DF4425-F36F-42D7-AECF-A409EBE4558C},@SANS NOM=(valeur non définie)
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43},@SANS NOM=(valeur non définie)
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=(valeur non définie)
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D},@SANS NOM=(valeur non définie)
--------[SearchScopes]
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={CF739809-1C6C-47C0-85B9-569DBB141420}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
--------[Extensions]
Ghost Navigator: C:\Program Files\Ghost Navigator2_8\Ghost - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
--------[Clé Run]
------------[Autres infections]
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Autres rapports]
[21/09/2009 21:02] C:\Yoog_Fix\Logs\Rapport_21_09_2009_n2.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 11:19] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n3.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 21:17] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n4.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 22:56] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n5.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:29] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n16.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:31] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n17.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:45] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n18.txt - (Choix 1 : Recherche / Suppression)
-------------------------->>
Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_24_09_2009_18.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html
Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com
+--------------[Fin à 1h 45min]
Yoog_Fix 3.0.1 de Batch_Man | gael (Administrateur)
Debut a 1:43 le 24/09/2009
Microsoft® Windows Vista(6.0.6000)
Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Ram : 2045,6 Mo
Normal boot
Antivirus: avast! antivirus 4.8.1351 [VPS 090923-0] 4.8.1351 (Not activated)
UAC : OFF
Lancé de "C:\Users\gael\Desktop\Yoog_Fix.bat"
C:\ [Fixed] - NTFS - (Total:189279 Mo/Free:3830 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Option [1] 2 3 Recherche / Suppression
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]
------------[Suspects]
Aucun fichier suspect trouvé
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse de Firefox]
------------[Analyse de Firefox]
Mozilla Firefox 3.5.3 (fr)
Répertoire d'installation : C:\Program Files\Mozilla Firefox
Path: C:\Users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default
------------[Extensions Firefox]
[gael] justintvpublisher@justin(43).tv = Justin.tv Publisher
[gael] justintvpublisher@justin(88).tv = Justin.tv Publisher
[gael] {635abd67-4fe9-1b23-4f01-e679fa7484c1} = Yahoo! Toolbar
[gael] {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} = Sothink Web Video Downloader for Firefox
------------[Mozilla Plugins]
Path = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\Windows\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe® Flash® Player Plugin
Vendor = Adobe Systems Incorporated
Version = 10.0.22.87
ProductName = DNA
Version = 1.0.0.1
Vendor = BitTorrent, Inc.
Path = C:\Program Files\DNA\plugins\npbtdna.dll
Path = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
XPTPath = C:\Program Files\DivX\DivX Web Player\npdivx32.xpt
GeckoVersion = 1.00
Version = 1.0.0
Vendor = DivX,Inc.
ProductName = DivX Web Player
Path = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
Vendor = Google Inc.
Version = 13
Vendor = Yahoo!
Version = 1.0.0.1
Path = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
------------[Plugins de recherche]
[Program Files] amazon-france.xml = https://www.amazon.fr/
[Program Files] cnrtl-tlfi-fr.xml = https://www.cnrtl.fr/lexicographie/
[Program Files] eBay-france.xml = http://search.ebay.fr/
[Program Files] google.xml = https://www.google.com/
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/
------------[Listing de dossiers]
[10/09/2009 06:54 | 23544 bytes] C:\Program Files\Mozilla Firefox\Components\browserdirprovider.dll
[10/09/2009 06:54 | 137208 bytes] C:\Program Files\Mozilla Firefox\Components\brwsrcmp.dll
[01/05/2009 23:02 | 1044480 bytes] C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[10/04/2007 17:21 | 163256 bytes] C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[12/05/2009 20:46 | 1650992 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[07/01/2009 18:29 | 1447280 bytes] C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[10/09/2009 06:54 | 65016 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[31/08/2009 14:15 | 143360 bytes] C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[10/03/2007 01:16 | 189496 bytes] C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[01/05/2009 23:02 | 200704 bytes] C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]
Internet Explorer : 7.0.6000.16757
L1 = HKLM\..\Main.Start Page = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Main.Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKCU\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKCU\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\.DEFAULT\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\.DEFAULT\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Start Page = http://pogo.com/?site=pogo-fr
L1 = HKU\S-1-5-21-2273213325-1641261132-3983154234-1000\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-18\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\S-1-5-18\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Main.Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L2 = HKCU\..\Internet Settings.ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
NoAdd-ons = res://ieframe.dll/noaddon.htm
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm
SecurityRisk = res://ieframe.dll/securityatrisk.htm
Tabs = res://ieframe.dll/tabswelcome.htm
NavigationFailure = res://ieframe.dll/navcancl.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
Home = 0x10e
blank = res://mshtml.dll/blank.htm
PostNotCached = res://ieframe.dll/repost.htm
--------[Browser Helper Object]
BHO: {0EEDB912-C5FA-486F-8334-57288578C627},@SANS NOM=(valeur non définie)
BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed},@SANS NOM=AskBar BHO
BHO: {53707962-6F74-2D53-2644-206D7942484F},@SANS NOM=(valeur non définie)
BHO: {60DF4425-F36F-42D7-AECF-A409EBE4558C},@SANS NOM=(valeur non définie)
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43},@SANS NOM=(valeur non définie)
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=(valeur non définie)
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D},@SANS NOM=(valeur non définie)
--------[SearchScopes]
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={CF739809-1C6C-47C0-85B9-569DBB141420}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}],@DisplayName=Yahoo! Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}],@DisplayName=SeeToo.com Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
--------[Extensions]
Ghost Navigator: C:\Program Files\Ghost Navigator2_8\Ghost - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
--------[Clé Run]
------------[Autres infections]
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»» [Autres rapports]
[21/09/2009 21:02] C:\Yoog_Fix\Logs\Rapport_21_09_2009_n2.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 11:19] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n3.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 21:17] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n4.txt - (Choix 1 : Recherche / Suppression)
[22/09/2009 22:56] C:\Yoog_Fix\Logs\Rapport_22_09_2009_n5.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:29] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n16.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:31] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n17.txt - (Choix 1 : Recherche / Suppression)
[24/09/2009 01:45] C:\Yoog_Fix\Logs\Rapport_24_09_2009_n18.txt - (Choix 1 : Recherche / Suppression)
-------------------------->>
Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_24_09_2009_18.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html
Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com
+--------------[Fin à 1h 45min]
Si tu n'a pas fait l'option suppression de Yog faire ceci :
● Relance Yoog_Fix de Batch_Man et choisis l'option 2 ( Suppression )
● Attend que la suppression se finisse.
● Ensuite appuis sur une touche, un rapport s'ouvre.
● Poste-le dans ta prochaine réponse.
PS-2: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt
● Relance Yoog_Fix de Batch_Man et choisis l'option 2 ( Suppression )
● Attend que la suppression se finisse.
● Ensuite appuis sur une touche, un rapport s'ouvre.
● Poste-le dans ta prochaine réponse.
PS-2: S'il ne s'ouvre pas le rapport est à la racine de ton disque sous le nom de Yoog_Fix.txt
j'ai refait un combofix mais des que cela etait terminer je ne pouvais plus acceder a mon panneau de configuration et a internet, jai eu vraiment peur.... cela peut vous aider?
est ce que c'est grave?
par contre je reprend demain, je vous envoie le rapport demain
à bientôt !
ComboFix 09-09-23.02 - gael 24/09/2009 2:16.3.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.1319 [GMT 2:00]
Lancé depuis: c:\users\gael\Desktop\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090923-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: AntiVir Desktop *disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: avast! antivirus 4.8.1351 [VPS 090923-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-24 au 2009-09-24 ))))))))))))))))))))))))))))))))))))
.
2009-09-24 00:28 . 2009-09-24 00:28 -------- d-----w- c:\users\gael\AppData\Local\temp
2009-09-24 00:28 . 2009-09-24 00:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-23 22:46 . 2008-06-05 16:18 5737 ----a-w- c:\users\gael\AppData\Local\gnc.exe
2009-09-23 17:29 . 2009-09-23 17:32 -------- d-----w- c:\program files\Windows Live Safety Center
2009-09-23 14:43 . 2009-09-23 14:43 -------- d-----w- c:\windows\Sun
2009-09-23 09:18 . 2009-09-24 00:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-23 09:18 . 2009-09-24 00:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-22 22:00 . 2009-09-22 22:02 180579 ----a-w- C:\BdUninstallTool2009.09.23-12.00.16.reg
2009-09-22 11:35 . 2009-08-17 16:04 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-22 11:35 . 2009-08-17 16:04 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-22 11:35 . 2009-08-17 16:05 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-22 11:35 . 2009-08-17 16:05 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-22 11:35 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-22 11:35 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-22 11:35 . 2009-08-17 16:05 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-09-21 22:15 . 2009-09-21 22:18 953 ----a-w- C:\BdUninstallTool2009.09.22-12.15.12.reg
2009-09-21 19:39 . 2009-09-22 23:34 -------- d-----w- C:\ToolBar SD
2009-09-21 18:57 . 2009-09-21 18:59 -------- d-----w- C:\Yoog_Fix
2009-09-21 18:52 . 2009-09-21 18:52 -------- d-----w- C:\rsit
2009-09-20 23:03 . 2009-09-20 23:03 -------- d-----w- c:\users\gael\AppData\Roaming\Malwarebytes
2009-09-20 23:03 . 2009-09-20 23:03 -------- d-----w- c:\programdata\Malwarebytes
2009-09-20 15:06 . 2009-09-23 23:00 -------- d-----w- c:\program files\Navilog1
2009-09-20 14:51 . 2009-09-20 20:40 -------- d-----w- C:\GenProc
2009-09-20 11:56 . 2009-09-20 11:56 -------- d-----w- c:\program files\Trend Micro
2009-09-19 20:09 . 2009-09-19 20:28 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-19 18:07 . 2009-09-19 18:07 -------- d-----w- c:\users\gael\AppData\Local\Xenocode
2009-09-19 02:05 . 2009-09-19 02:05 -------- d-----w- c:\program files\mIRC
2009-09-18 23:42 . 2009-09-19 19:45 -------- d-----w- c:\program files\Eltima Software
2009-09-15 21:36 . 2009-09-15 21:36 -------- d-----w- c:\program files\Yahoo!
2009-09-10 21:42 . 2009-09-10 21:44 -------- d-----w- c:\users\gael\camstudio
2009-09-10 21:42 . 2007-04-01 20:45 413696 ----a-w- c:\users\gael\PlayPlusLANG07.dll
2009-09-10 21:42 . 2005-06-20 17:28 819200 ----a-w- c:\users\gael\cximage.dll
2009-09-10 21:42 . 2009-09-10 21:42 -------- d-----w- c:\users\gael\controller
2009-09-05 12:43 . 2009-09-18 23:47 -------- d-----w- c:\program files\FinePixViewerS
2009-09-05 12:43 . 2009-09-18 23:47 -------- d-----w- c:\users\gael\AppData\Roaming\FUJIFILM
2009-08-31 12:14 . 2009-08-31 12:15 -------- d-----w- c:\program files\QuickTime
2009-08-31 12:14 . 2009-08-31 12:14 -------- d-----w- c:\programdata\Apple Computer
2009-08-27 13:11 . 2009-09-02 23:51 -------- d-----w- c:\users\gael\AppData\Roaming\gtk-2.0
2009-08-27 13:11 . 2009-08-27 13:11 -------- d-----w- c:\users\gael\.thumbnails
2009-08-27 12:55 . 2009-08-27 12:55 -------- d-----w- c:\users\gael\.gegl-0.0
2009-08-27 12:49 . 2009-09-03 22:16 -------- d-----w- c:\users\gael\.gimp-2.6
2009-08-27 12:49 . 2009-08-27 12:49 -------- d-----w- c:\program files\GIMP-2.0
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 23:27 . 2007-02-17 16:46 64950 ----a-w- c:\users\gael\AppData\Roaming\nvModes.dat
2009-09-23 20:01 . 2006-11-02 15:48 732214 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-23 20:01 . 2006-11-02 15:48 130986 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-23 19:49 . 2009-02-12 11:59 -------- d-----w- c:\program files\eMule
2009-09-23 00:48 . 2008-07-16 11:47 -------- d-----w- c:\programdata\Google Updater
2009-09-19 02:17 . 2008-12-27 03:05 -------- d-----w- c:\users\gael\AppData\Roaming\mIRC
2009-09-18 23:53 . 2009-03-07 18:19 -------- d-----w- c:\program files\CommView
2009-09-18 23:52 . 2009-03-07 18:19 -------- d-----w- c:\programdata\TamoSoft
2009-09-15 22:19 . 2007-02-17 15:53 2032 ----a-w- c:\users\gael\AppData\Local\d3d9caps.dat
2009-09-05 12:43 . 2006-12-20 07:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-30 06:42 . 2008-04-21 19:06 -------- d-----w- c:\users\gael\AppData\Roaming\LimeWire
2009-08-26 19:24 . 2009-08-15 23:57 -------- d-----w- c:\users\gael\AppData\Roaming\Skype
2009-08-26 14:10 . 2009-08-15 21:49 -------- d-----w- c:\users\gael\AppData\Roaming\skypePM
2009-08-24 06:58 . 2009-08-24 06:58 -------- d-----w- c:\program files\VoipBuster.com
2009-08-24 06:40 . 2009-08-24 06:40 -------- d-----w- c:\users\gael\AppData\Roaming\VoipBuster
2009-08-15 23:57 . 2009-08-15 23:57 -------- d-----w- c:\program files\Common Files\Skype
2009-08-15 23:57 . 2009-08-15 23:57 -------- d-----r- c:\program files\Skype
2009-08-15 21:49 . 2009-08-15 21:49 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-08-15 21:45 . 2007-04-27 19:38 -------- d-----w- c:\programdata\Skype
2009-07-29 13:44 . 2008-04-21 19:04 -------- d-----w- c:\program files\LimeWire
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-04-30 19:13 . 2007-04-30 18:42 167968 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
------- Sigcheck -------
Erreur des Services de cryptographie !!
.
((((((((((((((((((((((((((((( SnapShot@2009-09-21_01.12.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-20 07:09 . 2009-09-23 23:27 93222 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-02-17 15:54 . 2009-09-23 23:27 21750 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2273213325-1641261132-3983154234-1000_UserData.bin
- 2007-02-17 15:50 . 2009-09-21 00:36 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-02-17 15:50 . 2009-09-21 00:36 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-02-17 15:50 . 2009-09-21 00:36 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-23 23:59 . 2008-10-16 21:09 43544 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wups2.dll
- 2009-09-20 23:33 . 2008-10-16 21:09 43544 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wups2.dll
+ 2009-09-23 23:59 . 2008-10-16 21:09 51224 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
- 2009-09-20 23:33 . 2008-10-16 21:09 51224 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
+ 2009-09-23 17:30 . 2009-09-23 17:30 39424 c:\windows\Installer\b7ba60.msi
- 2007-02-18 13:17 . 2009-09-18 16:24 3492 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2007-02-18 13:17 . 2009-09-23 19:53 3492 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-09-21 16:43 . 2009-09-21 16:44 8590 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\HTML Help\hh.dat
- 2009-09-21 00:40 . 2009-09-21 00:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-23 23:25 . 2009-09-23 23:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-21 00:40 . 2009-09-21 00:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-23 23:25 . 2009-09-23 23:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 13:05 . 2009-09-23 23:27 105130 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-09-23 20:01 645458 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-20 09:42 645458 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-20 09:42 114428 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-09-23 20:01 114428 c:\windows\System32\perfc009.dat
+ 2009-09-23 17:31 . 2009-09-23 17:31 491008 c:\windows\Installer\b7ba92.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 170496 c:\windows\Installer\b7ba79.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 162304 c:\windows\Installer\b7ba74.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 189952 c:\windows\Installer\b7ba6f.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 217088 c:\windows\Installer\b7ba6a.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 374784 c:\windows\Installer\b7ba65.msp
+ 2006-11-02 10:22 . 2009-09-23 00:24 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2006-11-02 10:22 . 2009-09-19 20:31 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2009-09-20 23:33 . 2008-10-16 20:56 1524736 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.788_none_a8125d5406872725\wucltux.dll
+ 2009-09-23 23:59 . 2008-10-16 20:56 1524736 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.788_none_a8125d5406872725\wucltux.dll
+ 2009-09-23 23:59 . 2008-10-16 21:13 1809944 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuaueng.dll
- 2009-09-20 23:33 . 2008-10-16 21:13 1809944 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuaueng.dll
+ 2009-09-23 17:31 . 2009-09-23 17:31 9405952 c:\windows\Installer\b7ba8d.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 3931648 c:\windows\Installer\b7ba88.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 1980416 c:\windows\Installer\b7ba7e.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 26028544 c:\windows\Installer\b7ba83.msp
+ 2008-05-01 00:28 . 2009-09-23 23:59 123996912 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{27d81334-ff53-4fe3-8a98-2a8b560494fd}"= "c:\program files\SeeToo.com\tbSee0.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT\clsid\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
2008-09-15 05:47 1784856 ----a-w- c:\program files\SeeToo.com\tbSee0.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{27D81334-FF53-4FE3-8A98-2A8B560494FD}"= "c:\program files\SeeToo.com\tbSee0.dll" [2008-09-15 1784856]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-07-17 279944]
[HKEY_CLASSES_ROOT\clsid\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-16 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-04 865840]
"winsesame_del"="c:\program files\WinSesame\effaceur.exe" [2009-02-06 151552]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-10 90191]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-10 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"window live"="c:\program files\Windows Live\Photo Gallery\WLXPhotoGallery.exe" [2008-07-18 125472]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WiFiStation.exe [2009-1-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9ED50E8B-5428-4176-B2B7-A7BF85FF2AFC}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{A5F99764-E8F3-41AE-AD87-0D6BF98ED45B}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{32145C3C-A4AF-454D-AD25-7C701BB3DE78}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{5154374B-D44C-4D0F-BD78-A25AD3A24561}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{27D748DC-E018-4185-8499-D5CF02E83066}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{D3D74BAE-2A3B-455B-B486-B3CB232F37E3}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{48463684-1062-4425-89CE-B098055DD765}c:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{14DDC1C7-ED5E-4F72-AF97-1E1EE2C64C67}c:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{83B893D6-C087-4D6A-A98C-ACAF0279C4FE}c:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{20B9F7F6-697B-422B-B265-1C3C02435345}c:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{3654BA7E-5234-4234-807D-39C448346EEC}c:\\program files\\world of warcraft\\repair.exe"= UDP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{47E0BDD7-527F-408B-B729-AD0EB62783E1}c:\\program files\\world of warcraft\\repair.exe"= TCP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{4BD67B6A-E12C-4881-81B5-6C43EB054B4E}c:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{0135D949-8191-4099-A13C-F4483F79117C}c:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{AC01C310-4643-44D3-B7AF-81561844C784}c:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{2EF6A59C-A4C3-4B6D-90E3-7AE25BCC33FA}c:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{04349BEF-24F3-4A5A-9E73-0F7039A879AA}c:\\program files\\world of warcraft\\wow-2.1.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{3AE3267B-6B05-47A6-B3F1-195946B23FCF}c:\\program files\\world of warcraft\\wow-2.1.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{B4B62E07-D35A-4A1F-89AA-A6D395C51622}c:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{374ABB35-53ED-4D76-AD01-37DE7E0AF522}c:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"{F6C6F007-C972-4033-8894-0948A45A8107}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{09F504A8-750E-41B2-B64A-D9CE2C2AA674}c:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{D091BFBF-2C6C-47B7-8CE5-4680EE9031DE}c:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"{CF1702D3-E176-43F4-ABD0-6403E684286E}"= UDP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{7704C678-D1E0-470E-B0FE-02939C96FDAC}"= TCP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{A6775A1E-7208-4FC0-8B23-9039EA388021}"= UDP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"{C9E7327B-B392-4F1E-A428-468BED798128}"= TCP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{0F5AD04A-3C37-4FD5-9328-24C7214FD8E3}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:Starcraft
"UDP Query User{E1E4B17F-ACC6-4048-B53F-CBCF8BE05C75}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:Starcraft
"TCP Query User{6D357DBC-1D99-4327-A6AF-77631BE02B9F}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= UDP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"UDP Query User{BA0E5030-29E7-4DAD-A74F-8CCF67FE8919}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= TCP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"TCP Query User{0A6596F1-9D8D-4180-A41A-EEB8B39AAA6F}c:\\program files\\shareaza applications\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza applications\shareaza\shareaza.exe:Shareaza
"UDP Query User{5D1EEE0A-C37A-4E43-8B90-639CBFD72781}c:\\program files\\shareaza applications\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza applications\shareaza\shareaza.exe:Shareaza
"TCP Query User{59045CE3-D371-4E70-A608-A07E26E3874D}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{9CD73DA1-C5E9-4325-BA3B-B0413CBA06AB}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{531CAA03-D7D1-4053-A66F-0A1BB75E2E38}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5549C6F6-3CF4-4A14-8712-8B350FD903AF}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{65BFA839-0CA5-41F2-9A77-C0CFC4941C57}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{4C27BCCE-654C-46BF-B8F0-97A8C18D8180}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{19E23C78-7AF0-4F43-8062-82A4EC1618AE}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{9A092BC2-B2A3-40A6-97E0-CB2B96FD5D6F}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{FB9BAF8F-275B-4225-B61E-D243AA9BF921}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{F8EA0DF6-17AB-4268-AC9A-537C6956EEA4}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{F86EC391-DCA8-423E-B644-1F3F4FE6823B}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{7B736341-9E50-4EB1-A64E-DD9994322DEB}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{3F28D10C-E59C-47F3-B636-4A38FE030682}c:\\program files\\crux p2p\\crux p2p.exe"= UDP:c:\program files\crux p2p\crux p2p.exe:Crux P2P
"UDP Query User{BCCE0BC3-EDEC-4757-864A-6D907F346BCA}c:\\program files\\crux p2p\\crux p2p.exe"= TCP:c:\program files\crux p2p\crux p2p.exe:Crux P2P
"{E63D8926-B7C8-402F-87BE-94A2671B534F}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{4CF1A8F8-FE8A-4820-9D34-79ECCEDF1ADE}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{C5EE6106-EC35-4616-A22E-05954E64C811}c:\\program files\\bitdownload\\bitdownload.exe"= UDP:c:\program files\bitdownload\bitdownload.exe:BitDownload
"UDP Query User{DA075536-AC17-4833-8024-6C180D38DDB1}c:\\program files\\bitdownload\\bitdownload.exe"= TCP:c:\program files\bitdownload\bitdownload.exe:BitDownload
"{40B4F321-2636-4EED-B349-CFE7B5D86871}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{4D95F88E-1002-4D27-998B-DB5067561B44}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{CBA76F8D-C5DB-4683-8F77-B3049033596E}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{5EBF34D8-2ED6-4924-AF75-5B236ED403B7}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{0688C53B-4337-4C31-93A9-300DA2C0CA5B}c:\\program files\\multiproxy\\mproxy.exe"= UDP:c:\program files\multiproxy\mproxy.exe:MultiProxy personal proxy server
"UDP Query User{89D5442C-89D7-4352-B0C2-146953262E88}c:\\program files\\multiproxy\\mproxy.exe"= TCP:c:\program files\multiproxy\mproxy.exe:MultiProxy personal proxy server
"{82DB77AD-A36A-4990-A56E-65197F2C931C}"= Disabled:UDP:8081:127.0.01
"TCP Query User{60407BD8-9788-4EEC-A65F-C82FB5C6EEB3}c:\\program files\\micro application\\internet anonyme 2\\cghost.exe"= UDP:c:\program files\micro application\internet anonyme 2\cghost.exe:CGhost
"UDP Query User{A394E43E-A69C-46F3-AE6E-9A9B96946C1E}c:\\program files\\micro application\\internet anonyme 2\\cghost.exe"= TCP:c:\program files\micro application\internet anonyme 2\cghost.exe:CGhost
"TCP Query User{E72D2E30-AF7C-47F9-A79E-9C8F6E47808B}c:\\myboxscript6\\myboxscript6\\mirc.exe"= UDP:c:\myboxscript6\myboxscript6\mirc.exe:mIRC
"UDP Query User{9225F39E-24E2-4A01-BD33-D44F7B4C6AB8}c:\\myboxscript6\\myboxscript6\\mirc.exe"= TCP:c:\myboxscript6\myboxscript6\mirc.exe:mIRC
"TCP Query User{E6556892-1D02-475F-ACCE-E4FD8ABC2B44}c:\\program files\\ganja`script\\mirc.exe"= UDP:c:\program files\ganja`script\mirc.exe:mIRC
"UDP Query User{ABAB2285-372D-4534-8ED5-7963F439C244}c:\\program files\\ganja`script\\mirc.exe"= TCP:c:\program files\ganja`script\mirc.exe:mIRC
"{138F2AB3-F95B-4B1F-B1AF-8375A8B9A452}"= UDP:c:\program files\CCleaner\CCleaner.exe:CCleaner
"{8A02597D-8647-4606-8856-38A99036C402}"= TCP:c:\program files\CCleaner\CCleaner.exe:CCleaner
"TCP Query User{38B9A799-1578-4735-87EC-14A685498715}c:\\users\\gael\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\f4ju5evo\\02_apek2.avi-downloader[1].exe"= Disabled:UDP:c:\users\gael\appdata\local\microsoft\windows\temporary internet files\content.ie5\f4ju5evo\02_apek2.avi-downloader[1].exe:02_apek2.avi-downloader[1].exe
"UDP Query User{A2DD1817-B212-4548-9DD7-D64BA46916B8}c:\\users\\gael\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\f4ju5evo\\02_apek2.avi-downloader[1].exe"= Disabled:TCP:c:\users\gael\appdata\local\microsoft\windows\temporary internet files\content.ie5\f4ju5evo\02_apek2.avi-downloader[1].exe:02_apek2.avi-downloader[1].exe
"TCP Query User{EE4AFA20-1653-4B2B-BBF9-EF105C0575B7}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= Disabled:UDP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{D0A3EF5B-C0D9-48CB-8283-57DDB047214D}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= Disabled:TCP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{F1962467-5A1C-4D2F-9ECA-15A22438725F}c:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{798FCF3B-9DB4-4B25-95DE-EA92034FD0A0}c:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{2ACA9D58-69C0-492A-9C1B-6B8323C03DAC}c:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{63755C0E-92B0-4808-BC13-4C0FB902AAF0}c:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{CB857ABD-E2E8-4374-A713-54E0FD1E5A27}c:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{A2220797-D03E-4ED0-801F-DCEF93104219}c:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{A3F9C14C-2D76-4A60-94D4-DB1035FD1B73}c:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{D1308872-98C2-4E43-9904-3F28516FBEFA}c:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"{EB2B0B56-CC97-42FD-8C30-01EE7E0B71BD}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F96E0414-F047-4150-8CC2-A52F18B752AC}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{CCA38AD7-8213-4E3F-8AAD-E53CC09EABBE}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/09/2009 13:35 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/09/2009 13:35 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/09/2009 13:35 53328]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CAMTHWDM.sys [09/03/2009 05:39 1051136]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\System32\drivers\ManyCam.sys [14/01/2008 12:06 21632]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista;c:\windows\System32\drivers\netr73.sys [10/01/2009 00:25 256000]
S3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;c:\windows\System32\drivers\superwebcam.sys [26/02/2009 04:00 31872]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'
2009-09-23 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-03-14 07:49]
2009-09-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-16 23:06]
2009-09-24 c:\windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
2008-04-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://pogo.com/?site=pogo-fr
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Block advertisement - http://localhost:4002/cookie.cooker/scriptwerbung
IE: CC Web-Interface - http://localhost:4002/cookie.cooker/loadifscript
IE: Download with &Shareaza - c:\program files\Crux P2P\Plugins\RazaWebHook.dll/3000
IE: Fill form (random) - http://localhost:4002/cookie.cooker/fillscriptr
IE: Fill form (real data) - http://localhost:4002/cookie.cooker/fillscriptp
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - c:\program files\Ghost Navigator2_8\Ghost
FF - ProfilePath - c:\users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default\
FF - prefs.js: browser.search.selectedEngine - GoogIe
FF - prefs.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=fobFkKfy&q=
FF - component: c:\users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
---- PARAMETRES FIREFOX ----
FF - user.js: browser.search.selectedEngine - GoogIe
FF - user.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=fobFkKfy&q=
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 02:28
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):0b,2c,dd,1d,dc,76,a5,11,fb,9e,cc,4b,50,6c,63,e5,b8,7c,fa,c7,5e,
57,13,c8,0d,ba,39,22,a0,81,68,9f,50,ec,28,b0,be,6c,70,9c,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000_Classes\CLSID\{d16a7627-9268-44ca-8cfb-41c0f35e05df}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000074
"Therad"=dword:0000002d
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,b0,7e,1e,0f,ca,4a,bc,8d,96,94,16,7a,19,d5,dc,a7,3f,cb,c4,3f,5b,b9,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2009-09-24 2:33
ComboFix-quarantined-files.txt 2009-09-24 00:33
Avant-CF: 90 020 982 784 octets libres
Après-CF: 89 945 280 512 octets libres
Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,5
348 --- E O F --- 2009-09-22 18:59
est ce que c'est grave?
par contre je reprend demain, je vous envoie le rapport demain
à bientôt !
ComboFix 09-09-23.02 - gael 24/09/2009 2:16.3.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.1319 [GMT 2:00]
Lancé depuis: c:\users\gael\Desktop\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090923-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: AntiVir Desktop *disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: avast! antivirus 4.8.1351 [VPS 090923-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-24 au 2009-09-24 ))))))))))))))))))))))))))))))))))))
.
2009-09-24 00:28 . 2009-09-24 00:28 -------- d-----w- c:\users\gael\AppData\Local\temp
2009-09-24 00:28 . 2009-09-24 00:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-23 22:46 . 2008-06-05 16:18 5737 ----a-w- c:\users\gael\AppData\Local\gnc.exe
2009-09-23 17:29 . 2009-09-23 17:32 -------- d-----w- c:\program files\Windows Live Safety Center
2009-09-23 14:43 . 2009-09-23 14:43 -------- d-----w- c:\windows\Sun
2009-09-23 09:18 . 2009-09-24 00:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-23 09:18 . 2009-09-24 00:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-22 22:00 . 2009-09-22 22:02 180579 ----a-w- C:\BdUninstallTool2009.09.23-12.00.16.reg
2009-09-22 11:35 . 2009-08-17 16:04 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-22 11:35 . 2009-08-17 16:04 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-22 11:35 . 2009-08-17 16:05 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-22 11:35 . 2009-08-17 16:05 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-22 11:35 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-22 11:35 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-22 11:35 . 2009-08-17 16:05 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-09-21 22:15 . 2009-09-21 22:18 953 ----a-w- C:\BdUninstallTool2009.09.22-12.15.12.reg
2009-09-21 19:39 . 2009-09-22 23:34 -------- d-----w- C:\ToolBar SD
2009-09-21 18:57 . 2009-09-21 18:59 -------- d-----w- C:\Yoog_Fix
2009-09-21 18:52 . 2009-09-21 18:52 -------- d-----w- C:\rsit
2009-09-20 23:03 . 2009-09-20 23:03 -------- d-----w- c:\users\gael\AppData\Roaming\Malwarebytes
2009-09-20 23:03 . 2009-09-20 23:03 -------- d-----w- c:\programdata\Malwarebytes
2009-09-20 15:06 . 2009-09-23 23:00 -------- d-----w- c:\program files\Navilog1
2009-09-20 14:51 . 2009-09-20 20:40 -------- d-----w- C:\GenProc
2009-09-20 11:56 . 2009-09-20 11:56 -------- d-----w- c:\program files\Trend Micro
2009-09-19 20:09 . 2009-09-19 20:28 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-19 18:07 . 2009-09-19 18:07 -------- d-----w- c:\users\gael\AppData\Local\Xenocode
2009-09-19 02:05 . 2009-09-19 02:05 -------- d-----w- c:\program files\mIRC
2009-09-18 23:42 . 2009-09-19 19:45 -------- d-----w- c:\program files\Eltima Software
2009-09-15 21:36 . 2009-09-15 21:36 -------- d-----w- c:\program files\Yahoo!
2009-09-10 21:42 . 2009-09-10 21:44 -------- d-----w- c:\users\gael\camstudio
2009-09-10 21:42 . 2007-04-01 20:45 413696 ----a-w- c:\users\gael\PlayPlusLANG07.dll
2009-09-10 21:42 . 2005-06-20 17:28 819200 ----a-w- c:\users\gael\cximage.dll
2009-09-10 21:42 . 2009-09-10 21:42 -------- d-----w- c:\users\gael\controller
2009-09-05 12:43 . 2009-09-18 23:47 -------- d-----w- c:\program files\FinePixViewerS
2009-09-05 12:43 . 2009-09-18 23:47 -------- d-----w- c:\users\gael\AppData\Roaming\FUJIFILM
2009-08-31 12:14 . 2009-08-31 12:15 -------- d-----w- c:\program files\QuickTime
2009-08-31 12:14 . 2009-08-31 12:14 -------- d-----w- c:\programdata\Apple Computer
2009-08-27 13:11 . 2009-09-02 23:51 -------- d-----w- c:\users\gael\AppData\Roaming\gtk-2.0
2009-08-27 13:11 . 2009-08-27 13:11 -------- d-----w- c:\users\gael\.thumbnails
2009-08-27 12:55 . 2009-08-27 12:55 -------- d-----w- c:\users\gael\.gegl-0.0
2009-08-27 12:49 . 2009-09-03 22:16 -------- d-----w- c:\users\gael\.gimp-2.6
2009-08-27 12:49 . 2009-08-27 12:49 -------- d-----w- c:\program files\GIMP-2.0
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 23:27 . 2007-02-17 16:46 64950 ----a-w- c:\users\gael\AppData\Roaming\nvModes.dat
2009-09-23 20:01 . 2006-11-02 15:48 732214 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-23 20:01 . 2006-11-02 15:48 130986 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-23 19:49 . 2009-02-12 11:59 -------- d-----w- c:\program files\eMule
2009-09-23 00:48 . 2008-07-16 11:47 -------- d-----w- c:\programdata\Google Updater
2009-09-19 02:17 . 2008-12-27 03:05 -------- d-----w- c:\users\gael\AppData\Roaming\mIRC
2009-09-18 23:53 . 2009-03-07 18:19 -------- d-----w- c:\program files\CommView
2009-09-18 23:52 . 2009-03-07 18:19 -------- d-----w- c:\programdata\TamoSoft
2009-09-15 22:19 . 2007-02-17 15:53 2032 ----a-w- c:\users\gael\AppData\Local\d3d9caps.dat
2009-09-05 12:43 . 2006-12-20 07:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-30 06:42 . 2008-04-21 19:06 -------- d-----w- c:\users\gael\AppData\Roaming\LimeWire
2009-08-26 19:24 . 2009-08-15 23:57 -------- d-----w- c:\users\gael\AppData\Roaming\Skype
2009-08-26 14:10 . 2009-08-15 21:49 -------- d-----w- c:\users\gael\AppData\Roaming\skypePM
2009-08-24 06:58 . 2009-08-24 06:58 -------- d-----w- c:\program files\VoipBuster.com
2009-08-24 06:40 . 2009-08-24 06:40 -------- d-----w- c:\users\gael\AppData\Roaming\VoipBuster
2009-08-15 23:57 . 2009-08-15 23:57 -------- d-----w- c:\program files\Common Files\Skype
2009-08-15 23:57 . 2009-08-15 23:57 -------- d-----r- c:\program files\Skype
2009-08-15 21:49 . 2009-08-15 21:49 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-08-15 21:45 . 2007-04-27 19:38 -------- d-----w- c:\programdata\Skype
2009-07-29 13:44 . 2008-04-21 19:04 -------- d-----w- c:\program files\LimeWire
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-04-30 19:13 . 2007-04-30 18:42 167968 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
------- Sigcheck -------
Erreur des Services de cryptographie !!
.
((((((((((((((((((((((((((((( SnapShot@2009-09-21_01.12.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-20 07:09 . 2009-09-23 23:27 93222 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-02-17 15:54 . 2009-09-23 23:27 21750 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2273213325-1641261132-3983154234-1000_UserData.bin
- 2007-02-17 15:50 . 2009-09-21 00:36 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-02-17 15:50 . 2009-09-21 00:36 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-02-17 15:50 . 2009-09-21 00:36 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-02-17 15:50 . 2009-09-23 23:27 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-23 23:59 . 2008-10-16 21:09 43544 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wups2.dll
- 2009-09-20 23:33 . 2008-10-16 21:09 43544 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wups2.dll
+ 2009-09-23 23:59 . 2008-10-16 21:09 51224 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
- 2009-09-20 23:33 . 2008-10-16 21:09 51224 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
+ 2009-09-23 17:30 . 2009-09-23 17:30 39424 c:\windows\Installer\b7ba60.msi
- 2007-02-18 13:17 . 2009-09-18 16:24 3492 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2007-02-18 13:17 . 2009-09-23 19:53 3492 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-09-21 16:43 . 2009-09-21 16:44 8590 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\HTML Help\hh.dat
- 2009-09-21 00:40 . 2009-09-21 00:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-23 23:25 . 2009-09-23 23:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-21 00:40 . 2009-09-21 00:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-23 23:25 . 2009-09-23 23:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 13:05 . 2009-09-23 23:27 105130 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-09-23 20:01 645458 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-20 09:42 645458 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-09-20 09:42 114428 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-09-23 20:01 114428 c:\windows\System32\perfc009.dat
+ 2009-09-23 17:31 . 2009-09-23 17:31 491008 c:\windows\Installer\b7ba92.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 170496 c:\windows\Installer\b7ba79.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 162304 c:\windows\Installer\b7ba74.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 189952 c:\windows\Installer\b7ba6f.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 217088 c:\windows\Installer\b7ba6a.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 374784 c:\windows\Installer\b7ba65.msp
+ 2006-11-02 10:22 . 2009-09-23 00:24 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2006-11-02 10:22 . 2009-09-19 20:31 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2009-09-20 23:33 . 2008-10-16 20:56 1524736 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.788_none_a8125d5406872725\wucltux.dll
+ 2009-09-23 23:59 . 2008-10-16 20:56 1524736 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.788_none_a8125d5406872725\wucltux.dll
+ 2009-09-23 23:59 . 2008-10-16 21:13 1809944 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuaueng.dll
- 2009-09-20 23:33 . 2008-10-16 21:13 1809944 c:\windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.2.6001.788\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuaueng.dll
+ 2009-09-23 17:31 . 2009-09-23 17:31 9405952 c:\windows\Installer\b7ba8d.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 3931648 c:\windows\Installer\b7ba88.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 1980416 c:\windows\Installer\b7ba7e.msp
+ 2009-09-23 17:31 . 2009-09-23 17:31 26028544 c:\windows\Installer\b7ba83.msp
+ 2008-05-01 00:28 . 2009-09-23 23:59 123996912 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{27d81334-ff53-4fe3-8a98-2a8b560494fd}"= "c:\program files\SeeToo.com\tbSee0.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT\clsid\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
2008-09-15 05:47 1784856 ----a-w- c:\program files\SeeToo.com\tbSee0.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{27D81334-FF53-4FE3-8A98-2A8B560494FD}"= "c:\program files\SeeToo.com\tbSee0.dll" [2008-09-15 1784856]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-07-17 279944]
[HKEY_CLASSES_ROOT\clsid\{27d81334-ff53-4fe3-8a98-2a8b560494fd}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-16 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-04 865840]
"winsesame_del"="c:\program files\WinSesame\effaceur.exe" [2009-02-06 151552]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-10 90191]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-10 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"window live"="c:\program files\Windows Live\Photo Gallery\WLXPhotoGallery.exe" [2008-07-18 125472]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WiFiStation.exe [2009-1-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9ED50E8B-5428-4176-B2B7-A7BF85FF2AFC}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{A5F99764-E8F3-41AE-AD87-0D6BF98ED45B}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{32145C3C-A4AF-454D-AD25-7C701BB3DE78}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{5154374B-D44C-4D0F-BD78-A25AD3A24561}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{27D748DC-E018-4185-8499-D5CF02E83066}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{D3D74BAE-2A3B-455B-B486-B3CB232F37E3}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{48463684-1062-4425-89CE-B098055DD765}c:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{14DDC1C7-ED5E-4F72-AF97-1E1EE2C64C67}c:\\program files\\world of warcraft\\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{83B893D6-C087-4D6A-A98C-ACAF0279C4FE}c:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{20B9F7F6-697B-422B-B265-1C3C02435345}c:\\program files\\world of warcraft\\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{3654BA7E-5234-4234-807D-39C448346EEC}c:\\program files\\world of warcraft\\repair.exe"= UDP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{47E0BDD7-527F-408B-B729-AD0EB62783E1}c:\\program files\\world of warcraft\\repair.exe"= TCP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{4BD67B6A-E12C-4881-81B5-6C43EB054B4E}c:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{0135D949-8191-4099-A13C-F4483F79117C}c:\\program files\\world of warcraft\\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{AC01C310-4643-44D3-B7AF-81561844C784}c:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{2EF6A59C-A4C3-4B6D-90E3-7AE25BCC33FA}c:\\program files\\world of warcraft\\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{04349BEF-24F3-4A5A-9E73-0F7039A879AA}c:\\program files\\world of warcraft\\wow-2.1.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{3AE3267B-6B05-47A6-B3F1-195946B23FCF}c:\\program files\\world of warcraft\\wow-2.1.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{B4B62E07-D35A-4A1F-89AA-A6D395C51622}c:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{374ABB35-53ED-4D76-AD01-37DE7E0AF522}c:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"{F6C6F007-C972-4033-8894-0948A45A8107}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{09F504A8-750E-41B2-B64A-D9CE2C2AA674}c:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{D091BFBF-2C6C-47B7-8CE5-4680EE9031DE}c:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"{CF1702D3-E176-43F4-ABD0-6403E684286E}"= UDP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{7704C678-D1E0-470E-B0FE-02939C96FDAC}"= TCP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{A6775A1E-7208-4FC0-8B23-9039EA388021}"= UDP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"{C9E7327B-B392-4F1E-A428-468BED798128}"= TCP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{0F5AD04A-3C37-4FD5-9328-24C7214FD8E3}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:Starcraft
"UDP Query User{E1E4B17F-ACC6-4048-B53F-CBCF8BE05C75}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:Starcraft
"TCP Query User{6D357DBC-1D99-4327-A6AF-77631BE02B9F}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= UDP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"UDP Query User{BA0E5030-29E7-4DAD-A74F-8CCF67FE8919}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= TCP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"TCP Query User{0A6596F1-9D8D-4180-A41A-EEB8B39AAA6F}c:\\program files\\shareaza applications\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza applications\shareaza\shareaza.exe:Shareaza
"UDP Query User{5D1EEE0A-C37A-4E43-8B90-639CBFD72781}c:\\program files\\shareaza applications\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza applications\shareaza\shareaza.exe:Shareaza
"TCP Query User{59045CE3-D371-4E70-A608-A07E26E3874D}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{9CD73DA1-C5E9-4325-BA3B-B0413CBA06AB}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{531CAA03-D7D1-4053-A66F-0A1BB75E2E38}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{5549C6F6-3CF4-4A14-8712-8B350FD903AF}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{65BFA839-0CA5-41F2-9A77-C0CFC4941C57}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{4C27BCCE-654C-46BF-B8F0-97A8C18D8180}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{19E23C78-7AF0-4F43-8062-82A4EC1618AE}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{9A092BC2-B2A3-40A6-97E0-CB2B96FD5D6F}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{FB9BAF8F-275B-4225-B61E-D243AA9BF921}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{F8EA0DF6-17AB-4268-AC9A-537C6956EEA4}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{F86EC391-DCA8-423E-B644-1F3F4FE6823B}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"UDP Query User{7B736341-9E50-4EB1-A64E-DD9994322DEB}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader
"TCP Query User{3F28D10C-E59C-47F3-B636-4A38FE030682}c:\\program files\\crux p2p\\crux p2p.exe"= UDP:c:\program files\crux p2p\crux p2p.exe:Crux P2P
"UDP Query User{BCCE0BC3-EDEC-4757-864A-6D907F346BCA}c:\\program files\\crux p2p\\crux p2p.exe"= TCP:c:\program files\crux p2p\crux p2p.exe:Crux P2P
"{E63D8926-B7C8-402F-87BE-94A2671B534F}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{4CF1A8F8-FE8A-4820-9D34-79ECCEDF1ADE}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{C5EE6106-EC35-4616-A22E-05954E64C811}c:\\program files\\bitdownload\\bitdownload.exe"= UDP:c:\program files\bitdownload\bitdownload.exe:BitDownload
"UDP Query User{DA075536-AC17-4833-8024-6C180D38DDB1}c:\\program files\\bitdownload\\bitdownload.exe"= TCP:c:\program files\bitdownload\bitdownload.exe:BitDownload
"{40B4F321-2636-4EED-B349-CFE7B5D86871}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{4D95F88E-1002-4D27-998B-DB5067561B44}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{CBA76F8D-C5DB-4683-8F77-B3049033596E}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{5EBF34D8-2ED6-4924-AF75-5B236ED403B7}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{0688C53B-4337-4C31-93A9-300DA2C0CA5B}c:\\program files\\multiproxy\\mproxy.exe"= UDP:c:\program files\multiproxy\mproxy.exe:MultiProxy personal proxy server
"UDP Query User{89D5442C-89D7-4352-B0C2-146953262E88}c:\\program files\\multiproxy\\mproxy.exe"= TCP:c:\program files\multiproxy\mproxy.exe:MultiProxy personal proxy server
"{82DB77AD-A36A-4990-A56E-65197F2C931C}"= Disabled:UDP:8081:127.0.01
"TCP Query User{60407BD8-9788-4EEC-A65F-C82FB5C6EEB3}c:\\program files\\micro application\\internet anonyme 2\\cghost.exe"= UDP:c:\program files\micro application\internet anonyme 2\cghost.exe:CGhost
"UDP Query User{A394E43E-A69C-46F3-AE6E-9A9B96946C1E}c:\\program files\\micro application\\internet anonyme 2\\cghost.exe"= TCP:c:\program files\micro application\internet anonyme 2\cghost.exe:CGhost
"TCP Query User{E72D2E30-AF7C-47F9-A79E-9C8F6E47808B}c:\\myboxscript6\\myboxscript6\\mirc.exe"= UDP:c:\myboxscript6\myboxscript6\mirc.exe:mIRC
"UDP Query User{9225F39E-24E2-4A01-BD33-D44F7B4C6AB8}c:\\myboxscript6\\myboxscript6\\mirc.exe"= TCP:c:\myboxscript6\myboxscript6\mirc.exe:mIRC
"TCP Query User{E6556892-1D02-475F-ACCE-E4FD8ABC2B44}c:\\program files\\ganja`script\\mirc.exe"= UDP:c:\program files\ganja`script\mirc.exe:mIRC
"UDP Query User{ABAB2285-372D-4534-8ED5-7963F439C244}c:\\program files\\ganja`script\\mirc.exe"= TCP:c:\program files\ganja`script\mirc.exe:mIRC
"{138F2AB3-F95B-4B1F-B1AF-8375A8B9A452}"= UDP:c:\program files\CCleaner\CCleaner.exe:CCleaner
"{8A02597D-8647-4606-8856-38A99036C402}"= TCP:c:\program files\CCleaner\CCleaner.exe:CCleaner
"TCP Query User{38B9A799-1578-4735-87EC-14A685498715}c:\\users\\gael\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\f4ju5evo\\02_apek2.avi-downloader[1].exe"= Disabled:UDP:c:\users\gael\appdata\local\microsoft\windows\temporary internet files\content.ie5\f4ju5evo\02_apek2.avi-downloader[1].exe:02_apek2.avi-downloader[1].exe
"UDP Query User{A2DD1817-B212-4548-9DD7-D64BA46916B8}c:\\users\\gael\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\f4ju5evo\\02_apek2.avi-downloader[1].exe"= Disabled:TCP:c:\users\gael\appdata\local\microsoft\windows\temporary internet files\content.ie5\f4ju5evo\02_apek2.avi-downloader[1].exe:02_apek2.avi-downloader[1].exe
"TCP Query User{EE4AFA20-1653-4B2B-BBF9-EF105C0575B7}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= Disabled:UDP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{D0A3EF5B-C0D9-48CB-8283-57DDB047214D}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= Disabled:TCP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{F1962467-5A1C-4D2F-9ECA-15A22438725F}c:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{798FCF3B-9DB4-4B25-95DE-EA92034FD0A0}c:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{2ACA9D58-69C0-492A-9C1B-6B8323C03DAC}c:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{63755C0E-92B0-4808-BC13-4C0FB902AAF0}c:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{CB857ABD-E2E8-4374-A713-54E0FD1E5A27}c:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{A2220797-D03E-4ED0-801F-DCEF93104219}c:\\program files\\world of warcraft\\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.2.7318-to-2.2.3.7359-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{A3F9C14C-2D76-4A60-94D4-DB1035FD1B73}c:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= Disabled:UDP:c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{D1308872-98C2-4E43-9904-3F28516FBEFA}c:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= Disabled:TCP:c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"{EB2B0B56-CC97-42FD-8C30-01EE7E0B71BD}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F96E0414-F047-4150-8CC2-A52F18B752AC}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{CCA38AD7-8213-4E3F-8AAD-E53CC09EABBE}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [22/09/2009 13:35 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22/09/2009 13:35 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22/09/2009 13:35 53328]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CAMTHWDM.sys [09/03/2009 05:39 1051136]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\System32\drivers\ManyCam.sys [14/01/2008 12:06 21632]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista;c:\windows\System32\drivers\netr73.sys [10/01/2009 00:25 256000]
S3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;c:\windows\System32\drivers\superwebcam.sys [26/02/2009 04:00 31872]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'
2009-09-23 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-03-14 07:49]
2009-09-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-16 23:06]
2009-09-24 c:\windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
2008-04-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://pogo.com/?site=pogo-fr
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Block advertisement - http://localhost:4002/cookie.cooker/scriptwerbung
IE: CC Web-Interface - http://localhost:4002/cookie.cooker/loadifscript
IE: Download with &Shareaza - c:\program files\Crux P2P\Plugins\RazaWebHook.dll/3000
IE: Fill form (random) - http://localhost:4002/cookie.cooker/fillscriptr
IE: Fill form (real data) - http://localhost:4002/cookie.cooker/fillscriptp
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - c:\program files\Ghost Navigator2_8\Ghost
FF - ProfilePath - c:\users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default\
FF - prefs.js: browser.search.selectedEngine - GoogIe
FF - prefs.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=fobFkKfy&q=
FF - component: c:\users\gael\AppData\Roaming\Mozilla\Firefox\Profiles\9iozw1zr.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
---- PARAMETRES FIREFOX ----
FF - user.js: browser.search.selectedEngine - GoogIe
FF - user.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=fobFkKfy&q=
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 02:28
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):0b,2c,dd,1d,dc,76,a5,11,fb,9e,cc,4b,50,6c,63,e5,b8,7c,fa,c7,5e,
57,13,c8,0d,ba,39,22,a0,81,68,9f,50,ec,28,b0,be,6c,70,9c,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-2273213325-1641261132-3983154234-1000_Classes\CLSID\{d16a7627-9268-44ca-8cfb-41c0f35e05df}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000074
"Therad"=dword:0000002d
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,b0,7e,1e,0f,ca,4a,bc,8d,96,94,16,7a,19,d5,dc,a7,3f,cb,c4,3f,5b,b9,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2009-09-24 2:33
ComboFix-quarantined-files.txt 2009-09-24 00:33
Avant-CF: 90 020 982 784 octets libres
Après-CF: 89 945 280 512 octets libres
Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,5
348 --- E O F --- 2009-09-22 18:59
Apres avoir fais combofix, l'ordinateur se comporte bien, pas de soucis, juste j'ai du redemarrer l'ordinateur car je ne pouvais plus faire quoi que ce soit, il ya des riques? lequels svp? javoue que vos programme me font peur lol,
je vais suivre le post 76 et je le met ici ce soir...
je vais suivre le post 76 et je le met ici ce soir...
