Aller au contenu

Titso

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    27

  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Localisation
    KSA

Autres informations

  • Mes langues
    Fran, Angl, Arab

Titso's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Titso
    Re, Merci pour tes informations, je n'hésiterai pas.
  2. Titso
    Bonsoir, J'ai lu qu'il était plus sure de surfer avec un compte limité mais j'ignore comment en créer. Lorsque mes enfants ont fini de surfer, je vois de temps en temps des fichiers chelous téléchargés sur le bureau que je mets vite a la poubelle. C'est embêtant, car je suis a chaque fois contraint de vérifier si cela n'a pas été installé. Ce compte limité me servirai bien. Merci pour votre aide.
  3. Titso
    Bonjour, Est-il nécessaire d'installer Windows Malicious Software... ? Bien qu'ayant MBAM et Avira? J'ai lu les explications sur Microsoft, mais je ne suis pas convaincu. Je voudrais quelques avis. Merci.
  4. Titso
    Salut, On m'a dit de réinitialiser IE7, d'ailleurs après il était plus rapide, de redémarrer, télécharger IE8, redémarrer). Maintenant IE8 fonctionne très bien. Bonne soirée.
  5. Titso

    Antivir se bloque

    Titso a répondu à un(e) sujet de Titso dans Sécurisation, prévention

    Re, Parce que Antivirus impossible à mettre à jour ou à (ré)installer.
  6. Titso

    Antivir se bloque

    Titso a répondu à un(e) sujet de Titso dans Sécurisation, prévention

    Merci, maintenant je sais pourquoi Antivir se bloque.
  7. Titso
    Salut, Lorsque je démarre Antivir il se bloque, je n'ai pas pu faire de mise a jour depuis longtemps car il ne veut/peut pas, mes collègues ont eu internet et moi non, l'ordi fait un bruit bizarre, il est lent, lorsque je veux enregistrer un fichier un message me dit que le disque est plein. Je pense qu'il est infecté, car a chaque fois que j'introduis ma clé USB sur l'ordi portable, Antivir sonne plusieurs fois scanne la clé et détecte des bestioles. Merci pour votre aide.
  8. Titso
    Salut, Voici ce que Malwarebyte's a trouve (j'ignore si la date est a prendre en compte): Malwarebytes' Anti-Malware 1.37 Version de la base de données: 2245 Windows 5.1.2600 Service Pack 3 07/06/2009 11:38:41 م mbam-log-2009-06-07 (23-38-41).txt Type de recherche: Examen rapide Eléments examinés: 98382 Temps écoulé: 11 minute(s), 25 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 3 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SpyClean (Rogue.NetCom3) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\Intelinet (Rogue.Intelinet) -> Quarantined and deleted successfully. c:\program files\intelinet\Backup (Rogue.Intelinet) -> Quarantined and deleted successfully. c:\program files\intelinet\Logs (Rogue.Intelinet) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\program files\intelinet\Logs\2009_05_04.log (Rogue.Intelinet) -> Quarantined and deleted successfully. c:\program files\intelinet\Logs\2009_05_05.log (Rogue.Intelinet) -> Quarantined and deleted successfully Et voici le rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:09:45 م, on 17/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\rnamfler\naomf.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\program files\rnamfler\radprcmp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\rnamfler\naofsvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.kau.edu.sa;*.kaau.edu.sa;192.168.*.*;<local> O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fahess_Activation\McciBrowser.exe" -appkey=Fahess_Activation -hidden -url=file:///C:/Program%20Files/Fahess_Activation/ReportAgent.html O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: McAfee Application Installer Cleanup (0195371245250072) (0195371245250072mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\019537~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe O24 - Desktop Component 0: (no name) - http://www.nauss.edu.sa/NAUSS/images/BGlogo.jpg -- End of file - 7224 bytes Merci.
  9. Titso
    Salut, Désolé je ne sais pas ce qu'est la carte mère. J'en ai déjà entendu parlée. Je sais qu'elle se trouve dans la partie Hardware mais ignore ou. Ensuite, je ne vois aucune image. De plus, la configuration est anglaise, donc je préférerais des termes anglophones et des shemas si possible. Tout çà a l'air trop technique pour moi, je m'en excuse. Merci pour votre aide.
  10. Titso
    Bonsoir, Je n'ai pas compris. Les termes sont un peu compliques. Pourrais-tu m'expliquer clairement ce que je dois faire, s'il te plait. Merci.
  11. Titso
    Salut, J'ai installe IE8 il y a quelques semaines puis lorsque j'ai clique un message me dit : The instruction at "0x00b1000" referenced memory at "0x00b1000". The memory could not be "written". Click on OK to terminate the program Click CANCEL to debug the program. Alors je l'ai désinstallé et suis revenu a l'ancienne version 7 ou 6 je ne sais plus car je ne l'utilise pas. C'était seulement pour le mettre a jour. Je l'ai réinstallé aujourd'hui et j'ai le même message. Que dois-je faire? Merci.
  12. Titso
    Ok , c'est fait.
  13. Titso
    Salut, Impossible d'éditer le premier post. Ensuite concernant le laptop, j'aimerais aussi le nettoyer. C'est possible? Merci
  14. Titso
    Salut, Voici le rapport log : Logfile of random's system information tool 1.06 (written by random/random) Run by Abi at 2009-06-07 22:10:35 Microsoft Windows XP Professional Service Pack 2 System drive C: has 144 GB (95%) free of 153 GB Total RAM: 1014 MB (49% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:10:40, on 07/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Abi\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Documents and Settings\Abi\Desktop\RSIT.exe C:\Program Files\trend micro\Abi.exe O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Abi\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 6092 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\McDefragTask.job C:\WINDOWS\tasks\McQcTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-16 1088296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-31 312928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] "AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-17 53248] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-01-29 16859648] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752] "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-03-25 645328] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-05-31 198160] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-16 24267560] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] C:\Documents and Settings\Abi\Start Menu\Programs\Startup Notification de cadeaux MSN.lnk - C:\Documents and Settings\Abi\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-06-07 16:52:16 ----SHD---- C:\RECYCLER 2009-06-07 16:07:18 ----D---- C:\Documents and Settings\Abi\Application Data\InstallShield 2009-06-06 22:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-06-06 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-06-06 22:25:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-06-06 22:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-06-06 22:25:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-06-06 22:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-06-06 22:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-06-06 22:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2009-06-06 22:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2009-06-06 22:24:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-06-06 22:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-06-06 22:24:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-06-06 22:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-06-06 22:23:59 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-06-06 22:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-06-06 22:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-06-06 22:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB942830$ 2009-06-06 22:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB953155$ 2009-06-06 22:23:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-06-06 22:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-06-06 22:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$ 2009-06-06 22:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-06-06 22:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-06-06 22:23:05 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-06-06 22:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2009-06-06 22:22:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-06-06 22:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-06-06 22:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB939373$ 2009-06-06 22:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-06-06 22:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-06-06 22:22:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-06-06 22:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-06-06 22:22:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-06-06 22:22:07 ----SHD---- C:\Config.Msi 2009-06-06 22:22:07 ----D---- C:\Program Files\MSXML 4.0 2009-06-06 22:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$ 2009-06-06 22:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2009-06-06 22:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-06-06 22:21:10 ----HDC---- C:\WINDOWS\$NtUninstallKB942831$ 2009-06-06 22:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926247$ 2009-06-06 22:15:36 ----A---- C:\ComboFix.txt 2009-06-06 22:12:22 ----D---- C:\WINDOWS\temp 2009-06-06 22:09:27 ----A---- C:\Boot.bak 2009-06-06 22:09:09 ----RASHD---- C:\cmdcons 2009-06-06 21:53:21 ----D---- C:\WINDOWS\system32\CatRoot_bak 2009-06-06 20:07:58 ----A---- C:\WINDOWS\zip.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\SWSC.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\SWREG.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\sed.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\PEV.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\NIRCMD.exe 2009-06-06 20:07:58 ----A---- C:\WINDOWS\grep.exe 2009-06-06 20:07:23 ----D---- C:\WINDOWS\ERDNT 2009-06-06 20:03:39 ----D---- C:\Qoobox 2009-06-06 19:34:44 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2009-06-06 19:32:40 ----D---- C:\WINDOWS\system32\PreInstall 2009-06-06 19:32:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-06-06 19:32:38 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-06 19:06:44 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-06-06 18:46:03 ----D---- C:\Documents and Settings\Abi\Application Data\Malwarebytes 2009-06-06 18:45:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-06-06 18:45:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-06 17:04:24 ----D---- C:\Program Files\trend micro 2009-06-06 17:04:23 ----D---- C:\rsit 2009-06-06 14:45:37 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-06-03 20:35:21 ----D---- C:\Program Files\Easy MEMOry 2009-06-02 14:31:53 ----D---- C:\Program Files\SiteAdvisor 2009-05-31 21:54:46 ----D---- C:\Program Files\Microsoft 2009-05-31 21:54:32 ----D---- C:\Program Files\Windows Live SkyDrive 2009-05-31 21:54:11 ----D---- C:\Program Files\Windows Live 2009-05-31 21:09:20 ----D---- C:\Program Files\Common Files\Windows Live 2009-05-31 18:41:30 ----D---- C:\Documents and Settings\Abi\Application Data\Google 2009-05-31 18:30:18 ----D---- C:\Program Files\Common Files\xing shared 2009-05-31 18:30:14 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-05-31 18:30:02 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-05-31 18:30:02 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-05-31 18:30:01 ----D---- C:\Program Files\Real 2009-05-31 18:30:01 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-05-31 18:29:59 ----D---- C:\Program Files\Common Files\Real 2009-05-31 18:29:57 ----D---- C:\Documents and Settings\Abi\Application Data\Real 2009-05-31 18:28:14 ----D---- C:\Program Files\Google 2009-05-30 17:02:22 ----D---- C:\Documents and Settings\Abi\Application Data\Skype 2009-05-30 17:02:12 ----RD---- C:\Program Files\Skype 2009-05-30 17:02:11 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2009-05-29 23:47:05 ----D---- C:\Documents and Settings\Abi\Application Data\Macromedia 2009-05-29 23:44:10 ----D---- C:\Documents and Settings\Abi\Application Data\MSNInstaller 2009-05-29 23:22:23 ----RH---- C:\WINDOWS\system32\NTIMPEG2.dll 2009-05-29 23:22:23 ----RH---- C:\WINDOWS\system32\NTIMP3.dll 2009-05-29 23:22:23 ----RH---- C:\WINDOWS\system32\NTICDMK7.dll 2009-05-29 23:13:42 ----A---- C:\WINDOWS\system32\dunzip32.dll 2009-05-29 23:11:55 ----D---- C:\Program Files\McAfee.com 2009-05-29 23:11:53 ----D---- C:\Program Files\Common Files\McAfee 2009-05-29 23:11:42 ----D---- C:\Program Files\McAfee 2009-05-29 23:08:46 ----D---- C:\WINDOWS\IIS Temporary Compressed Files ======List of files/folders modified in the last 1 months====== 2009-06-07 20:40:03 ----D---- C:\WINDOWS\system32\inetsrv 2009-06-07 19:22:17 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-07 19:22:17 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-07 19:22:15 ----HD---- C:\WINDOWS\inf 2009-06-07 19:12:53 ----D---- C:\WINDOWS 2009-06-07 19:11:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-07 16:47:50 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-07 16:47:49 ----D---- C:\WINDOWS\system32 2009-06-07 16:46:50 ----D---- C:\WINDOWS\system32\drivers 2009-06-07 16:07:55 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-06-07 15:43:46 ----D---- C:\WINDOWS\Help 2009-06-07 00:36:43 ----SHD---- C:\WINDOWS\Installer 2009-06-06 22:40:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-06-06 22:38:24 ----SD---- C:\WINDOWS\Tasks 2009-06-06 22:32:11 ----D---- C:\WINDOWS\system32\wbem 2009-06-06 22:32:10 ----D---- C:\WINDOWS\AppPatch 2009-06-06 22:25:32 ----A---- C:\WINDOWS\imsins.BAK 2009-06-06 22:25:15 ----D---- C:\Program Files\Messenger 2009-06-06 22:24:00 ----D---- C:\WINDOWS\WinSxS 2009-06-06 22:22:07 ----RD---- C:\Program Files 2009-06-06 22:21:36 ----D---- C:\Program Files\Internet Explorer 2009-06-06 22:15:07 ----A---- C:\WINDOWS\system32\MPFServiceFailureCount.txt 2009-06-06 22:14:23 ----A---- C:\WINDOWS\system.ini 2009-06-06 22:12:33 ----D---- C:\WINDOWS\system32\config 2009-06-06 22:12:02 ----D---- C:\Program Files\Common Files 2009-06-06 22:09:27 ----RASH---- C:\boot.ini 2009-06-06 21:53:20 ----D---- C:\WINDOWS\Debug 2009-06-06 19:12:30 ----D---- C:\Documents and Settings\Abi\Application Data\Adobe 2009-06-06 19:12:28 ----D---- C:\Program Files\Common Files\Adobe 2009-06-06 14:45:55 ----D---- C:\WINDOWS\SoftwareDistribution 2009-06-04 20:51:28 ----SD---- C:\Documents and Settings\Abi\Application Data\Microsoft 2009-06-04 20:46:36 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-06-02 14:54:35 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2009-06-01 14:04:46 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor 2009-05-31 21:55:18 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-05-31 21:54:36 ----D---- C:\Program Files\Common Files\Microsoft Shared 2009-05-31 21:54:16 ----RSD---- C:\WINDOWS\Fonts 2009-05-31 21:53:57 ----D---- C:\WINDOWS\pchealth 2009-05-31 18:30:01 ----A---- C:\WINDOWS\system32\msvcr71.dll 2009-05-31 18:30:01 ----A---- C:\WINDOWS\system32\msvcp71.dll 2009-05-31 15:54:37 ----D---- C:\Documents and Settings\Abi\Application Data\Help 2009-05-31 13:33:38 ----D---- C:\WINDOWS\Minidump 2009-05-30 15:30:37 ----D---- C:\Program Files\Zahra Coloring Game 2009-05-30 00:47:54 ----A---- C:\WINDOWS\ModemLog_Standard 300 bps Modem.txt ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096] R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-03-25 214024] R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-10-23 120136] R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-04 223616] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-05 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-30 4725760] R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-03-25 79880] R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-03-25 35272] R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-03-25 40552] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-05 12160] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-05 5888] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-07-02 94592] R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-03-25 34216] S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-04 15872] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-03-11 210216] R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2009-01-08 303104] R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-03-25 797864] R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848] R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952] R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704] R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-08 171040] R2 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-05 19456] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-04 15872] R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2006-11-20 33280] R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-04 15872] R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-24 606736] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2004-08-04 8704] -----------------EOF----------------- Et INFO : info.txt logfile of random's system information tool 1.06 2009-06-06 17:06:23 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Canon MP Navigator 3.1-->"C:\Program Files\Canon\MP Navigator 3.1\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.1\uninst.ini Canon MP140 series User Registration-->C:\Program Files\Canon\IJEREG\MP140 series\UNINST.EXE Canon MP140 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series /L0x0009 Canon Utilities Easy-LayoutPrint-->C:\Program Files\Canon\Easy-LayoutPrint\uninst.exe uninst.ini Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Drawing for Children 2.2-->C:\Program Files\Drawing for Children\Uninstal.exe Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mozilla Firefox (3.0.10)-->C:\Documents and Settings\Abi\My Documents\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MyPlayCity Toolbar-->C:\PROGRA~1\MYPLAY~1\UNWISE.EXE /U C:\PROGRA~1\MYPLAY~1\INSTALL.LOG Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x0009 -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Ringed Racing Fun-->"C:\Program Files\MyPlayCity.com\Ringed Racing Fun\unins000.exe" Sammy Suricate Demo-->C:\PROGRA~1\SAMMYS~1\UNWISE.EXE C:\PROGRA~1\SAMMYS~1\INSTALL.LOG ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /I{375943E2-B268-4AD7-B7A4-0FD90E9C2AC7} Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Zahra Coloring Game-->"C:\WINDOWS\Zahra Coloring Game\uninstall.exe" "/U:C:\Program Files\Zahra Coloring Game\Uninstall\uninstall.xml" ======Security center information====== AV: AntiVir Desktop (disabled) (outdated) AV: McAfee VirusScan FW: McAfee Personal Firewall ======System event log====== Computer Name: FAMILY-3DBCF2DE Event Code: 7000 Message: The crd service failed to start due to the following error: The system cannot find the path specified. Record Number: 6059 Source Name: Service Control Manager Time Written: 20090318125643.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 7023 Message: The Security Image service terminated with the following error: A dynamic link library (DLL) initialization routine failed. Record Number: 6036 Source Name: Service Control Manager Time Written: 20090318113245.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 7000 Message: The crd service failed to start due to the following error: The system cannot find the path specified. Record Number: 6035 Source Name: Service Control Manager Time Written: 20090318113245.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 7023 Message: The Security Image service terminated with the following error: A dynamic link library (DLL) initialization routine failed. Record Number: 6013 Source Name: Service Control Manager Time Written: 20090318001004.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 7000 Message: The crd service failed to start due to the following error: The system cannot find the path specified. Record Number: 6012 Source Name: Service Control Manager Time Written: 20090318001004.000000+180 Event Type: error User: =====Application event log===== Computer Name: FAMILY-3DBCF2DE Event Code: 1002 Message: Hanging application HorseLand.exe, version 11.0.0.426, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 456 Source Name: Application Hang Time Written: 20090121223345.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 1002 Message: Hanging application HorseLand.exe, version 11.0.0.426, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 455 Source Name: Application Hang Time Written: 20090121222402.000000+180 Event Type: error User: Computer Name: FAMILY-3DBCF2DE Event Code: 1517 Message: Windows saved user FAMILY-3DBCF2DE\Omi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 445 Source Name: Userenv Time Written: 20090121202508.000000+180 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: FAMILY-3DBCF2DE Event Code: 1517 Message: Windows saved user FAMILY-3DBCF2DE\Omi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 429 Source Name: Userenv Time Written: 20090121172826.000000+180 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: FAMILY-3DBCF2DE Event Code: 1517 Message: Windows saved user FAMILY-3DBCF2DE\Abi registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 419 Source Name: Userenv Time Written: 20090121011026.000000+180 Event Type: warning User: NT AUTHORITY\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  15. Titso
    Cooooooool, maintenant ça marche, je suis vraiment content. Le pire c'est que je viens de me rendre compte que c'était McAfee le problème. Je n'avais pas activé le déverrouillage du pare-feu ce qui m'empêcher d'accéder a Internet. Action entreprise lorsque j'ai utilisé combofix. Ridicule, non? Ensuite j'ai retiré les adresses DNS et mis tout en automatique. Pour être sure. Maintenant c'est ok. Merci pour ton aide c'est vraiment sympa et je suis désolé d'avoir pris de ton temps pour une erreur stupide.
×
×
  • Créer...