Aller au contenu

Mynasa

Membres
  • Compteur de contenus

    14
  • Inscription

  • Dernière visite

Mynasa's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Salam, Je compte acheter un xps m1730 ( http://www1.euro.dell.com/content/produ ... &cs=frdhs1 ) et j'ai plusieurs question^^ : Composant : Disque dur : Que choisir ? 320GB Free Fall Sensor (7200RPM) 500GB Serial ATA (5400RPM) Processeur : Processeur Intel® Core™ 2 Duo T9300 (2,50 GHz, mémoire cache L2 de 6 Mo, FSB 800 MHz) Est-il assez puissant ? Souris : Que choisir ? Il y en plusieurs, des idées ? Lecteur : Pourrais-je le changer dans le futur ? Bluetooth : Quel est la différence entre ces deux offres ? Module Bluetooth 2.0 Dell Wireless 355 (jusqu´à 3 Mbit/s) avec Enhanced Data Rate Bluetooth sans fil Wireless 355 de Dell + casque stéréo Bluetooth 2.0 Dell Accessoire : Un casque, avez vous des idées ? Un casque sans fil a une plus mauvaise récéption qu'un avec fil ? Voila merci, car ce pc n'existe pas en Algérie, donc un ami va l'acheter en france, donc pas le droit à l'erreur xD
  2. Merci vais essayer PS : j'arrive à télécharger des fichiers de 1.4 go sans problème, et drweb ne fait que 14 mo et il veut pas.... Bon allez faut optimiser^^
  3. Ok, bon Si ça ne te dérange pas, on va essayer de désinfecter Sinon, si je sauvegarde mes données sur une clé usb, y a t'il un risque que le virus s'y cache ?
  4. Je dois donc tout reformater ?
  5. Voici le rapport RTT au cas : Logfile of random's system information tool 1.06 (written by random/random) Run by Sanamy at 2009-06-21 22:10:12 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 14 MB (0%) free of 10 GB Total RAM: 255 MB (11% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:10:57, on 21/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Giganology\Gigaget\Gigaget.exe C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winflettq.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Sanamy\Mes documents\Téléchargements\RSIT.exe C:\Program Files\trend micro\Sanamy.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45" O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase1140.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F8E8EB8E-43E3-4D6D-BB7C-8CA044F33B6D}: NameServer = 208.67.222.222 193.55.10.102 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) -- End of file - 4043 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-602609370-682003330-1003.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{111CAA23-6F4F-42AC-8555-B48C1D87BBAB}] GigagetIEHelper Class - C:\WINDOWS\system32\gigagetbho_v10.dll [2006-01-09 86016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-14 173568] C:\Documents and Settings\Sanamy\Menu Démarrer\Programmes\Démarrage Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"=1 "DisableTaskMgr"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ipsec" "C:\Program Files\Giganology\Gigaget\Gigaget.exe"="C:\Program Files\Giganology\Gigaget\Gigaget.exe:*:Enabled:ipsec" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:ipsec" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE:*:Enabled:ipsec" "C:\Documents and Settings\Sanamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"="C:\Documents and Settings\Sanamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec" "C:\Documents and Settings\Sanamy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Sanamy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec" "C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:ipsec" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winwioo.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winwioo.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winidmj.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winidmj.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\cwldr.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\cwldr.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winyabv.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winyabv.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winoswght.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winoswght.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\rwjmt.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\rwjmt.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\xxje.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\xxje.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winxyuj.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winxyuj.exe:*:Enabled:ipsec" "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec" "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jblj.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jblj.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windsne.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windsne.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\bjnnjb.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\bjnnjb.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winohwqwx.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winohwqwx.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintxmiqy.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintxmiqy.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winptngod.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winptngod.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\mopwav.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\mopwav.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winbfsvr.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winbfsvr.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\vdkl.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\vdkl.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\bsrd.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\bsrd.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wingxbu.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wingxbu.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wdxonf.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wdxonf.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winbibfp.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winbibfp.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\vhpvwr.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\vhpvwr.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winnfgy.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winnfgy.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winaniuu.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winaniuu.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winompa.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winompa.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\uvqgk.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\uvqgk.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winevinbf.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winevinbf.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ctvuw.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ctvuw.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windkung.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windkung.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dhmk.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dhmk.exe:*:Enabled:ipsec" "J:\Rappelz\SFrame.exe"="J:\Rappelz\SFrame.exe:*:Enabled:SFrame" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wincwmy.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wincwmy.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winygws.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winygws.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ocdw.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ocdw.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\tjhv.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\tjhv.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\aqcay.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\aqcay.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winjukkqb.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winjukkqb.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qhndtg.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qhndtg.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winktix.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winktix.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winmyjn.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winmyjn.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\lqqtcm.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\lqqtcm.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wincvls.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wincvls.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winpenvsr.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winpenvsr.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windwer.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\windwer.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\irvwvg.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\irvwvg.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\shbdn.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\shbdn.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dsgljx.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dsgljx.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\etjn.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\etjn.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhdkikk.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhdkikk.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qokqu.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qokqu.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qvlv.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\qvlv.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jiiw.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jiiw.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\gemmw.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\gemmw.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ooye.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\ooye.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winflfung.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winflfung.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jsvhep.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jsvhep.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\gxxu.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\gxxu.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winruleuu.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winruleuu.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\hfiyd.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\hfiyd.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhlbrqc.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhlbrqc.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wingqycow.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wingqycow.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\plgty.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\plgty.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winjpycj.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winjpycj.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhgvdl.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhgvdl.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\pgot.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\pgot.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintjqql.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintjqql.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winshau.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winshau.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhbtski.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winhbtski.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\galhe.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\galhe.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\lasji.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\lasji.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winlscec.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winlscec.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dtlx.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\dtlx.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\aoeuc.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\aoeuc.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winfugm.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winfugm.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\yvoe.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\yvoe.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jxdy.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\jxdy.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\tjjmri.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\tjjmri.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winavkk.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winavkk.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\myaq.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\myaq.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintmfko.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\wintmfko.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winvoggbt.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winvoggbt.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winyexf.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winyexf.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\slfl.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\slfl.exe:*:Enabled:ipsec" "C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winflettq.exe"="C:\DOCUME~1\Sanamy\LOCALS~1\Temp\winflettq.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-06-21 22:10:12 ----D---- C:\rsit 2009-06-21 21:07:42 ----D---- C:\WINDOWS\LastGood 2009-06-19 20:00:41 ----D---- C:\Documents and Settings\Sanamy\Application Data\Thinstall 2009-06-11 22:30:24 ----D---- C:\Documents and Settings\Sanamy\Application Data\gtk-2.0 2009-06-11 22:25:12 ----D---- C:\Program Files\GIMP-2.0 2009-06-08 13:42:34 ----A---- C:\WINDOWS\system32\muweb.dll 2009-06-08 13:42:34 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-06-08 13:42:34 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-05-26 21:27:34 ----AC---- C:\WINDOWS\system32\TubeFinder.exe 2009-05-26 21:27:30 ----AC---- C:\WINDOWS\system32\PCCLPFR.DLL 2009-05-26 21:27:29 ----D---- C:\Program Files\Free FLV Converter 2009-05-26 21:27:29 ----AC---- C:\WINDOWS\system32\MSCMCFR.DLL 2009-05-26 21:27:29 ----AC---- C:\WINDOWS\system32\CMDLGFR.DLL ======List of files/folders modified in the last 1 months====== 2009-06-21 22:10:56 ----D---- C:\Program Files\Trend Micro 2009-06-21 22:10:04 ----D---- C:\WINDOWS\Prefetch 2009-06-21 22:07:13 ----D---- C:\Program Files\Mozilla Firefox 2009-06-21 22:06:23 ----HD---- C:\WINDOWS\inf 2009-06-21 21:42:00 ----D---- C:\TDdownload 2009-06-21 21:36:25 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-21 21:36:24 ----D---- C:\WINDOWS 2009-06-21 21:28:29 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-21 20:50:57 ----D---- C:\WINDOWS\temp 2009-06-21 20:50:53 ----D---- C:\WINDOWS\system32\drivers 2009-06-21 20:49:26 ----D---- C:\WINDOWS\system32 2009-06-19 13:16:32 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-13 23:28:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-09 19:01:40 ----D---- C:\Documents and Settings 2009-06-08 08:10:10 ----AC---- C:\WINDOWS\PEV.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424] R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\iojhmh.sys [] R3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] S3 catchme;catchme; \??\C:\DOCUME~1\Sanamy\LOCALS~1\Temp\catchme.sys [] S3 dump_wmimmc;dump_wmimmc; \??\H:\Rappelz\GameGuard\dump_wmimmc.sys [] S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-20 152984] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 139264] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-03 2862428] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 158768] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S4 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2009-02-24 312056] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-06-21 22:11:06 ======Uninstall list====== -->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe" -->"C:\Program Files\WildGames\SpongeBob Diner Dash 2 - Two Times the Trouble\Uninstall.exe" -->"C:\Program Files\WildGames\SpongeBob SquarePants 3D Obstacle Odyssey\Uninstall.exe" -->"C:\Program Files\WildGames\SpongeBob SquarePants Krabby Quest\Uninstall.exe" -->C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe -runfromtemp -l0x040c/cont -removeonly -->C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{E078134D-A344-41B6-A0F8-147AB235396E}\setup.exe -runfromtemp -l0x040c -removeonly -->C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe -runfromtemp -l0x040c -removeonly -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x9 UNINST Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} DBZ Online V7.00-->C:\Program Files\DBZ Online\Uninstal.exe EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x9 UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x9 UNINST EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u EPSON Stylus C90_91_D92 Manual-->C:\Program Files\EPSON\TPMANUAL\ESC90 91 D92\ENG\USE_G\DOCUNINS.EXE EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything FileZilla Client 3.2.4.1-->h:\Program Files\FileZilla FTP Client\uninstall.exe FindyKill-->C:\Program Files\FindyKill\Uninstal.exe Free FLV Converter V 5.0-->"C:\Program Files\Free FLV Converter\unins000.exe" Gigaget-->"C:\Program Files\Giganology\Gigaget\unins000.exe" GIMP 2.6.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" GPL Ghostscript 8.63-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.63\uninstal.txt" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Java 2 Runtime Environment, SE v1.4.1_07-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA532E73-1BB7-11D8-9D6A-00010240CE95}\setup.exe" Anytext Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Jeux WildTangent-->"C:\Program Files\WildGames\Uninstall.exe" Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} KidNet -->C:\Program Files\KidNet\KidNet-uninst.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mozilla Firefox (3.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf Pcsx2 0.9.6-->MsiExec.exe /I{0E2B767B-EA6A-489B-BF83-8083FE1DB661} PDFill PDF Editor with FREE PDF Writer and Tools-->MsiExec.exe /I{262C7F33-8251-432E-88C1-E9F42A53F8F0} PDF-to-Word 2.5 Demo-->C:\PROGRA~1\BLUESQ~1\demos\UNWISE.EXE /U C:\PROGRA~1\BLUESQ~1\demos\pdf2word.log Rappelz-->"H:\Rappelz\unins000.exe" SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x040c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sims Language-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Sims Language\ST5UNST.LOG" Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x040c /removeonly uninstall -removeonly VLC media player 0.9.8a-->H:\Program Files\VideoLAN\VLC\uninstall.exe Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Yu-Gi-Oh Virtual Battle 5.19-->h:\Program Files\Yu-Gi-Oh Virtual Battle 5\Uninstal.exe Yugioh Virtual Desktop-->C:\WINDOWS\unvise32.exe C:\Program Files\YuGiOh Virtual Desktop\uninstal.log ======Hosts File====== 127.0.0.1 localhost ======Security center information====== AV: Kaspersky Internet Security (disabled) (outdated) FW: Kaspersky Internet Security (disabled) ======System event log====== Computer Name: SHELLA Event Code: 29 Message: Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Record Number: 5 Source Name: W32Time Time Written: 20090619095616.000000+060 Event Type: erreur User: Computer Name: SHELLA Event Code: 17 Message: Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Record Number: 4 Source Name: W32Time Time Written: 20090619095616.000000+060 Event Type: erreur User: Computer Name: SHELLA Event Code: 1007 Message: Votre ordinateur a automatiquement configuré l'adresse IP pour la carte avec l'adresse réseau 00138FFF1165. L'adresse IP utilisée est 169.254.88.98. Record Number: 3 Source Name: Dhcp Time Written: 20090619095607.000000+060 Event Type: Avertissement User: Computer Name: SHELLA Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20090619095504.000000+060 Event Type: Informations User: Computer Name: SHELLA Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Multiprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20090619095504.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: SHELLA Event Code: 1000 Message: Application défaillante chrome.exe, version 0.0.0.0, module défaillant chrome.dll, version 1.0.154.53, adresse de défaillance 0x0055355d. Record Number: 252 Source Name: Application Error Time Written: 20090405162307.000000+060 Event Type: erreur User: Computer Name: SHELLA Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 251 Source Name: SecurityCenter Time Written: 20090405144649.000000+060 Event Type: Informations User: Computer Name: SHELLA Event Code: 1000 Message: Application défaillante chrome.exe, version 0.0.0.0, module défaillant chrome.dll, version 1.0.154.53, adresse de défaillance 0x005535b0. Record Number: 250 Source Name: Application Error Time Written: 20090405120911.000000+060 Event Type: erreur User: Computer Name: SHELLA Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 249 Source Name: SecurityCenter Time Written: 20090405112230.000000+060 Event Type: Informations User: Computer Name: SHELLA Event Code: 1001 Message: Vérification du système de fichiers sur C: Le type du système de fichiers est NTFS. L'intégrité de l'un de vos disques doit être vérifiée. Vous pouvez annuler cette vérification, mais son exécution est fortement recommandée. Windows va maintenant vérifier le disque. L'enregistrement d'attribut de type 0x80 et de balise d'instance 0x4 a un lien croisé qui commence à 0x1fafc pour 0x1 clusters éventuels. L'enregistrement d'attribut de type 0x80 et de balise d'instance 0x4 a un lien croisé qui commence à 0x1fafc pour 0x1 clusters éventuels. Certains clusters occupés par l'attribut de type 0x80 et de balise d'instance 0x4 dans le fichier 0x8b14 sont déjà utilisés. Suppression de l'enregistrement d'attribut endommagé (128, "") du segment d'enregistrement de fichier 35604. Les deux entrées d'index de longueur 0x70 et 0x70 sont identiques ou apparaissent dans le mauvais ordre. eb 8e 00 00 00 00 36 00 70 00 5a 00 00 00 00 00 ......6.p.Z..... b0 27 00 00 00 00 0c 00 a4 de ab 56 2c b5 c9 01 .'.........V,... a4 de ab 56 2c b5 c9 01 a4 de ab 56 2c b5 c9 01 ...V,......V,... a4 de ab 56 2c b5 c9 01 00 20 00 00 00 00 00 00 ...V,.... ...... 00 20 00 00 00 00 00 00 20 01 00 00 00 00 00 00 . ...... ....... 0c 02 43 00 43 00 48 00 7e 00 31 00 34 00 7e 00 ..C.C.H.~.1.4.~. 33 00 2e 00 48 00 56 00 50 00 64 00 32 00 37 00 3...H.V.P.d.2.7. 34 00 2e 00 68 00 74 00 70 00 5a 00 00 00 00 00 4...h.t.p.Z..... ---------------------------------------------------------------------- e4 8e 00 00 00 00 12 00 70 00 5a 00 00 00 00 00 ........p.Z..... b0 27 00 00 00 00 0c 00 96 b7 a4 56 2c b5 c9 01 .'.........V,... 96 b7 a4 56 2c b5 c9 01 96 b7 a4 56 2c b5 c9 01 ...V,......V,... 96 b7 a4 56 2c b5 c9 01 00 20 00 00 00 00 00 00 ...V,.... ...... 00 20 00 00 00 00 00 00 20 01 00 00 00 00 00 00 . ...... ....... 0c 02 43 00 43 00 48 00 7e 00 31 00 34 00 7e 00 ..C.C.H.~.1.4.~. 33 00 2e 00 48 00 56 00 50 00 64 00 32 00 37 00 3...H.V.P.d.2.7. e5 8e 00 00 00 00 0e 00 70 00 5a 00 00 00 00 00 ........p.Z..... Tri de l'index $I30 du fichier 10160. Impossible de trouver l'attribut nom de fichier d'entrée d'index CCH~14~3.HVP de l'index $I30 avec pour parent 0x27b0 dans le fichier 0x8eeb. Suppression de l'entrée d'index CCH~14~3.HVP dans l'index $I30 du fichier 10160. Impossible de trouver l'attribut nom de fichier d'entrée d'index CCH~14~4.HVP de l'index $I30 avec pour parent 0x27b0 dans le fichier 0x8f0a. Suppression de l'entrée d'index CCH~14~4.HVP dans l'index $I30 du fichier 10160. Nettoyage en cours de petites incohérences sur le lecteur. CHKDSK récupère les fichiers perdus. Récupération du fichier orphelin CCH~14~4.HTP (27624) dans le fichier de répertoire 10160. Récupération du fichier orphelin CCH~14~3.HTP (36577) dans le fichier de répertoire 10160. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8ee2. Correction d'erreurs mineures de nom de fichier pour le fichier 36578. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8ee3. Correction d'erreurs mineures de nom de fichier pour le fichier 36579. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8ee4. Correction d'erreurs mineures de nom de fichier pour le fichier 36580. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8ee5. Correction d'erreurs mineures de nom de fichier pour le fichier 36581. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8eeb. Correction d'erreurs mineures de nom de fichier pour le fichier 36587. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8f09. Correction d'erreurs mineures de nom de fichier pour le fichier 36617. Il n'y a pas d'attribut nom de fichier DOS dans le fichier 0x8f0a. Correction d'erreurs mineures de nom de fichier pour le fichier 36618. Nettoyage en cours de 9 entrées d'index inutilisées à partir de l'index $SII du fichier 0x9. Nettoyage en cours de 9 entrées d'index inutilisées à partir de l'index $SDH du fichier 0x9. Nettoyage en cours de 9 descripteurs de sécurité non utilisés. Insertion d'un attribut de données dans le fichier 35604. Correction des erreurs dans le carte du volume. Windows a effectué des corrections sur le système de fichiers. 10506478 Ko d'espace disque au total. 8339488 Ko dans 34589 fichiers. 10248 Ko dans 2229 index. 0 Ko dans des secteurs défectueux. 92234 Ko utilisés par le système. 54592 Ko occupés par le fichier journal. 2064508 Ko disponibles sur le disque. 4096 octets dans chaque unité d'allocation. 2626619 unités d'allocation au total sur le disque. 516127 unités d'allocation disponibles sur le disque. Informations internes : 80 90 00 00 dd 8f 00 00 ad b1 00 00 00 00 00 00 ................ 0e 01 00 00 00 00 00 00 13 01 00 00 00 00 00 00 ................ 02 91 ba 02 00 00 00 00 78 00 fb 22 00 00 00 00 ........x..".... 70 bf cc 03 00 00 00 00 00 00 00 00 00 00 00 00 p............... 00 00 00 00 00 00 00 00 b8 67 95 31 00 00 00 00 .........g.1.... 10 a3 cb b2 00 00 00 00 c0 3f 07 00 1d 87 00 00 .........?...... 00 00 00 00 00 80 00 fd 01 00 00 00 b5 08 00 00 ................ Windows a terminé la vérification de votre disque. Veuillez patienter pendant le redémarrage de votre ordinateur. Record Number: 248 Source Name: Winlogon Time Written: 20090405112117.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3 "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0409 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  6. Rien : 2009/06/21 21:14:53 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:14:53 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:14:53 Host: s3.amazonaws.com 2009/06/21 21:14:53 Accept: */* 2009/06/21 21:14:53 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:14:53 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:14:53 Range: bytes=4827741- 2009/06/21 21:14:53 Pragma: no-cache 2009/06/21 21:14:53 Cache-Control: no-cache 2009/06/21 21:14:53 Connection: close 2009/06/21 21:14:54 HTTP/1.1 403 Forbidden 2009/06/21 21:14:54 x-amz-request-id: 800130A2E48BEEAC 2009/06/21 21:14:54 x-amz-id-2: 3FbaAxfBQdfb2qzdvje42SGn+jDpsjh77V2rWiZe7GexlH+5PCHhN+SMvTBy8aOE 2009/06/21 21:14:54 Content-Type: application/xml 2009/06/21 21:14:54 Transfer-Encoding: chunked 2009/06/21 21:14:54 Date: Sun, 21 Jun 2009 21:14:53 GMT 2009/06/21 21:14:54 Server: AmazonS3 2009/06/21 21:14:54 Connection: close 2009/06/21 21:14:54 Error occurred, retry after 5 seconds 2009/06/21 21:14:59 Connecting s3.amazonaws.com:80... 2009/06/21 21:14:59 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:14:59 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:14:59 Host: s3.amazonaws.com 2009/06/21 21:14:59 Accept: */* 2009/06/21 21:14:59 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:14:59 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:14:59 Range: bytes=4827741- 2009/06/21 21:14:59 Pragma: no-cache 2009/06/21 21:14:59 Cache-Control: no-cache 2009/06/21 21:14:59 Connection: close 2009/06/21 21:15:02 HTTP/1.1 403 Forbidden 2009/06/21 21:15:02 x-amz-request-id: 0297CC22236D8402 2009/06/21 21:15:02 x-amz-id-2: R2jdluFLMqAdzjNQtCoVD/hUhqeOLw7qcy/HP4zlKlsckpx0VU7BgynTQ28DGMIN 2009/06/21 21:15:02 Content-Type: application/xml 2009/06/21 21:15:02 Transfer-Encoding: chunked 2009/06/21 21:15:02 Date: Sun, 21 Jun 2009 21:14:58 GMT 2009/06/21 21:15:02 Server: AmazonS3 2009/06/21 21:15:02 Connection: close 2009/06/21 21:15:02 Error occurred, retry after 5 seconds 2009/06/21 21:15:07 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:07 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:07 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:07 Host: s3.amazonaws.com 2009/06/21 21:15:07 Accept: */* 2009/06/21 21:15:07 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:07 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:07 Range: bytes=4827741- 2009/06/21 21:15:07 Pragma: no-cache 2009/06/21 21:15:07 Cache-Control: no-cache 2009/06/21 21:15:07 Connection: close 2009/06/21 21:15:08 HTTP/1.1 403 Forbidden 2009/06/21 21:15:08 x-amz-request-id: 373B9EED3F336974 2009/06/21 21:15:08 x-amz-id-2: Li2iZ1Fp+fb7hcxyy+m5fbvBnQSACLhOtQt+ty+X9RkFjXfDRofTGjPq6KS/OGn1 2009/06/21 21:15:08 Content-Type: application/xml 2009/06/21 21:15:08 Transfer-Encoding: chunked 2009/06/21 21:15:08 Date: Sun, 21 Jun 2009 21:15:07 GMT 2009/06/21 21:15:08 Server: AmazonS3 2009/06/21 21:15:08 Connection: close 2009/06/21 21:15:08 Error occurred, retry after 5 seconds 2009/06/21 21:15:13 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:13 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:13 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:13 Host: s3.amazonaws.com 2009/06/21 21:15:13 Accept: */* 2009/06/21 21:15:13 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:13 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:13 Range: bytes=4827741- 2009/06/21 21:15:13 Pragma: no-cache 2009/06/21 21:15:13 Cache-Control: no-cache 2009/06/21 21:15:13 Connection: close 2009/06/21 21:15:13 HTTP/1.1 403 Forbidden 2009/06/21 21:15:13 x-amz-request-id: 7D1CF32A1FC1000A 2009/06/21 21:15:13 x-amz-id-2: hrLe0mPWHMhyhbzN50Vuj5R1DYy8mvAtu6dIiYMBzZ3YP6K8j9Gu4N6qlStKVHVE 2009/06/21 21:15:13 Content-Type: application/xml 2009/06/21 21:15:13 Transfer-Encoding: chunked 2009/06/21 21:15:13 Date: Sun, 21 Jun 2009 21:15:12 GMT 2009/06/21 21:15:13 Server: AmazonS3 2009/06/21 21:15:13 Connection: close 2009/06/21 21:15:13 Error occurred, retry after 5 seconds 2009/06/21 21:15:18 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:18 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:18 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:18 Host: s3.amazonaws.com 2009/06/21 21:15:18 Accept: */* 2009/06/21 21:15:18 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:18 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:18 Range: bytes=4827741- 2009/06/21 21:15:18 Pragma: no-cache 2009/06/21 21:15:18 Cache-Control: no-cache 2009/06/21 21:15:18 Connection: close 2009/06/21 21:15:18 HTTP/1.1 403 Forbidden 2009/06/21 21:15:18 x-amz-request-id: C27C90766F03B009 2009/06/21 21:15:18 x-amz-id-2: lrY8JkuGcFwZZ6/UbHB4QYUrqn0BY6QBCAfawK5NLgkI2Y2XtGQ4JiJrJeiKky+a 2009/06/21 21:15:18 Content-Type: application/xml 2009/06/21 21:15:18 Transfer-Encoding: chunked 2009/06/21 21:15:18 Date: Sun, 21 Jun 2009 21:15:17 GMT 2009/06/21 21:15:18 Server: AmazonS3 2009/06/21 21:15:18 Connection: close 2009/06/21 21:15:18 Error occurred, retry after 5 seconds 2009/06/21 21:15:23 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:24 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:24 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:24 Host: s3.amazonaws.com 2009/06/21 21:15:24 Accept: */* 2009/06/21 21:15:24 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:24 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:24 Range: bytes=4827741- 2009/06/21 21:15:24 Pragma: no-cache 2009/06/21 21:15:24 Cache-Control: no-cache 2009/06/21 21:15:24 Connection: close 2009/06/21 21:15:27 HTTP/1.1 403 Forbidden 2009/06/21 21:15:27 x-amz-request-id: 447C57366501DFF6 2009/06/21 21:15:27 x-amz-id-2: yMnlo0qBsabf1pDKlfOE5J4hjc7ScxfTo3yOYQ05fAJ2ca+rUftaBConsLMlDkUu 2009/06/21 21:15:27 Content-Type: application/xml 2009/06/21 21:15:27 Transfer-Encoding: chunked 2009/06/21 21:15:27 Date: Sun, 21 Jun 2009 21:15:22 GMT 2009/06/21 21:15:27 Server: AmazonS3 2009/06/21 21:15:27 Connection: close 2009/06/21 21:15:27 Error occurred, retry after 5 seconds 2009/06/21 21:15:32 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:32 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:32 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:32 Host: s3.amazonaws.com 2009/06/21 21:15:32 Accept: */* 2009/06/21 21:15:32 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:32 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:32 Range: bytes=4827741- 2009/06/21 21:15:32 Pragma: no-cache 2009/06/21 21:15:32 Cache-Control: no-cache 2009/06/21 21:15:32 Connection: close 2009/06/21 21:15:32 HTTP/1.1 403 Forbidden 2009/06/21 21:15:32 x-amz-request-id: C7E8EEB74093B3FC 2009/06/21 21:15:32 x-amz-id-2: 1nbBWCcONCXlnGP/o0d523m/NPR5mDeh2yae22jivlibz46BLAhIuriZU1zrtJb3 2009/06/21 21:15:32 Content-Type: application/xml 2009/06/21 21:15:32 Transfer-Encoding: chunked 2009/06/21 21:15:32 Date: Sun, 21 Jun 2009 21:15:31 GMT 2009/06/21 21:15:32 Server: AmazonS3 2009/06/21 21:15:32 Connection: close 2009/06/21 21:15:32 Error occurred, retry after 5 seconds 2009/06/21 21:15:37 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:37 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:37 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:37 Host: s3.amazonaws.com 2009/06/21 21:15:37 Accept: */* 2009/06/21 21:15:37 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:37 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:37 Range: bytes=4827741- 2009/06/21 21:15:37 Pragma: no-cache 2009/06/21 21:15:37 Cache-Control: no-cache 2009/06/21 21:15:37 Connection: close 2009/06/21 21:15:37 HTTP/1.1 403 Forbidden 2009/06/21 21:15:37 x-amz-request-id: 456740A76E1C1251 2009/06/21 21:15:37 x-amz-id-2: Bq3dlF67/IZKmUV571bNY2CDQzkzDUG9dbRSGuWvERcyvJO2tp5QmaqCgBzcBSth 2009/06/21 21:15:37 Content-Type: application/xml 2009/06/21 21:15:37 Transfer-Encoding: chunked 2009/06/21 21:15:37 Date: Sun, 21 Jun 2009 21:15:36 GMT 2009/06/21 21:15:37 Server: AmazonS3 2009/06/21 21:15:37 Connection: close 2009/06/21 21:15:37 Error occurred, retry after 5 seconds 2009/06/21 21:15:42 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:43 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:43 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:43 Host: s3.amazonaws.com 2009/06/21 21:15:43 Accept: */* 2009/06/21 21:15:43 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:43 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:43 Range: bytes=4827741- 2009/06/21 21:15:43 Pragma: no-cache 2009/06/21 21:15:43 Cache-Control: no-cache 2009/06/21 21:15:43 Connection: close 2009/06/21 21:15:43 HTTP/1.1 403 Forbidden 2009/06/21 21:15:43 x-amz-request-id: E2981831453D7194 2009/06/21 21:15:43 x-amz-id-2: Nkm+ng0ySAUX128whfiHd6p+L2zMFBY9/7XELccJgz66zqAJfsFgA7jh6rOr8KOD 2009/06/21 21:15:43 Content-Type: application/xml 2009/06/21 21:15:43 Transfer-Encoding: chunked 2009/06/21 21:15:43 Date: Sun, 21 Jun 2009 21:15:42 GMT 2009/06/21 21:15:43 Server: AmazonS3 2009/06/21 21:15:43 Connection: close 2009/06/21 21:15:43 Error occurred, retry after 5 seconds 2009/06/21 21:15:48 Connecting s3.amazonaws.com:80... 2009/06/21 21:15:48 Connecting to s3.amazonaws.com:80 successfully 2009/06/21 21:15:48 GET /senduit/873285?AWSAccessKeyId=0RYTHV9YYQ4W5Q3HQMG2&Expires=1245618737&Signature=7wIOuy6tWC0moXJAZaqh4xjc5%2Fk%3D HTTP/1.1 2009/06/21 21:15:48 Host: s3.amazonaws.com 2009/06/21 21:15:48 Accept: */* 2009/06/21 21:15:48 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) 2009/06/21 21:15:48 Referer: http://s3.amazonaws.com/senduit 2009/06/21 21:15:48 Range: bytes=4827741- 2009/06/21 21:15:48 Pragma: no-cache 2009/06/21 21:15:48 Cache-Control: no-cache 2009/06/21 21:15:48 Connection: close 2009/06/21 21:15:48 HTTP/1.1 403 Forbidden 2009/06/21 21:15:48 x-amz-request-id: 1086A36E011B660C 2009/06/21 21:15:48 x-amz-id-2: cezN64nlPBQEcBRbXz16qwuTg9ydGf8ws4NA4QBAsbyz9nY1oZ57e0wPWW4esQMi 2009/06/21 21:15:48 Content-Type: application/xml 2009/06/21 21:15:48 Transfer-Encoding: chunked 2009/06/21 21:15:48 Date: Sun, 21 Jun 2009 21:15:46 GMT 2009/06/21 21:15:48 Server: AmazonS3 2009/06/21 21:15:48 Connection: close 2009/06/21 21:15:48 Max number of tries reached, task exits Je me demande pourquoi seulement ce fichier que je n'arrive pas à télécharger (?_?) Il n'existe pas d'autre alternative à Drweb ? Merci
  7. Merci, J'essaye de télécharger drweb avec la bonne année, sinon l'exécuteur d'Antivir ne se lance toujours pas. Et le mode sans échec, il rencontre un échec quand je le lance ( Oo ), écran bleu tout ça.... Edit : " 2009/06/21 19:18:54 Connecting ftp.drweb.com:21... 2009/06/21 19:18:54 Connecting to ftp.drweb.com:21 successfully 2009/06/21 19:18:54 Waiting for welcome information... 2009/06/21 19:18:55 421 There are too many connections from your internet address. 2009/06/21 19:18:55 Error occurred, retry after 20 seconds 2009/06/21 19:19:08 Task Terminated" Try again ? Merci
  8. Bon suis maudit... Drweb, je n'arrive jamais à le télécharger: Quand j'essaye avec des navigateurs, il bloque direct... Quand j'essaye avec Gigaget, à 80% il bloque ( soit ressources, soit "you have too many connection", soit le fichier est devenu old than data Oo) Enfin, j'ai essayé d'installer Antivir, téléchargement pas de problème, mais quand j'essaye de lancer l'installation il ne se passe plus rien... Bon des idées ? Car la je ne sais plus quoi faire. Merci
  9. Re, désolé du retard : Sinon, j'ai une petite question, quand j'essaye de jouer à un mmorpg je suis toujours déconnecté du serveur, je voudrais savoir si le malware qui m'as infecté est l'origine de ce problème Voici les deux rapport ComboFix 09-06-17.04 - Sanamy 18/06/2002 15:26.6 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.255.55 [GMT 1:00] Lancé depuis: c:\documents and settings\Sanamy\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Sanamy\Bureau\CFScript.txt AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\BackUp C:\Autorun.inf C:\explorer.exe c:\windows\BackUp\autorun.inf c:\windows\BackUp\explorer.exe c:\windows\system32\iexplorer.exe c:\windows\system32\wuauc1t.exe D:\Autorun.inf D:\explorer.exe E:\Autorun.inf E:\explorer.exe F:\Autorun.inf F:\explorer.exe G:\Autorun.inf G:\explorer.exe H:\Autorun.inf H:\explorer.exe I:\Autorun.inf I:\explorer.exe J:\AUTORUN.INF J:\explorer.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2002-05-18 au 2002-06-18 )))))))))))))))))))))))))))))))))))) . 2009-06-11 21:30 . 2002-06-17 16:26 -------- d-----w- c:\documents and settings\Sanamy\Application Data\gtk-2.0 2009-06-11 21:30 . 2009-06-11 21:30 -------- d-----w- c:\documents and settings\Sanamy\.thumbnails 2009-06-11 21:27 . 2002-06-17 21:42 -------- d-----w- c:\documents and settings\Sanamy\.gimp-2.6 2009-06-11 21:27 . 2009-06-11 21:27 -------- d-----w- c:\documents and settings\Sanamy\.gegl-0.0 2009-06-11 21:25 . 2009-06-11 21:25 -------- d-----w- c:\program files\GIMP-2.0 2009-06-08 12:42 . 2008-10-16 13:06 268648 ----a-w- c:\windows\system32\mucltui.dll 2009-06-08 12:42 . 2008-10-16 13:06 208744 ----a-w- c:\windows\system32\muweb.dll 2009-05-26 20:27 . 2008-06-13 00:00 225280 -c--a-w- c:\windows\system32\TubeFinder.exe 2009-05-26 20:27 . 2008-06-04 17:42 9728 -c--a-w- c:\windows\system32\PCCLPFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 32768 -c--a-w- c:\windows\system32\CMDLGFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 141312 -c--a-w- c:\windows\system32\MSCMCFR.DLL 2009-05-26 20:27 . 2002-06-01 13:48 -------- d-----w- c:\program files\Free FLV Converter 2009-05-20 20:46 . 2009-05-20 20:46 -------- d-----w- c:\program files\BlueSquad 2009-05-19 19:40 . 2002-05-22 17:54 -------- d-----w- c:\documents and settings\Sanamy\dwhelper 2009-05-18 12:43 . 2009-05-18 13:27 -------- d-----w- c:\documents and settings\Sanamy\Application Data\FileZilla 2009-05-04 12:37 . 2001-08-23 16:47 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2009-05-04 12:37 . 2004-08-03 23:54 159232 ----a-w- c:\windows\system32\ptpusd.dll 2009-05-04 12:37 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-05-03 18:15 . 2009-05-03 18:29 -------- d-----w- c:\documents and settings\Sanamy\Application Data\vlc 2009-04-28 14:53 . 2009-04-28 14:53 -------- d-----w- c:\documents and settings\Sanamy\Application Data\StoneTrip 2009-04-28 14:44 . 2002-05-25 11:25 -------- d-----w- c:\program files\KidNet 2009-04-26 17:09 . 2009-04-26 17:09 -------- d-----w- c:\windows\Sun 2009-04-20 12:39 . 2009-04-20 12:38 410984 -c--a-w- c:\windows\system32\deploytk.dll 2009-04-20 12:37 . 2009-04-20 12:37 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-20 11:51 . 2009-04-20 11:51 -------- d-----w- c:\documents and settings\Sanamy\.javaws 2009-04-20 11:51 . 2002-05-25 11:25 -------- d-----w- c:\program files\Java Web Start 2009-04-20 11:51 . 2009-04-20 12:38 -------- d-----w- c:\program files\Java 2009-04-20 11:36 . 2009-04-20 11:37 -------- d-----w- c:\program files\gs 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PlotSoft 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\program files\PlotSoft 2009-04-19 19:53 . 2002-06-13 16:48 -------- d-----w- c:\documents and settings\Sanamy\Application Data\BitTorrent 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\DNA 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\BitTorrent 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\program files\DNA 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Application Data\DNA 2009-04-17 12:26 . 2009-04-17 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2009-04-17 10:06 . 2009-04-17 10:06 -------- d-----w- c:\program files\Sims Language 2009-04-17 10:06 . 1997-02-26 22:00 34816 -c--a-w- c:\windows\system32\DBGrdFR.dll 2009-04-17 10:06 . 1997-02-26 22:00 30720 -c--a-w- c:\windows\system32\DBLstFR.dll 2009-04-17 10:00 . 1998-03-14 13:47 96256 -c--a-w- c:\windows\system32\VB5FR.dll 2009-04-17 10:00 . 1997-02-26 22:00 73216 -c--a-w- c:\windows\ST5UNST.EXE 2009-04-17 10:00 . 1997-01-15 22:00 29696 -c--a-w- c:\windows\system32\VB5StKit.dll 2009-04-17 09:59 . 2009-04-17 09:59 -------- d-----w- c:\program files\RY's Games 2009-04-17 09:59 . 1998-10-29 14:45 376320 -c--a-w- c:\windows\IsUninst.exe 2009-04-16 13:13 . 2009-04-17 12:24 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-04-11 16:37 . 2009-04-11 16:37 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Sony Corporation 2009-04-11 16:31 . 2007-04-04 16:53 81768 -c--a-w- c:\windows\system32\xinput1_3.dll 2009-04-11 16:31 . 2007-04-04 16:55 261480 -c--a-w- c:\windows\system32\xactengine2_7.dll 2009-04-11 16:31 . 2007-03-15 14:57 443752 -c--a-w- c:\windows\system32\d3dx10_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 1123696 -c--a-w- c:\windows\system32\D3DCompiler_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 3495784 -c--a-w- c:\windows\system32\d3dx9_33.dll 2009-04-11 16:31 . 2007-01-24 13:27 255848 -c--a-w- c:\windows\system32\xactengine2_6.dll 2009-04-11 16:23 . 2009-04-11 16:23 -------- d-----w- c:\program files\Sony 2009-04-09 18:30 . 2009-04-09 18:30 12862 ----a-r- c:\documents and settings\Sanamy\Application Data\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe 2009-04-09 18:30 . 2009-04-09 18:30 -------- d-----w- c:\program files\Pcsx2 2009-04-07 13:35 . 2002-05-25 11:24 -------- d-----w- c:\program files\100%Naruto v2 2009-04-05 17:46 . 2009-04-05 17:46 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Samsung 2009-04-05 17:30 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll 2009-04-05 17:29 . 2003-02-21 16:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll 2009-04-05 17:29 . 2009-04-05 17:29 -------- d-----w- c:\program files\DIFX 2009-04-05 17:29 . 2009-04-05 17:29 -------- dc----w- c:\windows\system32\DRVSTORE 2009-04-05 17:28 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-04-05 17:14 . 2007-05-02 09:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_whnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys 2009-04-05 17:14 . 2007-05-02 09:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys 2009-04-05 17:14 . 2007-05-02 09:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_cmnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys 2009-04-05 17:14 . 2009-04-05 17:38 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2009-04-05 17:14 . 2009-04-11 05:01 -------- d-----w- c:\program files\Samsung 2009-04-05 17:12 . 2009-04-05 17:12 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-03-24 13:23 . 1999-12-17 08:13 86016 -c--a-w- c:\windows\unvise32.exe 2009-03-24 13:23 . 2009-03-24 13:24 -------- d-----w- c:\program files\YuGiOh Virtual Desktop 2009-03-23 18:50 . 2009-03-23 18:50 -------- d-----w- c:\documents and settings\Sanamy\Application Data\EPSON 2009-03-23 15:45 . 2009-03-23 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL 2009-03-23 15:42 . 2009-03-23 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON 2009-03-23 15:42 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBBZR.DLL 2009-03-23 15:42 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BBZR.DLL 2009-03-22 14:29 . 2002-06-18 13:56 -------- d-----w- C:\TDdownload 2009-03-22 14:28 . 2006-01-09 14:01 86016 ----a-w- c:\windows\system32\gigagetbho_v10.dll 2009-03-22 14:27 . 2009-03-22 14:27 -------- d-----w- c:\program files\Giganology 2009-03-21 16:00 . 2009-03-21 16:00 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_12\lzma.dll 2009-03-21 14:37 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Tracing 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Microsoft 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-03-21 14:30 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live 2009-03-19 20:37 . 2009-04-29 20:18 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----r- c:\program files\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-03-19 10:57 . 2009-03-19 10:57 -------- d--h--w- c:\windows\system32\GroupPolicy 2009-03-19 10:55 . 2009-03-19 11:10 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Google 2009-03-18 20:34 . 2009-03-18 20:34 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2009-03-18 18:29 . 2009-03-18 18:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Help 2009-03-17 19:09 . 2002-06-15 13:58 -------- d-----w- c:\documents and settings\Sanamy\Application Data\dvdcss 2009-03-16 18:32 . 2004-09-10 20:12 49152 -c--a-w- c:\windows\system32\E_DCINST.DLL 2009-03-16 18:32 . 2003-12-10 00:13 76054 ----a-w- c:\windows\system32\EBPMON24.DLL 2009-03-16 18:32 . 2003-05-29 00:01 91648 -c--a-w- c:\windows\system32\E_SAGSET.DLL 2009-03-16 18:32 . 2003-05-21 01:27 64000 -c--a-w- c:\windows\system32\ECBTEG.DLL 2009-03-16 18:32 . 2001-09-04 01:04 182 ----a-w- c:\windows\system32\EBPPORT4.DAT 2009-03-16 18:32 . 2000-06-07 00:01 34304 -c--a-w- c:\windows\system32\EBPCHP.DLL 2009-03-16 18:31 . 2009-03-23 15:44 -------- d-----w- c:\program files\EPSON 2009-03-16 18:22 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-03-16 18:22 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-03-16 11:13 . 2009-06-05 21:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\WMTools Downloaded Files 2009-03-15 11:03 . 2009-04-07 11:55 -------- d-----w- c:\program files\DBZ Online 2009-03-13 08:26 . 2009-03-13 08:26 32784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-03-13 08:26 . 2009-03-13 08:26 227344 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-03-12 13:23 . 2002-05-27 06:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-03-12 13:23 . 2009-03-23 15:46 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2009-03-12 11:06 . 2009-03-12 11:06 -------- d-----w- c:\program files\VideoLAN 2009-03-09 20:04 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-03-09 20:03 . 2009-03-09 20:03 -------- d-----w- c:\program files\Microsoft.NET 2009-03-09 20:02 . 2009-03-09 20:03 -------- d--h--w- c:\windows\ShellNew 2009-03-09 07:55 . 2009-03-09 07:55 -------- d-s---w- c:\documents and settings\Sanamy\UserData 2009-03-06 17:03 . 2009-03-06 17:03 -------- d-----w- c:\windows\system32\CatRoot_bak 2009-03-06 15:36 . 2005-02-25 03:35 22752 -c--a-w- c:\windows\system32\spupdsvc.exe 2009-03-06 15:03 . 2009-03-06 15:03 -------- d-----w- c:\program files\7-Zip 2009-03-06 11:06 . 2009-03-06 11:06 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Identities 2009-03-06 07:26 . 2009-03-13 08:26 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-03-06 07:26 . 2009-03-06 07:26 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-03-06 07:25 . 2009-03-13 08:26 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-03-05 15:10 . 2009-05-10 21:53 450592 -csha-w- c:\windows\system32\drivers\fidbox2.dat 2009-03-05 15:10 . 2009-05-10 21:53 1605664 -csha-w- c:\windows\system32\drivers\fidbox.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-11 10:32 . 2002-03-05 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-10 21:53 . 2009-03-05 15:10 7860 -csha-w- c:\windows\system32\drivers\fidbox2.idx 2009-05-10 21:53 . 2009-03-05 15:10 18864 -csha-w- c:\windows\system32\drivers\fidbox.idx 2009-04-19 11:29 . 2002-09-07 00:00 49494 ----a-w- c:\windows\system32\perfc00C.dat 2009-04-19 11:29 . 2002-09-07 00:00 370414 ----a-w- c:\windows\system32\perfh00C.dat 2009-03-23 15:43 . 2009-03-23 15:43 -------- d-----w- c:\documents and settings\Sanamy\Application Data\InstallShield 2009-03-21 14:36 . 2002-03-05 18:45 57688 ----a-w- c:\documents and settings\Sanamy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-13 08:26 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-03-13 08:26 . 2002-03-05 15:15 89601 ----a-w- c:\windows\system32\drivers\klick.dat 2009-03-13 08:26 . 2002-03-05 15:15 101287 ----a-w- c:\windows\system32\drivers\klin.dat 2009-03-06 16:28 . 2009-03-05 14:56 86331 -c--a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-05 14:57 . 2009-03-05 14:57 -------- d-----w- c:\program files\microsoft frontpage 2009-03-05 14:55 . 2009-03-05 14:55 -------- d-----w- c:\program files\Services en ligne 2009-03-05 14:54 . 2009-03-05 14:54 21892 -c--a-w- c:\windows\system32\emptyregdb.dat 2009-02-11 09:19 . 2002-03-05 18:20 38496 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 . 2002-03-05 18:20 15504 -c--a-w- c:\windows\system32\drivers\mbam.sys 2009-02-06 17:52 . 2009-02-06 17:52 49504 -c--a-w- c:\windows\system32\sirenacm.dll 2008-11-11 19:00 . 2008-11-11 19:00 218376 ----a-w- c:\windows\system32\klogon.dll 2008-11-11 18:58 . 2008-11-11 18:58 25601 ----a-w- c:\windows\system32\drivers\klopp.dat 2008-11-11 17:32 . 2008-11-11 17:32 148816 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\french\setup.exe 2008-10-16 13:13 . 2009-03-05 14:54 202776 -c--a-w- c:\windows\system32\wuweb.dll 2008-10-16 13:13 . 2009-03-05 14:54 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2008-10-16 13:12 . 2009-03-05 14:54 323608 -c--a-w- c:\windows\system32\wucltui.dll 2008-10-16 13:12 . 2009-03-05 14:54 561688 ----a-w- c:\windows\system32\wuapi.dll 2008-10-16 13:09 . 2009-03-05 14:54 51224 ----a-w- c:\windows\system32\wuauclt.exe 2008-10-16 13:09 . 2008-10-16 13:09 43544 ----a-w- c:\windows\system32\wups2.dll 2008-10-16 13:09 . 2004-08-04 04:54 92696 -c--a-w- c:\windows\system32\cdm.dll 2008-10-16 13:08 . 2009-03-05 14:54 34328 ----a-w- c:\windows\system32\wups.dll 2008-07-21 16:34 . 2008-07-21 16:34 121872 ----a-w- c:\windows\system32\drivers\kl1.sys 2008-04-30 16:06 . 2008-04-30 16:06 24592 ----a-w- c:\windows\system32\drivers\klim5.sys 2008-03-13 17:02 . 2008-03-13 17:02 26640 ----a-w- c:\windows\system32\drivers\klfltdev.sys 2007-05-30 12:44 . 2002-05-15 14:55 588288 ----a-w- C:\VisualBoyAdvance1.7.2.fix.exe 2007-03-05 10:42 . 2009-04-11 16:30 15128 -c--a-w- c:\windows\system32\x3daudio1_1.dll 2006-12-08 10:02 . 2009-04-11 16:30 251672 -c--a-w- c:\windows\system32\xactengine2_5.dll 2006-11-29 11:06 . 2009-04-11 16:30 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll 2006-11-02 14:57 . 2009-04-11 16:30 36624 ----a-w- c:\windows\system32\drivers\pxhelp20.sys 2006-11-02 14:57 . 2009-04-11 16:30 118520 -c--a-w- c:\windows\system32\PxInsI64.exe 2006-10-30 23:10 . 2009-03-23 15:43 71840 -c--a-w- c:\windows\system32\EPPicMgr.dll 2006-10-30 23:10 . 2009-03-23 15:43 120992 -c--a-w- c:\windows\system32\EpPicPrt.dll 2006-10-19 23:10 . 2009-03-23 15:43 80024 -c--a-w- c:\windows\system32\PICSDK.dll 2006-10-19 23:10 . 2009-03-23 15:43 501912 -c--a-w- c:\windows\system32\PICSDK2.dll 2006-10-19 23:10 . 2009-03-23 15:43 108704 -c--a-w- c:\windows\system32\PICEntry.dll 2006-10-18 17:43 . 2009-04-11 16:30 115960 -c--a-w- c:\windows\system32\PxCpyI64.exe 2006-10-04 16:08 . 2004-08-04 04:54 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL 2006-10-04 16:08 . 2006-11-01 19:04 119568 ----a-w- c:\windows\system32\VB6FR.DLL 2006-09-28 14:05 . 2009-04-11 16:30 237848 -c--a-w- c:\windows\system32\xactengine2_4.dll 2006-09-28 14:05 . 2009-04-11 16:30 2414360 -c--a-w- c:\windows\system32\d3dx9_31.dll 2006-08-28 19:48 . 2009-04-11 16:30 2560 -c--a-w- c:\windows\system32\drivers\cdralw2k.sys 2006-08-28 19:48 . 2009-04-11 16:30 2432 -c--a-w- c:\windows\system32\drivers\cdr4_xp.sys 2006-07-28 07:30 . 2009-04-11 16:30 236824 -c--a-w- c:\windows\system32\xactengine2_3.dll 2006-07-28 07:30 . 2009-04-11 16:30 62744 -c--a-w- c:\windows\system32\xinput1_2.dll 2006-04-18 04:00 . 2009-03-23 15:43 172032 ----a-w- c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE 2006-01-26 06:31 . 2006-11-01 19:04 160256 -c--a-w- c:\windows\system32\fmod.dll 2005-09-08 15:16 . 2005-09-08 15:16 294912 -c--a-w- c:\windows\system32\DynamicTwainCtrl.dll 2005-05-31 23:20 . 2009-03-23 15:43 111932 -c--a-w- c:\windows\system32\EPPICPrinterDB.dat 2005-05-26 13:34 . 2009-04-11 16:30 2297552 -c--a-w- c:\windows\system32\d3dx9_26.dll 2005-05-04 13:45 . 2004-08-04 04:54 78848 ----a-w- c:\windows\system32\msiexec.exe 2005-05-04 13:45 . 2004-08-04 04:54 271360 -c--a-w- c:\windows\system32\msihnd.dll 2005-05-04 13:45 . 2004-08-04 04:54 15360 ----a-w- c:\windows\system32\msisip.dll 2005-05-04 13:45 . 2004-08-04 04:53 884736 -c--a-w- c:\windows\system32\msimsg.dll 2005-05-04 13:45 . 2004-08-04 04:54 2890240 ----a-w- c:\windows\system32\msi.dll 2005-01-04 09:43 . 2002-05-28 08:40 4682 -c--a-w- c:\windows\system32\npptNT2.sys 2004-08-05 12:00 . 2004-08-04 04:54 30749 -c--a-w- c:\windows\system32\vbajet32.dll 2004-08-05 12:00 . 2004-08-04 04:54 151552 -c--a-w- c:\windows\system32\scrrun.dll 2004-08-05 12:00 . 2004-08-04 04:54 83456 -c--a-w- c:\windows\system32\olepro32.dll 2004-08-05 12:00 . 2004-08-04 04:54 380957 -c--a-w- c:\windows\system32\expsrv.dll 2004-08-05 12:00 . 2004-08-04 04:54 619008 -c--a-w- c:\windows\system32\dx7vb.dll 2004-08-05 12:00 . 2004-08-04 04:54 65024 ----a-w- c:\windows\system32\asycfilt.dll 2004-08-05 12:00 . 2002-09-07 00:00 24626 -c--a-w- c:\windows\system32\scrrnfr.dll 2004-08-04 05:52 . 2002-03-05 15:37 1014836 -c--a-r- c:\windows\SET3.tmp 2004-08-04 05:45 . 2002-03-05 15:38 14043 -c--a-r- c:\windows\SET8.tmp 2004-08-04 05:43 . 2002-03-05 15:37 1086058 -c--a-r- c:\windows\SET4.tmp 2004-08-04 05:08 . 2004-08-04 05:08 1788 -c--a-w- c:\windows\system32\Dcache.bin 2004-08-04 04:57 . 2004-08-04 04:57 332800 -c--a-w- c:\windows\system32\netsetup.exe 2004-08-04 04:54 . 2009-03-16 11:23 124928 -c--a-w- c:\windows\system32\mplay32.exe 2004-08-04 04:53 . 2004-08-04 04:53 2986496 ----a-w- c:\windows\system32\xpsp2res.dll 2004-08-04 04:52 . 2004-08-04 04:52 4096 -c--a-w- c:\windows\system32\dsprpres.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnlobby.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnaddr.dll 2004-08-04 04:52 . 2004-08-04 04:52 24064 -c--a-w- c:\windows\system32\pidgen.dll 2004-08-04 04:52 . 2004-08-04 04:52 70144 ----a-w- c:\windows\system32\browselc.dll 2004-08-04 04:52 . 2004-08-04 04:52 16896 ----a-w- c:\windows\system32\cfgmgr32.dll 2004-08-04 04:52 . 2004-08-04 04:52 8704 -c--a-w- c:\windows\system32\asferror.dll 2004-08-04 04:52 . 2004-08-04 04:52 285696 ----a-w- c:\windows\system32\atmfd.dll 2004-08-04 04:49 . 2009-03-05 14:54 73600 ----a-w- c:\windows\system32\drivers\sr.sys 2004-08-04 04:48 . 2004-08-04 04:48 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2004-08-04 04:46 . 2004-08-04 04:46 154496 ----a-w- c:\windows\system32\drivers\dmio.sys 2004-08-04 04:46 . 2004-08-04 04:46 800256 ----a-w- c:\windows\system32\drivers\dmboot.sys 2004-08-04 04:45 . 2004-08-04 04:45 1836032 ----a-w- c:\windows\system32\win32k.sys 2004-08-04 04:45 . 2004-08-04 04:45 25216 ----a-w- c:\windows\system32\drivers\kbdclass.sys 2004-08-04 04:44 . 2004-08-04 04:44 53376 -c--a-w- c:\windows\system32\drivers\volsnap.sys 2004-08-04 04:43 . 2004-08-04 04:43 40320 ----a-w- c:\windows\system32\drivers\intelppm.sys 2004-08-04 04:41 . 2004-08-04 04:41 66560 ----a-w- c:\windows\system32\drivers\serial.sys 2004-08-04 04:41 . 2004-08-04 04:41 54400 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2004-08-04 04:37 . 2009-03-05 14:52 44544 -c--a-w- c:\windows\system32\tscupgrd.exe 2004-08-04 04:37 . 2009-03-05 14:53 411648 -c--a-w- c:\windows\system32\mstsc.exe 2004-08-04 04:37 . 2004-08-04 04:37 70688 -c--a-w- c:\windows\system32\mmsystem.dll 2004-08-04 04:37 . 2004-08-04 04:37 120320 -c--a-w- c:\windows\system32\drivers\pcmcia.sys 2004-08-04 04:37 . 2004-08-04 04:37 68608 ----a-w- c:\windows\system32\drivers\pci.sys 2004-08-04 04:36 . 2004-08-04 04:36 188672 ----a-w- c:\windows\system32\drivers\acpi.sys . ((((((((((((((((((((((((((((( SnapShot@2009-05-11_19.53.47 ))))))))))))))))))))))))))))))))))))))))) . + 2006-12-01 21:56 . 2006-12-01 21:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2002-06-18 12:40 . 2002-06-18 12:40 16384 c:\windows\temp\Perflib_Perfdata_15c.dat + 2002-09-07 00:00 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll - 2002-03-05 15:38 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll + 2002-09-07 00:00 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll - 2002-03-05 15:38 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll + 2002-09-07 00:00 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll - 2002-03-05 15:38 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll - 2004-08-04 04:55 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe + 2002-03-05 15:38 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe + 2002-09-07 00:00 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv - 2002-03-05 15:38 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv + 2002-09-07 00:00 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv - 2002-03-05 15:38 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv - 2002-03-05 15:38 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv + 2002-09-07 00:00 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv + 2002-09-07 00:00 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll - 2002-03-05 15:38 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll - 2002-03-05 15:38 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll + 2002-09-07 00:00 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll + 2002-06-13 16:48 . 2002-06-13 16:48 3584 c:\windows\system32\drivers\klif.sys - 2002-03-05 15:38 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll - 2002-03-05 15:38 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll + 2002-09-07 00:00 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll - 2002-03-05 15:38 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll + 2006-12-01 21:36 . 2006-12-01 21:36 796672 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcr80.dll + 2006-12-01 21:37 . 2006-12-01 21:37 516096 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcm80.dll + 2006-12-01 21:40 . 2006-12-01 21:40 113152 c:\windows\WinSxS\amd64_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_fdbc5a54\ATL80.dll - 2004-08-04 04:55 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv + 2002-03-05 15:38 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv + 2002-09-07 00:00 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll - 2002-03-05 15:38 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll - 2002-03-05 15:38 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll + 2002-09-07 00:00 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll + 2009-06-11 15:02 . 2009-06-11 15:02 452496 c:\windows\Downloaded Program Files\wlscBase.dll + 2006-12-01 21:39 . 2006-12-01 21:39 1061376 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcp80.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 173568] c:\documents and settings\Sanamy\Menu D‚marrer\Programmes\D‚marrage\ Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2009-4-11 532480] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I3T1.EXE"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"= "c:\\WINDOWS\\system32\\taskmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\iojhmh.sys --> c:\windows\system32\drivers\iojhmh.sys [?] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] . Contenu du dossier 'Tâches planifiées' 2002-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-602609370-682003330-1003.job - c:\documents and settings\Sanamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-19 10:55] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {F8E8EB8E-43E3-4D6D-BB7C-8CA044F33B6D} = 208.67.222.222 193.55.10.102 FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2002-06-18 15:38 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2002-06-18 15:48 ComboFix-quarantined-files.txt 2002-06-18 14:48 ComboFix2.txt 2002-06-14 17:48 ComboFix3.txt 2002-06-13 15:36 ComboFix4.txt 2002-06-07 20:52 ComboFix5.txt 2002-06-18 14:25 Avant-CF: 1 558 740 992 octets libres Après-CF: 1 671 954 432 octets libres 383 Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2297 Windows 5.1.2600 Service Pack 2 21/06/2002 12:50:26 mbam-log-2002-06-21 (12-50-26).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Eléments examinés: 202191 Temps écoulé: 51 minute(s), 16 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 118 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 6 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 39 Processus mémoire infecté(s): C:\WINDOWS\system32\iexplorer.exe (Trojan.Downloader) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icesword.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTray.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRunKiller.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Frameworkservice.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASARP.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WOPTILITIES.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wuauclt.exe (Worm.AutoRun) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iExplorer (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\trend micro\hijackthis\backups\backup-20090510-195643-238.dll (Adware.MyWeb) -> Quarantined and deleted successfully. c:\program files\trend micro\hijackthis\backups\backup-20090510-195643-592.dll (Adware.MyWeb) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> Quarantined and deleted successfully. c:\program files\windows live\messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\windows live\messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\fbak.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\w.com.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\F3HKSTUB.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\F3REGHK.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3HIGHIN.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3HTML.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3IDLE.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3IMPIPE.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3MEDINT.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3MSG.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3OUTLCN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3PLUGIN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3SKIN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3SKPLAY.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3SLSRCH.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\M3SRCHMN.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\MWSOEMON.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\MWSOEPLG.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\MWSOESTB.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\MWSSVC.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\mywebsearch\bar\3.bin\NPMYWEBS.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\WINDOWS\system32\nmdfgds0.dll.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\WINDOWS\system32\nmdfgds1.dll.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\WINDOWS\system32\olhrwef.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iexplorer.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wuauc1t.exe (Worm.AutoRun) -> Quarantined and deleted successfully. C:\AUTORUN.INF (Worm.AutoRun) -> Quarantined and deleted successfully. C:\explorer.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
  10. Désolé, j'étais indisponible, et le le fichier CFScript a expiré :/
  11. Arf, je n'arrive toujours pas :s Pourtant, j'arrive bien à télécharger des logiciels, sauf celui ci ?? O_o Et je suis incapable de le télécharger d'un autre pc pour l'instant, c'est à cause de l'infection que le téléchargement s'arrête ? Y a t'il un moyen de contourner ça ?
  12. Re, Concernant combofix, à l'étape 7 et 8 " Application Corrompu " Voici le rapport ComboFix 09-06-13.09 - Sanamy 14/06/2002 18:26.5 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.255.97 [GMT 1:00] Lancé depuis: c:\documents and settings\Sanamy\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Sanamy\Bureau\CFScript.txt AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: "c:\program files\{17350501621331}.exe" "c:\program files\explorer.exe" "c:\windows\system32\drivers\iojhmh.sys" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\bycool c:\windows\system32\f C:\Autorun.inf C:\explorer.exe c:\program files\{17350501621331}.exe c:\program files\explorer.exe c:\windows\system32\iexplorer.exe c:\windows\system32\wuauc1t.exe D:\Autorun.inf D:\explorer.exe E:\Autorun.inf E:\explorer.exe F:\Autorun.inf F:\explorer.exe G:\Autorun.inf G:\explorer.exe H:\Autorun.inf H:\explorer.exe I:\Autorun.inf I:\explorer.exe J:\Autorun.inf J:\explorer.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ABP470N5 -------\Service_abp470n5 ((((((((((((((((((((((((((((( Fichiers créés du 2002-05-14 au 2002-06-14 )))))))))))))))))))))))))))))))))))) . 2009-06-11 21:30 . 2009-06-12 07:55 -------- d-----w- c:\documents and settings\Sanamy\Application Data\gtk-2.0 2009-06-11 21:30 . 2009-06-11 21:30 -------- d-----w- c:\documents and settings\Sanamy\.thumbnails 2009-06-11 21:27 . 2009-06-12 08:02 -------- d-----w- c:\documents and settings\Sanamy\.gimp-2.6 2009-06-11 21:27 . 2009-06-11 21:27 -------- d-----w- c:\documents and settings\Sanamy\.gegl-0.0 2009-06-11 21:25 . 2009-06-11 21:25 -------- d-----w- c:\program files\GIMP-2.0 2009-06-08 12:42 . 2008-10-16 13:06 268648 ----a-w- c:\windows\system32\mucltui.dll 2009-06-08 12:42 . 2008-10-16 13:06 208744 ----a-w- c:\windows\system32\muweb.dll 2009-05-26 20:27 . 2008-06-13 00:00 225280 -c--a-w- c:\windows\system32\TubeFinder.exe 2009-05-26 20:27 . 2008-06-04 17:42 9728 -c--a-w- c:\windows\system32\PCCLPFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 32768 -c--a-w- c:\windows\system32\CMDLGFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 141312 -c--a-w- c:\windows\system32\MSCMCFR.DLL 2009-05-26 20:27 . 2002-06-01 13:48 -------- d-----w- c:\program files\Free FLV Converter 2009-05-20 20:46 . 2009-05-20 20:46 -------- d-----w- c:\program files\BlueSquad 2009-05-19 19:40 . 2002-05-22 17:54 -------- d-----w- c:\documents and settings\Sanamy\dwhelper 2009-05-18 12:43 . 2009-05-18 13:27 -------- d-----w- c:\documents and settings\Sanamy\Application Data\FileZilla 2009-05-10 21:49 . 2009-05-10 21:50 -------- d-sh--w- c:\windows\BackUp 2009-05-04 12:37 . 2001-08-23 16:47 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2009-05-04 12:37 . 2004-08-03 23:54 159232 ----a-w- c:\windows\system32\ptpusd.dll 2009-05-04 12:37 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-05-03 18:15 . 2009-05-03 18:29 -------- d-----w- c:\documents and settings\Sanamy\Application Data\vlc 2009-04-28 14:53 . 2009-04-28 14:53 -------- d-----w- c:\documents and settings\Sanamy\Application Data\StoneTrip 2009-04-28 14:44 . 2002-05-25 11:25 -------- d-----w- c:\program files\KidNet 2009-04-26 17:09 . 2009-04-26 17:09 -------- d-----w- c:\windows\Sun 2009-04-20 12:39 . 2009-04-20 12:38 410984 -c--a-w- c:\windows\system32\deploytk.dll 2009-04-20 12:37 . 2009-04-20 12:37 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-20 11:51 . 2009-04-20 11:51 -------- d-----w- c:\documents and settings\Sanamy\.javaws 2009-04-20 11:51 . 2002-05-25 11:25 -------- d-----w- c:\program files\Java Web Start 2009-04-20 11:51 . 2009-04-20 12:38 -------- d-----w- c:\program files\Java 2009-04-20 11:36 . 2009-04-20 11:37 -------- d-----w- c:\program files\gs 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PlotSoft 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\program files\PlotSoft 2009-04-19 19:53 . 2002-06-13 16:48 -------- d-----w- c:\documents and settings\Sanamy\Application Data\BitTorrent 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\DNA 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\BitTorrent 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\program files\DNA 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Application Data\DNA 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\AskSearch 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\AskBarDis 2009-04-17 12:26 . 2009-04-17 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2009-04-17 10:06 . 2009-04-17 10:06 -------- d-----w- c:\program files\Sims Language 2009-04-17 10:06 . 1997-02-26 22:00 34816 -c--a-w- c:\windows\system32\DBGrdFR.dll 2009-04-17 10:06 . 1997-02-26 22:00 30720 -c--a-w- c:\windows\system32\DBLstFR.dll 2009-04-17 10:00 . 1998-03-14 13:47 96256 -c--a-w- c:\windows\system32\VB5FR.dll 2009-04-17 10:00 . 1997-02-26 22:00 73216 -c--a-w- c:\windows\ST5UNST.EXE 2009-04-17 10:00 . 1997-01-15 22:00 29696 -c--a-w- c:\windows\system32\VB5StKit.dll 2009-04-17 09:59 . 2009-04-17 09:59 -------- d-----w- c:\program files\RY's Games 2009-04-17 09:59 . 1998-10-29 14:45 376320 -c--a-w- c:\windows\IsUninst.exe 2009-04-16 13:13 . 2009-04-17 12:24 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-04-11 16:37 . 2009-04-11 16:37 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Sony Corporation 2009-04-11 16:31 . 2007-04-04 16:53 81768 -c--a-w- c:\windows\system32\xinput1_3.dll 2009-04-11 16:31 . 2007-04-04 16:55 261480 -c--a-w- c:\windows\system32\xactengine2_7.dll 2009-04-11 16:31 . 2007-03-15 14:57 443752 -c--a-w- c:\windows\system32\d3dx10_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 1123696 -c--a-w- c:\windows\system32\D3DCompiler_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 3495784 -c--a-w- c:\windows\system32\d3dx9_33.dll 2009-04-11 16:31 . 2007-01-24 13:27 255848 -c--a-w- c:\windows\system32\xactengine2_6.dll 2009-04-11 16:23 . 2009-04-11 16:23 -------- d-----w- c:\program files\Sony 2009-04-09 18:30 . 2009-04-09 18:30 12862 ----a-r- c:\documents and settings\Sanamy\Application Data\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe 2009-04-09 18:30 . 2009-04-09 18:30 -------- d-----w- c:\program files\Pcsx2 2009-04-07 13:35 . 2002-05-25 11:24 -------- d-----w- c:\program files\100%Naruto v2 2009-04-05 17:46 . 2009-04-05 17:46 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Samsung 2009-04-05 17:30 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll 2009-04-05 17:29 . 2003-02-21 16:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll 2009-04-05 17:29 . 2009-04-05 17:29 -------- d-----w- c:\program files\DIFX 2009-04-05 17:29 . 2009-04-05 17:29 -------- dc----w- c:\windows\system32\DRVSTORE 2009-04-05 17:28 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-04-05 17:14 . 2007-05-02 09:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_whnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys 2009-04-05 17:14 . 2007-05-02 09:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys 2009-04-05 17:14 . 2007-05-02 09:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_cmnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys 2009-04-05 17:14 . 2009-04-05 17:38 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2009-04-05 17:14 . 2009-04-11 05:01 -------- d-----w- c:\program files\Samsung 2009-04-05 17:12 . 2009-04-05 17:12 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-03-24 13:23 . 1999-12-17 08:13 86016 -c--a-w- c:\windows\unvise32.exe 2009-03-24 13:23 . 2009-03-24 13:24 -------- d-----w- c:\program files\YuGiOh Virtual Desktop 2009-03-23 18:50 . 2009-03-23 18:50 -------- d-----w- c:\documents and settings\Sanamy\Application Data\EPSON 2009-03-23 15:45 . 2009-03-23 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL 2009-03-23 15:42 . 2009-03-23 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON 2009-03-23 15:42 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBBZR.DLL 2009-03-23 15:42 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BBZR.DLL 2009-03-22 14:29 . 2009-04-09 07:16 -------- d-----w- C:\TDdownload 2009-03-22 14:28 . 2006-01-09 14:01 86016 ----a-w- c:\windows\system32\gigagetbho_v10.dll 2009-03-22 14:27 . 2009-03-22 14:27 -------- d-----w- c:\program files\Giganology 2009-03-21 16:00 . 2009-03-21 16:00 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_12\lzma.dll 2009-03-21 14:37 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Tracing 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Microsoft 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-03-21 14:30 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live 2009-03-19 20:37 . 2009-04-29 20:18 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----r- c:\program files\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-03-19 10:57 . 2009-03-19 10:57 -------- d--h--w- c:\windows\system32\GroupPolicy 2009-03-19 10:55 . 2009-03-19 11:10 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Google 2009-03-18 20:34 . 2009-03-18 20:34 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2009-03-18 18:29 . 2009-03-18 18:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Help 2009-03-17 19:09 . 2002-06-05 21:05 -------- d-----w- c:\documents and settings\Sanamy\Application Data\dvdcss 2009-03-16 18:32 . 2004-09-10 20:12 49152 -c--a-w- c:\windows\system32\E_DCINST.DLL 2009-03-16 18:32 . 2003-12-10 00:13 76054 ----a-w- c:\windows\system32\EBPMON24.DLL 2009-03-16 18:32 . 2003-05-29 00:01 91648 -c--a-w- c:\windows\system32\E_SAGSET.DLL 2009-03-16 18:32 . 2003-05-21 01:27 64000 -c--a-w- c:\windows\system32\ECBTEG.DLL 2009-03-16 18:32 . 2001-09-04 01:04 182 ----a-w- c:\windows\system32\EBPPORT4.DAT 2009-03-16 18:32 . 2000-06-07 00:01 34304 -c--a-w- c:\windows\system32\EBPCHP.DLL 2009-03-16 18:31 . 2009-03-23 15:44 -------- d-----w- c:\program files\EPSON 2009-03-16 18:22 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-03-16 18:22 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-03-16 11:13 . 2009-06-05 21:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\WMTools Downloaded Files 2009-03-15 11:03 . 2009-04-07 11:55 -------- d-----w- c:\program files\DBZ Online 2009-03-13 08:26 . 2009-03-13 08:26 32784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-03-13 08:26 . 2009-03-13 08:26 227344 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-03-12 13:23 . 2002-05-27 06:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-03-12 13:23 . 2009-03-23 15:46 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2009-03-12 11:06 . 2009-03-12 11:06 -------- d-----w- c:\program files\VideoLAN 2009-03-09 20:04 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-03-09 20:03 . 2009-03-09 20:03 -------- d-----w- c:\program files\Microsoft.NET 2009-03-09 20:02 . 2009-03-09 20:03 -------- d--h--w- c:\windows\ShellNew 2009-03-09 07:55 . 2009-03-09 07:55 -------- d-s---w- c:\documents and settings\Sanamy\UserData 2009-03-06 17:03 . 2009-03-06 17:03 -------- d-----w- c:\windows\system32\CatRoot_bak 2009-03-06 15:36 . 2005-02-25 03:35 22752 -c--a-w- c:\windows\system32\spupdsvc.exe 2009-03-06 15:03 . 2009-03-06 15:03 -------- d-----w- c:\program files\7-Zip 2009-03-06 11:06 . 2009-03-06 11:06 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Identities 2009-03-06 07:26 . 2009-03-13 08:26 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-03-06 07:26 . 2009-03-06 07:26 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-03-06 07:25 . 2009-03-13 08:26 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-11 10:32 . 2002-03-05 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-10 21:53 . 2009-03-05 15:10 7860 -csha-w- c:\windows\system32\drivers\fidbox2.idx 2009-05-10 21:53 . 2009-03-05 15:10 18864 -csha-w- c:\windows\system32\drivers\fidbox.idx 2009-04-19 11:29 . 2002-09-07 00:00 49494 ----a-w- c:\windows\system32\perfc00C.dat 2009-04-19 11:29 . 2002-09-07 00:00 370414 ----a-w- c:\windows\system32\perfh00C.dat 2009-03-23 15:43 . 2009-03-23 15:43 -------- d-----w- c:\documents and settings\Sanamy\Application Data\InstallShield 2009-03-21 14:36 . 2002-03-05 18:45 57688 ----a-w- c:\documents and settings\Sanamy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-13 08:26 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-03-13 08:26 . 2002-03-05 15:15 89601 ----a-w- c:\windows\system32\drivers\klick.dat 2009-03-13 08:26 . 2002-03-05 15:15 101287 ----a-w- c:\windows\system32\drivers\klin.dat 2009-03-06 16:28 . 2009-03-05 14:56 86331 -c--a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-05 14:57 . 2009-03-05 14:57 -------- d-----w- c:\program files\microsoft frontpage 2009-03-05 14:55 . 2009-03-05 14:55 -------- d-----w- c:\program files\Services en ligne 2009-03-05 14:54 . 2009-03-05 14:54 21892 -c--a-w- c:\windows\system32\emptyregdb.dat 2009-02-11 09:19 . 2002-03-05 18:20 38496 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 . 2002-03-05 18:20 15504 -c--a-w- c:\windows\system32\drivers\mbam.sys 2009-02-06 17:52 . 2009-02-06 17:52 49504 -c--a-w- c:\windows\system32\sirenacm.dll 2008-11-11 19:00 . 2008-11-11 19:00 218376 ----a-w- c:\windows\system32\klogon.dll 2008-11-11 18:58 . 2008-11-11 18:58 25601 ----a-w- c:\windows\system32\drivers\klopp.dat 2008-11-11 17:32 . 2008-11-11 17:32 148816 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\french\setup.exe 2008-10-16 13:13 . 2009-03-05 14:54 202776 -c--a-w- c:\windows\system32\wuweb.dll 2008-10-16 13:13 . 2009-03-05 14:54 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2008-10-16 13:12 . 2009-03-05 14:54 323608 -c--a-w- c:\windows\system32\wucltui.dll 2008-10-16 13:12 . 2009-03-05 14:54 561688 ----a-w- c:\windows\system32\wuapi.dll 2008-10-16 13:09 . 2009-03-05 14:54 51224 ----a-w- c:\windows\system32\wuauclt.exe 2008-10-16 13:09 . 2008-10-16 13:09 43544 ----a-w- c:\windows\system32\wups2.dll 2008-10-16 13:09 . 2004-08-04 04:54 92696 -c--a-w- c:\windows\system32\cdm.dll 2008-10-16 13:08 . 2009-03-05 14:54 34328 ----a-w- c:\windows\system32\wups.dll 2008-07-21 16:34 . 2008-07-21 16:34 121872 ----a-w- c:\windows\system32\drivers\kl1.sys 2008-04-30 16:06 . 2008-04-30 16:06 24592 ----a-w- c:\windows\system32\drivers\klim5.sys 2008-03-13 17:02 . 2008-03-13 17:02 26640 ----a-w- c:\windows\system32\drivers\klfltdev.sys 2007-05-30 12:44 . 2002-05-15 14:55 588288 ----a-w- C:\VisualBoyAdvance1.7.2.fix.exe 2007-03-05 10:42 . 2009-04-11 16:30 15128 -c--a-w- c:\windows\system32\x3daudio1_1.dll 2006-12-08 10:02 . 2009-04-11 16:30 251672 -c--a-w- c:\windows\system32\xactengine2_5.dll 2006-11-29 11:06 . 2009-04-11 16:30 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll 2006-11-02 14:57 . 2009-04-11 16:30 36624 ----a-w- c:\windows\system32\drivers\pxhelp20.sys 2006-11-02 14:57 . 2009-04-11 16:30 118520 -c--a-w- c:\windows\system32\PxInsI64.exe 2006-10-30 23:10 . 2009-03-23 15:43 71840 -c--a-w- c:\windows\system32\EPPicMgr.dll 2006-10-30 23:10 . 2009-03-23 15:43 120992 -c--a-w- c:\windows\system32\EpPicPrt.dll 2006-10-19 23:10 . 2009-03-23 15:43 80024 -c--a-w- c:\windows\system32\PICSDK.dll 2006-10-19 23:10 . 2009-03-23 15:43 501912 -c--a-w- c:\windows\system32\PICSDK2.dll 2006-10-19 23:10 . 2009-03-23 15:43 108704 -c--a-w- c:\windows\system32\PICEntry.dll 2006-10-18 17:43 . 2009-04-11 16:30 115960 -c--a-w- c:\windows\system32\PxCpyI64.exe 2006-10-04 16:08 . 2004-08-04 04:54 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL 2006-10-04 16:08 . 2006-11-01 19:04 119568 ----a-w- c:\windows\system32\VB6FR.DLL 2006-09-28 14:05 . 2009-04-11 16:30 237848 -c--a-w- c:\windows\system32\xactengine2_4.dll 2006-09-28 14:05 . 2009-04-11 16:30 2414360 -c--a-w- c:\windows\system32\d3dx9_31.dll 2006-08-28 19:48 . 2009-04-11 16:30 2560 -c--a-w- c:\windows\system32\drivers\cdralw2k.sys 2006-08-28 19:48 . 2009-04-11 16:30 2432 -c--a-w- c:\windows\system32\drivers\cdr4_xp.sys 2006-07-28 07:30 . 2009-04-11 16:30 236824 -c--a-w- c:\windows\system32\xactengine2_3.dll 2006-07-28 07:30 . 2009-04-11 16:30 62744 -c--a-w- c:\windows\system32\xinput1_2.dll 2006-04-18 04:00 . 2009-03-23 15:43 172032 ----a-w- c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE 2006-01-26 06:31 . 2006-11-01 19:04 160256 -c--a-w- c:\windows\system32\fmod.dll 2005-09-08 15:16 . 2005-09-08 15:16 294912 -c--a-w- c:\windows\system32\DynamicTwainCtrl.dll 2005-05-31 23:20 . 2009-03-23 15:43 111932 -c--a-w- c:\windows\system32\EPPICPrinterDB.dat 2005-05-26 13:34 . 2009-04-11 16:30 2297552 -c--a-w- c:\windows\system32\d3dx9_26.dll 2005-05-04 13:45 . 2004-08-04 04:54 78848 ----a-w- c:\windows\system32\msiexec.exe 2005-05-04 13:45 . 2004-08-04 04:54 271360 -c--a-w- c:\windows\system32\msihnd.dll 2005-05-04 13:45 . 2004-08-04 04:54 15360 ----a-w- c:\windows\system32\msisip.dll 2005-05-04 13:45 . 2004-08-04 04:53 884736 -c--a-w- c:\windows\system32\msimsg.dll 2005-05-04 13:45 . 2004-08-04 04:54 2890240 ----a-w- c:\windows\system32\msi.dll 2005-01-04 09:43 . 2002-05-28 08:40 4682 -c--a-w- c:\windows\system32\npptNT2.sys 2004-08-05 12:00 . 2004-08-04 04:54 30749 -c--a-w- c:\windows\system32\vbajet32.dll 2004-08-05 12:00 . 2004-08-04 04:54 151552 -c--a-w- c:\windows\system32\scrrun.dll 2004-08-05 12:00 . 2004-08-04 04:54 83456 -c--a-w- c:\windows\system32\olepro32.dll 2004-08-05 12:00 . 2004-08-04 04:54 380957 -c--a-w- c:\windows\system32\expsrv.dll 2004-08-05 12:00 . 2004-08-04 04:54 619008 -c--a-w- c:\windows\system32\dx7vb.dll 2004-08-05 12:00 . 2004-08-04 04:54 65024 ----a-w- c:\windows\system32\asycfilt.dll 2004-08-05 12:00 . 2002-09-07 00:00 24626 -c--a-w- c:\windows\system32\scrrnfr.dll 2004-08-04 05:52 . 2002-03-05 15:37 1014836 -c--a-r- c:\windows\SET3.tmp 2004-08-04 05:45 . 2002-03-05 15:38 14043 -c--a-r- c:\windows\SET8.tmp 2004-08-04 05:43 . 2002-03-05 15:37 1086058 -c--a-r- c:\windows\SET4.tmp 2004-08-04 05:08 . 2004-08-04 05:08 1788 -c--a-w- c:\windows\system32\Dcache.bin 2004-08-04 04:57 . 2004-08-04 04:57 332800 -c--a-w- c:\windows\system32\netsetup.exe 2004-08-04 04:54 . 2009-03-16 11:23 124928 -c--a-w- c:\windows\system32\mplay32.exe 2004-08-04 04:53 . 2004-08-04 04:53 2986496 ----a-w- c:\windows\system32\xpsp2res.dll 2004-08-04 04:52 . 2004-08-04 04:52 4096 -c--a-w- c:\windows\system32\dsprpres.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnlobby.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnaddr.dll 2004-08-04 04:52 . 2004-08-04 04:52 24064 -c--a-w- c:\windows\system32\pidgen.dll 2004-08-04 04:52 . 2004-08-04 04:52 70144 ----a-w- c:\windows\system32\browselc.dll 2004-08-04 04:52 . 2004-08-04 04:52 16896 ----a-w- c:\windows\system32\cfgmgr32.dll 2004-08-04 04:52 . 2004-08-04 04:52 8704 -c--a-w- c:\windows\system32\asferror.dll 2004-08-04 04:52 . 2004-08-04 04:52 285696 ----a-w- c:\windows\system32\atmfd.dll 2004-08-04 04:49 . 2009-03-05 14:54 73600 ----a-w- c:\windows\system32\drivers\sr.sys 2004-08-04 04:48 . 2004-08-04 04:48 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2004-08-04 04:46 . 2004-08-04 04:46 154496 ----a-w- c:\windows\system32\drivers\dmio.sys 2004-08-04 04:46 . 2004-08-04 04:46 800256 ----a-w- c:\windows\system32\drivers\dmboot.sys 2004-08-04 04:45 . 2004-08-04 04:45 1836032 ----a-w- c:\windows\system32\win32k.sys 2004-08-04 04:45 . 2004-08-04 04:45 25216 ----a-w- c:\windows\system32\drivers\kbdclass.sys 2004-08-04 04:44 . 2004-08-04 04:44 53376 -c--a-w- c:\windows\system32\drivers\volsnap.sys 2004-08-04 04:43 . 2004-08-04 04:43 40320 ----a-w- c:\windows\system32\drivers\intelppm.sys 2004-08-04 04:41 . 2004-08-04 04:41 66560 ----a-w- c:\windows\system32\drivers\serial.sys 2004-08-04 04:41 . 2004-08-04 04:41 54400 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2004-08-04 04:37 . 2009-03-05 14:52 44544 -c--a-w- c:\windows\system32\tscupgrd.exe 2004-08-04 04:37 . 2009-03-05 14:53 411648 -c--a-w- c:\windows\system32\mstsc.exe 2004-08-04 04:37 . 2004-08-04 04:37 70688 -c--a-w- c:\windows\system32\mmsystem.dll 2004-08-04 04:37 . 2004-08-04 04:37 120320 -c--a-w- c:\windows\system32\drivers\pcmcia.sys 2004-08-04 04:37 . 2004-08-04 04:37 68608 ----a-w- c:\windows\system32\drivers\pci.sys 2004-08-04 04:36 . 2004-08-04 04:36 188672 ----a-w- c:\windows\system32\drivers\acpi.sys . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\windows\BackUp ---- 2009-05-10 21:50 . 2008-10-11 14:54 328895 --sha-r- c:\windows\BackUp\explorer.exe 2009-05-10 21:50 . 2009-05-10 21:50 139 --sha-r- c:\windows\BackUp\autorun.inf ((((((((((((((((((((((((((((( SnapShot@2009-05-11_19.53.47 ))))))))))))))))))))))))))))))))))))))))) . + 2006-12-01 21:56 . 2006-12-01 21:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2002-06-14 17:45 . 2002-06-14 17:45 16384 c:\windows\temp\Perflib_Perfdata_6e4.dat + 2002-06-14 17:45 . 2002-06-14 17:45 16384 c:\windows\temp\Perflib_Perfdata_61c.dat + 2002-09-07 00:00 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll - 2002-03-05 15:38 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll - 2002-03-05 15:38 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll + 2002-09-07 00:00 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll - 2002-03-05 15:38 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll + 2002-09-07 00:00 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll - 2004-08-04 04:55 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe + 2002-03-05 15:38 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe + 2002-09-07 00:00 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv - 2002-03-05 15:38 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv - 2002-03-05 15:38 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv + 2002-09-07 00:00 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv - 2002-03-05 15:38 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv + 2002-09-07 00:00 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv + 2002-09-07 00:00 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll - 2002-03-05 15:38 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll + 2002-09-07 00:00 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll - 2002-03-05 15:38 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll + 2002-06-13 16:48 . 2002-06-13 16:48 3584 c:\windows\system32\drivers\klif.sys - 2002-03-05 15:38 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll - 2002-03-05 15:38 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll + 2002-09-07 00:00 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll - 2002-03-05 15:38 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll + 2006-12-01 21:36 . 2006-12-01 21:36 796672 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcr80.dll + 2006-12-01 21:37 . 2006-12-01 21:37 516096 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcm80.dll + 2006-12-01 21:40 . 2006-12-01 21:40 113152 c:\windows\WinSxS\amd64_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_fdbc5a54\ATL80.dll + 2002-03-05 15:38 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv - 2004-08-04 04:55 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv - 2002-03-05 15:38 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll + 2002-09-07 00:00 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll - 2002-03-05 15:38 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll + 2002-09-07 00:00 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll + 2002-06-14 17:25 . 2002-06-14 17:25 400896 c:\windows\system32\CF28795.exe + 2009-06-11 15:02 . 2009-06-11 15:02 452496 c:\windows\Downloaded Program Files\wlscBase.dll + 2006-12-01 21:39 . 2006-12-01 21:39 1061376 c:\windows\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\msvcp80.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c:\program files\NetMeter\NetMeter.exe"="c:\program files\NetMeter\NetMeter.exe" [2007-08-11 331264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 173568] c:\documents and settings\Sanamy\Menu D‚marrer\Programmes\D‚marrage\ Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2009-4-11 532480] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) Les clés de Registre SafeBoot doivent être réparées. Cette machine ne peut pas utiliser le Mode Sans Échec. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\BackUp\\explorer.exe"= "c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I3T1.EXE"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"= "c:\\WINDOWS\\system32\\taskmgr.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - ABP470N5 . Contenu du dossier 'Tâches planifiées' 2002-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-602609370-682003330-1003.job - c:\documents and settings\Sanamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-19 10:55] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2002-06-14 18:45 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\CF28795.exe c:\program files\Java\jre6\bin\jqs.exe . ************************************************************************** . Heure de fin: 2002-06-14 18:48 - La machine a redémarré ComboFix-quarantined-files.txt 2002-06-14 17:47 ComboFix2.txt 2002-06-13 15:36 ComboFix3.txt 2002-06-07 20:52 ComboFix4.txt 2009-05-11 19:57 ComboFix5.txt 2002-06-14 17:25 Avant-CF: 398 237 696 octets libres Après-CF: 363 884 544 octets libres 426 Sinon pour la 2, je n'arrive pas à le télécharger, ça débute 3 sec puis blocage :s, des idées ? Merci pour votre aide
  13. Bonsoir, Merci de votre aide, voici le rapport : ComboFix 09-06-12.04 - Sanamy 13/06/2002 16:20.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.255.52 [GMT 1:00] Lancé depuis: c:\documents and settings\Sanamy\Bureau\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\explorer.exe C:\w.com c:\windows\system32\iexplorer.exe c:\windows\system32\nmdfgds0.dll c:\windows\system32\olhrwef.exe c:\windows\system32\wuauc1t.exe D:\Autorun.inf D:\explorer.exe D:\w.com E:\Autorun.inf E:\explorer.exe E:\w.com F:\Autorun.inf F:\explorer.exe F:\w.com G:\Autorun.inf G:\explorer.exe G:\w.com H:\Autorun.inf H:\explorer.exe H:\w.com I:\Autorun.inf I:\explorer.exe I:\w.com J:\Autorun.inf J:\explorer.exe J:\w.com . ((((((((((((((((((((((((((((( Fichiers créés du 2002-05-13 au 2002-06-13 )))))))))))))))))))))))))))))))))))) . 2009-06-11 21:30 . 2009-06-12 07:55 -------- d-----w- c:\documents and settings\Sanamy\Application Data\gtk-2.0 2009-06-11 21:30 . 2009-06-11 21:30 -------- d-----w- c:\documents and settings\Sanamy\.thumbnails 2009-06-11 21:27 . 2009-06-12 08:02 -------- d-----w- c:\documents and settings\Sanamy\.gimp-2.6 2009-06-11 21:27 . 2009-06-11 21:27 -------- d-----w- c:\documents and settings\Sanamy\.gegl-0.0 2009-06-11 21:25 . 2009-06-11 21:25 -------- d-----w- c:\program files\GIMP-2.0 2009-06-08 12:42 . 2008-10-16 13:06 268648 ----a-w- c:\windows\system32\mucltui.dll 2009-06-08 12:42 . 2008-10-16 13:06 208744 ----a-w- c:\windows\system32\muweb.dll 2009-05-26 20:27 . 2008-06-13 00:00 225280 -c--a-w- c:\windows\system32\TubeFinder.exe 2009-05-26 20:27 . 2008-06-04 17:42 9728 -c--a-w- c:\windows\system32\PCCLPFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 32768 -c--a-w- c:\windows\system32\CMDLGFR.DLL 2009-05-26 20:27 . 2008-06-04 17:42 141312 -c--a-w- c:\windows\system32\MSCMCFR.DLL 2009-05-26 20:27 . 2002-06-01 13:48 -------- d-----w- c:\program files\Free FLV Converter 2009-05-20 20:46 . 2009-05-20 20:46 -------- d-----w- c:\program files\BlueSquad 2009-05-19 19:40 . 2002-05-22 17:54 -------- d-----w- c:\documents and settings\Sanamy\dwhelper 2009-05-18 12:43 . 2009-05-18 13:27 -------- d-----w- c:\documents and settings\Sanamy\Application Data\FileZilla 2009-05-10 21:50 . 2008-10-11 14:54 328895 -csha-r- c:\program files\{17350501621331}.exe 2009-05-10 21:50 . 2008-10-11 14:54 328895 --sha-r- c:\program files\explorer.exe 2009-05-10 21:49 . 2009-05-10 21:50 -------- d-sh--w- c:\windows\BackUp 2009-05-04 12:37 . 2001-08-23 16:47 5632 -c--a-w- c:\windows\system32\ptpusb.dll 2009-05-04 12:37 . 2004-08-03 23:54 159232 ----a-w- c:\windows\system32\ptpusd.dll 2009-05-04 12:37 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-05-03 18:15 . 2009-05-03 18:29 -------- d-----w- c:\documents and settings\Sanamy\Application Data\vlc 2009-04-28 14:53 . 2009-04-28 14:53 -------- d-----w- c:\documents and settings\Sanamy\Application Data\StoneTrip 2009-04-28 14:44 . 2002-05-25 11:25 -------- d-----w- c:\program files\KidNet 2009-04-26 17:09 . 2009-04-26 17:09 -------- d-----w- c:\windows\Sun 2009-04-20 12:39 . 2009-04-20 12:38 410984 -c--a-w- c:\windows\system32\deploytk.dll 2009-04-20 12:37 . 2009-04-20 12:37 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-20 11:51 . 2009-04-20 11:51 -------- d-----w- c:\documents and settings\Sanamy\.javaws 2009-04-20 11:51 . 2002-05-25 11:25 -------- d-----w- c:\program files\Java Web Start 2009-04-20 11:51 . 2009-04-20 12:38 -------- d-----w- c:\program files\Java 2009-04-20 11:36 . 2009-04-20 11:37 -------- d-----w- c:\program files\gs 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PlotSoft 2009-04-19 21:18 . 2009-04-19 21:18 -------- d-----w- c:\program files\PlotSoft 2009-04-19 19:53 . 2002-05-15 21:04 -------- d-----w- c:\documents and settings\Sanamy\Application Data\BitTorrent 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\DNA 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\BitTorrent 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\program files\DNA 2009-04-19 19:52 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Application Data\DNA 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\AskSearch 2009-04-19 19:52 . 2009-04-19 19:52 -------- d-----w- c:\program files\AskBarDis 2009-04-17 12:26 . 2009-04-17 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia 2009-04-17 10:06 . 2009-04-17 10:06 -------- d-----w- c:\program files\Sims Language 2009-04-17 10:06 . 1997-02-26 22:00 34816 -c--a-w- c:\windows\system32\DBGrdFR.dll 2009-04-17 10:06 . 1997-02-26 22:00 30720 -c--a-w- c:\windows\system32\DBLstFR.dll 2009-04-17 10:00 . 1998-03-14 13:47 96256 -c--a-w- c:\windows\system32\VB5FR.dll 2009-04-17 10:00 . 1997-02-26 22:00 73216 -c--a-w- c:\windows\ST5UNST.EXE 2009-04-17 10:00 . 1997-01-15 22:00 29696 -c--a-w- c:\windows\system32\VB5StKit.dll 2009-04-17 09:59 . 2009-04-17 09:59 -------- d-----w- c:\program files\RY's Games 2009-04-17 09:59 . 1998-10-29 14:45 376320 -c--a-w- c:\windows\IsUninst.exe 2009-04-16 13:13 . 2009-04-17 12:24 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-04-11 16:37 . 2009-04-11 16:37 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Sony Corporation 2009-04-11 16:31 . 2007-04-04 16:53 81768 -c--a-w- c:\windows\system32\xinput1_3.dll 2009-04-11 16:31 . 2007-04-04 16:55 261480 -c--a-w- c:\windows\system32\xactengine2_7.dll 2009-04-11 16:31 . 2007-03-15 14:57 443752 -c--a-w- c:\windows\system32\d3dx10_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 1123696 -c--a-w- c:\windows\system32\D3DCompiler_33.dll 2009-04-11 16:31 . 2007-03-12 14:42 3495784 -c--a-w- c:\windows\system32\d3dx9_33.dll 2009-04-11 16:31 . 2007-01-24 13:27 255848 -c--a-w- c:\windows\system32\xactengine2_6.dll 2009-04-11 16:23 . 2009-04-11 16:23 -------- d-----w- c:\program files\Sony 2009-04-09 18:30 . 2009-04-09 18:30 12862 ----a-r- c:\documents and settings\Sanamy\Application Data\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe 2009-04-09 18:30 . 2009-04-09 18:30 -------- d-----w- c:\program files\Pcsx2 2009-04-09 13:41 . 2009-04-11 19:47 -------- d-sh--w- c:\windows\system32\f 2009-04-09 13:41 . 2009-04-11 19:44 -------- d-sh--w- c:\windows\system32\bycool 2009-04-07 13:35 . 2002-05-25 11:24 -------- d-----w- c:\program files\100%Naruto v2 2009-04-05 17:46 . 2009-04-05 17:46 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Samsung 2009-04-05 17:30 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll 2009-04-05 17:29 . 2003-02-21 16:42 348160 -c--a-w- c:\windows\system32\msvcr71.dll 2009-04-05 17:29 . 2009-04-05 17:29 -------- d-----w- c:\program files\DIFX 2009-04-05 17:29 . 2009-04-05 17:29 -------- dc----w- c:\windows\system32\DRVSTORE 2009-04-05 17:28 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-04-05 17:14 . 2007-05-02 09:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_whnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys 2009-04-05 17:14 . 2007-05-02 09:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys 2009-04-05 17:14 . 2007-05-02 09:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 -c--a-w- c:\windows\system32\drivers\ss_cmnt.sys 2009-04-05 17:14 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys 2009-04-05 17:14 . 2009-04-05 17:38 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2009-04-05 17:14 . 2009-04-11 05:01 -------- d-----w- c:\program files\Samsung 2009-04-05 17:12 . 2009-04-05 17:12 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-03-24 13:23 . 1999-12-17 08:13 86016 -c--a-w- c:\windows\unvise32.exe 2009-03-24 13:23 . 2009-03-24 13:24 -------- d-----w- c:\program files\YuGiOh Virtual Desktop 2009-03-23 18:50 . 2009-03-23 18:50 -------- d-----w- c:\documents and settings\Sanamy\Application Data\EPSON 2009-03-23 15:45 . 2009-03-23 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL 2009-03-23 15:42 . 2009-03-23 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON 2009-03-23 15:42 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBBZR.DLL 2009-03-23 15:42 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BBZR.DLL 2009-03-22 14:29 . 2009-04-09 07:16 -------- d-----w- C:\TDdownload 2009-03-22 14:28 . 2006-01-09 14:01 86016 ----a-w- c:\windows\system32\gigagetbho_v10.dll 2009-03-22 14:27 . 2009-03-22 14:27 -------- d-----w- c:\program files\Giganology 2009-03-21 16:00 . 2009-03-21 16:00 152576 ----a-w- c:\documents and settings\Sanamy\Application Data\Sun\Java\jre1.6.0_12\lzma.dll 2009-03-21 14:37 . 2002-06-07 19:59 -------- d-----w- c:\documents and settings\Sanamy\Tracing 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Microsoft 2009-03-21 14:31 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-03-21 14:30 . 2009-03-21 14:31 -------- d-----w- c:\program files\Windows Live 2009-03-19 20:37 . 2009-04-29 20:18 -------- d-----w- c:\documents and settings\Sanamy\Application Data\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----r- c:\program files\Skype 2009-03-19 20:36 . 2009-03-19 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-03-19 10:57 . 2009-03-19 10:57 -------- d--h--w- c:\windows\system32\GroupPolicy 2009-03-19 10:55 . 2009-03-19 11:10 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Google 2009-03-18 20:34 . 2009-03-18 20:34 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2009-03-18 18:29 . 2009-03-18 18:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\Help 2009-03-17 19:09 . 2002-06-05 21:05 -------- d-----w- c:\documents and settings\Sanamy\Application Data\dvdcss 2009-03-16 18:32 . 2004-09-10 20:12 49152 -c--a-w- c:\windows\system32\E_DCINST.DLL 2009-03-16 18:32 . 2003-12-10 00:13 76054 ----a-w- c:\windows\system32\EBPMON24.DLL 2009-03-16 18:32 . 2003-05-29 00:01 91648 -c--a-w- c:\windows\system32\E_SAGSET.DLL 2009-03-16 18:32 . 2003-05-21 01:27 64000 -c--a-w- c:\windows\system32\ECBTEG.DLL 2009-03-16 18:32 . 2001-09-04 01:04 182 ----a-w- c:\windows\system32\EBPPORT4.DAT 2009-03-16 18:32 . 2000-06-07 00:01 34304 -c--a-w- c:\windows\system32\EBPCHP.DLL 2009-03-16 18:31 . 2009-03-23 15:44 -------- d-----w- c:\program files\EPSON 2009-03-16 18:22 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-03-16 18:22 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-03-16 11:13 . 2009-06-05 21:29 -------- d-----w- c:\documents and settings\Sanamy\Local Settings\Application Data\WMTools Downloaded Files 2009-03-15 11:03 . 2009-04-07 11:55 -------- d-----w- c:\program files\DBZ Online 2009-03-13 08:26 . 2009-03-13 08:26 32784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-03-13 08:26 . 2009-03-13 08:26 227344 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-03-12 13:23 . 2002-05-27 06:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-03-12 13:23 . 2009-03-23 15:46 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2009-03-12 11:06 . 2009-03-12 11:06 -------- d-----w- c:\program files\VideoLAN 2009-03-09 20:04 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-03-09 20:03 . 2009-03-09 20:03 -------- d-----w- c:\program files\Microsoft.NET 2009-03-09 20:02 . 2009-03-09 20:03 -------- d--h--w- c:\windows\ShellNew 2009-03-09 07:55 . 2009-03-09 07:55 -------- d-s---w- c:\documents and settings\Sanamy\UserData 2009-03-06 17:03 . 2009-03-06 17:03 -------- d-----w- c:\windows\system32\CatRoot_bak 2009-03-06 15:36 . 2005-02-25 03:35 22752 -c--a-w- c:\windows\system32\spupdsvc.exe 2009-03-06 15:03 . 2009-03-06 15:03 -------- d-----w- c:\program files\7-Zip . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-11 10:32 . 2002-03-05 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-10 21:53 . 2009-03-05 15:10 7860 -csha-w- c:\windows\system32\drivers\fidbox2.idx 2009-05-10 21:53 . 2009-03-05 15:10 18864 -csha-w- c:\windows\system32\drivers\fidbox.idx 2009-04-19 11:29 . 2002-09-07 00:00 49494 ----a-w- c:\windows\system32\perfc00C.dat 2009-04-19 11:29 . 2002-09-07 00:00 370414 ----a-w- c:\windows\system32\perfh00C.dat 2009-03-23 15:43 . 2009-03-23 15:43 -------- d-----w- c:\documents and settings\Sanamy\Application Data\InstallShield 2009-03-21 14:36 . 2002-03-05 18:45 57688 ----a-w- c:\documents and settings\Sanamy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-13 08:26 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-03-13 08:26 . 2002-03-05 15:15 89601 ----a-w- c:\windows\system32\drivers\klick.dat 2009-03-13 08:26 . 2002-03-05 15:15 101287 ----a-w- c:\windows\system32\drivers\klin.dat 2009-03-06 16:28 . 2009-03-05 14:56 86331 -c--a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-05 14:57 . 2009-03-05 14:57 -------- d-----w- c:\program files\microsoft frontpage 2009-03-05 14:55 . 2009-03-05 14:55 -------- d-----w- c:\program files\Services en ligne 2009-03-05 14:54 . 2009-03-05 14:54 21892 -c--a-w- c:\windows\system32\emptyregdb.dat 2009-02-11 09:19 . 2002-03-05 18:20 38496 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-11 09:19 . 2002-03-05 18:20 15504 -c--a-w- c:\windows\system32\drivers\mbam.sys 2009-02-06 17:52 . 2009-02-06 17:52 49504 -c--a-w- c:\windows\system32\sirenacm.dll 2008-11-11 19:00 . 2008-11-11 19:00 218376 ----a-w- c:\windows\system32\klogon.dll 2008-11-11 18:58 . 2008-11-11 18:58 25601 ----a-w- c:\windows\system32\drivers\klopp.dat 2008-11-11 17:32 . 2008-11-11 17:32 148816 -c--a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\french\setup.exe 2008-10-16 13:13 . 2009-03-05 14:54 202776 -c--a-w- c:\windows\system32\wuweb.dll 2008-10-16 13:13 . 2009-03-05 14:54 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2008-10-16 13:12 . 2009-03-05 14:54 323608 -c--a-w- c:\windows\system32\wucltui.dll 2008-10-16 13:12 . 2009-03-05 14:54 561688 ----a-w- c:\windows\system32\wuapi.dll 2008-10-16 13:09 . 2009-03-05 14:54 51224 ----a-w- c:\windows\system32\wuauclt.exe 2008-10-16 13:09 . 2008-10-16 13:09 43544 ----a-w- c:\windows\system32\wups2.dll 2008-10-16 13:09 . 2004-08-04 04:54 92696 -c--a-w- c:\windows\system32\cdm.dll 2008-10-16 13:08 . 2009-03-05 14:54 34328 ----a-w- c:\windows\system32\wups.dll 2008-07-21 16:34 . 2008-07-21 16:34 121872 ----a-w- c:\windows\system32\drivers\kl1.sys 2008-04-30 16:06 . 2008-04-30 16:06 24592 ----a-w- c:\windows\system32\drivers\klim5.sys 2008-03-13 17:02 . 2008-03-13 17:02 26640 ----a-w- c:\windows\system32\drivers\klfltdev.sys 2007-05-30 12:44 . 2002-05-15 14:55 588288 ----a-w- C:\VisualBoyAdvance1.7.2.fix.exe 2007-03-05 10:42 . 2009-04-11 16:30 15128 -c--a-w- c:\windows\system32\x3daudio1_1.dll 2006-12-08 10:02 . 2009-04-11 16:30 251672 -c--a-w- c:\windows\system32\xactengine2_5.dll 2006-11-29 11:06 . 2009-04-11 16:30 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll 2006-11-02 14:57 . 2009-04-11 16:30 36624 ----a-w- c:\windows\system32\drivers\pxhelp20.sys 2006-11-02 14:57 . 2009-04-11 16:30 118520 -c--a-w- c:\windows\system32\PxInsI64.exe 2006-10-30 23:10 . 2009-03-23 15:43 71840 -c--a-w- c:\windows\system32\EPPicMgr.dll 2006-10-30 23:10 . 2009-03-23 15:43 120992 -c--a-w- c:\windows\system32\EpPicPrt.dll 2006-10-19 23:10 . 2009-03-23 15:43 80024 -c--a-w- c:\windows\system32\PICSDK.dll 2006-10-19 23:10 . 2009-03-23 15:43 501912 -c--a-w- c:\windows\system32\PICSDK2.dll 2006-10-19 23:10 . 2009-03-23 15:43 108704 -c--a-w- c:\windows\system32\PICEntry.dll 2006-10-18 17:43 . 2009-04-11 16:30 115960 -c--a-w- c:\windows\system32\PxCpyI64.exe 2006-10-04 16:08 . 2004-08-04 04:54 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL 2006-10-04 16:08 . 2006-11-01 19:04 119568 ----a-w- c:\windows\system32\VB6FR.DLL 2006-09-28 14:05 . 2009-04-11 16:30 237848 -c--a-w- c:\windows\system32\xactengine2_4.dll 2006-09-28 14:05 . 2009-04-11 16:30 2414360 -c--a-w- c:\windows\system32\d3dx9_31.dll 2006-08-28 19:48 . 2009-04-11 16:30 2560 -c--a-w- c:\windows\system32\drivers\cdralw2k.sys 2006-08-28 19:48 . 2009-04-11 16:30 2432 -c--a-w- c:\windows\system32\drivers\cdr4_xp.sys 2006-07-28 07:30 . 2009-04-11 16:30 236824 -c--a-w- c:\windows\system32\xactengine2_3.dll 2006-07-28 07:30 . 2009-04-11 16:30 62744 -c--a-w- c:\windows\system32\xinput1_2.dll 2006-04-18 04:00 . 2009-03-23 15:43 172032 ----a-w- c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE 2006-01-26 06:31 . 2006-11-01 19:04 160256 -c--a-w- c:\windows\system32\fmod.dll 2005-09-08 15:16 . 2005-09-08 15:16 294912 -c--a-w- c:\windows\system32\DynamicTwainCtrl.dll 2005-05-31 23:20 . 2009-03-23 15:43 111932 -c--a-w- c:\windows\system32\EPPICPrinterDB.dat 2005-05-26 13:34 . 2009-04-11 16:30 2297552 -c--a-w- c:\windows\system32\d3dx9_26.dll 2005-05-04 13:45 . 2004-08-04 04:54 78848 ----a-w- c:\windows\system32\msiexec.exe 2005-05-04 13:45 . 2004-08-04 04:54 271360 -c--a-w- c:\windows\system32\msihnd.dll 2005-05-04 13:45 . 2004-08-04 04:54 15360 ----a-w- c:\windows\system32\msisip.dll 2005-05-04 13:45 . 2004-08-04 04:53 884736 -c--a-w- c:\windows\system32\msimsg.dll 2005-05-04 13:45 . 2004-08-04 04:54 2890240 ----a-w- c:\windows\system32\msi.dll 2005-01-04 09:43 . 2002-05-28 08:40 4682 -c--a-w- c:\windows\system32\npptNT2.sys 2004-08-05 12:00 . 2004-08-04 04:54 30749 -c--a-w- c:\windows\system32\vbajet32.dll 2004-08-05 12:00 . 2004-08-04 04:54 151552 -c--a-w- c:\windows\system32\scrrun.dll 2004-08-05 12:00 . 2004-08-04 04:54 83456 -c--a-w- c:\windows\system32\olepro32.dll 2004-08-05 12:00 . 2004-08-04 04:54 380957 -c--a-w- c:\windows\system32\expsrv.dll 2004-08-05 12:00 . 2004-08-04 04:54 619008 -c--a-w- c:\windows\system32\dx7vb.dll 2004-08-05 12:00 . 2004-08-04 04:54 65024 ----a-w- c:\windows\system32\asycfilt.dll 2004-08-05 12:00 . 2002-09-07 00:00 24626 -c--a-w- c:\windows\system32\scrrnfr.dll 2004-08-04 05:52 . 2002-03-05 15:37 1014836 -c--a-r- c:\windows\SET3.tmp 2004-08-04 05:45 . 2002-03-05 15:38 14043 -c--a-r- c:\windows\SET8.tmp 2004-08-04 05:43 . 2002-03-05 15:37 1086058 -c--a-r- c:\windows\SET4.tmp 2004-08-04 05:08 . 2004-08-04 05:08 1788 -c--a-w- c:\windows\system32\Dcache.bin 2004-08-04 04:57 . 2004-08-04 04:57 332800 -c--a-w- c:\windows\system32\netsetup.exe 2004-08-04 04:54 . 2009-03-16 11:23 124928 -c--a-w- c:\windows\system32\mplay32.exe 2004-08-04 04:53 . 2004-08-04 04:53 2986496 ----a-w- c:\windows\system32\xpsp2res.dll 2004-08-04 04:52 . 2004-08-04 04:52 4096 -c--a-w- c:\windows\system32\dsprpres.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnlobby.dll 2004-08-04 04:52 . 2004-08-04 04:52 3584 -c--a-w- c:\windows\system32\dpnaddr.dll 2004-08-04 04:52 . 2004-08-04 04:52 24064 -c--a-w- c:\windows\system32\pidgen.dll 2004-08-04 04:52 . 2004-08-04 04:52 70144 ----a-w- c:\windows\system32\browselc.dll 2004-08-04 04:52 . 2004-08-04 04:52 16896 ----a-w- c:\windows\system32\cfgmgr32.dll 2004-08-04 04:52 . 2004-08-04 04:52 8704 -c--a-w- c:\windows\system32\asferror.dll 2004-08-04 04:52 . 2004-08-04 04:52 285696 ----a-w- c:\windows\system32\atmfd.dll 2004-08-04 04:49 . 2009-03-05 14:54 73600 ----a-w- c:\windows\system32\drivers\sr.sys 2004-08-04 04:48 . 2004-08-04 04:48 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe 2004-08-04 04:46 . 2004-08-04 04:46 154496 ----a-w- c:\windows\system32\drivers\dmio.sys 2004-08-04 04:46 . 2004-08-04 04:46 800256 ----a-w- c:\windows\system32\drivers\dmboot.sys 2004-08-04 04:45 . 2004-08-04 04:45 1836032 ----a-w- c:\windows\system32\win32k.sys 2004-08-04 04:45 . 2004-08-04 04:45 25216 ----a-w- c:\windows\system32\drivers\kbdclass.sys 2004-08-04 04:44 . 2004-08-04 04:44 53376 -c--a-w- c:\windows\system32\drivers\volsnap.sys 2004-08-04 04:43 . 2004-08-04 04:43 40320 ----a-w- c:\windows\system32\drivers\intelppm.sys 2004-08-04 04:41 . 2004-08-04 04:41 66560 ----a-w- c:\windows\system32\drivers\serial.sys 2004-08-04 04:41 . 2004-08-04 04:41 54400 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2004-08-04 04:37 . 2009-03-05 14:52 44544 -c--a-w- c:\windows\system32\tscupgrd.exe 2004-08-04 04:37 . 2009-03-05 14:53 411648 -c--a-w- c:\windows\system32\mstsc.exe 2004-08-04 04:37 . 2004-08-04 04:37 70688 -c--a-w- c:\windows\system32\mmsystem.dll 2004-08-04 04:37 . 2004-08-04 04:37 120320 -c--a-w- c:\windows\system32\drivers\pcmcia.sys 2004-08-04 04:37 . 2004-08-04 04:37 68608 ----a-w- c:\windows\system32\drivers\pci.sys 2004-08-04 04:36 . 2004-08-04 04:36 188672 ----a-w- c:\windows\system32\drivers\acpi.sys . ((((((((((((((((((((((((((((( SnapShot@2009-05-11_19.53.47 ))))))))))))))))))))))))))))))))))))))))) . + 2002-06-13 15:32 . 2002-06-13 15:32 16384 c:\windows\temp\Perflib_Perfdata_f4.dat + 2002-06-13 15:32 . 2002-06-13 15:32 16384 c:\windows\temp\Perflib_Perfdata_79c.dat + 2002-06-13 13:02 . 2002-06-13 13:02 16384 c:\windows\temp\Perflib_Perfdata_5d8.dat + 2002-09-07 00:00 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll - 2002-03-05 15:38 . 2002-09-07 00:00 19200 c:\windows\system32\dllcache\tapi.dll + 2002-09-07 00:00 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll - 2002-03-05 15:38 . 2002-09-07 00:00 24064 c:\windows\system32\dllcache\olesvr.dll + 2002-09-07 00:00 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll - 2002-03-05 15:38 . 2002-09-07 00:00 83456 c:\windows\system32\dllcache\olecli.dll + 2002-03-05 15:38 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe - 2004-08-04 04:55 . 2004-08-04 04:55 70656 c:\windows\system32\dllcache\notepad.exe + 2002-09-07 00:00 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv - 2002-03-05 15:38 . 2002-09-07 00:00 28160 c:\windows\system32\dllcache\mciwave.drv + 2002-09-07 00:00 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv - 2002-03-05 15:38 . 2002-09-07 00:00 25280 c:\windows\system32\dllcache\mciseq.drv + 2002-09-07 00:00 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv - 2002-03-05 15:38 . 2002-09-07 00:00 73680 c:\windows\system32\dllcache\mciavi.drv + 2002-09-07 00:00 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll - 2002-03-05 15:38 . 2002-09-07 00:00 33904 c:\windows\system32\dllcache\commdlg.dll + 2002-09-07 00:00 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll - 2002-03-05 15:38 . 2002-09-07 00:00 70352 c:\windows\system32\dllcache\avicap.dll - 2002-03-05 15:38 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9104 c:\windows\system32\dllcache\ver.dll + 2002-09-07 00:00 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll - 2002-03-05 15:38 . 2002-09-07 00:00 5120 c:\windows\system32\dllcache\shell.dll - 2002-03-05 15:38 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll + 2002-09-07 00:00 . 2002-09-07 00:00 9936 c:\windows\system32\dllcache\lzexpand.dll + 2002-03-05 15:38 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv - 2004-08-04 04:55 . 2004-08-04 04:55 146944 c:\windows\system32\dllcache\winspool.drv + 2002-09-07 00:00 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll - 2002-03-05 15:38 . 2002-09-07 00:00 127168 c:\windows\system32\dllcache\msvideo.dll + 2002-09-07 00:00 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll - 2002-03-05 15:38 . 2002-09-07 00:00 109568 c:\windows\system32\dllcache\avifile.dll + 2002-06-13 15:15 . 2002-06-13 15:15 400896 c:\windows\system32\CF16161.exe + 2009-06-11 15:02 . 2009-06-11 15:02 452496 c:\windows\Downloaded Program Files\wlscBase.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 173568] c:\documents and settings\Sanamy\Menu D‚marrer\Programmes\D‚marrage\ Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2009-4-11 532480] Les clés de Registre SafeBoot doivent être réparées. Cette machine ne peut pas utiliser le Mode Sans Échec. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\BackUp\\explorer.exe"= "c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I3T1.EXE"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"= "c:\\Documents and Settings\\Sanamy\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"= "c:\\WINDOWS\\system32\\taskmgr.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\iojhmh.sys --> c:\windows\system32\drivers\iojhmh.sys [?] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] . Contenu du dossier 'Tâches planifiées' 2002-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-602609370-682003330-1003.job - c:\documents and settings\Sanamy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-19 10:55] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2002-06-13 16:32 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\CF16161.exe c:\program files\Java\jre6\bin\jqs.exe . ************************************************************************** . Heure de fin: 2002-06-13 16:36 - La machine a redémarré ComboFix-quarantined-files.txt 2002-06-13 15:36 ComboFix2.txt 2002-06-07 20:52 ComboFix3.txt 2009-05-11 19:57 ComboFix4.txt 2009-03-04 19:17 Avant-CF: 166 375 424 octets libres Après-CF: 1 099 722 752 octets libres 405 J'apprécie votre aide, ça doit être dur pour vous, toutes ses demandes ( en bénévolat en plus^^) Bravo¨¨
  14. Bonsoir, Bon mon pc a été infecté, et depuis je n'arrive pas à le désinfecter, et je n'arrive même plus à télécharger un anti-virus :s ( connexion coupé ou autre..) J'ai lancé ComboFix, y a t'il quelqu'un pour m'aider à analyser le rapport ? Merci
×
×
  • Créer...