Il y a actuellement 499 visiteurs
Vendredi 22 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

virus adware adseo ...... (Engine A) • page 2

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Répondre

Re: virus adware adseo ...... (Engine A)

Message le 19 Oct 2011 19:25

Salut,
j'ai tenté d'ouvrir mes mails avec internet explorer: ça a marché. J'ai également réessayé avec mozilla firefox, ça fonctionne également. Le problème que je t'ai cité dans le message précédent n'arrive pas systématiquement, mais il arrive. Notamment quand on passe d'une boite mail à une autre car on a 2 adresses.
Voici les nouveaux rapports que tu m'as demandé.
A +

Code: Tout sélectionner
OTL logfile created on: 19/10/2011 20:10:02 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Michel\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,57% Memory free
3,95 Gb Paging File | 3,13 Gb Available in Paging File | 79,23% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 120,53 Gb Free Space | 51,76% Space Free | Partition Type: NTFS
 
Computer Name: BARBIER-A6FE5CA | User Name: Michel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Documents and Settings\Michel\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
PRC - C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 2.3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 2.3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\WINDOWS\system32\delttray.exe (Doug Fetter Software Wizardry)
PRC - C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()
MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll ()
MOD - C:\Program Files\ASUS\GamerOSD\ImageTransform.dll ()
MOD - C:\WINDOWS\system32\tsd32.dll ()
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AppMgmt) --  File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AVKProxy) -- C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ATKKeyboardService) -- C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software)
DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G DATA Software AG)
DRV - (GDNdisIc) -- C:\WINDOWS\system32\drivers\GDNdisIc.sys (G DATA Software AG)
DRV - (asusgsb) -- C:\WINDOWS\system32\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (Video3D) -- C:\WINDOWS\system32\drivers\Video3D32.sys (ASUSTeK COMPUTER INC.)
DRV - (EIO) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (asuskbnt) -- C:\WINDOWS\system32\drivers\atkkbnt.sys (ASUSTeK COMPUTER INC.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (TPkd) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (DELTA) Service for Delta Driver (WDM) -- C:\WINDOWS\system32\drivers\delta.sys (Midiman/M-Audio)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-789336058-1383384898-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-789336058-1383384898-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473
IE - HKU\S-1-5-21-789336058-1383384898-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-1383384898-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}:3.0.3.25
FF - prefs.js..extensions.enabledItems: {C947A5EF-A041-443B-AE55-4CC7C15A9C9A}:1.1.0.325
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/13 22:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/03 17:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}: C:\Program Files\Copernic Desktop Search - Home\Firefox36Connector [2011/01/08 15:30:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{C947A5EF-A041-443B-AE55-4CC7C15A9C9A}: C:\Program Files\Copernic Desktop Search - Home\Toolbar\FirefoxContainer\ [2011/01/08 15:30:11 | 000,000,000 | ---D | M]
 
[2010/08/18 17:14:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michel\Application Data\Mozilla\Extensions
[2011/06/22 15:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\0ex73btg.default\extensions
[2010/10/23 14:57:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\0ex73btg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/22 15:33:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Michel\Application Data\Mozilla\Firefox\Profiles\0ex73btg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/10/05 12:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/27 18:05:11 | 000,000,000 | ---D | M] (G Data Filtre Internet) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/07/30 10:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 07:12:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/03 09:33:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/09/02 10:53:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/06/06 15:38:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/29 09:16:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/29 03:59:56 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/09/29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/29 03:59:56 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/09/29 03:59:56 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/09/29 03:59:56 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/09/29 03:59:56 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2011/10/17 13:43:16 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - No CLSID value found.
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Barre d'outils Copernic Desktop Search - Home) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program Files\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000325.dll (Copernic Inc.)
O3 - HKU\S-1-5-21-789336058-1383384898-725345543-1004\..\Toolbar\WebBrowser: (Barre d'outils Copernic Desktop Search - Home) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program Files\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000325.dll (Copernic Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [DeltTray] C:\WINDOWS\System32\delttray.exe (Doug Fetter Software Wizardry)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-789336058-1383384898-725345543-1004..\Run: [Copernic Desktop Search - Home] C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
O4 - HKU\S-1-5-21-789336058-1383384898-725345543-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-789336058-1383384898-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Michel\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-1383384898-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{993B412E-B863-4954-A08E-637166862EB7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Michel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/01 22:27:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/10/19 20:08:54 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTL.exe
[2011/10/19 13:14:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michel\Recent
[2011/10/04 10:30:23 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/10/03 17:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/10/03 17:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus
[2011/10/03 17:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/10/03 17:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/10/03 17:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/10/19 20:08:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michel\Bureau\OTL.exe
[2011/10/19 19:59:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/10/19 19:56:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/19 13:38:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/19 12:46:24 | 000,000,361 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2011/10/19 12:46:01 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/19 12:45:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/18 23:13:24 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/17 19:47:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/10/17 13:43:16 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/10/15 00:11:18 | 000,503,660 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/10/15 00:11:18 | 000,435,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/15 00:11:18 | 000,081,808 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/10/15 00:11:18 | 000,068,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/13 22:18:49 | 000,495,052 | ---- | M] () -- C:\Documents and Settings\Michel\Bureau\adwcleaner.exe
[2011/10/08 12:35:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/05 16:52:56 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/10/05 12:50:55 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/05 12:50:55 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/10/05 11:59:46 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[2011/10/04 12:31:25 | 000,000,262 | RHS- | M] () -- C:\boot.ini
[2011/10/04 10:30:23 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/10/03 17:20:52 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\McAfee Security Scan Plus.lnk
[2011/10/03 17:20:52 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/10/03 17:08:40 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/09/26 11:41:40 | 000,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011/09/26 11:41:40 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2011/09/26 11:41:40 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2011/09/26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/10/16 19:08:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/10/13 22:18:46 | 000,495,052 | ---- | C] () -- C:\Documents and Settings\Michel\Bureau\adwcleaner.exe
[2011/10/05 12:50:55 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/05 12:50:55 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/10/05 12:50:55 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/10/03 17:08:40 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/10/03 17:08:40 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/10/03 17:02:54 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\McAfee Security Scan Plus.lnk
[2011/10/03 17:02:54 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/02/21 00:12:26 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar3.dll
[2011/02/21 00:12:26 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\ztvunacev2.dll
[2010/09/29 12:19:01 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2010/09/20 12:29:13 | 000,058,804 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/02 18:28:14 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/06/02 11:17:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/10/21 16:28:44 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/08/31 17:05:29 | 000,000,344 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2008/08/29 11:57:00 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/08/29 11:57:00 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/08/29 11:57:00 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008/08/11 16:39:08 | 000,001,393 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/07/03 00:22:21 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\Michel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/24 16:27:46 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/24 16:06:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/03/10 12:21:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/03/08 12:45:23 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS2P.DLL
[2008/03/07 15:17:30 | 000,265,728 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2008/03/02 10:38:43 | 000,011,800 | ---- | C] () -- C:\Documents and Settings\Michel\Application Data\wklnhst.dat
[2008/03/01 22:29:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/03/01 22:25:40 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/03/01 21:15:30 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/03/01 21:12:56 | 000,310,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/03/01 19:11:49 | 000,000,361 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2008/03/01 19:04:41 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008/03/01 18:56:45 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/03/01 18:56:41 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/03/01 18:56:41 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/03/01 18:56:40 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/03/01 18:56:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/03/01 18:37:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\DigiPlatformSupport.dll
[2008/03/01 16:27:36 | 000,373,507 | R--- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2008/03/01 16:27:36 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2008/03/01 16:27:36 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2008/03/01 16:11:31 | 000,643,142 | ---- | C] () -- C:\WINDOWS\aticlocklib.dll
[2008/03/01 16:11:31 | 000,110,592 | ---- | C] () -- C:\WINDOWS\R5ClkLib.dll
[2008/03/01 16:11:31 | 000,020,480 | ---- | C] () -- C:\WINDOWS\HyperDrive.exe
[2008/03/01 16:11:30 | 000,196,653 | ---- | C] () -- C:\WINDOWS\System32\drivers\aVivid.bin
[2008/03/01 16:11:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nVivid.bin
[2008/03/01 16:11:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[2008/03/01 16:11:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin
[2008/03/01 16:11:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin
[2008/03/01 16:11:30 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAdvanced.bin
[2008/03/01 16:11:30 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aStandard.bin
[2008/03/01 16:11:30 | 000,196,582 | ---- | C] () -- C:\WINDOWS\System32\drivers\aAsmedia.bin
[2008/03/01 16:11:30 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2008/03/01 16:11:30 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2008/03/01 16:11:30 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2008/03/01 16:11:30 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2008/03/01 16:11:30 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2008/03/01 16:11:30 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2008/03/01 16:11:30 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2008/03/01 16:11:30 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2008/03/01 16:11:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2008/03/01 16:04:37 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/03/01 15:57:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2008/03/01 15:40:21 | 000,013,794 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/03/01 15:40:14 | 000,013,421 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/03/01 15:40:14 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/03/01 15:40:07 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/06/28 18:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/06/28 18:43:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/06/28 18:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/06/28 18:43:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/06/28 18:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/06/28 18:43:00 | 001,018,772 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007/06/28 18:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/06/28 18:43:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/06/28 18:43:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/06/28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/03/02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/03/02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/02 14:00:00 | 000,503,660 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006/03/02 14:00:00 | 000,435,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/03/02 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006/03/02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/02 14:00:00 | 000,081,808 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006/03/02 14:00:00 | 000,068,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/03/02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/02 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006/03/02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/03/02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/03/02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/08/06 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2008/03/04 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2008/03/25 20:47:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/05 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2008/03/02 10:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2008/10/21 16:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/10/21 16:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2010/06/02 18:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/04/22 17:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/09/17 18:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/03/04 11:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Ableton
[2011/10/17 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Canon
[2011/01/08 15:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Copernic
[2008/08/11 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Disney Interactive
[2011/01/23 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\eTeks
[2010/09/27 21:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\IndexEducation
[2008/03/19 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\InterTrust
[2008/03/02 10:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\PACE Anti-Piracy
[2008/10/21 16:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\ScanSoft
[2008/03/02 10:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Template
[2011/10/18 22:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Western Digital
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2011/08/06 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2008/03/04 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2011/10/03 17:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/10/20 10:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/09/17 18:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/03/25 20:47:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/08/02 17:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010/07/05 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2010/08/16 18:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2011/09/19 08:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2010/10/28 23:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/03 17:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/10/03 17:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/06/06 17:31:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/10/15 00:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/03/02 10:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2008/09/03 15:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2008/03/01 18:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/10/05 12:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2008/10/21 16:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/10/21 16:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2010/06/06 15:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2008/10/03 18:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/06/02 18:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2008/03/01 18:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/22 17:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/09/17 18:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2011/09/05 23:51:05 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2011/06/04 17:38:07 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.2.2.14\SetupAdmin.exe
[2010/10/18 17:21:42 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2010/11/19 19:31:45 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2008/03/04 11:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Ableton
[2011/10/03 17:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Adobe
[2009/05/21 18:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Ahead
[2011/01/08 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Apple Computer
[2008/10/21 16:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\ArcSoft
[2011/10/17 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Canon
[2011/01/08 15:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Copernic
[2008/03/02 17:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\CyberLink
[2008/08/11 16:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Disney Interactive
[2011/07/07 12:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\dvdcss
[2011/01/23 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\eTeks
[2009/02/09 21:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Google
[2008/05/23 11:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Help
[2008/03/01 15:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Identities
[2010/09/27 21:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\IndexEducation
[2010/06/09 13:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\InstallShield
[2008/03/19 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\InterTrust
[2008/04/21 11:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Macromedia
[2010/10/28 23:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Malwarebytes
[2008/03/07 15:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Media Player Classic
[2011/10/18 22:20:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Michel\Application Data\Microsoft
[2010/06/02 18:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Microsoft Web Folders
[2010/08/18 17:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Mozilla
[2011/10/19 12:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\OpenOffice.org2
[2008/03/02 10:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\PACE Anti-Piracy
[2011/09/30 14:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Real
[2008/10/21 16:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\ScanSoft
[2008/03/01 18:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Sun
[2008/10/03 18:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\SUPERAntiSpyware.com
[2008/03/02 10:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Template
[2011/09/16 23:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\U3
[2009/06/02 11:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\vlc
[2011/10/18 22:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michel\Application Data\Western Digital
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2008/03/01 16:27:13 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Michel\Application Data\Microsoft\Installer\{E89B484C-B913-49A0-959B-89E836001658}\ARPPRODUCTICON.exe
[2006/04/05 19:38:10 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Michel\Application Data\U3\temp\cleanup.exe
[2008/02/25 13:47:34 | 003,489,792 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Michel\Application Data\U3\temp\Launchpad Removal.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: FIREFOX.EXE  >[/color]
[2011/09/29 09:16:58 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4E5585800B561FBEF64B27425365A36F -- C:\Program Files\Mozilla Firefox\firefox.exe
 
[color=#A23BEC]< MD5 for: IEXPLORE.EXE  >[/color]
[2009/06/29 09:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2008/12/19 07:25:25 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=030D78FE84A086ED376EFCBD2D72C522 -- C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe
[2008/10/15 08:34:58 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=056C927CF7207857E8B34F7A8FFD9B9E -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[2010/12/20 13:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2009/04/25 07:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2008/12/19 07:25:30 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=15E8A89499741D5CF59A9CF6463A4339 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[2008/04/22 10:02:46 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=197B7E4030CFBD8D2979D375E1787AA2 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[2008/08/23 07:56:15 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=1F03216084447F990AE797317D0A6E70 -- C:\WINDOWS\ie7updates\KB958215-IE7\iexplore.exe
[2010/06/17 17:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2008/04/22 09:41:30 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=232B22817B90AE0AFF2D189E3E3735AC -- C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
[2007/12/06 13:03:16 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2703D940A62B731AA220529DD7331A78 -- C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
[2008/02/29 10:57:05 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=2D0E5592AB5A46C27DAF7CCAFF4F5B59 -- C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
[2009/08/27 07:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2006/03/02 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=385D1644E676C96EB07848ADA63E37FA -- C:\WINDOWS\ie7\iexplore.exe
[2009/06/29 10:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2008/04/14 04:34:06 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=3D3C316BD1E112F3B9C532D8B9939BDC -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2011/04/21 12:34:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=3E23DBEBE1020D52C63235E4189FAC03 -- C:\WINDOWS\$hf_mig$\KB2530548-IE7\SP3QFE\iexplore.exe
[2009/10/28 08:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2009/12/18 15:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2008/06/23 11:21:49 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=64E376A47763DAEABCDA14BD5B6EA286 -- C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
[2011/08/17 13:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\Program Files\Internet Explorer\iexplore.exe
[2011/08/17 13:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\WINDOWS\SoftwareDistribution\Download\7a78d0d5bb75ff58c2378382af2d6bbe\sp3gdr\iexplore.exe
[2011/08/17 13:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2008/02/22 11:40:22 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=6E0888626E0CAC79F57149814E22DB4D -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[2010/10/18 13:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2009/10/28 08:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2007/12/06 10:34:45 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=809D17D8FA0FDAEE07778CD821CAFFDE -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
[2011/06/20 13:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=993F33696EF219C306BF9BBA34D85073 -- C:\WINDOWS\ie7updates\KB2586448-IE7\iexplore.exe
[2008/10/15 09:06:26 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=9D3DB9ADFABD2F0BC778EC03250A3ABB -- C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe
[2009/02/28 06:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=A251068640DDB69FD7805B57D89D7FF7 -- C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe
[2010/06/17 16:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 13:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2010/02/23 07:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2011/04/21 12:58:25 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B6E13F9C120C776A89D783E26D6C15C5 -- C:\WINDOWS\ie7updates\KB2559049-IE7\iexplore.exe
[2010/12/20 12:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2009/02/28 06:54:44 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=BCD8E48709BE4A79606F0B6E8E9A6162 -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe
[2009/04/25 07:27:39 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=C0503FD8D163652735C1EE900672A75C -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[2010/04/16 13:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2008/06/23 10:23:52 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=C52A9EF571E91535EB78DB4B8B95EA07 -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[2010/02/23 07:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2011/08/17 12:34:43 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=CB0AFAF9E5C5FE70EC7087E71275DD33 -- C:\WINDOWS\$hf_mig$\KB2586448-IE7\SP3QFE\iexplore.exe
[2011/08/17 12:34:43 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=CB0AFAF9E5C5FE70EC7087E71275DD33 -- C:\WINDOWS\SoftwareDistribution\Download\7a78d0d5bb75ff58c2378382af2d6bbe\sp3qfe\iexplore.exe
[2009/12/18 09:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2010/10/18 12:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/06/20 12:38:09 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DE0F15DD275A36C3E67DC1E36F958F3A -- C:\WINDOWS\$hf_mig$\KB2559049-IE7\SP3QFE\iexplore.exe
[2007/08/13 19:43:56 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=DE49B348A18369B4626FBA1D49B07FB4 -- C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
[2011/02/14 13:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 14:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie7updates\KB2530548-IE7\iexplore.exe
[2010/08/25 13:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2008/08/23 07:56:16 | 000,635,848 | ---- | M] (Microsoft Corporation) MD5=E8305C30D35E85D6657ED3E9934CB302 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[2010/08/25 13:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 07:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]

< End of report >


Code: Tout sélectionner
OTL Extras logfile created on: 19/10/2011 20:10:02 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Michel\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
2,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 75,57% Memory free
3,95 Gb Paging File | 3,13 Gb Available in Paging File | 79,23% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 120,53 Gb Free Space | 51,76% Space Free | Partition Type: NTFS
 
Computer Name: BARBIER-A6FE5CA | User Name: Michel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-789336058-1383384898-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5
"{0B4C4652-A521-4696-BEE0-767D742727AD}" = INDEX EDUCATION - ProfNOTE 2010
"{0FDB2D25-D880-4E10-868F-8C64EFE155F1}" = G Data AntiVirus
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21D50AE1-73F5-11D6-B2FB-0002A5E32BEF}" = La Planète au Trésor Mini-Jeux Attaque Explosive
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Gamer OSD
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{6249C22D-E6A8-407B-BA8B-40298848ED94}" = OmniPage SE
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{A15B3CF2-7FB7-4102-BBC9-9680B7F0825F}" = InterLok Driver Kit
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4810699-E859-43A6-8F40-1743873E72AB}" = Delta
"{A54C5E05-0D45-462E-8024-E5F920A5B160}" = Yu-Gi-Oh! ONLINE 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français
"{AFAF626C-D2E6-455C-9A5A-ACDF049A6168}" = ASUS nVidia Driver
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.3
"{B213D0D7-7190-4D49-A72C-5DC57CA70D69}" = INDEX EDUCATION - Client PRONOTE 2009
"{B360A8E5-C171-4AAE-9777-65B3CDB0072C}" = CanoScan LiDE20,30 Manual
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox 4.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}" = ArcSoft PhotoBase 3
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F7D3FA5B-8611-4B67-8715-BAAB3304DB68}" = INDEX EDUCATION - Serveur PRONOTE 2010
"{FADB55D0-403F-4413-A268-CF0A6F1185C2}" = OpenOffice.org 2.3
"3BEF1AFDE8303306594E2ADA27520E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AlphaZIP" = AlphaZIP
"Arc-En-Ciel et le lagon merveilleux-Français" = Arc-En-Ciel et le lagon merveilleux
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"CCleaner" = CCleaner (remove only)
"CopernicDesktopSearch2" = Copernic Desktop Search - Home
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"Enregistrement utilisateur de Canon iP3300" = Enregistrement utilisateur de Canon iP3300
"Finale 2008" = Finale 2008
"Free Audio Converter_is1" = Free Audio Converter version 1.1
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.7.2
"Garritan Instruments for Finale" = Garritan Instruments for Finale
"Google Chrome" = Google Chrome
"Google Updater" = Outil de mise à jour Google
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.7.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 fr)" = Mozilla Firefox 7.0.1 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PHPNukeFR Toolbar" = PHPNukeFR Toolbar
"PROR" = Microsoft Office Professional 2007
"QuickTime32" = QuickTime for Windows (32-bit)
"Steinberg Wavelab v4.01a" = Steinberg Wavelab v4.01a
"Sweet Home 3D_is1" = Sweet Home 3D version 3.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.9
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 13/10/2011 15:44:14 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 13/10/2011 15:45:48 | Computer Name = BARBIER-A6FE5CA | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
 hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 13/10/2011 16:06:11 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 14/10/2011 12:24:25 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 15/10/2011 05:12:22 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 16/10/2011 04:36:10 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 17/10/2011 02:43:01 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 17/10/2011 07:49:38 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 18/10/2011 04:27:46 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
Error - 18/10/2011 15:51:27 | Computer Name = BARBIER-A6FE5CA | Source = WDSmartWareBackgroundService | ID = 0
Description =
 
[ System Events ]
Error - 18/10/2011 15:46:45 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service NVIDIA Display Driver Service s'est terminé de façon inattendue
 pour la 1ème fois.
 
Error - 18/10/2011 15:46:45 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
 la 1ème fois.
 
Error - 18/10/2011 15:46:45 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service WD SmartWare Drive Manager s'est terminé de façon inattendue
 pour la 1ème fois.
 
Error - 18/10/2011 15:46:45 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service Service de l’iPod s'est terminé de façon inattendue pour
 la 1ème fois.
 
Error - 18/10/2011 15:46:45 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service WD SmartWare Background Service s'est terminé de façon
inattendue pour la 1ème fois.
 
Error - 18/10/2011 15:53:00 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service ATK Keyboard Service s'est terminé de façon inattendue
pour la 1ème fois.
 
Error - 18/10/2011 15:53:29 | Computer Name = BARBIER-A6FE5CA | Source = DCOM | ID = 10010
Description = Le serveur {BCB3CC02-761B-4C74-8B04-891A31034D19} ne s'est pas enregistré
 sur DCOM avant la fin du temps imparti.
 
Error - 18/10/2011 17:14:51 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service ATK Keyboard Service s'est terminé de façon inattendue
pour la 1ème fois.
 
Error - 19/10/2011 04:13:34 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service ATK Keyboard Service s'est terminé de façon inattendue
pour la 1ème fois.
 
Error - 19/10/2011 06:46:59 | Computer Name = BARBIER-A6FE5CA | Source = Service Control Manager | ID = 7034
Description = Le service ATK Keyboard Service s'est terminé de façon inattendue
pour la 1ème fois.
 
 
< End of report >
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 19 Oct 2011 20:01

Pour le message concernant le certificat, c'est tout récent et propre à SFR, je n'ai trouver que deux cas sur google.
http://forum.sfr.fr/c205-neufbox-tv/f20 ... -.htm?st=0
et
http://www.kiloki.com/fr/forum/informat ... sible.html

c'est peu être donc un problème passagé qui vient de chez eux

télécharge >>> ST_Fix <<< (de Batch_Man) sur ton bureau

fais un double-clic sur l'icône de ST-Fix pour le lancer...et suis les instructions.

Puis poste le rapport qui s'ouvre stp ...

ensuite,

  • Télécharge >> TFC.exe << impérativement sur ton bureau
  • Ferme tous les programmes en cour de fonctionnement...
  • Fais un double-clic sur l'icône de TFC pour le lancer
  • Une demande va apparaitre pour te demander de redémarrer ton pc, cliques sur "YES" et laisse faire TFC.

et enfin...

désactive ton Anti-virus le temps de faire ces manipulations.

>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.

========================================================================================================

ensuite...

Télécharge Combofix.exe sur ton Bureau (et pas ailleurs)


Double clique [b]ComboFix.exe pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc une nouvelle fois afin de récupérer tous les services !!
Copie/colle le rapport combofix dans ta prochaine réponse

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.

========================================================================================================

si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...

Fait un double clic sur l'icône de WinsockXPFix.


>>clique sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 20 Oct 2011 20:19

Salut,
je dois désactiver l'anti-virus pour les manipes avec ST_Fix et TFC.exe ou avec Winsockxpfix et Combofix.exe ?
C'est pas un peu "risqué" de désactiver l'anti-virus ?
D'autant plus, qu'aujourd'hui, il n'y a eu aucune alerte.
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 20 Oct 2011 20:33

hello,

Non, cest toi qui doit le désactiver manuellement en utilisant l'interface de Gdata. il me semble que la protection résidente s'appelle "gardien antivirus", tu cliques dessus et choisis "désactiver/arrêter"

ensuite tu fais les téléchargement et scans demandés :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 20 Oct 2011 21:02

Voici le 1er rapport
Code: Tout sélectionner
########################################################################
#
# ST_Fix v.2.05 par Batch_Man
# Mise à jour le 06/08/2009
# Début a 22:01 le 20/10/2011
# Système d'exploitation: Microsoft Windows XP
# Service Pack: Service Pack 3
# Mode de boot: Normal
# Lancé de C:\Documents and Settings\Michel\Bureau\ST_Fix.bat
#
################################ Suppression ###############################
#
#
################################## Terminé ################################
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 20 Oct 2011 21:20

C'est encore moi. Je ne peux télécharger Winsockxpfix. Ça me met qu'il y a une erreur.
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 21 Oct 2011 06:32

Salut,

Désolé, le lien est mort :-?

essaie ici stp...

http://www.webattack.com/get/winsockxpfix.html

@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 21 Oct 2011 21:52

Salut,
est-ce qu'avec cette nouvelle adresse pour faire le scan je dois désactiver mon antivirus? Est-ce que celle -ci remplace uniquement Winsockxpfix? Est-ce que je dois ensuite télécharger ComboFix.exe et faire les manipes que tu m'as recommandé?

D'autre part, ça fait 2 fois que j'ai ce message "Windows - mémoire virtuelle minimale insuffisante". Ça veut dire ...

Bye
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 21 Oct 2011 22:21

hello,

Tu fais tout ça dans l'ordre >>>>>

désactive ton Anti-virus le temps de faire ces manipulations.

>>Télécharge Winsockxpfix sur ton bureau, ne le lance pas, et passe à la suite.
(c'est une sécurité de l'avoir au cas où ta connexion internet ne fonctionnerait plus après le passage de combofix)
========================================================================================================

ensuite...

Télécharge Combofix.exe sur ton Bureau (et pas ailleurs)


Double clique [b]ComboFix.exe pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc une nouvelle fois afin de récupérer tous les services !!
Copie/colle le rapport combofix dans ta prochaine réponse

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.

========================================================================================================

si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...mais si ta connexion internet fonctionne, ne le lance pas !

Fait un double clic sur l'icône de WinsockXPFix.


>>clique sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.[/quote]

D'autre part, ça fait 2 fois que j'ai ce message "Windows - mémoire virtuelle minimale insuffisante". Ça veut dire ...


ça devrait se règler tout seul après la fin de nos manipulation :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 22 Oct 2011 10:12

Hello,
voici donc le rapport de combofix. Est-ce que je dois le désinstaller ainsi que Winsockxpfix?

[code][/code]ComboFix 11-10-21.06 - Michel 22/10/2011 10:55:26.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1140 [GMT 2:00]
Lancé depuis: c:\documents and settings\Michel\Bureau\ComboFix.exe
AV: G Data AntiVirus 2010 *Disabled/Updated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Michel\WINDOWS
c:\windows\help\tours\htmltour\unlock_playing.htm
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-09-22 au 2011-10-22 ))))))))))))))))))))))))))))))))))))
.
.
2011-10-20 20:01 . 2011-10-20 20:01 -------- d-----w- C:\ST_Fix
2011-10-16 17:08 . 2011-10-17 17:47 512 ----a-w- C:\PhysicalMBR.bin
2011-10-04 08:30 . 2011-10-04 08:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 15:21 . 2011-10-03 15:21 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2011-10-03 15:02 . 2011-10-03 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2011-10-03 15:02 . 2011-10-03 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2011-10-03 15:02 . 2011-10-03 15:20 -------- d-----w- c:\program files\McAfee Security Scan
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-05 09:59 . 2008-03-01 14:11 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2011-09-26 09:41 . 2008-07-29 17:59 614400 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2006-03-02 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2006-03-02 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2006-03-02 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2006-03-02 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-17 21:24 . 2006-03-02 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:24 . 2006-03-02 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:24 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:24 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2006-03-02 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2006-03-02 12:00 389120 ----a-w- c:\windows\system32\html.iec
2011-08-12 11:51 . 2008-03-01 14:03 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2004-10-01 14:00 . 2008-03-01 17:04 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2001-01-05 15:51 . 2008-03-07 13:17 265728 ----a-w- c:\program files\UNWISE.EXE
2011-09-29 07:16 . 2011-10-05 10:50 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-18 4615552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Copernic Desktop Search - Home"="c:\program files\Copernic Desktop Search - Home\DesktopSearchService.exe" [2010-09-07 1611736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-20 2879488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-14 1397760]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2010-05-05 557056]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-03 16116224]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-15 196608]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"DeltTray"="DeltTray.exe" [2004-08-26 56320]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2009-09-07 925768]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Michel\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-2-22 495432]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-06 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-14 15:17 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [15/09/2009 18:30 28616]
R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [14/09/2009 19:35 22528]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [21/07/2009 17:42 68976]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29/02/2008 16:03 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 16:03 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [04/07/2010 13:33 116608]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [08/05/2009 10:41 1054792]
R2 AVKService;Planificateur G Data;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [08/05/2009 10:41 397896]
R2 AVKWCtl;G Data Gardien;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [07/05/2009 02:53 1251488]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [21/07/2009 17:31 51784]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [21/07/2009 17:31 55624]
R3 GDScan;G Data Scanner;c:\program files\Fichiers communs\G DATA\GDScan\GDScan.exe [10/03/2009 03:47 302152]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [21/07/2009 17:31 34632]
S2 gupdate1c98af089668030;Google Update Service (gupdate1c98af089668030);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 21:56 133104]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 21:56 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 14:49 227232]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16:51 12872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
.
Contenu du dossier 'Tâches planifiées'
.
2011-10-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2011-10-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-09 07:18]
.
2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:56]
.
2011-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:56]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2102473
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Michel\Application Data\Mozilla\Firefox\Profiles\0ex73btg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-PHPNukeFR Toolbar - c:\program files\PHPNukeFR\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-22 11:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(684)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\COMRes.dll
.
Heure de fin: 2011-10-22 11:03:21
ComboFix-quarantined-files.txt 2011-10-22 09:03
.
Avant-CF: 129 277 456 384 octets libres
Après-CF: 129 226 579 968 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /usepmtimer
[spybotsd]
timeout.old=30
.
- - End Of File - - DB0B0217AF1B195A1C154D9EB3DC3FC9
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 22 Oct 2011 10:15

Désolée, je viens de m'apercevoir que le rapport ne c'est pas mis en code. Oups !!!
Je te le renvoie à nouveau pour une meilleure lecture peut-être

Code: Tout sélectionner
ComboFix 11-10-21.06 - Michel 22/10/2011  10:55:26.1.2 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.2047.1140 [GMT 2:00]
Lancé depuis: c:\documents and settings\Michel\Bureau\ComboFix.exe
AV: G Data AntiVirus 2010 *Disabled/Updated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Michel\WINDOWS
c:\windows\help\tours\htmltour\unlock_playing.htm
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-09-22 au 2011-10-22  ))))))))))))))))))))))))))))))))))))
.
.
2011-10-20 20:01 . 2011-10-20 20:01   --------   d-----w-   C:\ST_Fix
2011-10-16 17:08 . 2011-10-17 17:47   512   ----a-w-   C:\PhysicalMBR.bin
2011-10-04 08:30 . 2011-10-04 08:30   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 15:21 . 2011-10-03 15:21   --------   d-----w-   c:\documents and settings\LocalService\Application Data\McAfee
2011-10-03 15:02 . 2011-10-03 15:02   --------   d-----w-   c:\documents and settings\All Users\Application Data\McAfee
2011-10-03 15:02 . 2011-10-03 15:02   --------   d-----w-   c:\documents and settings\All Users\Application Data\McAfee Security Scan
2011-10-03 15:02 . 2011-10-03 15:20   --------   d-----w-   c:\program files\McAfee Security Scan
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-05 09:59 . 2008-03-01 14:11   196608   ----a-w-   c:\windows\system32\drivers\nStandard.bin
2011-09-26 09:41 . 2008-07-29 17:59   614400   ----a-w-   c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2006-03-02 12:00   22528   ----a-w-   c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2006-03-02 12:00   220160   ----a-w-   c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2006-03-02 12:00   606208   ----a-w-   c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2006-03-02 12:00   1859072   ----a-w-   c:\windows\system32\win32k.sys
2011-08-17 21:24 . 2006-03-02 12:00   832512   ----a-w-   c:\windows\system32\wininet.dll
2011-08-17 21:24 . 2006-03-02 12:00   1830912   ----a-w-   c:\windows\system32\inetcpl.cpl
2011-08-17 21:24 . 2006-03-02 12:00   78336   ----a-w-   c:\windows\system32\ieencode.dll
2011-08-17 21:24 . 2006-03-02 12:00   17408   ----a-w-   c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2006-03-02 12:00   138496   ----a-w-   c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2006-03-02 12:00   389120   ----a-w-   c:\windows\system32\html.iec
2011-08-12 11:51 . 2008-03-01 14:03   26488   ----a-w-   c:\windows\system32\spupdsvc.exe
2004-10-01 14:00 . 2008-03-01 17:04   40960   ----a-w-   c:\program files\Uninstall_CDS.exe
2001-01-05 15:51 . 2008-03-07 13:17   265728   ----a-w-   c:\program files\UNWISE.EXE
2011-09-29 07:16 . 2011-10-05 10:50   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-18 4615552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Copernic Desktop Search - Home"="c:\program files\Copernic Desktop Search - Home\DesktopSearchService.exe" [2010-09-07 1611736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-20 2879488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-14 1397760]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2010-05-05 557056]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-03 16116224]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-15 196608]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"DeltTray"="DeltTray.exe" [2004-08-26 56320]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\AntiVirus\AVKTray\AVKTray.exe" [2009-09-07 925768]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Michel\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-2-22 495432]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-06 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-14 15:17   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [15/09/2009 18:30 28616]
R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [14/09/2009 19:35 22528]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [21/07/2009 17:42 68976]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29/02/2008 16:03 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 16:03 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [04/07/2010 13:33 116608]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [08/05/2009 10:41 1054792]
R2 AVKService;Planificateur G Data;c:\program files\G Data\AntiVirus\AVK\AVKService.exe [08/05/2009 10:41 397896]
R2 AVKWCtl;G Data Gardien;c:\program files\G Data\AntiVirus\AVK\AVKWCtl.exe [07/05/2009 02:53 1251488]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [21/07/2009 17:31 51784]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [21/07/2009 17:31 55624]
R3 GDScan;G Data Scanner;c:\program files\Fichiers communs\G DATA\GDScan\GDScan.exe [10/03/2009 03:47 302152]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [21/07/2009 17:31 34632]
S2 gupdate1c98af089668030;Google Update Service (gupdate1c98af089668030);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 21:56 133104]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 21:56 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 14:49 227232]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16:51 12872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
.
Contenu du dossier 'Tâches planifiées'
.
2011-10-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2011-10-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-09 07:18]
.
2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:56]
.
2011-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:56]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2102473
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Michel\Application Data\Mozilla\Firefox\Profiles\0ex73btg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-PHPNukeFR Toolbar - c:\program files\PHPNukeFR\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-22 11:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(684)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\COMRes.dll
.
Heure de fin: 2011-10-22  11:03:21
ComboFix-quarantined-files.txt  2011-10-22 09:03
.
Avant-CF: 129 277 456 384 octets libres
Après-CF: 129 226 579 968 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /usepmtimer
[spybotsd]
timeout.old=30
.
- - End Of File - - DB0B0217AF1B195A1C154D9EB3DC3FC9
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 22 Oct 2011 13:25

c'est cooll, tu peux virer WinsockXPfix.exe.

Comment se comporte ton PC, toujours des alertes de Gdata ?
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 22 Oct 2011 15:35

Salut,
bon pour le moment, tout va bien, pas d' alerte de Gdata. Suite au prochaine épisode donc...
Je te tiens au jus.
Bye
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 24 Oct 2011 20:36

Salut,
juste pour te dire que tout va très bien pour le moment.
Bye et encore merci pour ton aide.
barbier22
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 25
Inscription: 16 Oct 2011 10:09
 
Haut

Re: virus adware adseo ...... (Engine A)

Message le 25 Oct 2011 11:57

hello,

C'est cool alors...

Si tout est OK, télécharge et exécute Delfix (par Xplode) pour désinstaller les tools utilisés
http://www.general-changelog-team.fr/te ... e/3-delfix

@++ :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 
Haut
PrécédenteSuivante
Répondre

Sujets similaires

Message [Réglé] choix anti virus
bonjour a tous, je viens de changer mon pc et j'aimerai vos avis sur le choix de l anti virus.
Réponses: 8

Message HELP je pense avoir un virus
Bonsoir,Première fois que ce genre de chose m'arrive, j'ai d'abord été hackée sur Instagram, pensant que ca s'arrêterait làEnsuite ca a été au tour de STEAM malgré le steam guard ( identification à 2 facteurs) puis Linkedin !! Je n'ai eu aucune alerte de connexion, que ce soit par sms ou email !! J' ...
Réponses: 12

Message Aide suite à une analyse FRST contre un virus vbc.exe
Bonjour tout le monde, J'ai récemment constaté que j'étais infecté par un virus lié à vbc.exe, ce qui entraîne une utilisation du CPU allant jusqu'à 30% voire 40%. J'ai donc effectué mes analyses FRST et voici les rapports obtenus : - FRST.txt: https://pjjoint.malekal.com/files.php?id=FRST_20240315_ ...
Réponses: 3

Message [Réglé] Petite vérification virus
Salut Heravles ,Merci et bonne année a toi également et aussi a toute ta famille.Oui désolé j'ai pas fais attention quand j'ai téléchargé le logiciel alors que je sais très bien qu'il fallait le faire sur le bureau. Je ferais plus attention la prochaine fois.Nickel si mon Pc et pas infecté.Je t'envo ...
Réponses: 5

Message 22h2 bogues tpm et centre de sécurité: virus?
Salut,J'ai refait iso et formaté override le disque. Un reset électrique du PC.Je suis sur W11 PRO 64 v22621.525 (même bogue sur la première iso 22h2 fournie par Microsoft en 22621.382).WU est désactivé avant connexion a internet via gpedit.msc.J'ai installé à neuf en compte local. J'installe sans i ...
Réponses: 17

Message anti virus gratuit
Bonjour,Avez-vous un anti virus nettoyeur gratuit en français a me conseiller pour mon j3 2016 samsung.Cordialement.
Réponses: 3

Message Des VIRUS (encore ?)
Bonjour Bernard,merci pour ton aide, j'ai donc supprimé les logiciels adobe que j'avais cracké,voici les nouvelles analyses:Addition : https://cjoint.com/c/LKduLSQQmLnFRST : https://cjoint.com/c/LKduNhgM1vnShortcut : https://cjoint.com/c/LKduNycdWwnCordialement
Réponses: 7

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.