Rogerval

Membres

Afficher le profil Afficher son activité

Compteur de contenus
39
Inscription
le 2 février 2004
Dernière visite
le 23 mars 2010

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par Rogerval

[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

j'ai failli, mais n'ai pas craqué... grace à votre soutien. J'ai refait vundo, l'ordinateur redémarre meme sans ma permission... Je l'ai meme fait 2 fois. Voici pour Vundo : Beginning removal... Beginning removal... C'est tout ce qu'il y a de noté. POur Main : Deckard's System Scanner v20071014.68 Run by Roger on 2007-11-24 18:52:51 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Roger.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:53:04, on 24/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Roger\Desktop\dss.exe C:\Users\Roger\DOWNLO~1\Roger.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...esame/login.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {92B5D487-9997-4E25-B3D7-E83298651186} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: (no name) - {A815326A-F7E9-45D1-8B3C-2C018C48742C} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\system32\__c00EE4FE.dat O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12196 bytes -- Files created between 2007-10-24 and 2007-11-24 ----------------------------- 2007-11-23 16:49:19 0 d-------- C:\Program Files\Gadwin Systems 2007-11-23 14:09:58 0 d-------- C:\Program Files\Navilog1 2007-11-23 12:22:04 24576 --a------ C:\Windows\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service> 2007-11-23 11:51:58 85056 --a------ C:\Windows\system32\pgnjkwaw.dll 2007-11-23 11:51:56 83520 --a------ C:\Windows\system32\qakghjuk.dll 2007-11-23 11:49:18 4672 --a------ C:\Windows\system32\irlcpiwk.exe 2007-11-23 11:49:17 145984 --a------ C:\Windows\system32\gmdqcctp.dll 2007-11-23 11:48:56 145984 --a------ C:\Windows\system32\cxkclohv.dll 2007-11-23 11:46:16 10816 --a------ C:\Windows\system32\__c00EE4FE.dat 2007-11-23 11:46:15 10816 --a------ C:\Windows\system32\voddmnxr.dll 2007-11-23 11:46:14 71232 --a------ C:\Windows\system32\tgrollhk.exe <Not Verified; ; DDC> 2007-11-22 18:48:57 0 d-------- C:\Windows\Sun 2007-11-22 16:56:51 12 --a------ C:\Windows\bthservsdp.dat 2007-11-22 12:39:06 0 d-------- C:\Program Files\IZArc 2007-11-22 10:31:18 0 --a------ C:\Windows\nsreg.dat 2007-11-22 10:05:49 0 d-------- C:\VundoFix Backups 2007-11-22 09:44:33 0 d-------- C:\Program Files\Yahoo! 2007-11-22 09:44:23 0 d-------- C:\Program Files\CCleaner 2007-11-21 18:49:08 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-11-21 18:28:51 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2007-11-21 18:28:17 0 d-------- C:\Program Files\Windows Live 2007-11-21 16:52:11 0 d-------- C:\Program Files\iPod 2007-11-21 16:49:32 0 d-------- C:\Program Files\QuickTime 2007-11-21 16:48:32 0 d-------- C:\Program Files\Apple Software Update 2007-11-21 16:47:35 0 d-------- C:\Program Files\Common Files\Apple 2007-11-21 16:36:01 0 d-------- C:\Program Files\iTunes 2007-11-21 11:43:56 0 d-------- C:\Windows\PCHEALTH 2007-11-21 11:43:56 0 d-------- C:\Program Files\Microsoft.NET 2007-11-21 11:38:40 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2007-11-21 11:34:39 0 dr-h----- C:\MSOCache 2007-11-21 11:22:27 36352 --a------ C:\Windows\system32\awtqpml.dll 2007-11-21 11:20:13 0 d-------- C:\Program Files\uTorrent 2007-10-29 09:48:42 0 d-------- C:\Program Files\Common Files\Odbc 2007-10-29 09:48:29 0 d-------- C:\Program Files\FileMaker 2007-10-25 17:46:46 0 d-------- C:\Program Files\Alwil Software 2007-10-25 17:42:05 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2007-10-25 17:34:22 0 d--hs---- C:\Windows\ftpcache 2007-10-25 17:10:25 86016 --a------ C:\Windows\system32\cbasepipe.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:44 90112 --a------ C:\Windows\system32\cbasetcp.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBTCP32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBNpip32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 651264 --a------ C:\Windows\system32\CBloc32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\cbase32.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:46 1966080 --a------ C:\Windows\system32\cdintf251.dll <Not Verified; Amyuni Technologies http://www.amyuni.com; Amyuni Common Driver Interface> 2007-10-25 16:43:42 536576 --a------ C:\Windows\system32\SAGEPERS.DLL 2007-10-25 16:43:42 274432 --a------ C:\Windows\system32\crun500.dll <Not Verified; Compagnie Internationale d'Edition de Logiciel; CRun Dynamic Link Library> 2007-10-25 16:43:42 0 d-------- C:\Program Files\Maestria 2007-10-25 16:43:41 86016 --a------ C:\Windows\system32\mlcorert.dll <Not Verified; Sage; Sage runtime librairie> 2007-10-25 16:43:41 0 d-------- C:\Program Files\Common Files\SAGE 2007-10-25 16:43:40 278528 --a------ C:\Windows\system32\cbaselocal.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:38 606208 --a------ C:\Windows\system32\cbaseintf.dll <Not Verified; Sage; CBase> 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage réseau 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage d'impression 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\SendTo 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Recent 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Modèles 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Mes documents 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Menu Démarrer 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Local Settings 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Cookies 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Application Data 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Videos 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Searches 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Saved Games 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Pictures 2007-10-25 09:30:48 3145728 --ahs---- C:\Users\Roger\NTUSER.DAT 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Music 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Links 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Favorites 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Downloads 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Documents 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Desktop 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Contacts 2007-10-25 09:30:48 0 d--h----- C:\Users\Roger\AppData 2007-10-25 09:25:12 0 d-------- C:\Windows\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2007-11-24 09:08:44 693588 --a------ C:\Windows\system32\perfh00C.dat 2007-11-24 09:08:44 118450 --a------ C:\Windows\system32\perfc00C.dat 2007-11-24 08:43:02 0 d-------- C:\Users\Roger\AppData\Roaming\Skype 2007-11-23 11:49:12 0 d-------- C:\Users\Roger\AppData\Roaming\uTorrent 2007-11-22 20:07:35 0 d-------- C:\Users\Roger\AppData\Roaming\HouseCall 6.6 2007-11-22 18:13:50 0 d-------- C:\Users\Roger\AppData\Roaming\Leadertech 2007-11-21 18:28:51 0 d-------- C:\Program Files\Common Files 2007-11-21 16:52:39 0 d-------- C:\Users\Roger\AppData\Roaming\Apple Computer 2007-11-21 15:45:09 0 d-------- C:\Users\Roger\AppData\Roaming\AdwareAlert 2007-11-21 15:10:30 0 d-------- C:\Users\Roger\AppData\Roaming\FileMaker 2007-11-21 11:48:01 0 d-------- C:\Program Files\Microsoft Works 2007-11-21 11:47:37 0 d-------- C:\Program Files\MSBuild 2007-11-21 11:18:42 0 d-------- C:\Users\Roger\AppData\Roaming\Mozilla 2007-11-14 18:37:38 0 d-------- C:\Program Files\Windows Mail 2007-11-14 16:29:20 0 d-------- C:\Users\Roger\AppData\Roaming\Sage 2007-11-05 12:03:59 0 d-------- C:\Program Files\Java 2007-10-29 10:01:19 0 d-------- C:\Program Files\Google 2007-10-29 09:58:17 0 d-------- C:\Program Files\Norton Save and Restore 2007-10-29 09:58:14 0 d-------- C:\Program Files\Common Files\Symantec Shared 2007-10-29 09:54:13 0 d-------- C:\Program Files\DivX 2007-10-26 18:58:58 174 --ahs---- C:\Program Files\desktop.ini 2007-10-26 18:56:55 0 d-------- C:\Program Files\Windows Calendar 2007-10-26 12:17:01 0 d-------- C:\Users\Roger\AppData\Roaming\DivX 2007-10-25 17:45:07 0 d-------- C:\Users\Roger\AppData\Roaming\Google 2007-10-25 17:42:53 0 d-------- C:\Users\Roger\AppData\Roaming\Adobe 2007-10-25 17:38:28 0 d-------- C:\Program Files\Common Files\Adobe 2007-10-25 17:30:45 0 d-------- C:\Users\Roger\AppData\Roaming\Macromedia 2007-10-25 16:47:37 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-10-25 16:09:15 0 d-------- C:\Users\Roger\AppData\Roaming\Sony Corporation 2007-10-25 15:06:10 0 d-------- C:\Users\Roger\AppData\Roaming\temp 2007-10-25 13:38:02 0 d-------- C:\Program Files\Lecteur CANALPLAY 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:22:58 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-09-17 19:22:58 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-08-24 18:08:24 1275392 --a------ C:\Windows\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP 2> -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{92B5D487-9997-4E25-B3D7-E83298651186}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A815326A-F7E9-45D1-8B3C-2C018C48742C}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 11:34] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [20/08/2007 09:42] C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [26/10/2006 20:24:54] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [22/10/2006 23:01:50] Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [22/05/2007 15:57:26] Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [25/10/2007 17:41:40] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 24/07/2007 18:26 98304 C:\Windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\Windows\system32\__c00EE4FE.dat [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background "Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" "RtHDVCpl"=RtHDVCpl.exe "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime "Persistence"=C:\Windows\system32\igfxpers.exe "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" "IgfxTray"=C:\Windows\system32\igfxtray.exe "HotKeysCmds"=C:\Windows\system32\hkcmd.exe "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Windows Mobile-based device management"=%windir%\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] AutoRun\command- G:\Autorun\Autorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2007-11-24 18:53:35 ------------ le fichier hggfc y est toujours... et toujours pas supprimmable sur Hijack... J'attends la suite avec impatience !! MERCI encore !
- le 24 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

je crois que c'est un peu l'hallu !!! Ceux là ne sont pas dans Hijack : O2 - BHO: {82dc8660-e59c-97f9-dec4-22f6d949c4c8} - {8c4c949d-6f22-4ced-9f79-c95e0668cd28} - C:\Windows\system32\qakghjuk.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\Windows\system32\gmdqcctp.dll Ceux là reviennent meme quand je les supprime : O2 - BHO: (no name) - {0BE8F526-8E56-4C66-9755-6FD3986EA374} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: (no name) - {DD1A34F1-B8D4-4A0F-89FA-49B9073BF4F4} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll voici Vundo : VundoFix V6.6.2 Checking Java version... Scan started at 10:05:50 22/11/2007 Listing files found while scanning.... No infected files were found. VundoFix V6.6.2 Checking Java version... Scan started at 12:12:17 23/11/2007 Listing files found while scanning.... C:\windows\System32\__c00EE4FE.dat C:\windows\System32\cxkclohv.dll C:\Windows\system32\gmdqcctp.dll C:\windows\System32\gmdqcctp.dllbox C:\windows\System32\voddmnxr.dll Beginning removal... Beginning removal... Voici Main de DSS : Deckard's System Scanner v20071014.68 Run by Roger on 2007-11-24 09:02:36 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Roger.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:02:45, on 24/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Windows\System32\mobsync.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Windows\system32\rundll32.exe C:\Users\Roger\Desktop\dss.exe C:\Windows\system32\conime.exe C:\Users\Roger\DOWNLO~1\Roger.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...esame/login.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2DD894E6-08B8-458F-BF88-1C4A9C47CDC9} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A3D00EE5-3E91-423D-931C-C72620BC2DEB} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk.disabled O4 - Global Startup: Adobe Reader Synchronizer.lnk.disabled O4 - Global Startup: Bluetooth Manager.lnk.disabled O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk.disabled O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\system32\__c00EE4FE.dat O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11723 bytes -- Files created between 2007-10-24 and 2007-11-24 ----------------------------- 2007-11-23 16:49:19 0 d-------- C:\Program Files\Gadwin Systems 2007-11-23 14:09:58 0 d-------- C:\Program Files\Navilog1 2007-11-23 12:22:04 24576 --a------ C:\Windows\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service> 2007-11-23 11:51:58 85056 --a------ C:\Windows\system32\pgnjkwaw.dll 2007-11-23 11:51:56 83520 --a------ C:\Windows\system32\qakghjuk.dll 2007-11-23 11:49:18 4672 --a------ C:\Windows\system32\irlcpiwk.exe 2007-11-23 11:49:17 145984 --a------ C:\Windows\system32\gmdqcctp.dll 2007-11-23 11:48:56 145984 --a------ C:\Windows\system32\cxkclohv.dll 2007-11-23 11:46:16 10816 --a------ C:\Windows\system32\__c00EE4FE.dat 2007-11-23 11:46:15 10816 --a------ C:\Windows\system32\voddmnxr.dll 2007-11-23 11:46:14 71232 --a------ C:\Windows\system32\tgrollhk.exe <Not Verified; ; DDC> 2007-11-22 18:48:57 0 d-------- C:\Windows\Sun 2007-11-22 16:56:51 12 --a------ C:\Windows\bthservsdp.dat 2007-11-22 12:39:06 0 d-------- C:\Program Files\IZArc 2007-11-22 10:31:18 0 --a------ C:\Windows\nsreg.dat 2007-11-22 10:05:49 0 d-------- C:\VundoFix Backups 2007-11-22 09:44:33 0 d-------- C:\Program Files\Yahoo! 2007-11-22 09:44:23 0 d-------- C:\Program Files\CCleaner 2007-11-21 18:49:08 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-11-21 18:28:51 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2007-11-21 18:28:17 0 d-------- C:\Program Files\Windows Live 2007-11-21 16:52:11 0 d-------- C:\Program Files\iPod 2007-11-21 16:49:32 0 d-------- C:\Program Files\QuickTime 2007-11-21 16:48:32 0 d-------- C:\Program Files\Apple Software Update 2007-11-21 16:47:35 0 d-------- C:\Program Files\Common Files\Apple 2007-11-21 16:36:01 0 d-------- C:\Program Files\iTunes 2007-11-21 11:43:56 0 d-------- C:\Windows\PCHEALTH 2007-11-21 11:43:56 0 d-------- C:\Program Files\Microsoft.NET 2007-11-21 11:38:40 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2007-11-21 11:34:39 0 dr-h----- C:\MSOCache 2007-11-21 11:22:27 36352 --a------ C:\Windows\system32\awtqpml.dll 2007-11-21 11:20:13 0 d-------- C:\Program Files\uTorrent 2007-10-29 09:48:42 0 d-------- C:\Program Files\Common Files\Odbc 2007-10-29 09:48:29 0 d-------- C:\Program Files\FileMaker 2007-10-25 17:46:46 0 d-------- C:\Program Files\Alwil Software 2007-10-25 17:42:05 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2007-10-25 17:34:22 0 d--hs---- C:\Windows\ftpcache 2007-10-25 17:10:25 86016 --a------ C:\Windows\system32\cbasepipe.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:44 90112 --a------ C:\Windows\system32\cbasetcp.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBTCP32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBNpip32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 651264 --a------ C:\Windows\system32\CBloc32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\cbase32.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:46 1966080 --a------ C:\Windows\system32\cdintf251.dll <Not Verified; Amyuni Technologies http://www.amyuni.com; Amyuni Common Driver Interface> 2007-10-25 16:43:42 536576 --a------ C:\Windows\system32\SAGEPERS.DLL 2007-10-25 16:43:42 274432 --a------ C:\Windows\system32\crun500.dll <Not Verified; Compagnie Internationale d'Edition de Logiciel; CRun Dynamic Link Library> 2007-10-25 16:43:42 0 d-------- C:\Program Files\Maestria 2007-10-25 16:43:41 86016 --a------ C:\Windows\system32\mlcorert.dll <Not Verified; Sage; Sage runtime librairie> 2007-10-25 16:43:41 0 d-------- C:\Program Files\Common Files\SAGE 2007-10-25 16:43:40 278528 --a------ C:\Windows\system32\cbaselocal.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:38 606208 --a------ C:\Windows\system32\cbaseintf.dll <Not Verified; Sage; CBase> 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage réseau 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage d'impression 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\SendTo 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Recent 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Modèles 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Mes documents 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Menu Démarrer 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Local Settings 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Cookies 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Application Data 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Videos 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Searches 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Saved Games 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Pictures 2007-10-25 09:30:48 3145728 --ahs---- C:\Users\Roger\NTUSER.DAT 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Music 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Links 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Favorites 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Downloads 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Documents 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Desktop 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Contacts 2007-10-25 09:30:48 0 d--h----- C:\Users\Roger\AppData 2007-10-25 09:25:12 0 d-------- C:\Windows\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2007-11-24 08:57:12 693588 --a------ C:\Windows\system32\perfh00C.dat 2007-11-24 08:57:12 118450 --a------ C:\Windows\system32\perfc00C.dat 2007-11-24 08:43:02 0 d-------- C:\Users\Roger\AppData\Roaming\Skype 2007-11-23 11:49:12 0 d-------- C:\Users\Roger\AppData\Roaming\uTorrent 2007-11-22 20:07:35 0 d-------- C:\Users\Roger\AppData\Roaming\HouseCall 6.6 2007-11-22 18:13:50 0 d-------- C:\Users\Roger\AppData\Roaming\Leadertech 2007-11-21 18:28:51 0 d-------- C:\Program Files\Common Files 2007-11-21 16:52:39 0 d-------- C:\Users\Roger\AppData\Roaming\Apple Computer 2007-11-21 15:45:09 0 d-------- C:\Users\Roger\AppData\Roaming\AdwareAlert 2007-11-21 15:10:30 0 d-------- C:\Users\Roger\AppData\Roaming\FileMaker 2007-11-21 11:48:01 0 d-------- C:\Program Files\Microsoft Works 2007-11-21 11:47:37 0 d-------- C:\Program Files\MSBuild 2007-11-21 11:18:42 0 d-------- C:\Users\Roger\AppData\Roaming\Mozilla 2007-11-14 18:37:38 0 d-------- C:\Program Files\Windows Mail 2007-11-14 16:29:20 0 d-------- C:\Users\Roger\AppData\Roaming\Sage 2007-11-05 12:03:59 0 d-------- C:\Program Files\Java 2007-10-29 10:01:19 0 d-------- C:\Program Files\Google 2007-10-29 09:58:17 0 d-------- C:\Program Files\Norton Save and Restore 2007-10-29 09:58:14 0 d-------- C:\Program Files\Common Files\Symantec Shared 2007-10-29 09:54:13 0 d-------- C:\Program Files\DivX 2007-10-26 18:58:58 174 --ahs---- C:\Program Files\desktop.ini 2007-10-26 18:56:55 0 d-------- C:\Program Files\Windows Calendar 2007-10-26 12:17:01 0 d-------- C:\Users\Roger\AppData\Roaming\DivX 2007-10-25 17:45:07 0 d-------- C:\Users\Roger\AppData\Roaming\Google 2007-10-25 17:42:53 0 d-------- C:\Users\Roger\AppData\Roaming\Adobe 2007-10-25 17:38:28 0 d-------- C:\Program Files\Common Files\Adobe 2007-10-25 17:30:45 0 d-------- C:\Users\Roger\AppData\Roaming\Macromedia 2007-10-25 16:47:37 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-10-25 16:09:15 0 d-------- C:\Users\Roger\AppData\Roaming\Sony Corporation 2007-10-25 15:06:10 0 d-------- C:\Users\Roger\AppData\Roaming\temp 2007-10-25 13:38:02 0 d-------- C:\Program Files\Lecteur CANALPLAY 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:22:58 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-09-17 19:22:58 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-08-24 18:08:24 1275392 --a------ C:\Windows\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP 2> -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2DD894E6-08B8-458F-BF88-1C4A9C47CDC9}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3D00EE5-3E91-423D-931C-C72620BC2DEB}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 11:34] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [20/08/2007 09:42] C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk.disabled [22/11/2007 17:11:32] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk.disabled [25/10/2007 17:40:43] Bluetooth Manager.lnk.disabled [25/10/2007 09:33:54] Lancement rapide d'Adobe Acrobat.lnk.disabled [22/11/2007 17:48:02] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 24/07/2007 18:26 98304 C:\Windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\Windows\system32\__c00EE4FE.dat [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background "Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" "RtHDVCpl"=RtHDVCpl.exe "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime "Persistence"=C:\Windows\system32\igfxpers.exe "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" "IgfxTray"=C:\Windows\system32\igfxtray.exe "HotKeysCmds"=C:\Windows\system32\hkcmd.exe "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Windows Mobile-based device management"=%windir%\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] AutoRun\command- G:\Autorun\Autorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2007-11-24 09:03:09 ------------ Penses tu que je doivent supprimmer à partir de la console de récup... Je suis à 2 doigts de tout reformater !!
- le 24 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

Merci... vraiment super de t'avoir à mes cotés dans ce moment délicat.
- le 23 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

Encore merci. Voici le rapport : Main : Deckard's System Scanner v20071014.68 Run by Roger on 2007-11-23 18:40:25 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 17: 2007-11-23 10:46:49 UTC - RP136 - Windows Defender Checkpoint 16: 2007-11-22 17:30:41 UTC - RP134 - Windows Defender Checkpoint 15: 2007-11-22 16:53:39 UTC - RP132 - Installed FileMaker Pro 9 Advanced 14: 2007-11-22 15:57:17 UTC - RP131 - Installed Windows Mobile Device Center 13: 2007-11-22 15:48:42 UTC - RP130 - Installed Windows Mobile Device Center Driver Update -- First Restore Point -- 1: 2007-11-21 13:38:24 UTC - RP115 - Windows Defender Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Roger.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:43:37, on 23/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\mobsync.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Windows\system32\rundll32.exe C:\Windows\explorer.exe C:\Windows\system32\conime.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Users\Roger\Desktop\dss.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Roger\DOWNLO~1\Roger.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...esame/login.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0BE8F526-8E56-4C66-9755-6FD3986EA374} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: {82dc8660-e59c-97f9-dec4-22f6d949c4c8} - {8c4c949d-6f22-4ced-9f79-c95e0668cd28} - C:\Windows\system32\qakghjuk.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\Windows\system32\gmdqcctp.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: (no name) - {DD1A34F1-B8D4-4A0F-89FA-49B9073BF4F4} - C:\Users\Roger\AppData\Local\Temp\hggfc.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\Windows\system32\gmdqcctp.dll O4 - HKLM\..\Run: [42efb70d] rundll32.exe "C:\Windows\system32\pgnjkwaw.dll",b O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk.disabled O4 - Global Startup: Adobe Reader Synchronizer.lnk.disabled O4 - Global Startup: Bluetooth Manager.lnk.disabled O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk.disabled O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\system32\__c00EE4FE.dat O20 - Winlogon Notify: gmdqcctp - C:\Windows\SYSTEM32\gmdqcctp.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: DomainService - - C:\Windows\system32\tgrollhk.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12440 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- All drivers whitelisted. -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> R2 DomainService - c:\windows\system32\tgrollhk.exe /service <Not Verified; ; DDC> R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing) S3 PACSPTISVR - c:\program files\common files\sony shared\avlib\pacsptisvr.exe <Not Verified; ; PACSPTISVR Module> S3 VundoFixSvc (VundoFix Service) - vundofixsvc.exe <Not Verified; Atribune.org; Vundofix Service> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2007-11-21 15:56:02 496 --a------ C:\Windows\Tasks\AdwareAlert Scheduled Scan.job -- Files created between 2007-10-23 and 2007-11-23 ----------------------------- 2007-11-23 16:49:19 0 d-------- C:\Program Files\Gadwin Systems 2007-11-23 14:09:58 0 d-------- C:\Program Files\Navilog1 2007-11-23 12:22:04 24576 --a------ C:\Windows\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service> 2007-11-23 11:51:58 85056 --a------ C:\Windows\system32\pgnjkwaw.dll 2007-11-23 11:51:56 83520 --a------ C:\Windows\system32\qakghjuk.dll 2007-11-23 11:49:18 4672 --a------ C:\Windows\system32\irlcpiwk.exe 2007-11-23 11:49:17 145984 --a------ C:\Windows\system32\gmdqcctp.dll 2007-11-23 11:48:56 145984 --a------ C:\Windows\system32\cxkclohv.dll 2007-11-23 11:46:16 10816 --a------ C:\Windows\system32\__c00EE4FE.dat 2007-11-23 11:46:15 10816 --a------ C:\Windows\system32\voddmnxr.dll 2007-11-23 11:46:14 71232 --a------ C:\Windows\system32\tgrollhk.exe <Not Verified; ; DDC> 2007-11-22 18:48:57 0 d-------- C:\Windows\Sun 2007-11-22 16:56:51 12 --a------ C:\Windows\bthservsdp.dat 2007-11-22 12:39:06 0 d-------- C:\Program Files\IZArc 2007-11-22 10:31:18 0 --a------ C:\Windows\nsreg.dat 2007-11-22 10:05:49 0 d-------- C:\VundoFix Backups 2007-11-22 09:44:33 0 d-------- C:\Program Files\Yahoo! 2007-11-22 09:44:23 0 d-------- C:\Program Files\CCleaner 2007-11-21 18:49:08 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-11-21 18:28:51 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2007-11-21 18:28:17 0 d-------- C:\Program Files\Windows Live 2007-11-21 16:52:11 0 d-------- C:\Program Files\iPod 2007-11-21 16:49:32 0 d-------- C:\Program Files\QuickTime 2007-11-21 16:48:32 0 d-------- C:\Program Files\Apple Software Update 2007-11-21 16:47:35 0 d-------- C:\Program Files\Common Files\Apple 2007-11-21 16:36:01 0 d-------- C:\Program Files\iTunes 2007-11-21 11:43:56 0 d-------- C:\Windows\PCHEALTH 2007-11-21 11:43:56 0 d-------- C:\Program Files\Microsoft.NET 2007-11-21 11:38:40 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2007-11-21 11:34:39 0 dr-h----- C:\MSOCache 2007-11-21 11:22:27 36352 --a------ C:\Windows\system32\awtqpml.dll 2007-11-21 11:20:13 0 d-------- C:\Program Files\uTorrent 2007-10-29 09:48:42 0 d-------- C:\Program Files\Common Files\Odbc 2007-10-29 09:48:29 0 d-------- C:\Program Files\FileMaker 2007-10-25 17:46:46 0 d-------- C:\Program Files\Alwil Software 2007-10-25 17:42:05 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2007-10-25 17:34:22 0 d--hs---- C:\Windows\ftpcache 2007-10-25 17:10:25 86016 --a------ C:\Windows\system32\cbasepipe.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:44 90112 --a------ C:\Windows\system32\cbasetcp.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBTCP32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\CBNpip32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 651264 --a------ C:\Windows\system32\CBloc32.dll <Not Verified; Sage; CBase> 2007-10-25 16:47:40 696320 --a------ C:\Windows\system32\cbase32.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:46 1966080 --a------ C:\Windows\system32\cdintf251.dll <Not Verified; Amyuni Technologies http://www.amyuni.com; Amyuni Common Driver Interface> 2007-10-25 16:43:42 536576 --a------ C:\Windows\system32\SAGEPERS.DLL 2007-10-25 16:43:42 274432 --a------ C:\Windows\system32\crun500.dll <Not Verified; Compagnie Internationale d'Edition de Logiciel; CRun Dynamic Link Library> 2007-10-25 16:43:42 0 d-------- C:\Program Files\Maestria 2007-10-25 16:43:41 86016 --a------ C:\Windows\system32\mlcorert.dll <Not Verified; Sage; Sage runtime librairie> 2007-10-25 16:43:41 0 d-------- C:\Program Files\Common Files\SAGE 2007-10-25 16:43:40 278528 --a------ C:\Windows\system32\cbaselocal.dll <Not Verified; Sage; CBase> 2007-10-25 16:43:38 606208 --a------ C:\Windows\system32\cbaseintf.dll <Not Verified; Sage; CBase> 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage réseau 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Voisinage d'impression 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\SendTo 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Recent 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Modèles 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Mes documents 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Menu Démarrer 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Local Settings 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Cookies 2007-10-25 09:31:07 0 d--hs---- C:\Users\Roger\Application Data 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Videos 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Searches 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Saved Games 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Pictures 2007-10-25 09:30:48 3145728 --ahs---- C:\Users\Roger\NTUSER.DAT 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Music 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Links 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Favorites 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Downloads 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Documents 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Desktop 2007-10-25 09:30:48 0 dr------- C:\Users\Roger\Contacts 2007-10-25 09:30:48 0 d--h----- C:\Users\Roger\AppData 2007-10-25 09:25:12 0 d-------- C:\Windows\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2007-11-23 18:40:14 0 d-------- C:\Users\Roger\AppData\Roaming\Skype 2007-11-23 14:06:44 693588 --a------ C:\Windows\system32\perfh00C.dat 2007-11-23 14:06:44 118450 --a------ C:\Windows\system32\perfc00C.dat 2007-11-23 11:49:12 0 d-------- C:\Users\Roger\AppData\Roaming\uTorrent 2007-11-22 20:07:35 0 d-------- C:\Users\Roger\AppData\Roaming\HouseCall 6.6 2007-11-22 18:13:50 0 d-------- C:\Users\Roger\AppData\Roaming\Leadertech 2007-11-21 18:28:51 0 d-------- C:\Program Files\Common Files 2007-11-21 16:52:39 0 d-------- C:\Users\Roger\AppData\Roaming\Apple Computer 2007-11-21 15:45:09 0 d-------- C:\Users\Roger\AppData\Roaming\AdwareAlert 2007-11-21 15:10:30 0 d-------- C:\Users\Roger\AppData\Roaming\FileMaker 2007-11-21 11:48:01 0 d-------- C:\Program Files\Microsoft Works 2007-11-21 11:47:37 0 d-------- C:\Program Files\MSBuild 2007-11-21 11:18:42 0 d-------- C:\Users\Roger\AppData\Roaming\Mozilla 2007-11-14 18:37:38 0 d-------- C:\Program Files\Windows Mail 2007-11-14 16:29:20 0 d-------- C:\Users\Roger\AppData\Roaming\Sage 2007-11-05 12:03:59 0 d-------- C:\Program Files\Java 2007-10-29 10:01:19 0 d-------- C:\Program Files\Google 2007-10-29 09:58:17 0 d-------- C:\Program Files\Norton Save and Restore 2007-10-29 09:58:14 0 d-------- C:\Program Files\Common Files\Symantec Shared 2007-10-29 09:54:13 0 d-------- C:\Program Files\DivX 2007-10-26 18:58:58 174 --ahs---- C:\Program Files\desktop.ini 2007-10-26 18:56:55 0 d-------- C:\Program Files\Windows Calendar 2007-10-26 12:17:01 0 d-------- C:\Users\Roger\AppData\Roaming\DivX 2007-10-25 17:45:07 0 d-------- C:\Users\Roger\AppData\Roaming\Google 2007-10-25 17:42:53 0 d-------- C:\Users\Roger\AppData\Roaming\Adobe 2007-10-25 17:38:28 0 d-------- C:\Program Files\Common Files\Adobe 2007-10-25 17:30:45 0 d-------- C:\Users\Roger\AppData\Roaming\Macromedia 2007-10-25 16:47:37 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-10-25 16:09:15 0 d-------- C:\Users\Roger\AppData\Roaming\Sony Corporation 2007-10-25 15:06:10 0 d-------- C:\Users\Roger\AppData\Roaming\temp 2007-10-25 13:38:02 0 d-------- C:\Program Files\Lecteur CANALPLAY 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:23:00 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-09-17 19:22:58 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-09-17 19:22:58 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-08-24 18:08:24 1275392 --a------ C:\Windows\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP 2> -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0BE8F526-8E56-4C66-9755-6FD3986EA374}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8c4c949d-6f22-4ced-9f79-c95e0668cd28}] 23/11/2007 11:51 83520 --a------ C:\Windows\system32\qakghjuk.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] 23/11/2007 11:49 145984 --a------ C:\Windows\system32\gmdqcctp.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DD1A34F1-B8D4-4A0F-89FA-49B9073BF4F4}] 21/11/2007 11:27 315488 --a------ C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\Windows\system32\gmdqcctp.dll [23/11/2007 11:49 145984] [-HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "42efb70d"="C:\Windows\system32\pgnjkwaw.dll" [23/11/2007 11:51] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 11:34] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [20/08/2007 09:42] C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk.disabled [22/11/2007 17:11:32] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Synchronizer.lnk.disabled [25/10/2007 17:40:43] Bluetooth Manager.lnk.disabled [25/10/2007 09:33:54] Lancement rapide d'Adobe Acrobat.lnk.disabled [22/11/2007 17:48:02] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gmdqcctp] gmdqcctp.dll 23/11/2007 11:49 145984 C:\Windows\System32\gmdqcctp.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 24/07/2007 18:26 98304 C:\Windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\Windows\system32\__c00EE4FE.dat [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\Users\Roger\AppData\Local\Temp\hggfc.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "__c002ACE6"=rundll32.exe "C:\Users\Roger\AppData\Roaming\__c002ACE6.dat",B "42efb70d"=rundll32.exe "C:\Users\Roger\AppData\Local\Temp\dxmeuvvk.dll",b "cmds"=rundll32.exe C:\Users\Roger\AppData\Local\Temp\hggfc.dll,c "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background "Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "42efb70d"=rundll32.exe "C:\Users\Roger\AppData\Local\Temp\dxmeuvvk.dll",b "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" "RtHDVCpl"=RtHDVCpl.exe "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime "Persistence"=C:\Windows\system32\igfxpers.exe "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" "IgfxTray"=C:\Windows\system32\igfxtray.exe "HotKeysCmds"=C:\Windows\system32\hkcmd.exe "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Windows Mobile-based device management"=%windir%\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] AutoRun\command- G:\Autorun\Autorun.exe *Newly Created Service* - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- Hosts ----------------------------------------------------------------------- 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com 7517 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2007-11-23 18:44:44 ------------ et j'ai l'extra : Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6000) Architecture: X86; Language: French CPU 0: Intel® Core2 Duo CPU T7250 @ 2.00GHz Percentage of Memory in Use: 46% Physical Memory (total/avail): 2037.81 MiB / 1083.22 MiB Pagefile Memory (total/avail): 4293.68 MiB / 3005.5 MiB Virtual Memory (total/avail): 2047.88 MiB / 1891.89 MiB C: is Fixed (NTFS) - 140.07 GiB total, 103.28 GiB free. D: is Removable (No Media) E: is Removable (No Media) F: is CDROM (No Media) G: is Fixed (FAT32) - 149.01 GiB total, 46.16 GiB free. \\.\PHYSICALDRIVE1 - MemoryStick0 Device \\.\PHYSICALDRIVE2 - SD1 Device \\.\PHYSICALDRIVE0 - ST9160821AS ATA Device - 149.05 GiB - 2 partitions \PARTITION0 - Unknown - 8.98 GiB \PARTITION1 (bootable) - Système de fichiers installable - 140.07 GiB - C: \\.\PHYSICALDRIVE3 - WDC WD16 00BEVE-11UYT0 USB Device - 149.05 GiB - 1 partition \PARTITION0 (bootable) - Unknown - 149.05 GiB - G: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AV: avast! antivirus 4.7.1043 [VPS 071122-0] v4.7.1043 (ALWIL Software) AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.) Disabled AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Roger\AppData\Roaming CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=VAIO-DE-ROGER ComSpec=C:\Windows\system32\cmd.exe configsetroot=C:\Windows\ConfigSetRoot FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Roger LOCALAPPDATA=C:\Users\Roger\AppData\Local LOGONSERVER=\\VAIO-DE-ROGER NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\PROGRA~1\COMMON~1\Odbc\FILEMA~1;C:\Program Files\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f0d ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Roger\AppData\Local\Temp TMP=C:\Users\Roger\AppData\Local\Temp USERDOMAIN=Vaio-de-Roger USERNAME=Roger USERPROFILE=C:\Users\Roger windir=C:\Windows -- User Profiles --------------------------------------------------------------- Roger (admin) -- Add/Remove Programs --------------------------------------------------------- --> --> --> --> --> --> C:\Program Files\InstallShield Installation Information\{AFBA0609-EB70-43CB-B11C-294EDADFA101}\setup.exe -runfromtemp -l0x040c -removeonly --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF} --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87} --> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82} --> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844} --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{638BAD93-701B-482A-86C6-72DFF3E6FE51}\setup.exe" -l0x9 -removeonly Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Acrobat 8 Standard - English, Français, Deutsch --> msiexec /I {AC76BA86-1033-F400-BA7E-000000000003} Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71} Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B} Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ArcSoft Magic-i Visual Effects Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x40c Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Atlantis - Sky Patrol --> C:\Big Fish Games\Atlantis - Sky Patrol\Uninstall.exe µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup Big Fish Games Sudoku --> C:\Big Fish Games\sudoku\Uninstall.exe Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Browser Address Error Redirector --> regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll" CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Centre de Big Fish Games --> C:\Big Fish Games\Uninstall.exe Click to DVD 2.0.05 Menu Data --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x40c -removeonly Click to DVD 2.6.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x40c -removeonly Comptabilité --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN FileMaker Pro 6 --> MsiExec.exe /I{58EDAD68-7839-42D8-A6AD-854A9ECB8224} Gadwin PrintScreen --> C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe GearDrvs --> MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23} Gestionnaire pour appareils Windows Mobile --> MsiExec.exe /I{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" HDAUDIO SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf HijackThis 2.0.2 --> "C:\Users\Roger\Downloads\HijackThis.exe" /uninstall HouseCall 6.6 --> "C:\Users\Roger\AppData\Roaming\HouseCall 6.6\uninstaller.exe" Instant Mode --> C:\Program Files\InstallShield Installation Information\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}\setup.exe -runfromtemp -l0x0009 -removeonly Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294} IZArc 3.81 --> "C:\Program Files\IZArc\unins000.exe" Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Lecteur CANALPLAY 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9E37358-E3E1-47BA-9E21-375EF3616BC9}\setup.exe" -l0x40c -removeonly Mahjong Towers Eternity --> C:\Big Fish Games\Mahjong Towers Eternity\Uninstall.exe Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007 --> MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile --> MsiExec.exe /X{CB8CA439-DA83-419C-A4CF-5A0A50025144} Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} Mystery Case Files - Prime Suspects --> C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8} OpenMG Limited Patch 4.7-07-15-19-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u OpenMG Secure Module 4.7.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL Outil de restauration de données VAIO --> C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly Outil VAIO Media Registration 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x40c UNINSTALL -removeonly Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8} Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Roxio Easy Media Creator Home --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0} Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Excel 2007 (KB936509) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471} Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33} Security Update for Office 2007 (KB936514) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF} Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF} Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86} Serveur Sage NT --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A8182555-1C54-498D-8F5F-48F3955178E6}\setup.exe" -l0x40c Setting Utility Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -l0x40c -removeonly Skype 3.2 --> "C:\Program Files\Skype\Phone\unins000.exe" Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} SonicStage Mastering Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x40c -removeonly SonicStage Mastering Studio Audio Filter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x40c -removeonly SonicStage Mastering Studio Audio Filter Custom Preset --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x40c -removeonly SonicStage Mastering Studio Plugins --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x40c -removeonly Sony Video Shared Library --> C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7} Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5} Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15} Update for Outlook 2007 (KB937608) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E} Update for Outlook 2007 Junk Email Filter (kb943559) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2BE2B020-CE6A-4AD1-8291-2B881CF923B6} Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475} VAIO Aqua Breeze Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458F-97D6-F38D2E07375E}\setup.exe" -l0x9 -removeonly VAIO Camera Capture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -l0x40c -removeonly VAIO Content Folder Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -l0x40c -removeonly VAIO Content Importer / VAIO Content Exporter --> C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Content Metadata Intelligent Analyzing Manager --> C:\Program Files\InstallShield Installation Information\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Content Metadata Manager Setting --> C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Content Metadata XML Interface Library --> C:\Program Files\InstallShield Installation Information\{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -l0x40c -removeonly VAIO Cozy Orange Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}\setup.exe" -l0x9 -removeonly VAIO Entertainment Platform --> C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Event Service --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x40c -removeonly VAIO Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -l0x40c -removeonly VAIO Long Battery Life Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}\setup.exe" -l0x9 -removeonly VAIO Media 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x40c UNINSTALL -removeonly VAIO Media AC3 Decoder 1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x40c UNINSTALL VAIO Media Content Collection 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x40c UNINSTALL -removeonly VAIO Media Integrated Server 6.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x40c UNINSTALL -removeonly VAIO Media Redistribution 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x40c UNINSTALL -removeonly VAIO Movie Story --> C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly VAIO Movie Story Template Data --> C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly VAIO MusicBox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -l0x40c -removeonly VAIO MusicBox Sample Music --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -l0x40c -removeonly VAIO Original Function Setting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -l0x40c -removeonly VAIO Original Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\Setup.exe" -l0x40c VAIO Power Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -l0x40c -removeonly VAIO Tender Green Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-4264-84A2-EE080C017BCA}\setup.exe" -l0x9 -removeonly VAIO Update 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x40c -removeonly VAIO Xblack Contents --> Virtual Villagers --> C:\Big Fish Games\Virtual Villagers\Uninstall.exe Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} WinDVD for VAIO --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c Wireless Switch Setting Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x40c -removeonly Yahoo! Install Manager --> C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\Yahoo!\Common\unyt.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type5829 / Success Event Submitted/Written: 11/23/2007 02:54:41 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type5826 / Warning Event Submitted/Written: 11/23/2007 02:11:54 PM Event ID/Source: 3036 / Windows Search Service Event Description: La source de contenu <mapi://{s-1-5-21-3136176734-2097662771-2445549310-1000}/> est inaccessible. Contexte : Application Windows, Catalogue SystemIndex Détails : Une erreur s'est produite sur le serveur. Vérifiez que le serveur est disponible. (0x80041206) Event Record #/Type5817 / Error Event Submitted/Written: 11/23/2007 00:25:58 PM Event ID/Source: 5007 / WerSvc Event Description: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9. Event Record #/Type5811 / Success Event Submitted/Written: 11/23/2007 00:25:09 PM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type5808 / Error Event Submitted/Written: 11/23/2007 00:25:07 PM Event ID/Source: 7 / VzCdbSvc Event Description: Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019) -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type7084 / Error Event Submitted/Written: 11/23/2007 06:05:19 PM Event ID/Source: 10010 / DCOM Event Description: {0002DF01-0000-0000-C000-000000000046} Event Record #/Type7080 / Warning Event Submitted/Written: 11/23/2007 02:06:59 PM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible. Event Record #/Type7079 / Warning Event Submitted/Written: 11/23/2007 02:06:59 PM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible. Event Record #/Type7051 / Warning Event Submitted/Written: 11/23/2007 00:25:36 PM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %AUTORITE NT27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %AUTORITE NT27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %AUTORITE NT275 ID d’analyse : {7242286F-6C0C-4E3F-9423-798430F821DB} Utilisateur : AUTORITE NT\SYSTEM Nom : %AUTORITE NT271 ID : %AUTORITE NT272 ID de gravité : %AUTORITE NT273 ID de catégorie : %AUTORITE NT274 Chemin d’accès trouvé : %AUTORITE NT276 Type d’alerte : %AUTORITE NT278 Type de détection : 1.1.1505.02 Event Record #/Type7049 / Warning Event Submitted/Written: 11/23/2007 00:25:35 PM Event ID/Source: 1003 / Dhcp Event Description: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001B77BE2EF3. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). -- End of Deckard's System Scanner: finished at 2007-11-23 18:44:44 ------------ Si ca te parle...
- le 23 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

De pire en pire, des fenetres à la con s'ouvre, me proposant de télécharger des anti spywares.... C'est horrible !
- le 23 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

rrrraaaaaaaaaaaahhhhhhhh !!!! C'est pas possible... Windows defender viens de m'ouvrir une nouvelle alerte !! fotomoto again.... A l'aiiiiide !!!!
- le 23 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

Salut, Apparemment AVG a eu l'air de fonctionner, mais hélas, pas de rapport à la fin... Du coup, je vous ai fait un ch'ti rapport Hijack.... J'ai passé 2 fois windows defender, qui me trouvait fotomoto, là rien... je réessaie en fin d'après midi et vous confirme, mais si vous pouvez regardez mon Hijack... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:33:01, on 23/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Windows\system32\rundll32.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\conime.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iTunes\iTunes.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Roger\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...esame/login.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk.disabled O4 - Global Startup: Adobe Reader Synchronizer.lnk.disabled O4 - Global Startup: Bluetooth Manager.lnk.disabled O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk.disabled O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Users\Roger\AppData\Roaming\__c002ACE6.dat O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10565 bytes
- le 23 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

Sinon, pour Vista qui me dit ne pas trouver dxmeuvvk.dll... Ce virus est vraiment super-coriace !!
- le 22 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

Bien vu !! fotomoto y est toujours, meme si windows defender ne me l'a pas dit au demmarage... Que faire ?
- le 22 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a répondu à un(e) sujet de Rogerval dans Analyses et éradication malwares

rapport Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:25:01, on 22/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Windows\System32\mobsync.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Windows\system32\WerCon.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Users\Roger\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...esame/login.jsp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [42efb70d] rundll32.exe "C:\Users\Roger\AppData\Local\Temp\dxmeuvvk.dll",b O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [__c002ACE6] rundll32.exe "C:\Users\Roger\AppData\Roaming\__c002ACE6.dat",B O4 - HKCU\..\Run: [42efb70d] rundll32.exe "C:\Users\Roger\AppData\Local\Temp\dxmeuvvk.dll",b O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Roger\AppData\Local\Temp\hggfc.dll,c O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Users\Roger\AppData\Roaming\__c002ACE6.dat O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: DomainService - - C:\Users\Roger\AppData\Local\Temp\pmdpgboi.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12594 bytes RApport MSN fix : MSNFix 1.588 C:\Users\Roger\Downloads\MSNFix\MSNFix Fix exécuté le 22/11/2007 - 10:04:17,27 By Roger mode normal ************************ Recherche les fichiers présents ... C:\PROGRA~1\Temporary\wininstall.exe ... C:\Users\Roger\AppData\Local\Temp\removalfile.bat ... C:\Windows\b???.exe ... C:\Windows\b122.exe ... C:\Windows\mrofinu*.exe ************************ MSNCHK ***** /!\ beta test /!\ ************************ Recherche les dossiers présents ... C:\PROGRA~1\Temporary\ ... C:\PROGRA~1\WinAble\ ************************ Suppression des fichiers .. OK ... C:\PROGRA~1\Temporary\wininstall.exe .. OK ... C:\Users\Roger\AppData\Local\Temp\removalfile.bat .. OK ... C:\Windows\b???.exe .. OK ... C:\Windows\b122.exe .. OK ... C:\Windows\mrofinu*.exe ************************ Suppression des dossiers .. OK ... C:\PROGRA~1\Temporary\ .. OK ... C:\PROGRA~1\WinAble\ ************************ Nettoyage du registre ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22112007_10050951.zip ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- Vundo n'a rien trouvé... Ca a l'air de fonctionner, sauf que au démarrage Visa me dit ne pas trouver dxmeuvvk.dll... puis-je le supprimer. Autre point : __c002ACE6.dat c'est pas bizzare ??? EN tout cas merci pour cette aide... Trèèèèèès appréciable.
- le 22 novembre 2007
- 36 réponses
[résolu] fotomoto ne veut pas partir

Rogerval a posté un sujet dans Analyses et éradication malwares

bonjour, je suis sous vista, et windows defender à chaque démarrage me supprime le virus ou adaware fotomoto... voici mon rapport Hijkack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:13:55, on 21/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\mrofinu1044.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Windows\System32\mobsync.exe C:\Windows\explorer.exe C:\Windows\system32\WerCon.exe C:\Users\Roger\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.club-vaio.com... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com... R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com... R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [runner1] C:\Windows\mrofinu1044.exe 61A847B5BBF72813329F3C466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe O4 - HKCU\..\Run: [__c002ACE6] rundll32.exe "C:\Users\Roger\AppData\Roaming\__c002ACE6.dat",B O4 - HKCU\..\Run: [DDC] C:\Users\Roger\AppData\Local\Temp\pmdpgboi.exe O4 - HKCU\..\Run: [42efb70d] rundll32.exe "C:\Users\Roger\AppData\Local\Temp\dxmeuvvk.dll",b O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Roger\AppData\Local\Temp\hggfc.dll,c O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O8 - Extra context menu item: Ajouter au fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:PROGRA~1MICROS~2Office12EXCEL.EXE... O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11187 bytes J'ai cherché un peu partout, essayé des trucs, mais rien n'y fait.... SVP A l'aide !! Merci d'avance
- le 21 novembre 2007
- 36 réponses
Aidez ma Tatie

Rogerval a répondu à un(e) sujet de Rogerval dans Software

En RAM, 256 Mo, je pense... Des programmes qui tournent en même temps, aucun... fichier d'échange, connais pas.... J'oubliais, il marchait très bien... avant internet.
- le 3 février 2004
- 5 réponses
Aidez ma Tatie

Rogerval a posté un sujet dans Software

Salut à tous, Voici un problème qu'il est pas mal. Ma tante à un ordi qui est très lent, pour un 800 Mhz. C'est du style, on ouvre une fenêtre, et le temps qu'elle apparaisse, tu vas te servir un verre... oui oui, c'est possible. Alors, en bon bidouilleur, j'ai passé Norton AV, puis installé Trojan remover, et vous savez quoi... pas de trojan pas de virus. Alors, je teste le tips du disque dur donné par Zebulon. pas mieux.... mais d'ou ca peut bien venir ce #!!#rrp#t'n### de ralentissement. Pour info, elle à XP home, mis à jour régulièrement, norton AV, et fait du P2P... Et Vlà, merci d'avance
- le 3 février 2004
- 5 réponses
Bon, je sais, c'est c..

Rogerval a posté un sujet dans Software

Salut à tous, et d'avance merci. Un jour, comme ça, sans prévenir, Xp se met à ouvrir ACD quand je double clique sur le lecteur c... Alors, je désinstalle ACD... Depuis, il déclence window command here à la place. dans option des dossiers, type de fichier, j'ai enlevé cette commande par défaut, pour n'en mettre aucune, et... evidemment, rien n'y fait. J'ai regardé dans le regisre, et.... j'ai peur de faire une c... Heeeeelp merci
- le 2 février 2004
- 1 réponse

Connexion

Rogerval

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par Rogerval

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

[résolu] fotomoto ne veut pas partir

Aidez ma Tatie

Aidez ma Tatie

Bon, je sais, c'est c..

Zebulon

Outils en ligne

Naviguer