N08
-
Compteur de contenus
20 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par N08
-
wmp 11. windows mis à jour régulièrement. La seule solution pour retrouver du son est de faire une restauration à une date pour laquelle je sais que tout fonctionne. Un peu galère....N08
-
Bonjour, après quelques minutes de fonctionement normal, ma barre des tâches clignote, chage de couleur (du bleu au gris) de police et parallèlement je perds le son sur WMP bien que les sons systèmes soient toujours opérationnels. Pourriez vous m'aider à isoler et régler le pb? Merci d'avance. N08.
-
demande d'analyse rapport HijackThis
N08 a répondu à un(e) sujet de N08 dans Analyses et éradication malwares
Bonjour Charles Oui bizzare ce pb. Chgt d'état = changement de couleur (du bleu au gris) et chgt de police. De plus cela n'arrive pas systématiquement à priori. D'autre part lorsque ce pb arrive je "perds" le son de WMP alors que les sons systèmes sont tjs disposnibles.......Je te colle le log Diahelp @+tard N08 C:\WINDOWS\System32\wpa.dbl -->20/03/2007 20:10:26 C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->13/03/2007 20:42:57 C:\WINDOWS\System32\TZLog.log -->25/02/2007 08:42:26 C:\WINDOWS\System32\avgwlntf.dll -->25/02/2007 08:38:57 C:\WINDOWS\System32\nscompat.tlb -->24/02/2007 21:08:02 C:\WINDOWS\System32\amcompat.tlb -->24/02/2007 21:08:02 C:\WINDOWS\System32\asfiles.txt -->24/02/2007 11:04:24 C:\WINDOWS\System32\Uninstall.ico -->24/02/2007 11:02:27 C:\WINDOWS\System32\pavas.ico -->24/02/2007 11:02:27 C:\WINDOWS\System32\Help.ico -->24/02/2007 11:02:27 C:\WINDOWS\System32\avgfwafu.dll -->19/02/2007 12:11:11 C:\WINDOWS\System32\WgaTray.exe -->15/02/2007 18:01:36 C:\WINDOWS\System32\LegitCheckControl.dll -->15/02/2007 18:01:04 C:\WINDOWS\System32\WgaLogon.dll -->15/02/2007 18:00:28 C:\WINDOWS\System32\MRT.exe -->07/02/2007 23:01:44 C:\WINDOWS\System32\tzchange.exe -->29/01/2007 09:58:06 C:\WINDOWS\System32\hhctrl.ocx -->23/01/2007 20:31:20 C:\WINDOWS\System32\wininet.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\webcheck.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\urlmon.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\mstime.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\mshtmled.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\mshtml.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\msfeedsbs.dll -->12/01/2007 09:27:42 C:\WINDOWS\System32\msfeeds.dll -->12/01/2007 09:27:42 C:\WINDOWS\WindowsUpdate.log -->20/03/2007 20:06:31 C:\WINDOWS\SchedLgU.Txt -->20/03/2007 20:06:31 C:\WINDOWS.log -->20/03/2007 20:05:34 C:\WINDOWS\wiadebug.log -->20/03/2007 20:04:57 C:\WINDOWS\wiaservc.log -->20/03/2007 20:04:51 C:\WINDOWS\bootstat.dat -->20/03/2007 20:04:34 C:\WINDOWS\QTFont.qfn -->17/03/2007 11:26:12 C:\WINDOWS\setupapi.log -->17/03/2007 10:51:57 C:\WINDOWS\KB929338.log -->14/03/2007 14:44:43 C:\WINDOWS\wmsetup.log -->09/03/2007 13:15:21 C:\WINDOWS\spupdsvc.log -->27/02/2007 18:22:01 C:\WINDOWS\WgaNotify.log -->26/02/2007 23:58:54 C:\WINDOWS\updspapi.log -->26/02/2007 23:58:32 C:\WINDOWS\tsoc.log -->25/02/2007 08:43:42 C:\WINDOWS\ocmsn.log -->25/02/2007 08:43:42 C:\WINDOWS\agrsmdel.exe |13/02/2003 13:13:00 C:\WINDOWS\AGRSMMSG.exe |14/02/2003 10:59:00 C:\WINDOWS\IsUn040c.exe |22/01/2005 04:59:40 C:\WINDOWS\IsUninst.exe |29/05/2004 15:45:04 C:\WINDOWS\javaku32.exe |05/01/2005 02:49:15 C:\WINDOWS\PATCH.EXE |06/01/2005 11:09:24 C:\WINDOWS\runtsckl.exe |09/06/2004 16:56:06 C:\WINDOWS\slrundll.exe |20/08/2004 00:10:02 C:\WINDOWS\twunk_16.exe |10/04/2003 00:41:09 C:\WINDOWS\twunk_32.exe |10/04/2003 00:41:09 C:\WINDOWS\UnGins.exe |28/12/2003 15:48:17 C:\WINDOWS\unin040c.exe |10/04/2003 00:58:25 C:\WINDOWS\unvise32.exe |11/01/2005 12:29:30 C:\WINDOWS\unvise32qt.exe |10/04/2003 15:03:55 C:\WINDOWS\VMCap.exe |29/12/2005 18:02:06 C:\WINDOWS\VM_STI.EXE |29/12/2005 18:02:05 C:\WINDOWS\loadhttp.dll |15/10/2002 14:29:40 C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46 C:\WINDOWS\snymsico.dll |10/04/2003 15:09:06 C:\WINDOWS\Studio7.dll |11/01/2005 12:34:27 C:\WINDOWS\twain.dll |10/04/2003 00:41:09 C:\WINDOWS\twain_32.dll |21/12/2004 09:11:06 C:\WINDOWS\system32\19233_up.exe |02/05/2004 16:59:54 C:\WINDOWS\system32\agrsmdel.exe |10/04/2003 01:23:40 C:\WINDOWS\system32\append.exe |10/04/2003 00:40:29 C:\WINDOWS\system32\asuninst.exe |24/02/2007 10:55:35 C:\WINDOWS\system32\CSUninstall.exe |29/05/2003 07:55:18 C:\WINDOWS\system32\debug.exe |10/04/2003 00:40:35 C:\WINDOWS\system32\dmcpl.exe |30/11/2003 20:39:26 C:\WINDOWS\system32\dosx.exe |21/12/2004 09:10:59 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe |10/04/2003 00:40:44 C:\WINDOWS\system32\exe2bin.exe |10/04/2003 00:40:44 C:\WINDOWS\system32\fastopen.exe |10/04/2003 00:40:45 C:\WINDOWS\system32\ieuh32.exe |21/01/2005 22:24:02 C:\WINDOWS\system32\java.exe |13/03/2007 20:42:58 C:\WINDOWS\system32\javaw.exe |13/03/2007 20:42:58 C:\WINDOWS\system32\javaws.exe |13/03/2007 20:42:58 C:\WINDOWS\system32\mem.exe |10/04/2003 00:40:51 C:\WINDOWS\system32\mscdexnt.exe |10/04/2003 00:40:53 C:\WINDOWS\system32\nlsfunc.exe |10/04/2003 00:40:57 C:\WINDOWS\system32\nvsvc32.exe |30/11/2003 20:39:28 C:\WINDOWS\system32\nwiz.exe |30/11/2003 20:39:28 C:\WINDOWS\system32\oemlink.exe |10/04/2003 00:41:30 C:\WINDOWS\system32\Prounstl.exe |03/03/2003 14:26:52 C:\WINDOWS\system32\qttask.exe |10/04/2003 15:03:47 C:\WINDOWS\system32\redir.exe |21/12/2004 09:10:39 C:\WINDOWS\system32\setver.exe |10/04/2003 00:41:04 C:\WINDOWS\system32\share.exe |10/04/2003 00:41:04 C:\WINDOWS\system32\slrundll.exe |20/08/2004 00:10:02 C:\WINDOWS\system32\slserv.exe |20/08/2004 00:10:02 C:\WINDOWS\system32\SpoonUninstall.exe |26/02/2004 18:56:55 C:\WINDOWS\system32\UniClear.exe |16/02/2000 00:00:00 C:\WINDOWS\system32\Uninstall.exe |29/05/2003 07:55:44 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\a3d.dll |19/09/2001 13:32:26 C:\WINDOWS\system32\adistres.dll |19/11/2004 10:22:17 C:\WINDOWS\system32\amstream.dll |21/12/2004 09:11:04 C:\WINDOWS\system32\ati2cqag.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ati2dvaa.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ati2dvag.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ati3d1ag.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ati3duag.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ativtmxx.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\ativvaxx.dll |20/08/2004 00:09:19 C:\WINDOWS\system32\atmfd.dll |21/12/2004 09:11:04 C:\WINDOWS\system32\atmlib.dll |21/12/2004 09:11:04 C:\WINDOWS\system32\avgfwafu.dll |19/02/2007 12:11:11 C:\WINDOWS\system32\avgwlntf.dll |25/02/2007 08:38:57 C:\WINDOWS\system32\Aviprax.dll |11/01/2005 12:17:22 C:\WINDOWS\system32\BhoECart.dll |20/12/2002 08:49:12 C:\WINDOWS\system32\Cachex.dll |11/01/2005 12:17:22 C:\WINDOWS\system32\cbldrm.dll |28/03/2003 11:34:12 C:\WINDOWS\system32\CoachDlg.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\CoachSti.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\CoachTW.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\CoachWia.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\CoachWrp.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\compatui.dll |21/12/2004 09:11:02 C:\WINDOWS\system32\Cpuinf32.dll |29/12/2000 09:34:01 C:\WINDOWS\system32\dgrpsetu.dll |10/04/2003 01:45:01 C:\WINDOWS\system32\dgsetup.dll |10/04/2003 01:45:01 C:\WINDOWS\system32\DiskIO.dll |11/01/2005 12:17:22 C:\WINDOWS\system32\e100bmsg.dll |03/02/2003 04:26:18 C:\WINDOWS\system32\encdec.dll |21/12/2004 09:11:34 C:\WINDOWS\system32\EqnClass.Dll |10/04/2003 01:45:01 C:\WINDOWS\system32\FCExtend.dll |13/05/2003 16:53:22 C:\WINDOWS\system32\FCMicro.dll |14/05/2003 19:03:18 C:\WINDOWS\system32\FCMini.dll |14/05/2003 19:03:18 C:\WINDOWS\system32\FCSndUtl_FR.dll |21/04/2003 13:20:00 C:\WINDOWS\system32\FCSndUtl_GM.dll |21/04/2003 13:20:08 C:\WINDOWS\system32\FCSndUtl_IT.dll |15/05/2003 14:42:26 C:\WINDOWS\system32\FCSndUtl_JP.dll |21/04/2003 13:20:22 C:\WINDOWS\system32\FCSndUtl_SP.dll |21/04/2003 13:20:30 C:\WINDOWS\system32\FFCore.dll |20/12/2002 08:48:52 C:\WINDOWS\system32\FFECart.dll |20/12/2002 08:49:02 C:\WINDOWS\system32\gcmd5query.dll |13/04/2005 12:28:19 C:\WINDOWS\system32\GuitarStudioDLL.dll |06/09/2001 21:13:22 C:\WINDOWS\system32\HfxClasses45.dll |27/07/2001 08:25:29 C:\WINDOWS\system32\HfxClasses46.dll |18/07/2002 12:26:28 C:\WINDOWS\system32\HfxGui45.dll |22/06/2001 14:06:12 C:\WINDOWS\system32\HfxGui46.dll |20/06/2002 12:13:57 C:\WINDOWS\system32\hsfcisp2.dll |20/08/2004 00:09:27 C:\WINDOWS\system32\hticons.dll |10/04/2003 00:49:08 C:\WINDOWS\system32\hypertrm.dll |17/11/2004 18:57:39 C:\WINDOWS\system32\iccvid.dll |21/12/2004 09:10:55 C:\WINDOWS\system32\infcpy.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\IntelNic.dll |29/12/2002 03:00:02 C:\WINDOWS\system32\ipl.dll |30/04/2001 11:57:58 C:\WINDOWS\system32\ipla6.dll |30/04/2001 11:57:58 C:\WINDOWS\system32\iplm5.dll |30/04/2001 11:58:00 C:\WINDOWS\system32\iplm6.dll |30/04/2001 11:58:02 C:\WINDOWS\system32\iplp6.dll |30/04/2001 11:58:04 C:\WINDOWS\system32\iplpx.dll |30/04/2001 11:58:09 C:\WINDOWS\system32\iplw7.dll |30/04/2001 11:57:56 C:\WINDOWS\system32\ippac20.dll |18/10/2003 11:15:50 C:\WINDOWS\system32\ippch20.dll |16/10/2003 15:09:16 C:\WINDOWS\system32\ippcore.dll |17/10/2003 11:23:04 C:\WINDOWS\system32\ippcv20.dll |15/10/2003 17:26:32 C:\WINDOWS\system32\ippi20.dll |15/10/2003 17:25:08 C:\WINDOWS\system32\ippj20.dll |15/10/2003 21:17:06 C:\WINDOWS\system32\ippm20.dll |19/10/2003 15:01:50 C:\WINDOWS\system32\ipps20.dll |16/10/2003 17:39:16 C:\WINDOWS\system32\ippsc20.dll |17/10/2003 08:21:50 C:\WINDOWS\system32\ippsr20.dll |17/10/2003 08:40:22 C:\WINDOWS\system32\ippvc20.dll |23/10/2003 06:43:50 C:\WINDOWS\system32\ippvm20.dll |20/10/2003 18:48:20 C:\WINDOWS\system32\ir32_32.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\ir41_qc.dll |21/12/2004 09:11:45 C:\WINDOWS\system32\ir41_qcx.dll |21/12/2004 09:11:45 C:\WINDOWS\system32\isrdbg32.dll |21/12/2004 09:10:53 C:\WINDOWS\system32\jgaw400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\jgdw400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\jgmd400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\jgpl400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\jgsd400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\jgsh400.dll |10/04/2003 00:40:49 C:\WINDOWS\system32\JpegCode.dll |26/04/2005 10:24:31 C:\WINDOWS\system32\langserv.dll |11/01/2005 12:17:23 C:\WINDOWS\system32\libguide40.dll |21/02/2003 10:01:32 C:\WINDOWS\system32\Ltr13n.dll |13/04/2005 13:07:25 C:\WINDOWS\system32\Ltrio13n.dll |13/04/2005 13:07:26 C:\WINDOWS\system32\MA32.DLL |11/01/2005 12:17:23 C:\WINDOWS\system32\MACD32.DLL |11/01/2005 12:17:23 C:\WINDOWS\system32\MAMC32.DLL |11/01/2005 12:17:23 C:\WINDOWS\system32\MASD32.DLL |11/01/2005 12:17:23 C:\WINDOWS\system32\MASE32.DLL |11/01/2005 12:17:23 C:\WINDOWS\system32\mdmxsdk.dll |20/08/2004 00:09:30 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06 C:\WINDOWS\system32\miroDV2avi.dll |11/01/2005 12:32:28 C:\WINDOWS\system32\miroDV2bmp.dll |11/01/2005 12:32:28 C:\WINDOWS\system32\miroDVun.dll |11/01/2005 12:32:28 C:\WINDOWS\system32\MLPagAx.dll |11/01/2005 12:17:23 C:\WINDOWS\system32\MMAviAx.dll |11/01/2005 12:17:22 C:\WINDOWS\system32\msdmo.dll |21/12/2004 09:10:50 C:\WINDOWS\system32\msencode.dll |10/04/2003 00:40:53 C:\WINDOWS\system32\Msvcrt10.dll |19/11/2004 10:22:22 C:\WINDOWS\system32\mtxparhd.dll |20/08/2004 00:09:35 C:\WINDOWS\system32\NCTAudioCompress2.dll |07/04/2005 14:47:16 C:\WINDOWS\system32\NCTAudioCompress3.dll |05/04/2005 13:15:46 C:\WINDOWS\system32\NCTAudioFormatSettings3.dll |06/04/2005 12:56:36 C:\WINDOWS\system32\NCTAudioPlayer2.dll |31/03/2005 11:20:08 C:\WINDOWS\system32\NCTImageFile.dll |18/03/2005 14:01:46 C:\WINDOWS\system32\NCTVideoCompress.dll |22/03/2005 11:23:48 C:\WINDOWS\system32\NCTVideoCoreM.dll |23/03/2005 17:21:26 C:\WINDOWS\system32\NCTVideoFile.dll |16/03/2005 15:57:18 C:\WINDOWS\system32\NCTVideoPlayer.dll |25/01/2005 16:12:46 C:\WINDOWS\system32\nv4_disp.dll |30/11/2003 20:39:26 C:\WINDOWS\system32\nvcpl.dll |30/11/2003 20:39:26 C:\WINDOWS\system32\nview.dll |30/11/2003 20:39:27 C:\WINDOWS\system32\nviewimg.dll |30/11/2003 20:39:27 C:\WINDOWS\system32\nvinstnt.dll |30/11/2003 20:39:27 C:\WINDOWS\system32\nvmctray.dll |30/11/2003 20:39:27 C:\WINDOWS\system32\nvoglnt.dll |30/11/2003 20:39:27 C:\WINDOWS\system32\nvrsde.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvrsfr.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvrsit.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvrsja.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvshell.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvwrsde.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvwrsfr.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvwrsit.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\nvwrsja.dll |30/11/2003 20:39:28 C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16 C:\WINDOWS\system32\PCLEGetGuid.dll |11/01/2005 12:17:24 C:\WINDOWS\system32\pclepim1.dll |11/01/2005 12:32:28 C:\WINDOWS\system32\PdfPorts.dll |19/11/2004 10:22:17 C:\WINDOWS\system32\pdfshell.dll |19/11/2004 10:22:10 C:\WINDOWS\system32\pncrt.dll |10/04/2003 15:01:50 C:\WINDOWS\system32\pndx5016.dll |10/04/2003 15:01:50 C:\WINDOWS\system32\pndx5032.dll |10/04/2003 15:01:50 C:\WINDOWS\system32\psisdecd.dll |21/12/2004 09:10:41 C:\WINDOWS\system32\qedwipes.dll |21/12/2004 09:10:40 C:\WINDOWS\system32\RALMain.dll |11/01/2005 12:17:22 C:\WINDOWS\system32\rmoc3260.dll |10/04/2003 15:01:53 C:\WINDOWS\system32\s3gnb.dll |20/08/2004 00:09:39 C:\WINDOWS\system32\SaiC0255.Dll |15/04/2005 10:11:21 C:\WINDOWS\system32\SaiD0255.Dll |15/04/2005 10:11:22 C:\WINDOWS\system32\SaiI0255.Dll |15/04/2005 10:11:21 C:\WINDOWS\system32\sbe.dll |21/12/2004 09:11:33 C:\WINDOWS\system32\SendUtls.dll |14/05/2003 16:53:34 C:\WINDOWS\system32\slbcsp.dll |21/12/2004 09:10:36 C:\WINDOWS\system32\slbiop.dll |21/12/2004 09:10:36 C:\WINDOWS\system32\slbrccsp.dll |10/04/2003 00:41:05 C:\WINDOWS\system32\slcoinst.dll |20/08/2004 00:09:41 C:\WINDOWS\system32\slextspk.dll |20/08/2004 00:09:41 C:\WINDOWS\system32\slgen.dll |20/08/2004 00:09:41 C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll |10/04/2003 01:45:01 C:\WINDOWS\system32\t3odm.dll |30/04/2004 20:46:24 C:\WINDOWS\system32\tsd32.dll |10/04/2003 00:41:09 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\vdrcodec.dll |11/01/2005 12:17:23 C:\WINDOWS\system32\vdrmux.dll |11/01/2005 12:17:23 C:\WINDOWS\system32\VM31bSTI.dll |29/12/2005 18:02:05 C:\WINDOWS\system32\win87em.dll |10/04/2003 00:41:12 C:\WINDOWS\system32\ZPORT4AS.dll |24/02/2007 10:55:35 Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\WINDOWS\system32 20/08/2004 00:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 15 976 697 856 octets libres Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\WINDOWS\system32 02/04/2003 14:40 1 323 008 dmcpl.exe 1 fichier(s) 1 323 008 octets 0 Rép(s) 15 976 697 856 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\WINDOWS\Downloaded Program Files 24/02/2007 11:39 <REP> . 24/02/2007 11:39 <REP> .. 18/04/2006 15:04 159 040 AdSignerADP.dll 13/04/2006 09:11 747 AdSignerADP.inf 18/04/2006 15:04 273 728 AdVerifierADP.dll 13/07/2006 11:58 292 alttiff.inf 13/07/2006 14:20 734 752 alttiff.ocx 27/04/2006 16:28 17 658 Antispyware.log 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 29/06/2004 10:28 197 760 avsniff.dll 29/06/2004 10:23 626 avsniff.inf 29/06/2004 10:23 241 CabSA.inf 15/07/2004 00:00 2 390 catalog.dat 27/04/2006 16:28 <REP> CONFLICT.1 19/02/2007 13:22 <REP> CONFLICT.2 27/04/2006 16:28 <REP> CONFLICT.3 27/04/2006 16:28 <REP> CONFLICT.4 24/02/2007 15:00 <REP> CONFLICT.5 24/02/2007 15:00 <REP> CONFLICT.6 27/04/2006 16:28 <REP> CONFLICT.7 10/04/2003 00:50 65 desktop.ini 14/10/1997 17:52 697 DirectAnimation Java Classes.osd 15/06/2006 18:33 1 132 192 EPUWALcontrol.dll 08/09/2004 22:38 1 271 erma.inf 29/06/2004 11:34 147 456 FileUploader.dll 29/06/2004 11:35 373 FileUploader.inf 28/12/2004 16:14 652 736 fscax.dll 13/05/2004 16:49 800 HDPlugin1018.inf 14/07/2004 11:12 801 HDPlugin1019.inf 23/08/2004 15:18 87 240 IEAWSDC.DLL 20/08/2004 14:11 468 ieawsdc.inf 22/03/2005 18:32 377 ImageUploader3.inf 22/03/2005 18:32 1 918 488 ImageUploader3.ocx 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 29/06/2004 10:19 6 854 navapi.vxd 29/06/2004 10:19 208 896 navapi32.dll 15/07/2004 00:00 119 976 naveng32.dll 15/07/2004 00:00 656 552 navex32a.dll 16/07/2004 16:32 619 OSD327B.OSD 29/06/2004 10:28 160 928 rufsi.dll 15/07/2004 00:00 83 328 scrauth.dat 07/12/2004 12:58 224 setup.inf 08/12/2003 13:58 3 759 swflash.inf 15/07/2004 00:00 8 137 symaveng.cat 15/07/2004 00:00 900 symaveng.inf 15/07/2004 00:00 3 363 tcdefs.dat 15/07/2004 00:00 57 487 tcscan7.dat 15/07/2004 00:00 52 370 tcscan8.dat 15/07/2004 00:00 158 092 tcscan9.dat 15/12/2003 13:03 1 390 teleir_cert.osd 15/07/2004 00:00 453 tinf.dat 15/07/2004 00:00 148 tinfidx.dat 15/07/2004 00:00 1 957 tinfl.dat 15/07/2004 00:00 35 408 tscan1.dat 15/07/2004 00:00 1 179 tscan1hd.dat 15/07/2004 00:00 5 382 v.grd 15/07/2004 00:00 2 225 v.sig 15/07/2004 00:00 106 244 virscan.inf 15/07/2004 00:00 878 374 virscan1.dat 15/07/2004 00:00 527 445 virscan2.dat 15/07/2004 00:00 144 164 virscan3.dat 15/07/2004 00:00 316 532 virscan4.dat 15/07/2004 00:00 70 696 virscan5.dat 15/07/2004 00:00 377 172 virscan6.dat 15/07/2004 00:00 1 215 887 virscan7.dat 15/07/2004 00:00 1 115 290 virscan8.dat 15/07/2004 00:00 1 455 932 virscan9.dat 15/07/2004 00:00 32 virscant.dat 19/07/2004 10:50 2 072 vscanmsx.dat 01/02/2005 22:19 420 704 WebCleaner.dll 02/02/2005 00:05 316 WebCleaner.inf 09/06/2004 16:51 1 777 xscan.inf 09/06/2004 16:56 435 712 xscan53.ocx 15/07/2004 00:00 224 zdone.dat 66 fichier(s) 14 111 521 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 27/04/2006 16:28 <REP> . 27/04/2006 16:28 <REP> .. 20/08/2004 16:19 819 HDPlugin1019.inf 1 fichier(s) 819 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2 19/02/2007 13:22 <REP> . 19/02/2007 13:22 <REP> .. 20/08/2004 16:19 819 HDPlugin1019.inf 1 fichier(s) 819 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3 27/04/2006 16:28 <REP> . 27/04/2006 16:28 <REP> .. 20/08/2004 16:19 819 HDPlugin1019.inf 1 fichier(s) 819 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.4 27/04/2006 16:28 <REP> . 27/04/2006 16:28 <REP> .. 20/08/2004 16:19 819 HDPlugin1019.inf 1 fichier(s) 819 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.5 24/02/2007 15:00 <REP> . 24/02/2007 15:00 <REP> .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.6 24/02/2007 15:00 <REP> . 24/02/2007 15:00 <REP> .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.7 27/04/2006 16:28 <REP> . 27/04/2006 16:28 <REP> .. 0 fichier(s) 0 octets Total des fichiers listés : 70 fichier(s) 14 114 797 octets 23 Rép(s) 15 976 681 472 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Liste des programmes installes Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Flash Player 9 ActiveX Adobe Photoshop Elements 2.0 Adobe Premiere 6 LE Adobe Reader 7.0.7 Adobe® Photoshop® Album Starter Edition 3.0 Agere Systems AC'97 Modem AVG 7.5 AVG Anti-Spyware 7.5 Barre d'outils Outlook de Windows Live (Windows Live Toolbar) BlackBerry Desktop Software 4.0 BlackBerry Desktop Software 4.0 Bloqueur de fenêtres pop-up (Windows Live Toolbar) Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations] Correctif pour Windows XP (KB914440) Correctif Windows XP - KB834707 Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 Digtal Camera-C Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) DV Network Software DV Network Software e-Carte Bleue Société Générale EasyCleaner Enregistrement en ligne VAIO (Français) Extension de Windows Live Toolbar (Windows Live Toolbar) Flight Deck 2004 pour FS2004 FSD PORTER PILATUS PC6 B2-H2 Google Earth Grand Dictionnaire Hachette-Oxford Grand Larousse de la Cuisine HFX PLUS for Studio HijackThis 1.99.1 Hijackthis Version Française Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) Intel® Integrated Performance Primitives RTI 4.0 Intel® PRO Network Adapters and Drivers ISP Selector ISP Selector (Français) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 kit de connexion NC NUMERICABLE 1.0 Language Pack for Ad-aware 6 Lecteur Windows Media 11 Macromedia Shockwave Player Menus intelligents (Windows Live Toolbar) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Data Access Components KB870669 Microsoft Flight Simulator 2004 Un siècle d'aviation Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office XP Standard Microsoft User-Mode Driver Framework Feature Pack 1.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB931836) Mon Assistant Internet Mozilla Firefox (2.0.0.2) NVIDIA Windows 2000/XP Display Drivers OneCare Advisor (Windows Live Toolbar) Panda ActiveScan Philips SPC 200NC PC Camera Pinnacle Hollywood FX 4.6 PixDiscount 2.00 PowerDVD QuickTime RealOne Player Sony DV Shared Library Spybot - Search & Destroy 1.3 Studio Studio 8 Studio Content CD Téléchargeur de Micro Machines V4 fr VAIO BrightColor Wallpaper VAIO DeepSea Wallpaper VAIO System Information VOR WebFldrs XP Windows Defender Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Favorites pour Windows Live Toolbar Windows Live Messenger Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 2 Yahoo! Mail Outil de sélection express (PhotoMail) Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\Program Files 24/02/2007 16:18 <REP> . 24/02/2007 16:18 <REP> .. 16/02/2007 18:22 <REP> Abrosoft 27/04/2006 09:34 <REP> Adobe 04/02/2007 11:01 <REP> Canon 17/02/2006 13:04 <REP> Common Files 10/04/2003 01:22 <REP> CyberLink 28/12/2004 18:12 <REP> e-Carte Bleue 04/01/2007 14:56 <REP> Fichiers communs 19/03/2004 16:23 <REP> GDHO 30/12/2006 10:55 <REP> Google 24/02/2007 09:14 <REP> Grisoft 23/02/2007 12:53 <REP> HijackThis 26/02/2004 18:56 <REP> Illustrate 10/04/2003 01:26 <REP> Intel 13/04/2005 08:51 <REP> interMute 25/02/2007 08:40 <REP> Internet Explorer 13/03/2007 20:42 <REP> Java 02/01/2005 13:42 <REP> jeux 18/04/2004 14:44 <REP> Larousse 24/04/2006 15:19 <REP> Lavasoft 09/03/2005 19:42 <REP> Messenger 27/06/2006 18:01 <REP> Microsoft AntiSpyware 10/04/2003 00:52 <REP> microsoft frontpage 15/02/2005 13:51 <REP> Microsoft Games 30/12/2003 14:08 <REP> Microsoft Office 17/02/2006 13:53 <REP> Motive 08/03/2005 19:06 <REP> Movie Maker 26/02/2007 23:58 <REP> Mozilla Firefox 10/04/2003 00:49 <REP> MSN 10/04/2003 00:49 <REP> MSN Gaming Zone 24/02/2007 11:34 <REP> MSN Messenger 26/12/2003 12:27 <REP> NC NUMERICABLE 08/03/2005 19:04 <REP> NetMeeting 17/02/2006 13:52 <REP> Numericable 17/12/2006 08:45 <REP> Outlook Express 29/12/2005 18:02 <REP> Philips 20/09/2005 16:46 <REP> PixDiscount 10/04/2003 15:03 <REP> QuickTime 10/04/2003 15:01 <REP> Real 15/11/2005 13:41 <REP> Research In Motion 17/04/2005 14:16 <REP> Saitek 20/11/2005 14:36 <REP> SereneScreen 10/04/2003 00:50 <REP> Services en ligne 19/02/2007 15:34 <REP> SnagIt32 10/04/2003 15:10 <REP> Sony 10/04/2003 01:16 <REP> Sony Corporation 27/04/2006 16:02 <REP> Spybot - Search & Destroy 19/07/2004 10:25 <REP> SpyKiller 19/07/2004 10:24 <REP> SpywareBlaster 09/02/2007 13:54 <REP> ToniArts 27/04/2006 16:10 <REP> Trend Micro 18/08/2005 15:55 <REP> Ultra Video Splitter 17/07/2004 17:46 <REP> Uninstall Information 18/08/2005 13:04 <REP> vso 24/02/2007 11:35 <REP> Windows Defender 22/12/2006 17:57 <REP> Windows Live Favorites 24/02/2007 11:35 <REP> Windows Live Toolbar 09/02/2007 13:48 <REP> Windows Media Connect 2 24/02/2007 21:03 <REP> Windows Media Player 08/03/2005 19:04 <REP> Windows NT 10/04/2003 00:52 <REP> xerox 30/12/2005 22:13 <REP> Yahoo! 0 fichier(s) 0 octets 63 Rép(s) 15 979 118 592 octets libres Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\Program Files\fichiers communs 04/01/2007 14:56 <REP> . 04/01/2007 14:56 <REP> .. 27/04/2006 09:27 <REP> Adobe 27/10/2006 17:21 <REP> BOONTY Shared 30/12/2003 14:09 <REP> Designer 26/04/2005 10:24 <REP> DSC338 16/04/2005 13:42 <REP> InstallShield 18/08/2004 14:19 <REP> Java 04/02/2007 10:39 <REP> Microsoft Shared 10/04/2003 00:50 <REP> MSSoap 26/04/2005 10:32 <REP> NewSoft 04/01/2007 14:56 <REP> ODBC 15/11/2005 13:42 <REP> Pumatech Shared 10/04/2003 15:01 <REP> Real 15/11/2005 13:41 <REP> Research In Motion 10/04/2003 00:50 <REP> Services 10/04/2003 01:17 <REP> Sony Shared 10/04/2003 01:45 <REP> SpeechEngines 24/10/2004 10:55 <REP> Symantec Shared 17/12/2006 08:45 <REP> System 10/04/2003 15:01 <REP> xing shared 0 fichier(s) 0 octets 21 Rép(s) 15 979 118 592 octets libres Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 04/02/2007 10:37 <REP> . 04/02/2007 10:37 <REP> .. 30/12/2003 14:09 <REP> 1033 04/02/2007 10:37 <REP> 1036 29/01/2004 15:08 1 277 952 MSONSEXT.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 29/01/2004 15:08 69 632 PKMAXCTL.DLL 29/01/2004 15:08 868 352 PKMCDO.DLL 29/01/2004 15:08 53 248 PKMCORE.DLL 29/01/2004 15:08 102 400 PKMFORMS.DLL 29/01/2004 15:38 634 880 PKMRES.DLL 29/01/2004 15:08 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 29/01/2004 15:08 24 576 PKMTRACE.DLL 29/01/2004 15:08 86 016 PKMWS.DLL 29/01/2004 15:08 237 568 PROMDEMO.DLL 29/01/2004 15:08 184 320 SECMGR.DLL 29/01/2004 15:08 315 392 VAIDDMGR.DLL 29/01/2004 15:08 32 768 VAIMEM.DLL 18 fichier(s) 4 666 952 octets 4 Rép(s) 15 979 118 592 octets libres Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\Program Files\common files 17/02/2006 13:04 <REP> . 17/02/2006 13:04 <REP> .. 17/02/2006 13:54 <REP> Motive 15/11/2005 13:42 <REP> Pumatech Shared 0 fichier(s) 0 octets 4 Rép(s) 15 979 118 592 octets libres Le volume dans le lecteur C s'appelle VAIO Le numéro de série du volume est 3CD7-514A Répertoire de C:\ 21/03/2007 08:06 68 096 diff.exe 21/03/2007 08:07 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 3 fichier(s) 333 824 octets 0 Rép(s) 15 979 118 592 octets libres c:\Documents and Settings\Marie\Mes documents\eCB_CBV-2.2.0.9-82.exe c:\Documents and Settings\Marie\Mes documents\Mes fichiers reçus\setupfre.exe c:\Documents and Settings\Marie\Mes documents\Mes fichiers reçus\sonique196.exe c:\Documents and Settings\Marie\Mes documents\Mes fichiers reçus\yzdock-fr\YzDock.exe c:\Documents and Settings\Nico\Application Data\Macromedia\Flash Player\localhost\Documents and Settings\Nico\Local Settings\Temp\RC#3A#9pertoire temporaire 1 pour pacman_win.zip\Neave Pac-Man.exe c:\Documents and Settings\Nico\Application Data\Macromedia\Flash Player\localhost\Documents and Settings\Nico\Local Settings\Temp\RC#3A#9pertoire temporaire 2 pour pacman_win.zip\Neave Pac-Man.exe c:\Documents and Settings\Nico\Application Data\Macromedia\Flash Player\localhost\Documents and Settings\Nico\Local Settings\Temp\RC#3A#9pertoire temporaire 3 pour pacman_win.zip\Neave Pac-Man.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\ARPPRODUCTICON.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut10_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut100_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut11_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut110_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut12_530EE294E350453CA08E2D0EC7BFC426.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut6_530EE294E350453CA08E2D0EC7BFC426.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut9_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{0B1BEE88-001B-49B9-86A0-1B0ECF48F8F4}\NewShortcut90_352A9A725EA74C6CA36BBE3B40791F55.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{532EFE70-19BC-4F0F-8F50-D5F15C243133}\NewShortcut1_8315396A5EA1419DBEC4978284BDF556.exe c:\Documents and Settings\Nico\Application Data\Microsoft\Installer\{8AEF9829-1710-415E-9649-FBE70525FC3F}\_72F5543D5161_4357_86D0_FAAACCE7D767.exe c:\Documents and Settings\Nico\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\Nico\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Nico\Bureau\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Nico\Bureau\EClea2_0.exe c:\Documents and Settings\Nico\Bureau\wmp11-windowsxp-x86-FR-FR.exe c:\Documents and Settings\Nico\Bureau\ZebProtect.exe c:\Documents and Settings\Nico\Bureau\ARCADES\tetrisarena.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\ce1.x\mips\Invaders.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\ce1.x\sh3\Invaders.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\ce2.x\mips\Invaders.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\ce2.x\sh3\Invaders.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\palmpc\mips\Invaders.exe c:\Documents and Settings\Nico\Bureau\ARCADES\Invaders10\palmpc\sh3\Invaders.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Nico\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\aawsepersonal.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\avg71free_385a729.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\avg75iswt_441a919.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\avwinsfx.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\BitDefender_Uninstall_Tool.EXE c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\blbetac.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\CWShredder.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\Firefox Setup 2.0.0.2.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\FixBlast.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\FxAgentB.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\FxSasser.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\FxSasserC.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\GoogleToolbarInstaller.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\HijackThisFR.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\setup_eocomputer.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\spybotsd13.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\winpfind3u.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\WinPFind3u\WinPFind3U.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\WinPFind3u\MovedFiles\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe c:\Documents and Settings\Nico\Bureau\OUTILS VIRUS\WinPFind3u\MovedFiles\WINDOWS\seksdialer.exe c:\Documents and Settings\Nico\Local Settings\Temp\AutoDL%3FBundleId=10878_b197838c.exe c:\Documents and Settings\Nico\Local Settings\Temp\Install_Messenger.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\GoogleEarth.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\kerio-pf-4.1.3-en-win.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\MicrosoftAntiSpywareInstall.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\mpegsplitter.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\Shareaza_2.1.0.0.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\spybotsd13.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\spywareblastersetup.exe c:\Documents and Settings\Nico\Mes documents\Mes fichiers reçus\vball\Volleyball.exe c:\Documents and Settings\Nico\Mes documents\Perfect Keyboard\PK32.EXE c:\Documents and Settings\Nico\Mes documents\Perfect Keyboard\REGISTER.EXE c:\Documents and Settings\Nico\Mes documents\Perfect Keyboard\UNINSTPK.EXE c:\Documents and Settings\Nico\Mes documents\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe c:\Documents and Settings\Nico\Mes documents\Program Files\SnagIt32\SIUNINST.EXE c:\Documents and Settings\Nico\Mes documents\Program Files\SnagIt32\snagit32.exe c:\Documents and Settings\Nico\Mes documents\Program Files\SnagIt32\UNWISE.EXE c:\Documents and Settings\Nico\Mes documents\Program Files\WinZip\WINZIP32.EXE c:\Documents and Settings\Nico\Mes documents\Program Files\WinZip\WZSEPE32.EXE c:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7upd\backup\avgcore.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{794A9039-B87A-4552-841D-F59F99ECE076}\mpengine.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Marie\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Marie\Application Data\TaoUSign\jseccapi.dll c:\Documents and Settings\Nico\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll -
demande d'analyse rapport HijackThis
N08 a répondu à un(e) sujet de N08 dans Analyses et éradication malwares
Hello Charles, Content de tomber à nouveau sur toi, je te colle le rapport HijackThis ci dessous. A part la modifiction d'état de la barre des tâches la vitesse de connexion est semble rester optimale (pour l'instant????). Je profite de tes lumières, j'ai une version d'évaluation de AVG 7.5 qui prend fin demain, le 21, est-ce que cet antivirus est assez performant pour que je l'achète en ligne? Merci de ta réponse. N08 Logfile of HijackThis v1.99.1 Scan saved at 20:52:49, on 20/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\PROGRA~1\Grisoft\AVG7\avgw.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe -
Bonjour, Une fois connecté à internet, la barre des tâches change subitement de format de présentation (chgt couleur + chgt police). Pensez vous que ceci soit lié à un virus???? Merci pour vos réponses, N08
-
Bonjour à Tou(te)s, Mon pc semble avoir qques petits ennuis, rien de grave pour l'instant ma vitesse de connection reste élevée mais j'assiste (impuissant) à des modifications de la barre des tâches ainsi qu'à une disparition du son (pas les sons système, ceux médiés par WMP). Tout ceci ne me dis rien qui vaille, je préfère vous soumettre le pb le plus rapidement possible. En éspèrant que vous aurez la solution (comme d'habitude), merci d'avance N08 Logfile of HijackThis v1.99.1 Scan saved at 10:58:35, on 17/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
-
j'ai re-téléchargé la version 11 de WMP et plus de pb... désolé ! Michel Denisot
-
Bonsoir Charles, Bitdefender à complétement disparu....une bonne chose. J'ai suivi tes derniers conseils pour windows defender. Coté PC, super, la vitesse de connection est rétablie. A la suite des lectures sur le forum j'ai décidé de télécharger firefox comme navigateur, pas de pb de ce coté? Il ne reste plus qu'un pb de son : j'ai envoyé un message sur le forum software mais je peux te tenir au courant étant donné ta compétence.... J'ai bien le son système (à l'ouverture - son d'erreur etc etc) mais plus rien sous W médiaplayer, pourtant ma carte est bien reconnue et fonctionnelle. Si dès fois cela te dis qque chose je suis preneur. Enfin je suis tout à fait favorable à enlever encore qques petites lignes histoire d'optimiser tout ça. En tout cas merci pour ton aide, impossible d'envisager de réussir ce type de manip tout seul. En attente de te lire. Cordialement.
-
Alors, pour être plus précis après lecture Ma carte son est bien reconnue, le gestionnaire de périphérique signale qu'elle fonctionne correctement MAIS : lorsque j'affiche propriétés de sons et périphérique audio; il est signalé "aucun périphérique audio"..... merci d'avance.
-
OK, merci bien pour le lien, je lis et je te tiens au courant.@+ tard
-
Bonjour à tou(te)s J'ai récemment fait une mise à jour du mediaplayer de windows, après qques jours de marche normale impossible de lire un fichier audio (message : Le Lecteur Windows Media ne peut pas lire le fichier parce que le périphérique audio pose problème. Peut-être que votre ordinateur ne comporte pas de périphérique audio, que ce dernier est utilisé par un autre programme ou qu'il ne fonctionne pas correctement.). J'ai bie vérifié que ma carte son existe et qu'elle est fonctionnelle. Que dois-je faire selon vous? Merci d'avance
-
Hello Charles Ca commence à accélerer, c'est bon signe.... J'ai une fois encore suivi tes instructions à la lettre, les rapports (je n'ai pas demandé à winpfin3du de créer un nouveau rapport, j'ai simplement récupéré le dernier créé...c'est ok???): winpfind3du : [Registry - Non-Microsoft Only] Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\EoEngine deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Eree deleted successfully. File C:\Documents and Settings\Nico\Application Data\suso.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350} deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B4FA6F6-83C4-4BD3-852B-726562EA101D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B4FA6F6-83C4-4BD3-852B-726562EA101D} deleted successfully. [Processes - Non-Microsoft Only] Process bdoesrv.exe killed successfully. Unable to kill process bdss.exe . Process bdswitch.exe killed successfully. Unable to kill process vsserv.exe . Unable to kill process xcommsvr.exe . [Win32 Services - Non-Microsoft Only] Unable to stop service bdss . Service VSSERV stopped successfully. Unable to stop service XCOMM . [ Extra Files ] C:\WINDOWS\seksdialer.exe moved successfully. C:\WINDOWS\msbb.exe.temp moved successfully. C:\WINDOWS\GatorHDPlugin.log-old.log moved successfully. C:\WINDOWS\Downloaded Program Files\CONFLICT.6\HDPlugin1019.inf moved successfully. C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1019.inf moved successfully. < End of log > Created on 02/24/2007 15:00:24 Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 15:30:55, on 24/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
-
pc ralenti rapport Hijackthis + WinPFind3 + BlackLight
N08 a répondu à un(e) sujet de N08 dans Analyses et éradication malwares
Entendu, le chemin de la vérité est celui de l'erreur combatue!... -
re salut, ci dessous le rapport du scan en ligne réalisé avec Panda Incident Statut Analyse Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Nico\Cookies\nico@atdmt[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Nico\Cookies\nico@bluestreak[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Nico\Cookies\nico@xiti[1].txt Adware:Adware/Gator No Désinfecté C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1019.inf Adware:Adware/Gator No Désinfecté C:\WINDOWS\Downloaded Program Files\CONFLICT.6\HDPlugin1019.inf Virus:Trj/Downloader.AMW Désinfecté C:\WINDOWS\Downloaded Program Files\sc.inf Virus:Trj/Downloader.QV Désinfecté C:\WINDOWS\Downloaded Program Files\vxiewer.inf Adware:adware/gator No Désinfecté C:\WINDOWS\GatorHDPlugin.log-old.log Adware:adware/ncase No Désinfecté C:\WINDOWS\msbb.exe.temp Adware:adware/superspider No Désinfecté C:\WINDOWS\seksdialer.exe Virus:W32/Sasser.ftp Désinfecté C:\WINDOWS\system32\cmd.ftp
-
Bonjour Merci pour les infos. J'ai réussi à faire ce que tu m'as demandé SAUF désinstaller bitdefender8. Cette application n'apparait pas dans le menu installer-desintaller programme, et bien entendu lorsque j'essaie de supprimer le repertoire C:/program files/softwin/bitdefender8 un message d'erreur apparait certifiant que certains fichiers sont actuellement en cours d'utilisation. Y a t'il une solution? Je te poste ci après les rapports demandés et je commence le scan en ligne. @ + tard Rapport Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 10:37:46, on 24/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {8B4FA6F6-83C4-4BD3-852B-726562EA101D} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Eree] C:\Documents and Settings\Nico\Application Data\suso.exe O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Rapport AVGAS Rien à signaler Rapport WinPFind3u Explorer killed successfully [Win32 Services - Non-Microsoft Only] Service Boonty Games stopped successfully. Service Boonty Games deleted successfully. C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe moved successfully. [Registry - Non-Microsoft Only] Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\qsmQ32X deleted successfully. Starting removal of ActiveX control {469C7080-8EC8-43A6-AD97-45848113743C} File move failed. C:\WINDOWS\Downloaded Program Files\nethv32.inf scheduled to be moved on reboot. File move failed. scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{469C7080-8EC8-43A6-AD97-45848113743C} deleted successfully. Removal of ActiveX control {469C7080-8EC8-43A6-AD97-45848113743C} complete! Starting removal of ActiveX control PackageHtmlCab PackageHtml.dll moved successfully. File move failed. scheduled to be moved on reboot. File move failed. scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\PackageHtmlCab deleted successfully. Removal of ActiveX control PackageHtmlCab complete! [File String Scan - Non-Microsoft Only] C:\WINDOWS\dcjmb.txt moved successfully. C:\WINDOWS\dgvvs.log moved successfully. C:\WINDOWS\dnjnq.txt moved successfully. C:\WINDOWS\dnmlk.txt moved successfully. C:\WINDOWS\eimdt.log moved successfully. C:\WINDOWS\ffbyj.dat moved successfully. C:\WINDOWS\ooaap.txt moved successfully. C:\WINDOWS\pgzgn.dat moved successfully. C:\WINDOWS\xegya.log moved successfully. C:\WINDOWS\xfzrg.txt moved successfully. C:\WINDOWS\zpxgl.txt moved successfully. C:\WINDOWS\SYSTEM32\okmkl.log moved successfully. C:\WINDOWS\SYSTEM32\qijpg.dat moved successfully. < End of log > Created on 02/24/2007 09:19:51
-
pc ralenti rapport Hijackthis + WinPFind3 + BlackLight
N08 a posté un sujet dans Analyses et éradication malwares
Bonjour à tou(te)s Ma machine rame de + en +, j'ai effectué les premiers nettoyages et tests demandés, je suis actuellement dispo pour effectuer ce qu'il serait bon de faire pour régler ces pb. Merci d'avance. Rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 12:54:00, on 23/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {8B4FA6F6-83C4-4BD3-852B-726562EA101D} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [qsmQ32X] ncouinit.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Eree] C:\Documents and Settings\Nico\Application Data\suso.exe O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Rapport BlackLight : 02/23/07 13:34:02 [info]: BlackLight Engine 1.0.55 initialized 02/23/07 13:34:02 [info]: OS: 5.1 build 2600 (Service Pack 2) 02/23/07 13:34:02 [Note]: 7019 4 02/23/07 13:34:02 [Note]: 7005 0 02/23/07 13:34:02 [Note]: 7006 0 02/23/07 13:34:02 [Note]: 7011 1828 02/23/07 13:34:03 [Note]: 7026 0 02/23/07 13:34:03 [Note]: 7026 0 02/23/07 13:34:14 [Note]: FSRAW library version 1.7.1021 02/23/07 13:43:57 [Note]: 2000 1012 02/23/07 13:43:57 [Note]: 7007 0 Rapport WinPFind3 : WinPFind3 logfile created on: 23/02/2007 14:08:13 WinPFind3U by OldTimer - Version 1.0.18 Folder = C:\Documents and Settings\Nico\Bureau\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 7.0.5730.11) 523628 Kb Total Physical Memory | 132020 Kb Available Physical Memory | 25,21% Memory free 1279100 Kb Paging File | 801640 Kb Available in Paging File | 62,67% Paging File free Paging file location(s): C:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29302528 Kb Total Space | 16463652 Kb Free Space | 56,19% Space Free Drive D: | 87915680 Kb Total Space | 32219057 Kb Free Space | 36,65% Space Free Drive E: | 644978 Kb Total Space | 0 Kb Free Space | 0,00% Space Free Unable to calculate disk information. [Processes - Non-Microsoft Only] acrord32.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AcroRd32.exe -> Adobe Systems Incorporated [Ver = 7.0.7.2006011300 | Size = 65536 bytes | Modified Date = 13/01/2006 09:39:10 | Attr = ] acrotray.exe -> %ProgramFiles%\Adobe\Acrobat 5.0\Distillr\AcroTray.exe -> Adobe Systems Inc. [Ver = 5, 0, 0, 0 | Size = 49254 bytes | Modified Date = 15/03/2001 07:18:18 | Attr = ] agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 10:59:00 | Attr = ] apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.49815 | Size = 57344 bytes | Modified Date = 06/06/2005 22:46:24 | Attr = ] avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 353792 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 324096 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] avgfwsrv.exe -> %ProgramFiles%\Grisoft\AVG7\avgfwsrv.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 811008 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] avgrssvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgrssvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.437 | Size = 200704 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 19/02/2007 12:09:04 | Attr = ] bbdevmgr.exe -> %CommonProgramFiles%\Research In Motion\USB Drivers\BbDevMgr.exe -> Research In Motion Limited [Ver = 1.2.0.15 | Size = 176213 bytes | Modified Date = 14/09/2004 16:27:10 | Attr = ] bdoesrv.exe -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> [Ver = | Size = 86016 bytes | Modified Date = 05/08/2004 17:28:58 | Attr = ] bdss.exe -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 12/02/2005 18:00:34 | Attr = ] bdswitch.exe -> %ProgramFiles%\Softwin\BitDefender8\bdswitch.exe -> [Ver = | Size = 33280 bytes | Modified Date = 17/03/2005 21:01:36 | Attr = ] ecb-sg.exe -> %ProgramFiles%\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 184320 bytes | Modified Date = 20/12/2002 08:52:18 | Attr = ] jucheck.exe -> %ProgramFiles%\Java\jre1.5.0_06\bin\jucheck.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 241775 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] kpf4gui.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4gui.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 2887680 bytes | Modified Date = 26/09/2005 10:57:18 | Attr = ] kpf4gui.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4gui.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 2887680 bytes | Modified Date = 26/09/2005 10:57:18 | Attr = ] kpf4ss.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4ss.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 1617920 bytes | Modified Date = 26/09/2005 11:00:28 | Attr = ] mad.exe -> %ProgramFiles%\Numericable\Mon Assistant Internet\bin\mad.exe -> Motive Communications, Inc. [Ver = 5.08.01 | Size = 2375680 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] motivesb.exe -> %ProgramFiles%\Numericable\Mon Assistant Internet\SmartBridge\MotiveSB.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.smartbridge.20041022_173000 | Size = 393216 bytes | Modified Date = 22/10/2004 17:43:12 | Attr = ] motive~1.exe -> %ProgramFiles%\Motive\AsstCommon\MotiveDirectory.exe -> Motive Communications, Inc. [Ver = 5.01.00 | Size = 245760 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 69632 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] rimdevicemanager.exe -> %CommonProgramFiles%\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe -> Research In Motion Limited [Ver = 4.0.0.32 (Release build by unknown) | Size = 680063 bytes | Modified Date = 25/10/2004 16:10:02 | Attr = ] traymin200.exe -> %ProgramFiles%\Philips\SPC 200NC PC Camera\TrayMin200.exe -> [Ver = 1, 0, 0, 4 | Size = 278528 bytes | Modified Date = 12/07/2005 19:54:32 | Attr = ] version traduite originale.exe -> %ProgramFiles%\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 220160 bytes | Modified Date = 03/03/2005 18:36:58 | Attr = ] virtualexpander.exe -> %System32%\VirtualExpander\VirtualExpander.exe -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 430080 bytes | Modified Date = 31/03/2005 13:32:22 | Attr = ] vm_sti.exe -> %SystemRoot%\VM_STI.EXE -> BIGDOG [Ver = 4, 2, 610, 4 | Size = 40960 bytes | Modified Date = 09/06/2004 15:37:02 | Attr = ] vsserv.exe -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> [Ver = | Size = 118784 bytes | Modified Date = 29/03/2005 14:07:02 | Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.18.0 | Size = 308736 bytes | Modified Date = 12/02/2007 21:39:14 | Attr = ] xcommsvr.exe -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 16:36:48 | Attr = ] [Win32 Services - Non-Microsoft Only] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 353792 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 19/02/2007 12:09:04 | Attr = ] (AvgCoreSvc) AVG7 Resident Shield Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgrssvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.437 | Size = 200704 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 324096 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] (AVGFwSrv) AVG Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgfwsrv.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 811008 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] (bdss) BitDefender Scan Server [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 12/02/2005 18:00:34 | Attr = ] (Boonty Games) Boonty Games [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\BOONTY Shared\Service\Boonty.exe -> BOONTY [Ver = 2.60.030 | Size = 69120 bytes | Modified Date = 27/10/2006 17:21:28 | Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 00:09:52 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03/04/2005 23:41:10 | Attr = ] (KPF4) Kerio Personal Firewall 4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4ss.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 1617920 bytes | Modified Date = 26/09/2005 11:00:28 | Attr = ] (NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 69632 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] (VSSERV) BitDefender Virus Shield [Win32_Own | Auto | Running] -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> [Ver = | Size = 118784 bytes | Modified Date = 29/03/2005 14:07:02 | Attr = ] (XCOMM) BitDefender Communicator [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 16:36:48 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.49815 | Size = 57344 bytes | Modified Date = 06/06/2005 22:46:24 | Attr = ] AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 10:59:00 | Attr = ] AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] BDNewsAgent -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 4608 bytes | Modified Date = 20/04/2004 16:00:46 | Attr = ] BDOESRV -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> [Ver = | Size = 86016 bytes | Modified Date = 05/08/2004 17:28:58 | Attr = ] BDSwitchAgent -> %ProgramFiles%\Softwin\BitDefender8\bdswitch.exe -> [Ver = | Size = 33280 bytes | Modified Date = 17/03/2005 21:01:36 | Attr = ] BigDogPath -> %SystemRoot%\VM_STI.EXE -> BIGDOG [Ver = 4, 2, 610, 4 | Size = 40960 bytes | Modified Date = 09/06/2004 15:37:02 | Attr = ] eCarteBleue-SG-P3 -> %ProgramFiles%\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 184320 bytes | Modified Date = 20/12/2002 08:52:18 | Attr = ] EoComputer -> -> File not found EoEngine -> -> File not found Motive SmartBridge -> %ProgramFiles%\Numericable\Mon Assistant Internet\SmartBridge\MotiveSB.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.smartbridge.20041022_173000 | Size = 393216 bytes | Modified Date = 22/10/2004 17:43:12 | Attr = ] NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 4616192 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] qsmQ32X -> ncouinit.exe -> File not found SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ IMAIL -> Installed = 1 -> MAPI -> Installed = 1 -> MSFS -> Installed = 1 -> < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Eree -> %UserAppData%\suso.exe -> File not found RIMDeviceManager -> %CommonProgramFiles%\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe -> Research In Motion Limited [Ver = 4.0.0.32 (Release build by unknown) | Size = 680063 bytes | Modified Date = 25/10/2004 16:10:02 | Attr = ] < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage %AllUsersStartup%\Acrobat Assistant.lnk -> %ProgramFiles%\Adobe\Acrobat 5.0\Distillr\AcroTray.exe -> Adobe Systems Inc. [Ver = 5, 0, 0, 0 | Size = 49254 bytes | Modified Date = 15/03/2001 07:18:18 | Attr = ] %AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 21:05:26 | Attr = ] %AllUsersStartup%\Mon Assistant Internet.lnk -> %ProgramFiles%\Numericable\Mon Assistant Internet\bin\matcli.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.asst_matcli.20041022_173000 | Size = 217088 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] %AllUsersStartup%\TrayMin300.exe.lnk -> %ProgramFiles%\Philips\SPC 200NC PC Camera\TrayMin200.exe -> [Ver = 1, 0, 0, 4 | Size = 278528 bytes | Modified Date = 12/07/2005 19:54:32 | Attr = ] < User Startup > -> C:\Documents and Settings\Nico\Menu Démarrer\Programmes\Démarrage %UserStartup%\VirtualExpander.lnk -> %System32%\VirtualExpander\VirtualExpander.exe -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 430080 bytes | Modified Date = 31/03/2005 13:32:22 | Attr = ] < Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command regfile [merge] -> Reg Data - Key not found -> scrfile [open] -> "%1" /S -> scrfile [config] -> "%1" -> txtfile [open] -> %System32%\NOTEPAD.EXE -> File not found *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\\Command -> NewLinkHere -> -> File not found %1 -> -> File not found *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew\\Command -> Briefcase_Create -> -> File not found %2!d! -> -> File not found %1 -> -> File not found < ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -> {5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub -> {73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> -> {7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install -> {89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll -> {89820200-ECBD-11cf-8B85-00AA005B4383} -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings -> <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP -> >{26923b43-4d38-484f-9b9e-de460746276c} -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -> < WOW Command Line [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW *wowcmdline* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\\wowcmdline -> -a -> -> File not found < Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager BootExecute -> autocheck autochk *; -> < AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 73728 bytes | Modified Date = 31/03/2005 19:13:50 | Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Ma page d'accueil -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > -> -> Hosts file not found -> < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Bar -> -> HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.google.com/ie -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 -> HKCU: SearchAssistant -> http://www.google.com/ie -> HKCU: ProxyEnable -> 0 -> HKCU: ProxyOverride -> 127.0.0.1 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ msn.com [ - ] -> -> < Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ sony-europe.com [*] -> -> sonystyle-europe.com [*] -> -> vaio-link.com [*] -> -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 12/01/2006 19:38:22 | Attr = ] {2E03C0FD-4C48-43A7-9A54-00240C70FF16} [HKLM] -> %System32%\BhoECart.dll [ECarteBleueBrowserHelper Class] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 69632 bytes | Modified Date = 20/12/2002 08:49:12 | Attr = ] {64F56FC1-1272-44CD-BA6E-39723696E350} [HKLM] -> Reg Data - Value does not exist [EoBho Class] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {8B4FA6F6-83C4-4BD3-852B-726562EA101D} [HKLM] -> Reg Data - Value does not exist [Reg Data - Value does not exist] -> File not found < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 20:54:42 | Attr = ] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 20:54:42 | Attr = ] < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8194 - Console Java (Sun) -> {21C9EF41-92BE-11d3-9AB8-005004B85154} -> 8193 - GoTranslate -> {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Windows Messenger -> NextId -> 8198 -> < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\npjpi150_06.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {21C9EF41-92BE-11d3-9AB8-005004B85154} -> http:\ut.gotranslate.com\utd\ieutd-b.htm [buttonText: GoTranslate] -> File not found {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found Add to Windows &Live Favorites -> http:\favorites.live.com\quickadd.asp -> File not found E&xporter vers Microsoft Excel -> -> File not found < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved {043308A2-3CF7-4ED5-A668-2B4FB0BD307A} [HKLM] -> Reg Data - Key not found [dBpowerAMP dAP Scripting] -> File not found {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [barre des tâches et menu Démarrer] -> File not found {1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Explorateur de Bureau] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 462919 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 462919 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Extension Affichage Panorama du Panneau de configuration] -> File not found {45AC2688-0253-4ED8-97DE-B5370FA7D48A} [HKLM] -> Reg Data - Key not found [shell Extension for Malware scanning] -> File not found {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {AB77609F-2178-4E6F-9C4B-44AC179D937A} [HKLM] -> Reg Data - Key not found [a² Context Menu Shell Extension] -> File not found {BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> Reg Data - Key not found [LDVP Shell Extensions] -> File not found {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] {E4000AC4-5E5F-4956-807A-C5854405D64F} [HKLM] -> %System32%\VirtualExpander\VEShellExt.dll [VirtualExpanderFile.1] -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Modified Date = 23/12/2005 17:09:30 | Attr = ] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshellext.dll [shell Extensions for RealOne Player] -> RealNetworks [Ver = 1.0.0.447 | Size = 45105 bytes | Modified Date = 10/04/2003 15:01:52 | Attr = ] {FED7043D-346A-414D-ACD7-550D052499A7} [HKLM] -> Reg Data - Key not found [dBpowerAMP Popup Info] -> File not found < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] {E4000AC4-5E5F-4956-807A-C5854405D64F} [HKLM] -> %System32%\VirtualExpander\VEShellExt.dll [VirtualExpander] -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Modified Date = 23/12/2005 17:09:30 | Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14/12/2004 01:20:02 | Attr = ] < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {3D701FD5-0627-4DBA-9281-E628F1B7A417} -> (Motorola SurfBoard 4200 USB Cable Modem) -> {5D98981F-3590-4B4F-A045-8BD29CA54CC8} -> (Intel® PRO/100 VE Network Connection) -> {650474A5-BD10-4AF4-A6EA-C47AABBE456A} -> () -> {BBB7EC5A-4E11-4CC9-B508-2540B7CBF4F4} -> (Carte réseau 1394) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {02BCC737-B171-4746-94C9-0D8A0B2C0089} -> Microsoft Office Template and Media Control - CodeBase = http://office.microsoft.com/templates/ieawsdc.cab -> {106E49CF-797A-11D2-81A2-00E02C015623} -> AlternaTIFF ActiveX - CodeBase = http://www.alternatiff.com/install/00/alttiff.cab -> {166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://active.macromedia.com/director/cabs/sw.cab -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase = http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -> {469C7080-8EC8-43A6-AD97-45848113743C} -> - CodeBase = http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab -> {4B48D5DF-9021-45F7-A240-60304302A215} -> MalwareCleaner Class - CodeBase = http://www.microsoft.com/security/controls/WebCleaner.cab -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} -> F-Secure Online Scanner - CodeBase = http://support.f-secure.com/ols/fscax.cab -> {92E7E45A-D8C8-480E-AF99-176E43997CAA} -> Aurigma Image Uploader 3.0 Combo Control - CodeBase = http://www.pixdiscount.fr/clients/ImageUploader3.cab -> {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} -> Aurigma Image Uploader 3.0 Control - CodeBase = http://www.pixdiscount.fr/clients/ImageUploader3.cab -> {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} -> AdSignerLCContrl Class - CodeBase = https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab -> {C36112BF-2FA3-4694-8603-3B510EA3B465} -> Lycos File Upload Component - CodeBase = http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab -> {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab -> {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_04 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -> DirectAnimation Java Classes -> - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab -> Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab -> PackageHtmlCab -> - CodeBase = http://acces.blonde.com/package/PackageHtmlCab.CAB -> teleir_cert -> - CodeBase = https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab -> [Files - Created Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536268800 bytes | Created Date = 02/01/1601 23:00:00 | Attr = HS] AVG 7.5.lnk -> %AllUsersDesktop%\AVG 7.5.lnk -> [Ver = | Size = 1536 bytes | Created Date = 19/02/2007 12:09:12 | Attr = ] blbetac.exe -> %UserDesktop%\blbetac.exe -> F-Secure Corporation [Ver = 2, 2, 1055, 0 | Size = 682872 bytes | Created Date = 23/02/2007 13:33:00 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> DiagHelp.zip -> %UserDesktop%\DiagHelp.zip -> [Ver = | Size = 379489 bytes | Created Date = 23/02/2007 13:36:41 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> EClea2_0.exe -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Created Date = 09/02/2007 13:54:17 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Hijackthis Version Française.lnk -> %UserDesktop%\Hijackthis Version Française.lnk -> [Ver = | Size = 925 bytes | Created Date = 23/02/2007 12:53:15 | Attr = ] HijackThisFR.exe -> %UserDesktop%\HijackThisFR.exe -> Pc-Help-Bordeaux [Ver = | Size = 506140 bytes | Created Date = 23/02/2007 10:52:13 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> morphing1.avi -> %UserDesktop%\morphing1.avi -> [Ver = | Size = 7958528 bytes | Created Date = 16/02/2007 19:24:07 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 342421 bytes | Created Date = 23/02/2007 14:07:04 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 12/02/2007 18:20:32 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 12/02/2007 18:20:32 | Attr = H ] avgfwafu.dll -> %System32%\avgfwafu.dll -> GRISOFT, s.r.o. [Ver = 7.5.0.407 | Size = 110592 bytes | Created Date = 19/02/2007 12:11:11 | Attr = ] apphelp.sdb -> %System32%\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] apph_sp.sdb -> %System32%\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] sysmain.sdb -> %System32%\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 19/02/2007 12:09:11 | Attr = ] avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.441 | Size = 18432 bytes | Created Date = 19/02/2007 12:09:08 | Attr = ] avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 19/02/2007 12:11:10 | Attr = ] [Files - Modified Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536268800 bytes | Modified Date = 23/02/2007 12:49:06 | Attr = HS] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 163840 bytes | Modified Date = 04/02/2007 11:10:30 | Attr = ] IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 4240656 bytes | Modified Date = 23/02/2007 12:42:16 | Attr = H ] desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 112 bytes | Modified Date = 22/12/2006 17:48:44 | Attr = HS] Mes dossiers de partage.lnk -> %UserDocuments%\Mes dossiers de partage.lnk -> [Ver = | Size = 577 bytes | Modified Date = 23/02/2007 12:51:42 | Attr = ] nico_2005-2006.pst -> %UserDocuments%\nico_2005-2006.pst -> [Ver = | Size = 32768 bytes | Modified Date = 30/12/2006 11:33:50 | Attr = ] AVG 7.5.lnk -> %AllUsersDesktop%\AVG 7.5.lnk -> [Ver = | Size = 1536 bytes | Modified Date = 19/02/2007 12:09:14 | Attr = ] blbetac.exe -> %UserDesktop%\blbetac.exe -> F-Secure Corporation [Ver = 2, 2, 1055, 0 | Size = 682872 bytes | Modified Date = 23/02/2007 14:02:46 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> DiagHelp.zip -> %UserDesktop%\DiagHelp.zip -> [Ver = | Size = 379489 bytes | Modified Date = 23/02/2007 13:36:52 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> EClea2_0.exe -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Modified Date = 09/02/2007 13:54:24 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Hijackthis Version Française.lnk -> %UserDesktop%\Hijackthis Version Française.lnk -> [Ver = | Size = 925 bytes | Modified Date = 23/02/2007 12:53:16 | Attr = ] HijackThisFR.exe -> %UserDesktop%\HijackThisFR.exe -> Pc-Help-Bordeaux [Ver = | Size = 506140 bytes | Modified Date = 23/02/2007 10:52:18 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> morphing1.avi -> %UserDesktop%\morphing1.avi -> [Ver = | Size = 7958528 bytes | Modified Date = 16/02/2007 19:24:18 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 342421 bytes | Modified Date = 23/02/2007 14:07:08 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 23/02/2007 12:49:08 | Attr = S] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\bootstat.dat:rnznxx -> QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 12/02/2007 18:20:34 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 12/02/2007 18:20:34 | Attr = H ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 809 bytes | Modified Date = 09/02/2007 13:49:30 | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 21/12/2006 19:21:46 | Attr = ] amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 09/02/2007 14:14:06 | Attr = ] avgfwafu.dll -> %System32%\avgfwafu.dll -> GRISOFT, s.r.o. [Ver = 7.5.0.407 | Size = 110592 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 09/02/2007 14:14:06 | Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 23/02/2007 12:50:32 | Attr = ] avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 27776 bytes | Modified Date = 19/02/2007 12:09:10 | Attr = ] avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 19/02/2007 12:09:12 | Attr = ] avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.441 | Size = 18432 bytes | Modified Date = 19/02/2007 12:09:10 | Attr = ] avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 1942 bytes | Modified Date = 23/02/2007 11:24:14 | Attr = ] [File String Scan - Non-Microsoft Only] @Alternate Data Stream - 26 bytes -> %UserDocuments%\DPL COLLOQ SPORT ET DOPA.1.pdf:Zone.Identifier -> UPX0 , -> %UserDocuments%\FATIGUE 2004.ppt -> [Ver = | Size = 5864960 bytes | Modified Date = 08/04/2004 18:07:12 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDocuments%\justif amende radar.html:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Thawte Consulting , -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Modified Date = 09/02/2007 13:54:24 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Adobe PSEle2.log:uzwqrq -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\b2_t_SPYBOTSD.EXE&614.xml:hinoln -> @Alternate Data Stream - 7305 bytes -> %SystemRoot%\bootstat.dat:rnznxx -> @Alternate Data Stream - 3547 bytes -> %SystemRoot%\clock.avi:koksrh -> WSUD , -> %SystemRoot%\dcjmb.txt -> [Ver = | Size = 3547 bytes | Modified Date = 23/01/2005 03:38:48 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\desktop.ini:bnqfct -> WSUD , -> %SystemRoot%\dgvvs.log -> [Ver = | Size = 3547 bytes | Modified Date = 08/01/2005 11:13:40 | Attr = HS] WSUD , -> %SystemRoot%\dnjnq.txt -> [Ver = | Size = 3547 bytes | Modified Date = 21/01/2005 18:33:54 | Attr = HS] WSUD , -> %SystemRoot%\dnmlk.txt -> [Ver = | Size = 3547 bytes | Modified Date = 01/01/2005 15:29:38 | Attr = HS] WSUD , -> %SystemRoot%\eimdt.log -> [Ver = | Size = 3547 bytes | Modified Date = 17/01/2005 22:16:26 | Attr = HS] @Alternate Data Stream - 11592 bytes -> %SystemRoot%\ffbyj.dat:eqjjgg -> WSUD , -> %SystemRoot%\ffbyj.dat -> [Ver = | Size = 3547 bytes | Modified Date = 22/01/2005 03:19:28 | Attr = HS] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\Granit vert.bmp:wrcwar -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\KB823182.log:fnmpfr -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\KB824146.log:xofciu -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\msgsocm.log:lhano -> @Alternate Data Stream - 11592 bytes -> %SystemRoot%\ODBCINST.INI:dujgpc -> WSUD , -> %SystemRoot%\ooaap.txt -> [Ver = | Size = 3547 bytes | Modified Date = 25/01/2005 14:43:40 | Attr = HS] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\orun32.ini:vvtmjm -> @Alternate Data Stream - 3547 bytes -> %SystemRoot%\pgzgn.dat:ovmrmo -> WSUD , -> %SystemRoot%\pgzgn.dat -> [Ver = | Size = 3547 bytes | Modified Date = 15/01/2005 01:55:14 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q329390.log:owyiv -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q810565.log:yzzsq -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q828026.log:ophnk -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable -> @Alternate Data Stream - 7305 bytes -> %SystemRoot%\Windows Update.log:fyvnzp -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\wmsetup.log:bysmbx -> WSUD , -> %SystemRoot%\xegya.log -> [Ver = | Size = 3547 bytes | Modified Date = 28/12/2004 16:07:50 | Attr = HS] WSUD , -> %SystemRoot%\xfzrg.txt -> [Ver = | Size = 3547 bytes | Modified Date = 15/01/2005 15:26:20 | Attr = HS] WSUD , -> %SystemRoot%\zpxgl.txt -> [Ver = | Size = 3547 bytes | Modified Date = 28/12/2004 08:34:24 | Attr = HS] PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] WSUD , -> %System32%\okmkl.log -> [Ver = | Size = 3547 bytes | Modified Date = 19/01/2005 21:55:04 | Attr = HS] WSUD , -> %System32%\qijpg.dat -> [Ver = | Size = 3547 bytes | Modified Date = 10/01/2005 17:47:44 | Attr = HS] UPX! , UPX0 , -> %System32%\t3odm.dll -> Cyberlink [Ver = 1.00.1016 | Size = 28672 bytes | Modified Date = 30/04/2004 20:46:24 | Attr = ] @Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable -> winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 04/08/2004 06:41:38 | Attr = ] < End of report > -
et zou.. WinPFind3 logfile created on: 23/02/2007 14:08:13 WinPFind3U by OldTimer - Version 1.0.18 Folder = C:\Documents and Settings\Nico\Bureau\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 7.0.5730.11) 523628 Kb Total Physical Memory | 132020 Kb Available Physical Memory | 25,21% Memory free 1279100 Kb Paging File | 801640 Kb Available in Paging File | 62,67% Paging File free Paging file location(s): C:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29302528 Kb Total Space | 16463652 Kb Free Space | 56,19% Space Free Drive D: | 87915680 Kb Total Space | 32219057 Kb Free Space | 36,65% Space Free Drive E: | 644978 Kb Total Space | 0 Kb Free Space | 0,00% Space Free Unable to calculate disk information. [Processes - Non-Microsoft Only] acrord32.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AcroRd32.exe -> Adobe Systems Incorporated [Ver = 7.0.7.2006011300 | Size = 65536 bytes | Modified Date = 13/01/2006 09:39:10 | Attr = ] acrotray.exe -> %ProgramFiles%\Adobe\Acrobat 5.0\Distillr\AcroTray.exe -> Adobe Systems Inc. [Ver = 5, 0, 0, 0 | Size = 49254 bytes | Modified Date = 15/03/2001 07:18:18 | Attr = ] agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 10:59:00 | Attr = ] apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.49815 | Size = 57344 bytes | Modified Date = 06/06/2005 22:46:24 | Attr = ] avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 353792 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] avgcc.exe -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 324096 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] avgfwsrv.exe -> %ProgramFiles%\Grisoft\AVG7\avgfwsrv.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 811008 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] avgrssvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgrssvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.437 | Size = 200704 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 19/02/2007 12:09:04 | Attr = ] bbdevmgr.exe -> %CommonProgramFiles%\Research In Motion\USB Drivers\BbDevMgr.exe -> Research In Motion Limited [Ver = 1.2.0.15 | Size = 176213 bytes | Modified Date = 14/09/2004 16:27:10 | Attr = ] bdoesrv.exe -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> [Ver = | Size = 86016 bytes | Modified Date = 05/08/2004 17:28:58 | Attr = ] bdss.exe -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 12/02/2005 18:00:34 | Attr = ] bdswitch.exe -> %ProgramFiles%\Softwin\BitDefender8\bdswitch.exe -> [Ver = | Size = 33280 bytes | Modified Date = 17/03/2005 21:01:36 | Attr = ] ecb-sg.exe -> %ProgramFiles%\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 184320 bytes | Modified Date = 20/12/2002 08:52:18 | Attr = ] jucheck.exe -> %ProgramFiles%\Java\jre1.5.0_06\bin\jucheck.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 241775 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] kpf4gui.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4gui.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 2887680 bytes | Modified Date = 26/09/2005 10:57:18 | Attr = ] kpf4gui.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4gui.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 2887680 bytes | Modified Date = 26/09/2005 10:57:18 | Attr = ] kpf4ss.exe -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4ss.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 1617920 bytes | Modified Date = 26/09/2005 11:00:28 | Attr = ] mad.exe -> %ProgramFiles%\Numericable\Mon Assistant Internet\bin\mad.exe -> Motive Communications, Inc. [Ver = 5.08.01 | Size = 2375680 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] motivesb.exe -> %ProgramFiles%\Numericable\Mon Assistant Internet\SmartBridge\MotiveSB.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.smartbridge.20041022_173000 | Size = 393216 bytes | Modified Date = 22/10/2004 17:43:12 | Attr = ] motive~1.exe -> %ProgramFiles%\Motive\AsstCommon\MotiveDirectory.exe -> Motive Communications, Inc. [Ver = 5.01.00 | Size = 245760 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 69632 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] rimdevicemanager.exe -> %CommonProgramFiles%\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe -> Research In Motion Limited [Ver = 4.0.0.32 (Release build by unknown) | Size = 680063 bytes | Modified Date = 25/10/2004 16:10:02 | Attr = ] traymin200.exe -> %ProgramFiles%\Philips\SPC 200NC PC Camera\TrayMin200.exe -> [Ver = 1, 0, 0, 4 | Size = 278528 bytes | Modified Date = 12/07/2005 19:54:32 | Attr = ] version traduite originale.exe -> %ProgramFiles%\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 220160 bytes | Modified Date = 03/03/2005 18:36:58 | Attr = ] virtualexpander.exe -> %System32%\VirtualExpander\VirtualExpander.exe -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 430080 bytes | Modified Date = 31/03/2005 13:32:22 | Attr = ] vm_sti.exe -> %SystemRoot%\VM_STI.EXE -> BIGDOG [Ver = 4, 2, 610, 4 | Size = 40960 bytes | Modified Date = 09/06/2004 15:37:02 | Attr = ] vsserv.exe -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> [Ver = | Size = 118784 bytes | Modified Date = 29/03/2005 14:07:02 | Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.18.0 | Size = 308736 bytes | Modified Date = 12/02/2007 21:39:14 | Attr = ] xcommsvr.exe -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 16:36:48 | Attr = ] [Win32 Services - Non-Microsoft Only] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 353792 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 19/02/2007 12:09:04 | Attr = ] (AvgCoreSvc) AVG7 Resident Shield Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgrssvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.437 | Size = 200704 bytes | Modified Date = 19/02/2007 12:08:56 | Attr = ] (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 324096 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] (AVGFwSrv) AVG Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgfwsrv.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 811008 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] (bdss) BitDefender Scan Server [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 12/02/2005 18:00:34 | Attr = ] (Boonty Games) Boonty Games [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\BOONTY Shared\Service\Boonty.exe -> BOONTY [Ver = 2.60.030 | Size = 69120 bytes | Modified Date = 27/10/2006 17:21:28 | Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 00:09:52 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 03/04/2005 23:41:10 | Attr = ] (KPF4) Kerio Personal Firewall 4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kerio\Personal Firewall 4\kpf4ss.exe -> Kerio Technologies [Ver = 4.2.1 | Size = 1617920 bytes | Modified Date = 26/09/2005 11:00:28 | Attr = ] (NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 69632 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] (VSSERV) BitDefender Virus Shield [Win32_Own | Auto | Running] -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> [Ver = | Size = 118784 bytes | Modified Date = 29/03/2005 14:07:02 | Attr = ] (XCOMM) BitDefender Communicator [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 16:36:48 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.49815 | Size = 57344 bytes | Modified Date = 06/06/2005 22:46:24 | Attr = ] AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.25 2.1.25 02/14/2003 11:58:58 | Size = 88107 bytes | Modified Date = 14/02/2003 10:59:00 | Attr = ] AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] BDNewsAgent -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 4608 bytes | Modified Date = 20/04/2004 16:00:46 | Attr = ] BDOESRV -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> [Ver = | Size = 86016 bytes | Modified Date = 05/08/2004 17:28:58 | Attr = ] BDSwitchAgent -> %ProgramFiles%\Softwin\BitDefender8\bdswitch.exe -> [Ver = | Size = 33280 bytes | Modified Date = 17/03/2005 21:01:36 | Attr = ] BigDogPath -> %SystemRoot%\VM_STI.EXE -> BIGDOG [Ver = 4, 2, 610, 4 | Size = 40960 bytes | Modified Date = 09/06/2004 15:37:02 | Attr = ] eCarteBleue-SG-P3 -> %ProgramFiles%\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 184320 bytes | Modified Date = 20/12/2002 08:52:18 | Attr = ] EoComputer -> -> File not found EoEngine -> -> File not found Motive SmartBridge -> %ProgramFiles%\Numericable\Mon Assistant Internet\SmartBridge\MotiveSB.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.smartbridge.20041022_173000 | Size = 393216 bytes | Modified Date = 22/10/2004 17:43:12 | Attr = ] NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 4616192 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] qsmQ32X -> ncouinit.exe -> File not found SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10/11/2005 13:03:52 | Attr = ] < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ IMAIL -> Installed = 1 -> MAPI -> Installed = 1 -> MSFS -> Installed = 1 -> < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Eree -> %UserAppData%\suso.exe -> File not found RIMDeviceManager -> %CommonProgramFiles%\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe -> Research In Motion Limited [Ver = 4.0.0.32 (Release build by unknown) | Size = 680063 bytes | Modified Date = 25/10/2004 16:10:02 | Attr = ] < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage %AllUsersStartup%\Acrobat Assistant.lnk -> %ProgramFiles%\Adobe\Acrobat 5.0\Distillr\AcroTray.exe -> Adobe Systems Inc. [Ver = 5, 0, 0, 0 | Size = 49254 bytes | Modified Date = 15/03/2001 07:18:18 | Attr = ] %AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 21:05:26 | Attr = ] %AllUsersStartup%\Mon Assistant Internet.lnk -> %ProgramFiles%\Numericable\Mon Assistant Internet\bin\matcli.exe -> Motive Communications, Inc. [Ver = 5.8.11.asst_classic.asst_matcli.20041022_173000 | Size = 217088 bytes | Modified Date = 22/10/2004 17:44:04 | Attr = ] %AllUsersStartup%\TrayMin300.exe.lnk -> %ProgramFiles%\Philips\SPC 200NC PC Camera\TrayMin200.exe -> [Ver = 1, 0, 0, 4 | Size = 278528 bytes | Modified Date = 12/07/2005 19:54:32 | Attr = ] < User Startup > -> C:\Documents and Settings\Nico\Menu Démarrer\Programmes\Démarrage %UserStartup%\VirtualExpander.lnk -> %System32%\VirtualExpander\VirtualExpander.exe -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 430080 bytes | Modified Date = 31/03/2005 13:32:22 | Attr = ] < Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command regfile [merge] -> Reg Data - Key not found -> scrfile [open] -> "%1" /S -> scrfile [config] -> "%1" -> txtfile [open] -> %System32%\NOTEPAD.EXE -> File not found *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\\Command -> NewLinkHere -> -> File not found %1 -> -> File not found *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew\\Command -> Briefcase_Create -> -> File not found %2!d! -> -> File not found %1 -> -> File not found < ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -> {5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub -> {73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> -> {7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install -> {89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll -> {89820200-ECBD-11cf-8B85-00AA005B4383} -> C:\WINDOWS\system32\ie4uinit.exe -BaseSettings -> <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP -> >{26923b43-4d38-484f-9b9e-de460746276c} -> C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -> < WOW Command Line [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW *wowcmdline* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\\wowcmdline -> -a -> -> File not found < Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager BootExecute -> autocheck autochk *; -> < AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 73728 bytes | Modified Date = 31/03/2005 19:13:50 | Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Ma page d'accueil -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > -> -> Hosts file not found -> < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Bar -> -> HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.google.com/ie -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 -> HKCU: SearchAssistant -> http://www.google.com/ie -> HKCU: ProxyEnable -> 0 -> HKCU: ProxyOverride -> 127.0.0.1 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ msn.com [ - ] -> -> < Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ sony-europe.com [*] -> -> sonystyle-europe.com [*] -> -> vaio-link.com [*] -> -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 12/01/2006 19:38:22 | Attr = ] {2E03C0FD-4C48-43A7-9A54-00240C70FF16} [HKLM] -> %System32%\BhoECart.dll [ECarteBleueBrowserHelper Class] -> Orbiscom Ltd. All rights reserved. [Ver = 2, 2, 1, 0, 93 | Size = 69632 bytes | Modified Date = 20/12/2002 08:49:12 | Attr = ] {64F56FC1-1272-44CD-BA6E-39723696E350} [HKLM] -> Reg Data - Value does not exist [EoBho Class] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {8B4FA6F6-83C4-4BD3-852B-726562EA101D} [HKLM] -> Reg Data - Value does not exist [Reg Data - Value does not exist] -> File not found < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 20:54:42 | Attr = ] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar avec bloqueur de fenêtres pop-up] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 20:54:42 | Attr = ] < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8194 - Console Java (Sun) -> {21C9EF41-92BE-11d3-9AB8-005004B85154} -> 8193 - GoTranslate -> {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Windows Messenger -> NextId -> 8198 -> < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\npjpi150_06.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 13:22:10 | Attr = ] {21C9EF41-92BE-11d3-9AB8-005004B85154} -> http:\ut.gotranslate.com\utd\ieutd-b.htm [buttonText: GoTranslate] -> File not found {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found Add to Windows &Live Favorites -> http:\favorites.live.com\quickadd.asp -> File not found E&xporter vers Microsoft Excel -> -> File not found < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved {043308A2-3CF7-4ED5-A668-2B4FB0BD307A} [HKLM] -> Reg Data - Key not found [dBpowerAMP dAP Scripting] -> File not found {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [barre des tâches et menu Démarrer] -> File not found {1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Explorateur de Bureau] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 462919 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> NVIDIA Corporation [Ver = 6.14.01.4351 | Size = 462919 bytes | Modified Date = 02/04/2003 14:40:00 | Attr = ] {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Extension Affichage Panorama du Panneau de configuration] -> File not found {45AC2688-0253-4ED8-97DE-B5370FA7D48A} [HKLM] -> Reg Data - Key not found [shell Extension for Malware scanning] -> File not found {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {AB77609F-2178-4E6F-9C4B-44AC179D937A} [HKLM] -> Reg Data - Key not found [a² Context Menu Shell Extension] -> File not found {BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> Reg Data - Key not found [LDVP Shell Extensions] -> File not found {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] {E4000AC4-5E5F-4956-807A-C5854405D64F} [HKLM] -> %System32%\VirtualExpander\VEShellExt.dll [VirtualExpanderFile.1] -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Modified Date = 23/12/2005 17:09:30 | Attr = ] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshellext.dll [shell Extensions for RealOne Player] -> RealNetworks [Ver = 1.0.0.447 | Size = 45105 bytes | Modified Date = 10/04/2003 15:01:52 | Attr = ] {FED7043D-346A-414D-ACD7-550D052499A7} [HKLM] -> Reg Data - Key not found [dBpowerAMP Popup Info] -> File not found < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] {E4000AC4-5E5F-4956-807A-C5854405D64F} [HKLM] -> %System32%\VirtualExpander\VEShellExt.dll [VirtualExpander] -> Sony Corporation [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Modified Date = 23/12/2005 17:09:30 | Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG7\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 19/02/2007 12:09:02 | Attr = ] {D653647D-D607-4DF6-A5B8-48D2BA195F7B} [HKLM] -> %ProgramFiles%\Softwin\BitDefender8\bdshelxt.dll [bitDefender Antivirus v8] -> SOFTWIN S.R.L. [Ver = 1, 0, 0, 0 | Size = 53248 bytes | Modified Date = 02/08/2004 21:20:22 | Attr = ] < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14/12/2004 01:20:02 | Attr = ] < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {3D701FD5-0627-4DBA-9281-E628F1B7A417} -> (Motorola SurfBoard 4200 USB Cable Modem) -> {5D98981F-3590-4B4F-A045-8BD29CA54CC8} -> (Intel® PRO/100 VE Network Connection) -> {650474A5-BD10-4AF4-A6EA-C47AABBE456A} -> () -> {BBB7EC5A-4E11-4CC9-B508-2540B7CBF4F4} -> (Carte réseau 1394) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {02BCC737-B171-4746-94C9-0D8A0B2C0089} -> Microsoft Office Template and Media Control - CodeBase = http://office.microsoft.com/templates/ieawsdc.cab -> {106E49CF-797A-11D2-81A2-00E02C015623} -> AlternaTIFF ActiveX - CodeBase = http://www.alternatiff.com/install/00/alttiff.cab -> {166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://active.macromedia.com/director/cabs/sw.cab -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase = http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -> {469C7080-8EC8-43A6-AD97-45848113743C} -> - CodeBase = http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab -> {4B48D5DF-9021-45F7-A240-60304302A215} -> MalwareCleaner Class - CodeBase = http://www.microsoft.com/security/controls/WebCleaner.cab -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} -> F-Secure Online Scanner - CodeBase = http://support.f-secure.com/ols/fscax.cab -> {92E7E45A-D8C8-480E-AF99-176E43997CAA} -> Aurigma Image Uploader 3.0 Combo Control - CodeBase = http://www.pixdiscount.fr/clients/ImageUploader3.cab -> {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} -> Aurigma Image Uploader 3.0 Control - CodeBase = http://www.pixdiscount.fr/clients/ImageUploader3.cab -> {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} -> AdSignerLCContrl Class - CodeBase = https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab -> {C36112BF-2FA3-4694-8603-3B510EA3B465} -> Lycos File Upload Component - CodeBase = http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab -> {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab -> {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_04 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -> DirectAnimation Java Classes -> - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab -> Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab -> PackageHtmlCab -> - CodeBase = http://acces.blonde.com/package/PackageHtmlCab.CAB -> teleir_cert -> - CodeBase = https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab -> [Files - Created Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536268800 bytes | Created Date = 02/01/1601 23:00:00 | Attr = HS] AVG 7.5.lnk -> %AllUsersDesktop%\AVG 7.5.lnk -> [Ver = | Size = 1536 bytes | Created Date = 19/02/2007 12:09:12 | Attr = ] blbetac.exe -> %UserDesktop%\blbetac.exe -> F-Secure Corporation [Ver = 2, 2, 1055, 0 | Size = 682872 bytes | Created Date = 23/02/2007 13:33:00 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> DiagHelp.zip -> %UserDesktop%\DiagHelp.zip -> [Ver = | Size = 379489 bytes | Created Date = 23/02/2007 13:36:41 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> EClea2_0.exe -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Created Date = 09/02/2007 13:54:17 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Hijackthis Version Française.lnk -> %UserDesktop%\Hijackthis Version Française.lnk -> [Ver = | Size = 925 bytes | Created Date = 23/02/2007 12:53:15 | Attr = ] HijackThisFR.exe -> %UserDesktop%\HijackThisFR.exe -> Pc-Help-Bordeaux [Ver = | Size = 506140 bytes | Created Date = 23/02/2007 10:52:13 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> morphing1.avi -> %UserDesktop%\morphing1.avi -> [Ver = | Size = 7958528 bytes | Created Date = 16/02/2007 19:24:07 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 342421 bytes | Created Date = 23/02/2007 14:07:04 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 12/02/2007 18:20:32 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 12/02/2007 18:20:32 | Attr = H ] avgfwafu.dll -> %System32%\avgfwafu.dll -> GRISOFT, s.r.o. [Ver = 7.5.0.407 | Size = 110592 bytes | Created Date = 19/02/2007 12:11:11 | Attr = ] apphelp.sdb -> %System32%\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] apph_sp.sdb -> %System32%\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] sysmain.sdb -> %System32%\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 09/02/2007 13:50:16 | Attr = ] avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 19/02/2007 12:09:11 | Attr = ] avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.441 | Size = 18432 bytes | Created Date = 19/02/2007 12:09:08 | Attr = ] avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 19/02/2007 12:11:10 | Attr = ] [Files - Modified Within 90 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536268800 bytes | Modified Date = 23/02/2007 12:49:06 | Attr = HS] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 163840 bytes | Modified Date = 04/02/2007 11:10:30 | Attr = ] IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 4240656 bytes | Modified Date = 23/02/2007 12:42:16 | Attr = H ] desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 112 bytes | Modified Date = 22/12/2006 17:48:44 | Attr = HS] Mes dossiers de partage.lnk -> %UserDocuments%\Mes dossiers de partage.lnk -> [Ver = | Size = 577 bytes | Modified Date = 23/02/2007 12:51:42 | Attr = ] nico_2005-2006.pst -> %UserDocuments%\nico_2005-2006.pst -> [Ver = | Size = 32768 bytes | Modified Date = 30/12/2006 11:33:50 | Attr = ] AVG 7.5.lnk -> %AllUsersDesktop%\AVG 7.5.lnk -> [Ver = | Size = 1536 bytes | Modified Date = 19/02/2007 12:09:14 | Attr = ] blbetac.exe -> %UserDesktop%\blbetac.exe -> F-Secure Corporation [Ver = 2, 2, 1055, 0 | Size = 682872 bytes | Modified Date = 23/02/2007 14:02:46 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> DiagHelp.zip -> %UserDesktop%\DiagHelp.zip -> [Ver = | Size = 379489 bytes | Modified Date = 23/02/2007 13:36:52 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> EClea2_0.exe -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Modified Date = 09/02/2007 13:54:24 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Hijackthis Version Française.lnk -> %UserDesktop%\Hijackthis Version Française.lnk -> [Ver = | Size = 925 bytes | Modified Date = 23/02/2007 12:53:16 | Attr = ] HijackThisFR.exe -> %UserDesktop%\HijackThisFR.exe -> Pc-Help-Bordeaux [Ver = | Size = 506140 bytes | Modified Date = 23/02/2007 10:52:18 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> morphing1.avi -> %UserDesktop%\morphing1.avi -> [Ver = | Size = 7958528 bytes | Modified Date = 16/02/2007 19:24:18 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 342421 bytes | Modified Date = 23/02/2007 14:07:08 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 23/02/2007 12:49:08 | Attr = S] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\bootstat.dat:rnznxx -> QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 12/02/2007 18:20:34 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 12/02/2007 18:20:34 | Attr = H ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 809 bytes | Modified Date = 09/02/2007 13:49:30 | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 21/12/2006 19:21:46 | Attr = ] amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 09/02/2007 14:14:06 | Attr = ] avgfwafu.dll -> %System32%\avgfwafu.dll -> GRISOFT, s.r.o. [Ver = 7.5.0.407 | Size = 110592 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 09/02/2007 14:14:06 | Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 23/02/2007 12:50:32 | Attr = ] avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.434 | Size = 27776 bytes | Modified Date = 19/02/2007 12:09:10 | Attr = ] avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 19/02/2007 12:09:12 | Attr = ] avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.441 | Size = 18432 bytes | Modified Date = 19/02/2007 12:09:10 | Attr = ] avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 19/02/2007 12:11:12 | Attr = ] fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 1942 bytes | Modified Date = 23/02/2007 11:24:14 | Attr = ] [File String Scan - Non-Microsoft Only] @Alternate Data Stream - 26 bytes -> %UserDocuments%\DPL COLLOQ SPORT ET DOPA.1.pdf:Zone.Identifier -> UPX0 , -> %UserDocuments%\FATIGUE 2004.ppt -> [Ver = | Size = 5864960 bytes | Modified Date = 08/04/2004 18:07:12 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDocuments%\justif amende radar.html:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\blbetac.exe:Zone.Identifier -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\DiagHelp.zip:Zone.Identifier -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\EClea2_0.exe:Zone.Identifier -> Thawte Consulting , -> %UserDesktop%\EClea2_0.exe -> InstallShield Software Corporation [Ver = 10.01.238 | Size = 2951802 bytes | Modified Date = 09/02/2007 13:54:24 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserDesktop%\HijackThisFR.exe:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable -> @Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Adobe PSEle2.log:uzwqrq -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\b2_t_SPYBOTSD.EXE&614.xml:hinoln -> @Alternate Data Stream - 7305 bytes -> %SystemRoot%\bootstat.dat:rnznxx -> @Alternate Data Stream - 3547 bytes -> %SystemRoot%\clock.avi:koksrh -> WSUD , -> %SystemRoot%\dcjmb.txt -> [Ver = | Size = 3547 bytes | Modified Date = 23/01/2005 03:38:48 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\desktop.ini:bnqfct -> WSUD , -> %SystemRoot%\dgvvs.log -> [Ver = | Size = 3547 bytes | Modified Date = 08/01/2005 11:13:40 | Attr = HS] WSUD , -> %SystemRoot%\dnjnq.txt -> [Ver = | Size = 3547 bytes | Modified Date = 21/01/2005 18:33:54 | Attr = HS] WSUD , -> %SystemRoot%\dnmlk.txt -> [Ver = | Size = 3547 bytes | Modified Date = 01/01/2005 15:29:38 | Attr = HS] WSUD , -> %SystemRoot%\eimdt.log -> [Ver = | Size = 3547 bytes | Modified Date = 17/01/2005 22:16:26 | Attr = HS] @Alternate Data Stream - 11592 bytes -> %SystemRoot%\ffbyj.dat:eqjjgg -> WSUD , -> %SystemRoot%\ffbyj.dat -> [Ver = | Size = 3547 bytes | Modified Date = 22/01/2005 03:19:28 | Attr = HS] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\Granit vert.bmp:wrcwar -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\KB823182.log:fnmpfr -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\KB824146.log:xofciu -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\msgsocm.log:lhano -> @Alternate Data Stream - 11592 bytes -> %SystemRoot%\ODBCINST.INI:dujgpc -> WSUD , -> %SystemRoot%\ooaap.txt -> [Ver = | Size = 3547 bytes | Modified Date = 25/01/2005 14:43:40 | Attr = HS] @Alternate Data Stream - 7305 bytes -> %SystemRoot%\orun32.ini:vvtmjm -> @Alternate Data Stream - 3547 bytes -> %SystemRoot%\pgzgn.dat:ovmrmo -> WSUD , -> %SystemRoot%\pgzgn.dat -> [Ver = | Size = 3547 bytes | Modified Date = 15/01/2005 01:55:14 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q329390.log:owyiv -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q810565.log:yzzsq -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Q828026.log:ophnk -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable -> @Alternate Data Stream - 7305 bytes -> %SystemRoot%\Windows Update.log:fyvnzp -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\wmsetup.log:bysmbx -> WSUD , -> %SystemRoot%\xegya.log -> [Ver = | Size = 3547 bytes | Modified Date = 28/12/2004 16:07:50 | Attr = HS] WSUD , -> %SystemRoot%\xfzrg.txt -> [Ver = | Size = 3547 bytes | Modified Date = 15/01/2005 15:26:20 | Attr = HS] WSUD , -> %SystemRoot%\zpxgl.txt -> [Ver = | Size = 3547 bytes | Modified Date = 28/12/2004 08:34:24 | Attr = HS] PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] WSUD , -> %System32%\okmkl.log -> [Ver = | Size = 3547 bytes | Modified Date = 19/01/2005 21:55:04 | Attr = HS] WSUD , -> %System32%\qijpg.dat -> [Ver = | Size = 3547 bytes | Modified Date = 10/01/2005 17:47:44 | Attr = HS] UPX! , UPX0 , -> %System32%\t3odm.dll -> Cyberlink [Ver = 1.00.1016 | Size = 28672 bytes | Modified Date = 30/04/2004 20:46:24 | Attr = ] @Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable -> winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 30/08/2002 13:00:00 | Attr = ] UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.435 | Size = 839936 bytes | Modified Date = 19/02/2007 12:09:08 | Attr = ] PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 04/08/2004 06:41:38 | Attr = ] < End of report >
-
Hello, Merci pour le coup de main... Voilà le rapport BlackLight fsbl-20070223123402.log 02/23/07 13:34:02 [info]: BlackLight Engine 1.0.55 initialized 02/23/07 13:34:02 [info]: OS: 5.1 build 2600 (Service Pack 2) 02/23/07 13:34:02 [Note]: 7019 4 02/23/07 13:34:02 [Note]: 7005 0 02/23/07 13:34:02 [Note]: 7006 0 02/23/07 13:34:02 [Note]: 7011 1828 02/23/07 13:34:03 [Note]: 7026 0 02/23/07 13:34:03 [Note]: 7026 0 02/23/07 13:34:14 [Note]: FSRAW library version 1.7.1021 02/23/07 13:43:57 [Note]: 2000 1012 02/23/07 13:43:57 [Note]: 7007 0 en revanche pour le rapport diaghelp il y aurait un pb. Je lance conformément au tutorial mais lorsque je valide l'option 1 sur l'écran dos, ce dernier se ferme et point. J'attends devant ma machine la création du rapport mais pour l'instant rien. J'attends tes commentaires et instructions
-
Bonjour, Mon pc ayant tous les signes d'une infection (ralentissement et instabilité d'internet), j'ai suivi la procédure préliminaire d'analyse conseillé par megataupe. Me voici donc en possession du fichier .log que je vous soumets. Merci d'avance pour votre aide. Cordialement Logfile of HijackThis v1.99.1 Scan saved at 12:54:00, on 23/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\WINDOWS\VM_STI.EXE C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.univ-savoie.fr/Portail/login_pa...ookie_login__=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {8B4FA6F6-83C4-4BD3-852B-726562EA101D} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\progra~1\softwin\bitdef~1\bdnagent.exe O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [qsmQ32X] ncouinit.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Eree] C:\Documents and Settings\Nico\Application Data\suso.exe O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe O4 - Global Startup: TrayMin300.exe.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: PackageHtmlCab - http://acces.blonde.com/package/PackageHtmlCab.CAB O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.0 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.caramail.lycos.fr/app/upl...ileUploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
-
Bonjour à tou(te)s, Depuis maintenant quelques semaines mon pc perd de la vitesse et de la stabilité lorsque je me connecte à la toile. C'est devenu plus que pénible à tel point que nous ne l'utilisons plus pour des applications qui étaient devenues usuelles (banque en ligne - services internet variés etc etc). Malgré un grand nettoyage et l'utilisation de différents antivirus et antispyware rien ne s'arrange. Pourriez vous me guider dans la recherche et l'éradication éventuelle de la source du problème? Merci D'avance