ribouldinguette

Merci beaucoup ! Ca y est, je colle le rapport puis je redémarre et colle celui de hijack this Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1061 Windows 5.1.2600 Service Pack 2 18:43:21 17/08/2008 mbam-log-8-17-2008 (18-43-21).txt Type de recherche: Examen rapide Eléments examinés: 64385 Temps écoulé: 12 minute(s), 48 second(s) Processus mémoire infecté(s): 3 Module(s) mémoire infecté(s): 4 Clé(s) du Registre infectée(s): 25 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 24 Fichier(s) infecté(s): 54 Processus mémoire infecté(s): C:\Program Files\rhc1pkj0enbg\rhc1pkj0enbg.exe (Rogue.Multiple) -> Unloaded process successfully. C:\WINDOWS\system32\lphc5pkj0enbg.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\WINDOWS\system32\pphc5pkj0enbg.exe (Trojan.FakeAlert) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Program Files\rhc1pkj0enbg\MFC71.dll (Rogue.Multiple) -> Delete on reboot. C:\Program Files\rhc1pkj0enbg\msvcp71.dll (Rogue.Multiple) -> Delete on reboot. C:\Program Files\rhc1pkj0enbg\msvcr71.dll (Rogue.Multiple) -> Delete on reboot. C:\WINDOWS\system32\blphc5pkj0enbg.scr (Trojan.FakeAlert) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\asapcom.asapenvelope (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapenvelope.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmessage (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmessage.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapclass (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapclass.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmain (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asaprecipients (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asaprecipients.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0b655e5d-cde4-4f04-a0c6-62b0bb357510} (Rogue.SystemDoctor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc1pkj0enbg (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\rhc1pkj0enbg (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc1pkj0enbg (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc5pkj0enbg (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\SystemDoctor 2006 (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Download (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\SafeMedia (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\SafeMedia\Mp3DB (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\SafeMedia\MpegDB (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\SafeMedia\WaveDB (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\SystemDoctor 2006 (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\test\Application Data\SystemDoctor 2006 (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\test\Application Data\SystemDoctor 2006\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\SystemDoctor 2006 (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\SystemDoctor 2006\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\rhc1pkj0enbg\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\SpamFree\ASAPCom.dll (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Activate.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Activate.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Activate.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\DataBase.sav (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\insthelp.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\lapv.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\License.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\lock.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\manual.pdf (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\ps.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\pv.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Reinstall.url (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\Sd2006.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\sd2006.url (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\sr.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\support.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\umain.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\unins000.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\unins000.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\up.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\updater.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006\updater.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\SystemDoctor 2006 Free\lock.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\SystemDoctor 2006\err.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\SystemDoctor 2006\order.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\rhc1pkj0enbg.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\rhc1pkj0enbg.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc1pkj0enbg\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\test\Application Data\SystemDoctor 2006\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\SystemDoctor 2006\activator_info.txt (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\SystemDoctor 2006\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\WINDOWS\system32\blphc5pkj0enbg.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lphc5pkj0enbg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\phc5pkj0enbg.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pphc5pkj0enbg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\françoise\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

Bon, j'ai réessayé en repartant de 0, ça ne marche pas. SDFix se lance mais ensuite ne démarre pas le scan. Que faire ?!

Du nouveau. J'ai réussi finalement mais sdfix n'avance pas, ça fait une bonne heure que rien ne se passe (starting repairs, checking running processes and services), entrecoupés de redémarrages. Ca devrait bouger normalement, durer combien de temps environ ?! Bon je le laisse encore un moment allumé comme ça mais je n'ai pas l'impression qu'il se passe quoi que ce soit...

Merci pour cette réponse rapide. Malheureusement ce matin lorsque j'ai voulu allumer l'ordi... les choses avaient encore évolué : maintenant j'ai l'accès à windows bloqué. Je peux démarrer en mode sans échec mais pas possible de télécharger. Et je ne sais pas si je tente de forcer le démarrage en mode normal pour télécharger sdfix... Aïe aïe aïe... Bon ce qui me rassure c'est que j'ai une sauvegarde relativement récente, pour une fois !

Bonjour à tous, Moi aussi je viens d'être infestée par cette *#"£$%... et après avoir lu tous les posts je reste encore un peu perdue et je ne sais pas quoi faire (je me débrouille mieux que la moyenne mais chui pas une flèche quand même et en plus il s'agit d'un ordi que l'on m'a filé mais que je n'ai pas formaté pr garder certains programmes alors je n'ai pas de vision claire de ce qui s'y passe... bref, je me sens perdue ) Donc je vous colle ci-dessous mon rapport en espérant qu'une âme charitable qui ne profite pas de son long week end du 15 août pour décrocher de l'ordi puisse m'aider Merci d'avance et bon week end à tous ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:26:02, on 16/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe C:\Program Files\Sony\HotKey Utility\HKserv.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\ezSP_Px.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\WINDOWS\ABox.exe C:\Program Files\sony\vaio media music server\SSSvr.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\Logi_MwX.Exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony\HotKey Utility\HKWnd.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe C:\Program Files\D-Link AirPlus XtremeG+\AirPlus.exe C:\Program Files\powerpanel\Program\PcfMgr.exe C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe C:\WINDOWS\system32\a.exe C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\fcfhocjo.exe C:\Program Files\rhc1pkj0enbg\rhc1pkj0enbg.exe C:\WINDOWS\system32\pphc5pkj0enbg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\françoise\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.upmf-grenoble.fr:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [ABox] C:\WINDOWS\ABox.exe O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB003" /M "Stylus Photo RX520" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [lphc5pkj0enbg] C:\WINDOWS\system32\lphc5pkj0enbg.exe O4 - HKLM\..\Run: [sMrhc1pkj0enbg] C:\Program Files\rhc1pkj0enbg\rhc1pkj0enbg.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe O4 - Global Startup: D-Link AirPlus XtremeG+ Configuration Utility.lnk = ? O4 - Global Startup: PowerPanel.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1141056325588 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IomegaAccess - Unknown owner - C:\Program Files\Iomega\Tools_NT\IOMEGAACCESS.EXE (file missing) O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\sony\vaio media music server\SSSvr.exe O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\UPnPFramework.exe O23 - Service: ZipToA - Unknown owner - C:\WINDOWS\System32\ZipToA.exe (file missing) -- End of file - 11530 bytes