Aller au contenu

Bjornzd

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Bjornzd

  1. Bjornzd
    Entre temps j'ai sauvegardé mes marques pages, j'ai désinstallé Firefox et en fouillant un peu j'ai supprimé le dossier "C:\Users\mon nom de compte\AppData\Local\Mozilla\Firefox" puis j'ai réinstallé firefox et pour l'instant tout marche à nouveau. A croire qu'il ne s'agissait pas d'un malware nécessairementn enfin j'en ai l'impression. Je vais attendre un peu avant de crier victoire, en tout cas je tiens à vous remercier pour votre aide Olivier.
  2. Bjornzd
    Ca ne fonctionne toujours pas ... J'hésite éventuellement à désinstaller/réinstaller firefox, et remettre manuellement mes marques-pages, bien que çà ne me rassure pas quand je sais que les pages sont redirigées vers des sites de pub.
  3. Bjornzd
    Le système de marque page ne fonctionne toujours pas, j'ai crée un marque page, puis en l'ouvrant j'atteind encore une page publicitaire : "http://adv08.edintorni.net/affiliati/plugin/728x90/?q=acms_crawler&a=20006&i=336&s=ffffff&b=ffffff&t=006699&d=000000&u=006699&x=11%2F11%2F2008+02%3A11%3A11&m=&r=&ct=FR&up=&rf=......htm" Je suis assez perplexe.
  4. Bjornzd
    Oui ma clé USB était belle et bien branchée et je n'ai que celà comme support amovible.
  5. Bjornzd
    Avec un peu de retard (je viens tout juste de rentrer et hier la BDD de Zebulon était HS si j'ai bien compris), voici le log de Combofix : ComboFix 08-11-07.01 - Olivier 2008-11-09 17:20:24.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1034 [GMT 1:00] Lancé depuis: c:\users\Olivier\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Olivier\AppData\Roaming\JDMSP3.DLL c:\users\Olivier\AppData\Roaming\JDMSS3.DLL . ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-09 au 2008-11-09 )))))))))))))))))))))))))))))))))))) . 2008-11-09 17:18 . 2008-11-09 17:18 268 --ah----- C:\sqmdata04.sqm 2008-11-09 17:18 . 2008-11-09 17:18 244 --ah----- C:\sqmnoopt04.sqm 2008-11-09 16:59 . 2008-11-09 16:59 <REP> d-------- c:\users\All Users\NortonInstaller 2008-11-09 16:59 . 2008-11-09 16:59 <REP> d-------- c:\programdata\NortonInstaller 2008-11-09 16:35 . 2008-11-09 16:35 <REP> d-------- C:\rsit 2008-11-09 13:54 . 2008-11-09 13:54 <REP> d-------- c:\users\Olivier\AppData\Roaming\Malwarebytes 2008-11-09 13:54 . 2008-11-09 13:54 <REP> d-------- c:\users\All Users\Malwarebytes 2008-11-09 13:54 . 2008-11-09 13:54 <REP> d-------- c:\programdata\Malwarebytes 2008-11-09 13:54 . 2008-11-09 13:54 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-09 13:54 . 2008-10-22 16:10 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-11-09 13:54 . 2008-10-22 16:10 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-11-08 21:54 . 2004-05-05 09:40 16,384 --a------ c:\windows\System32\restart.exe 2008-11-08 21:31 . 2007-02-09 10:26 184,320 --a------ c:\windows\System32\delnext.exe 2008-11-08 20:26 . 2008-11-08 20:26 <REP> d-------- c:\program files\Logitech 2008-11-08 20:26 . 2008-11-08 20:26 <REP> d-------- c:\program files\Common Files\Logitech 2008-11-08 15:48 . 2008-11-08 15:48 <REP> d-------- c:\users\All Users\Avira 2008-11-08 15:48 . 2008-11-08 15:48 <REP> d-------- c:\programdata\Avira 2008-11-08 15:48 . 2008-11-08 15:48 <REP> d-------- c:\program files\Avira 2008-11-08 14:39 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll 2008-11-08 14:39 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll 2008-11-08 14:39 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll 2008-11-07 17:29 . 2008-11-07 17:29 <REP> d-------- c:\users\Olivier\AppData\Roaming\Leadertech 2008-11-07 17:15 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll 2008-11-07 17:15 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\System32\d3dx9_35.dll 2008-11-07 17:15 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll 2008-11-07 17:15 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll 2008-11-07 17:15 . 2007-04-04 18:53 81,768 --a------ c:\windows\System32\xinput1_3.dll 2008-11-06 18:07 . 2008-11-06 18:07 <REP> d-------- c:\users\Olivier\OngameNetwork 2008-11-06 18:06 . 2008-11-06 18:06 <REP> d-------- c:\windows\Sun 2008-11-02 22:52 . 2008-11-04 19:32 <REP> d-------- c:\program files\SuperCopier2 2008-11-02 20:57 . 2008-11-02 21:03 <REP> d-------- c:\program files\Full Tilt Poker 2008-10-31 21:25 . 2008-10-31 21:25 <REP> d-------- c:\users\Olivier\AppData\Roaming\FlashGet 2008-10-31 21:25 . 2008-11-05 09:28 <REP> d-------- c:\program files\FlashGet 2008-10-26 17:37 . 2008-10-26 17:37 <REP> d-------- c:\program files\Veetle 2008-10-26 17:37 . 2008-10-26 17:37 48,398 --a------ c:\windows\UninstVeetleTVPlayer.exe 2008-10-25 23:06 . 2008-10-25 23:14 139,264 --a------ c:\windows\War3Unin.exe 2008-10-25 23:06 . 2008-10-25 23:21 81,300 --a------ c:\windows\War3Unin.dat 2008-10-25 23:06 . 2008-10-25 23:14 2,829 --a------ c:\windows\War3Unin.pif 2008-10-23 18:23 . 2008-10-23 18:23 <REP> d-------- c:\program files\TVAnts 2008-10-23 14:05 . 2008-10-23 14:05 <REP> d-------- c:\program files\RealVNC 2008-10-23 11:35 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll 2008-10-23 11:35 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll 2008-10-23 11:35 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax 2008-10-23 11:35 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax 2008-10-23 11:35 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax 2008-10-23 11:35 . 2008-04-23 05:41 57,856 --a------ c:\windows\System32\MSDvbNP.ax 2008-10-20 19:28 . 2008-10-20 19:28 <REP> d-------- c:\program files\CodeBlocks 2008-10-18 16:39 . 2007-11-02 09:15 107 --a------ C:\main.c 2008-10-17 22:00 . 2008-10-17 22:00 <REP> d-------- c:\users\All Users\FLEXnet 2008-10-17 22:00 . 2008-10-17 22:00 <REP> d-------- c:\programdata\FLEXnet 2008-10-17 21:37 . 2008-10-17 21:37 <REP> d-------- c:\program files\Common Files\Macrovision Shared 2008-10-17 00:53 . 2008-10-20 21:08 <REP> d-------- c:\users\Olivier\AppData\Roaming\codeblocks 2008-10-12 18:13 . 2008-10-12 18:49 <REP> d-------- c:\users\All Users\Spybot - Search & Destroy 2008-10-12 18:13 . 2008-10-12 18:49 <REP> d-------- c:\programdata\Spybot - Search & Destroy 2008-10-12 18:13 . 2008-11-08 15:51 <REP> d-------- c:\program files\Spybot - Search & Destroy 2008-10-12 14:18 . 2008-10-12 14:18 <REP> d--hs---- C:\found.006 2008-10-10 01:39 . 2008-10-10 01:39 <REP> d-------- c:\users\Olivier\AppData\Roaming\DesktopSMS 2008-10-09 18:48 . 2008-10-09 18:48 <REP> d-------- c:\users\All Users\Adobe Systems 2008-10-09 18:48 . 2008-10-09 18:48 <REP> d-------- c:\programdata\Adobe Systems 2008-10-09 18:47 . 2008-10-09 18:47 <REP> d-------- c:\users\Olivier\All Users 2008-10-09 18:07 . 2008-10-09 18:07 <REP> d-------- c:\program files\Common Files\Adobe Systems Shared . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-09 16:16 --------- d-----w c:\users\Olivier\AppData\Roaming\OpenOffice.org2 2008-11-09 16:16 --------- d-----w c:\program files\Steam 2008-11-09 16:15 352,615 ---ha-w c:\windows\system32\drivers\vsconfig.xml 2008-11-09 16:13 2,956,288 ----a-w c:\windows\Internet Logs\xDB96D2.tmp 2008-11-09 16:00 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-11-09 03:48 3,147,776 ----a-w c:\windows\Internet Logs\xDB82A6.tmp 2008-11-09 03:23 --------- d-----w c:\program files\FlashFXP 2008-11-08 22:01 --------- d-----w c:\program files\Common Files\Steam 2008-11-08 19:26 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-07 16:15 --------- d-----w c:\program files\EA SPORTS 2008-11-06 21:35 --------- d-----w c:\program files\Warcraft III 2008-11-04 18:21 3,097,088 ----a-w c:\windows\Internet Logs\xDB7F5C.tmp 2008-11-01 01:28 2,977,280 ----a-w c:\windows\Internet Logs\xDB7BC3.tmp 2008-10-31 20:12 2,985,984 ----a-w c:\windows\Internet Logs\xDB78F6.tmp 2008-10-31 20:12 1,832,448 ----a-w c:\windows\Internet Logs\xDB79F0.tmp 2008-10-28 22:30 3,019,776 ----a-w c:\windows\Internet Logs\xDB813F.tmp 2008-10-27 16:50 --------- d-----w c:\program files\AutoWebCam 2008-10-23 19:59 --------- d-----w c:\program files\Windows Mail 2008-10-23 10:42 --------- d-----w c:\programdata\Microsoft Help 2008-10-19 10:13 4,778,797 ----a-w c:\windows\Internet Logs\tvDebug.zip 2008-10-17 20:43 --------- d-----w c:\program files\Common Files\Adobe 2008-10-12 16:56 1,790,464 ----a-w c:\windows\Internet Logs\xDB7EFE.tmp 2008-10-12 01:47 2,811,904 ----a-w c:\windows\Internet Logs\xDB8B2E.tmp 2008-10-11 12:43 --------- d-----w c:\program files\Notepad++ 2008-10-05 19:40 2,963,968 ----a-w c:\windows\Internet Logs\xDB91D3.tmp 2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll 2008-09-29 18:10 --------- d-----w c:\users\Olivier\AppData\Roaming\Notepad++ 2008-09-29 00:04 506,880 ----a-w c:\windows\Internet Logs\xDB9404.tmp 2008-09-29 00:04 1,755,648 ----a-w c:\windows\Internet Logs\xDB95E9.tmp 2008-09-27 17:25 --------- d-----w c:\program files\TexasCalculatem 2008-09-27 14:29 --------- d-----w c:\program files\PartyGaming 2008-09-27 10:39 --------- d-----w c:\program files\Free iPod Video Converter 2008-09-19 23:11 2,492,928 ----a-w c:\windows\Internet Logs\xDBAA81.tmp 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-09-17 09:53 359 ----a-w C:\muxmp4.bat 2008-09-16 20:35 --------- d-----w c:\program files\Ripp-it_AM 2008-09-15 19:19 --------- d-----w c:\program files\AviSynth 2.5 2008-09-14 19:17 --------- d-----w c:\program files\myphotobook 2008-09-14 17:24 --------- d-----w c:\program files\Wondershare 2008-09-14 12:55 --------- d-----w c:\program files\Starcraft 2008-09-13 23:39 --------- d-----w c:\program files\PokerStars 2008-09-13 17:39 69,632 ----a-w c:\windows\ScUnin.exe 2008-09-10 00:50 1,155,584 ----a-w c:\windows\Internet Logs\xDB906C.tmp 2008-09-09 19:09 2,621,440 ----a-w c:\windows\Internet Logs\xDBD9E9.tmp 2008-09-09 01:56 1,718,784 ----a-w c:\windows\Internet Logs\xDB9AD7.tmp 2008-09-05 19:36 133,120 ----a-w c:\windows\Internet Logs\xDB7F4C.tmp 2008-09-04 23:59 480,768 ----a-w c:\windows\Internet Logs\xDB7C5F.tmp 2008-09-02 00:19 2,930,688 ----a-w c:\windows\Internet Logs\xDB8055.tmp 2008-08-26 22:01 1,695,232 ----a-w c:\windows\Internet Logs\xDB7F7B.tmp 2008-08-15 02:28 1,682,944 ----a-w c:\windows\Internet Logs\xDB7BE4.tmp 2008-08-15 02:28 1,259,008 ----a-w c:\windows\Internet Logs\xDB79E0.tmp 2008-08-12 23:21 98,632 ----a-w c:\windows\Internet Logs\vsmon_2nd_2008_08_12_21_06_21_small.dmp.zip 2008-08-12 23:15 564,224 ----a-w c:\windows\Internet Logs\xDBA784.tmp 2008-08-12 03:45 241,664 ----a-w c:\windows\Internet Logs\xDB7D3A.tmp 2008-08-12 03:44 1,675,264 ----a-w c:\windows\Internet Logs\xDB7F8C.tmp 2008-04-15 18:55 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856] "Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352] "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744] "Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064] "Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 c:\windows\RtHDVCpl.exe] "NDSTray.exe"="NDSTray.exe" [bU] c:\users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 393216] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List] "c:\\Program Files\\JeuDeMots\\JeuDeMots.exe"= c:\program files\JeuDeMots\JeuDeMots.exe:*:Enabled:JeuDeMots [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{BB30BCCA-DC07-4FD2-AAB5-96B40BEE577B}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{53A28204-C300-4976-8580-C6C0E9E40E37}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk "{67D97C13-9A4F-460F-BD67-CE8D10F4724A}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk "{E1E8311E-2A44-45BE-B6F1-B0265A338FC5}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\JeuDeMots\\JeuDeMots.exe"= c:\program files\JeuDeMots\JeuDeMots.exe:*:Enabled:JeuDeMots R0 CplIR;Embedded IR Driver;c:\windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296] R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632] R3 Steam Client Service;Steam Client Service;c:\program files\Common Files\Steam\SteamService.exe [2008-11-08 99576] S3 wampapache;wampapache;c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe [2007-09-05 24635] S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \shell\AutoRun\command - E:\Installer.exe *Newly Created Service* - PROCEXP90 . Contenu du dossier 'Tâches planifiées' 2008-11-08 c:\windows\Tasks\User_Feed_Synchronization-{81B4D92A-4F49-4F36-B1E2-F95EE30FED78}.job - c:\windows\system32\msfeedssync.exe [2008-01-19 08:33] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-TOSCDSPD - TOSCDSPD.EXE HKLM-Run-HWSetup - \HWSetup.exe . ------- Examen supplémentaire ------- . FireFox -: Profile - c:\users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\tybdjfgg.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava11.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava12.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava13.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava14.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjava32.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF -: plugin - c:\program files\Java\jre1.6.0\bin\npoji610.dll FF -: plugin - c:\program files\Veetle\plugins\npVeetle.dll FF -: plugin - c:\program files\Veetle\VLC\npvlc.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-09 17:26:33 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-11-09 17:28:45 ComboFix-quarantined-files.txt 2008-11-09 16:28:14 Avant-CF: 5 241 012 224 octets libres Après-CF: 5,307,150,336 octets libres 258 --- E O F --- 2008-11-08 13:40:42
  6. Bjornzd
    Alors déjà concernant Norton il était pré-installé sur ma machine et je l'ai désinstallé en effet. Je ne sais pas vraiment s'il reste encore des fichiers de Norton. Je ne sais pas non plus si c'est plus rapide maintenant que j'ai supprimé tous les reste d'Avast, ou alors c'est assez minime. Voici le log.txt : Logfile of random's system information tool 1.04 (written by random/random) Run by Olivier at 2008-11-09 16:35:09 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 5 GB (7%) free of 76 GB Total RAM: 2046 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:35:37, on 09/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\TOSHIBA\Utilities\KeNotify.exe C:\Windows\RtHDVCpl.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\FlashGet\flashget.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Steam\steam.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Olivier\Desktop\RSIT.exe C:\Users\Olivier\Desktop\Olivier.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\\NeroCheck.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{47E3D969-81AD-4DFA-A4C8-5514EE108639}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{729AD333-EFB5-486E-993B-2C0AFDAD2A0C}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe -- End of file - 13920 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{81B4D92A-4F49-4F36-B1E2-F95EE30FED78}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-04-18 501384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2004-07-29 190616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}] FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352] "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272] "HWSetup"=\HWSetup.exe hwSetUP [] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744] "NDSTray.exe"=NDSTray.exe [] "Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328] "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872] "Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768] "googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976] "NeroCheck"=C:\Windows\system32\\NeroCheck.exe [2001-07-09 155648] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064] "Flashget"=C:\Program Files\FlashGet\flashget.exe [2007-09-25 2007088] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920] "TOSCDSPD"=TOSCDSPD.EXE [] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856] "Steam"=c:\program files\steam\steam.exe [2008-10-08 1410296] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\JeuDeMots\JeuDeMots.exe"="C:\Program Files\JeuDeMots\JeuDeMots.exe:*:Enabled:JeuDeMots" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\JeuDeMots\JeuDeMots.exe"="C:\Program Files\JeuDeMots\JeuDeMots.exe:*:Enabled:JeuDeMots" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] shell\AutoRun\command - E:\Installer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a22f055-9f4b-11dd-860e-001b3847244c}] shell\AutoRun\command - E:\t.com shell\explore\command - E:\t.com shell\open\command - E:\t.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d4516fa-c772-11dc-8188-001b3847244c}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{667c2a58-f05d-11dc-9d8e-001b3847244c}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2008-11-09 16:35:09 ----D---- C:\rsit 2008-11-09 13:54:35 ----D---- C:\Users\Olivier\AppData\Roaming\Malwarebytes 2008-11-09 13:54:29 ----D---- C:\ProgramData\Malwarebytes 2008-11-09 13:54:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-11-08 21:54:06 ----A---- C:\Windows\system32\restart.exe 2008-11-08 21:31:52 ----A---- C:\Windows\system32\zip.exe 2008-11-08 21:31:52 ----A---- C:\Windows\system32\delnext.exe 2008-11-08 21:00:13 ----A---- C:\Windows\ntbtlog.txt 2008-11-08 20:26:44 ----A---- C:\Windows\system32\Mfc42loc.dll 2008-11-08 20:26:43 ----A---- C:\Windows\system32\LWCtPl.dll 2008-11-08 20:26:39 ----A---- C:\Windows\system32\W9xDAPI.dll 2008-11-08 20:26:38 ----A---- C:\Windows\system32\WMWizard.dll 2008-11-08 20:26:38 ----A---- C:\Windows\system32\W9XdInst.dll 2008-11-08 20:26:37 ----D---- C:\Program Files\Common Files\Logitech 2008-11-08 20:26:37 ----A---- C:\Windows\system32\WmJoyFrc.dll 2008-11-08 20:26:23 ----D---- C:\Program Files\Logitech 2008-11-08 15:48:16 ----D---- C:\ProgramData\Avira 2008-11-08 15:48:16 ----D---- C:\Program Files\Avira 2008-11-08 14:39:45 ----A---- C:\Windows\system32\wersvc.dll 2008-11-08 14:39:45 ----A---- C:\Windows\system32\Faultrep.dll 2008-11-08 14:39:44 ----A---- C:\Windows\system32\netapi32.dll 2008-11-08 14:39:41 ----A---- C:\Windows\system32\win32spl.dll 2008-11-07 17:29:34 ----D---- C:\Users\Olivier\AppData\Roaming\Leadertech 2008-11-07 17:15:15 ----A---- C:\Windows\system32\D3DX9_37.dll 2008-11-07 17:15:13 ----A---- C:\Windows\system32\d3dx9_35.dll 2008-11-07 17:15:10 ----A---- C:\Windows\system32\xinput1_3.dll 2008-11-07 17:15:10 ----A---- C:\Windows\system32\d3dx9_34.dll 2008-11-07 17:15:07 ----A---- C:\Windows\system32\d3dx9_33.dll 2008-11-06 18:06:13 ----D---- C:\Windows\Sun 2008-11-02 22:52:15 ----D---- C:\Program Files\SuperCopier2 2008-11-02 20:57:43 ----D---- C:\Program Files\Full Tilt Poker 2008-10-31 21:25:42 ----D---- C:\Users\Olivier\AppData\Roaming\FlashGet 2008-10-31 21:25:33 ----D---- C:\Program Files\FlashGet 2008-10-26 17:37:05 ----D---- C:\Program Files\Veetle 2008-10-26 17:37:05 ----A---- C:\Windows\UninstVeetleTVPlayer.exe 2008-10-25 23:06:29 ----A---- C:\Windows\War3Unin.exe 2008-10-23 18:23:11 ----D---- C:\Program Files\TVAnts 2008-10-23 14:05:14 ----D---- C:\Program Files\RealVNC 2008-10-23 11:40:31 ----A---- C:\Windows\system32\msshooks.dll 2008-10-23 11:40:31 ----A---- C:\Windows\system32\msscb.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\thawbrkr.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\srchadmin.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\SearchFilterHost.exe 2008-10-23 11:40:29 ----A---- C:\Windows\system32\propsys.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\propdefs.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\msstrc.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\mssprxy.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\mssitlb.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\msshsq.dll 2008-10-23 11:40:29 ----A---- C:\Windows\system32\korwbrkr.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\xmlfilter.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\wsepno.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\tquery.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2008-10-23 11:40:28 ----A---- C:\Windows\system32\SearchIndexer.exe 2008-10-23 11:40:28 ----A---- C:\Windows\system32\rtffilt.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\offfilt.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\nlhtml.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\msscntrs.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\mimefilt.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\chtbrkr.dll 2008-10-23 11:40:28 ----A---- C:\Windows\system32\chsbrkr.dll 2008-10-23 11:40:27 ----A---- C:\Windows\system32\mssvp.dll 2008-10-23 11:40:27 ----A---- C:\Windows\system32\mssrch.dll 2008-10-23 11:40:27 ----A---- C:\Windows\system32\mssphtb.dll 2008-10-23 11:40:27 ----A---- C:\Windows\system32\mssph.dll 2008-10-23 11:35:06 ----A---- C:\Windows\system32\EncDec.dll 2008-10-23 11:35:04 ----A---- C:\Windows\system32\psisdecd.dll 2008-10-23 11:33:48 ----A---- C:\Windows\system32\mshtml.dll 2008-10-23 11:33:47 ----A---- C:\Windows\system32\urlmon.dll 2008-10-23 11:33:47 ----A---- C:\Windows\system32\ieframe.dll 2008-10-23 11:33:46 ----A---- C:\Windows\system32\wininet.dll 2008-10-23 11:33:46 ----A---- C:\Windows\system32\mstime.dll 2008-10-23 11:33:46 ----A---- C:\Windows\system32\iertutil.dll 2008-10-23 11:33:45 ----A---- C:\Windows\system32\jsproxy.dll 2008-10-23 11:33:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2008-10-23 11:33:32 ----A---- C:\Windows\system32\Apphlpdm.dll 2008-10-23 11:33:20 ----A---- C:\Windows\system32\ntoskrnl.exe 2008-10-23 11:33:20 ----A---- C:\Windows\system32\ntkrnlpa.exe 2008-10-20 19:28:14 ----D---- C:\Program Files\CodeBlocks 2008-10-17 22:00:53 ----D---- C:\ProgramData\FLEXnet 2008-10-17 21:37:18 ----D---- C:\Program Files\Common Files\Macrovision Shared 2008-10-17 00:53:13 ----D---- C:\Users\Olivier\AppData\Roaming\codeblocks 2008-10-12 18:13:44 ----D---- C:\ProgramData\Spybot - Search & Destroy 2008-10-12 18:13:44 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-10-12 14:18:22 ----SHD---- C:\found.006 2008-10-10 01:39:24 ----D---- C:\Users\Olivier\AppData\Roaming\DesktopSMS ======List of files/folders modified in the last 1 months====== 2008-11-09 16:35:37 ----D---- C:\Windows\Prefetch 2008-11-09 16:31:09 ----D---- C:\Windows\Temp 2008-11-09 16:16:05 ----D---- C:\Program Files\Mozilla Firefox 2008-11-09 16:08:17 ----D---- C:\Windows\Internet Logs 2008-11-09 13:54:33 ----D---- C:\Windows\system32\drivers 2008-11-09 13:54:29 ----RD---- C:\Program Files 2008-11-09 13:54:29 ----HD---- C:\ProgramData 2008-11-09 13:45:12 ----D---- C:\Users\Olivier\AppData\Roaming\OpenOffice.org2 2008-11-09 13:45:11 ----D---- C:\Program Files\Steam 2008-11-09 04:23:18 ----D---- C:\Program Files\FlashFXP 2008-11-08 23:01:37 ----D---- C:\Program Files\Common Files\Steam 2008-11-08 23:00:16 ----D---- C:\Windows 2008-11-08 21:54:06 ----D---- C:\Windows\System32 2008-11-08 21:18:54 ----D---- C:\Windows\system32\catroot 2008-11-08 21:18:54 ----D---- C:\Windows\inf 2008-11-08 21:18:48 ----SHD---- C:\System Volume Information 2008-11-08 21:01:43 ----D---- C:\Windows\system32\catroot2 2008-11-08 20:26:37 ----D---- C:\Program Files\Common Files 2008-11-08 20:26:21 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-08 14:40:42 ----D---- C:\Windows\winsxs 2008-11-07 19:52:48 ----A---- C:\Windows\NeroDigital.ini 2008-11-07 19:30:22 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-11-07 17:29:26 ----SHD---- C:\Windows\Installer 2008-11-07 17:15:17 ----D---- C:\Program Files\EA SPORTS 2008-11-07 17:14:50 ----RSD---- C:\Windows\assembly 2008-11-06 22:35:30 ----D---- C:\Program Files\Warcraft III 2008-11-01 02:28:32 ----D---- C:\Windows\system32\WDI 2008-10-27 17:50:38 ----D---- C:\Program Files\AutoWebCam 2008-10-26 14:30:46 ----SD---- C:\Users\Olivier\AppData\Roaming\Microsoft 2008-10-23 21:54:39 ----D---- C:\Windows\Microsoft.NET 2008-10-23 21:19:48 ----D---- C:\Windows\rescache 2008-10-23 20:59:04 ----D---- C:\Windows\ehome 2008-10-23 20:59:04 ----D---- C:\Windows\AppPatch 2008-10-23 20:59:02 ----D---- C:\Windows\PolicyDefinitions 2008-10-23 20:59:02 ----D---- C:\Program Files\Windows Mail 2008-10-23 20:59:01 ----D---- C:\Windows\system32\fr-FR 2008-10-23 20:58:52 ----D---- C:\Windows\system32\migration 2008-10-23 14:33:40 ----A---- C:\Windows\AviSplitter.INI 2008-10-23 11:42:43 ----D---- C:\ProgramData\Microsoft Help 2008-10-17 22:02:15 ----D---- C:\Users\Olivier\AppData\Roaming\Adobe 2008-10-17 21:43:30 ----D---- C:\Program Files\Adobe 2008-10-17 21:43:07 ----D---- C:\Program Files\Common Files\Adobe 2008-10-12 18:54:02 ----D---- C:\Windows\ShellNew 2008-10-11 13:43:43 ----D---- C:\Program Files\Notepad++ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-06-27 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-27 188336] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2004-04-14 10144] R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2004-04-14 44064] S3 a010xij0;a010xij0; C:\Windows\system32\drivers\a010xij0.sys [] S3 apache;apache; \??\C:\Users\Olivier\Desktop\Glid4\apache.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-05-21 25280] S3 lldpiztnkk;lldpiztnkk; \??\C:\Users\Olivier\Desktop\Glid1\lldpiztnkk.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 osef;osef; \??\C:\Users\Olivier\Desktop\Glid\osef.sys [] S3 osef1;osef1; \??\C:\Users\Olivier\Desktop\Glid1\osef1.sys [] S3 Osef11;Osef11; \??\C:\Users\Olivier\Desktop\Glid3\Osef11.sys [] S3 osef11f;osef11f; \??\C:\Users\Olivier\Desktop\Glid3\osef11f.sys [] S3 osefgodps;osefgodps; \??\C:\Users\Olivier\Desktop\Glid4\osefgodps.sys [] S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur; C:\Windows\System32\Drivers\StMp3Rec.sys [2007-02-15 19840] S3 tfcfbq;tfcfbq; \??\C:\Users\Olivier\Desktop\Glid\tfcfbq.sys [] S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [] S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-07-10 32000] S3 WmFilter;Logitech WingMan HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2004-04-14 21280] S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2004-04-14 5600] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392] S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216] R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960] R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096] R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240] R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-11-08 99576] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-09 72704] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-17 654848] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe [2007-09-05 24635] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [2007-07-06 5730304] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768] S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152] -----------------EOF----------------- et le info.txt : info.txt logfile of random's system information tool 1.04 2008-11-09 16:35:41 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72} -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe Dreamweaver CS3-->C:\Program Files\Common Files\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3} Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D} Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Adobe Setup-->MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4} Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3} Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x40c -removeonly AutoIt v3.2.12.1-->C:\Program Files\AutoIt3\Uninstall.exe AutoWebCam-->C:\Program Files\AutoWebCam\uninstall.exe Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c Catalyst Control Center - Branding-->MsiExec.exe /I{22543949-70E8-45D0-A938-F38143EB8BF8} CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe" Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Combined Community Codec Pack 2007-07-22-->"C:\Program Files\Combined Community Codec Pack\unins000.exe" Condition Zero Deleted Scenes-->"C:\Program Files\Steam\steam.exe" steam://uninstall/100 Condition Zero-->"C:\Program Files\Steam\steam.exe" steam://uninstall/80 Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10 Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30 Deathmatch Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/40 Desktop SMS-->MsiExec.exe /I{5980B928-1C95-4B3E-957B-B02D8147FF9E} Diskeeper 2008 Pro Premier-->MsiExec.exe /X{4ECCF281-ED79-4EA7-AE89-5E39D3291C2A} DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c Emdedded IR Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{A6D4234C-CB02-4048-AC3E-AD09404FA35A} eMule-->"C:\Program Files\eMule\Uninstall.exe" EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB} FlashFXP v3-->"C:\Program Files\FlashFXP\unins000.exe" FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe Free iPod Video Converter 1.34-->"C:\Program Files\Free iPod Video Converter\unins000.exe" Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe Full Tilt Poker-->"C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x040c -removeonly Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe" GrabIt 1.7.1 Beta (build 960)-->"C:\Program Files\GrabIt\unins000.exe" Half-Life-->C:\Windows\IsUn040c.exe -fC:\SIERRA\Half-Life\Uninst.isu -c"C:\SIERRA\Half-Life\HLUNINST.DLL" Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe HijackThis 2.0.2-->"C:\Users\Olivier\Desktop\HijackThis.exe" /uninstall Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E} Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} JeuDeMots-->"C:\Program Files\JeuDeMots\unins000.exe" Kaspersky Online Scanner-->C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe Lame ACM MP3 Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\Windows\INF\LameACM.inf LFP MANAGER 08-->C:\Program Files\EA SPORTS\LFP MANAGER 08\eauninstall.exe LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x40c Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443} Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-0409-0000-0000000FF1CE} /uninstall {EA35370F-586C-45E1-AC6C-A4E275C6B762} Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE} Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} myphotobook 3.1-->C:\Program Files\myphotobook\uninst.exe Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0} Nero 7 Ultra Edition-->MsiExec.exe /I{F0A7FB2C-99E2-4884-9187-4BC60B2C1036} Notepad++-->C:\Program Files\Notepad++\uninstall.exe OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA} PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175} Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x40c Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe Ricochet-->"C:\Program Files\Steam\steam.exe" steam://uninstall/60 Satsuki Decoder Pack-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028} Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office Visio 2007 (KB947590)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {199018BD-578E-44BD-A28F-7F944931CABD} Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x40c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Starcraft-->C:\Windows\SCunin.exe C:\Windows\SCunin.dat Steam-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe" Texas Calculatem 4 with "AutoRead"-->"C:\Program Files\TexasCalculatem\unins000.exe" Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x040c Titan Poker-->"C:\Poker\Titan Poker\_SetupPoker.exe" /uninstall TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x40c TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x040c uninstall TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E} TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036 TOSHIBA Mot de passe responsable-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036 Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Software Modem-->Tosmreg -U TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9} Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall Veetle TV Player 0.9.9-->C:\Program Files\Veetle\VLC\uninstall.exe Veetle TV Player 0.9.9-->C:\Windows\UninstVeetleTVPlayer.exe Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} VNC Free Edition 4.1.3-->"C:\Program Files\RealVNC\VNC4\unins000.exe" WampServer 2.0-->"c:\wamp\unins000.exe" Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Wondershare DVD to iPod Ripper(Build 3.8.0)-->"C:\Program Files\Wondershare\iPod Video Suite\DVDtoiPod\unins000.exe" Wondershare iPod Video Suite(Build 4.0.3.1)-->"C:\Program Files\Wondershare\iPod Video Suite\unins000.exe" Wondershare Video to iPod Converter(Build 4.0.3.2)-->"C:\Program Files\Wondershare\iPod Video Suite\VideotoiPod\unins000.exe" ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Hosts File====== 127.255.255.255 serial.alcohol-soft.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com ======Security center information====== FW: ZoneAlarm Firewall AS: Spybot - Search and Destroy AS: Windows Defender (disabled) ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\PROGRA~1\DISKEE~1\DISKEE~2\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Adobe\AGL "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=2 "tvdumpflags"=8 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip -----------------EOF-----------------
  7. Bjornzd
    Malheureusement si je puis dire Malwarebytes ne détecte aucun malware : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1375 Windows 6.0.6001 Service Pack 1 09/11/2008 16:11:01 mbam-log-2008-11-09 (16-11-01).txt Type de recherche: Examen rapide Eléments examinés: 47976 Temps écoulé: 4 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  8. Bjornzd
    Bonsoir j'ai de gros soucis de marque-pages avec mon navigateur firefox, La création de mes marque page s'effectuent normalement, jusqu'à ce que j'ouvre ces marque page. A l'ouverture des marque page ceux-ci sont redirigés vers des sites de publicités, par exemple : "http://ad.yieldmanager.com/iframe3?f-BZAAwpBgCFIBMAaMwFAAAA4AAAAAAADQAFEQIABgFQpAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAHsUrkfhepQ.exSuR-F6lD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAb9Ut0O..." ce qui signifierait qu'il ne s'agit pas d'une mauvaise configuration de firefox mais plutôt d'une infection si j'ai juste. Je ne vois pas bien comment nettoyer celà, ni mon anti-spyware (Spybot) ni mon anti-virus (Antivir) ne corrigent le problème. Avez vous une idée pour résoudre ce problème qui me dérange au plus au point -car j'utilise fréquemment le marque-page-, sans avoir nécessairement à réinstaller firefox ? Merci de m'aider dans la mesure du possible. Olivier PS : j'avais oublié le rapport HijackThis que voici : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:27:43, on 09/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\TOSHIBA\Utilities\KeNotify.exe C:\Windows\RtHDVCpl.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\FlashGet\flashget.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Steam\steam.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Olivier\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\\NeroCheck.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{47E3D969-81AD-4DFA-A4C8-5514EE108639}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{729AD333-EFB5-486E-993B-2C0AFDAD2A0C}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing) O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing) O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing) O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe -- End of file - 14252 bytes
×
×
  • Créer...