Aller au contenu

stefanie77

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://
  • ICQ
    0

stefanie77's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. stefanie77
    C'est tout bon. J'ai effectué ces manipulations. Merci de ta patience Je tiens à te remercier chaleureusement de ton investissement et du professionalisme dont tu as su faire preuve pour mes "soucis". Je ne connaissais pas ce forum avant de m'y inscrire et j'avoue être enchantée de ta prestation. J'ai lancé une bouteille à la mer en espérant que qqun la ramasserait. Tu as sû la récupérer, decrypter son message qu'elle contenait (bien infesté apparemment )et la recycler pour qu'elle puisse à nouveau servir. Je dis tout simplement Chapeau bas et ne manquerais pas de vanter vos mérites dès que je le pourrais. Encore Merci pour tout.
  2. stefanie77
    C'est bon !! Le rapport ComboFix a été généré. Le voici : J'ai également vidé la quarantaine de MBAM. Merci ComboFix 08-11-19.08 - stephanie 2008-11-20 15:42:00.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.304 [GMT 1:00] Lancé depuis: c:\documents and settings\stephanie.STEPG\Bureau\ComboFix.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_IPRIP ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-20 au 2008-11-20 )))))))))))))))))))))))))))))))))))) . 2008-11-20 15:28 . 2008-11-20 15:28 <REP> d-------- C:\_OTMoveIt 2008-11-20 11:48 . 2008-11-20 11:48 <REP> d-------- c:\documents and settings\stephanie.STEPG\Application Data\Malwarebytes 2008-11-20 11:47 . 2008-11-20 14:32 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-20 11:47 . 2008-11-20 11:47 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes 2008-11-20 11:47 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-11-20 11:47 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-11-19 20:12 . 2008-11-20 14:49 <REP> d-------- C:\rsit 2008-11-19 18:52 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll 2008-11-19 18:52 . 2007-07-30 19:18 30,072 --a------ c:\windows\system32\mucltui.dll.mui 2008-11-18 18:26 . 2008-11-18 18:26 <REP> d-------- c:\program files\ma-config.com 2008-11-18 18:26 . 2008-11-18 18:26 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\ma-config.com 2008-11-18 16:14 . 2008-11-18 16:14 <REP> d-------- c:\program files\Trend Micro 2008-11-18 01:06 . 2008-11-18 01:06 <REP> d-------- c:\program files\Avira 2008-11-18 01:06 . 2008-11-18 01:06 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avira 2008-11-18 00:43 . 2008-11-18 00:43 <REP> d-------- c:\program files\SpywareBlaster 2008-11-17 23:35 . 2008-11-17 23:35 90,112 --a------ C:\SmitFraudFix v2.doc 2008-11-17 23:31 . 2008-11-20 10:21 82,432 --a------ C:\Nouveau Document Microsoft Word.doc 2008-11-17 23:20 . 2008-11-17 23:57 3,166 --a------ c:\windows\system32\tmp.reg 2008-11-17 23:20 . 2008-11-17 23:57 0 --a------ c:\windows\system32\tmp.MSNFix 2008-11-17 18:19 . 2007-02-01 22:34 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau 2008-11-17 18:19 . 2007-02-01 22:34 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression 2008-11-17 18:19 . 2002-01-01 03:55 <REP> d--h----- c:\documents and settings\Administrateur\Modèles 2008-11-17 18:19 . 2007-02-01 22:34 <REP> d-------- c:\documents and settings\Administrateur\Mes documents 2008-11-17 18:19 . 2007-02-01 22:34 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer 2008-11-17 18:19 . 2007-02-01 22:34 <REP> d-------- c:\documents and settings\Administrateur\Favoris 2008-11-17 18:19 . 2007-02-01 22:34 <REP> d-------- c:\documents and settings\Administrateur\Bureau 2008-11-17 18:19 . 2002-01-01 04:09 <REP> d-------- c:\documents and settings\Administrateur\Application Data\DivX 2008-11-17 18:19 . 2008-11-17 18:19 <REP> d-------- c:\documents and settings\Administrateur 2008-11-16 20:58 . 2008-11-16 20:58 <REP> d-------- c:\program files\Agent 2008-11-15 16:43 . 2008-11-15 16:43 <REP> d-------- c:\program files\QuickPar 2008-11-13 13:11 . 2007-12-15 16:11 6,144 --a------ c:\windows\system32\ff_acm.acm 2008-11-13 12:58 . 2008-11-13 12:58 <REP> d-------- c:\program files\directx 2008-11-12 19:02 . 2008-11-12 19:02 <REP> d-------- c:\program files\Ashampoo FireWall 2008-11-12 18:58 . 2008-11-12 18:58 <REP> d-------- c:\windows\system32\vso_loc 2008-11-12 18:58 . 2008-11-12 18:58 <REP> d-------- c:\windows\system32\iosubsys 2008-11-12 18:58 . 2008-11-12 18:58 <REP> d-------- c:\program files\vso 2008-11-12 18:58 . 2003-07-23 00:41 64,000 --a------ c:\windows\system32\drivers\PcAtip.sys 2008-11-12 18:58 . 2008-11-12 18:07 47,360 --a------ c:\windows\system32\drivers\Pcouffin.sys 2008-11-12 18:08 . 2008-11-12 18:08 94,208 --a------ c:\windows\system32\drivers\ezplay.sys 2008-11-12 18:08 . 2008-11-12 18:29 94,208 --a------ c:\documents and settings\stephanie.STEPG\Application Data\ezplay.sys 2008-11-12 18:07 . 2008-11-12 18:29 <REP> d-------- c:\documents and settings\stephanie.STEPG\Application Data\Vso 2008-11-12 18:07 . 2008-11-12 18:29 47,360 --a------ c:\documents and settings\stephanie.STEPG\Application Data\pcouffin.sys 2008-11-09 17:47 . 2008-11-09 17:47 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\TERMINAL Studio 2008-11-09 17:47 . 2008-11-18 16:29 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP 2008-11-09 17:45 . 2008-11-09 17:45 <REP> d-------- c:\program files\Fichiers communs\Oberon Media 2008-11-01 13:02 . 2008-11-17 15:27 <REP> d-------- c:\documents and settings\stephanie.STEPG\Application Data\GrabIt 2008-11-01 13:01 . 2008-11-01 13:49 <REP> d-------- c:\program files\GrabIt 2008-11-01 13:00 . 2008-11-01 13:00 <REP> d-------- c:\program files\genealogie . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-17 22:57 --------- d-----w c:\program files\Google 2008-11-17 14:50 --------- d-----w c:\program files\Jeux 2008-11-17 09:25 --------- d-----w c:\documents and settings\stephanie.STEPG\Application Data\FileZilla 2008-11-13 19:25 --------- d-----w c:\program files\Outils 2008-11-13 19:24 --------- d-----w c:\program files\Nikon 2008-11-13 19:22 --------- d-----w c:\program files\Free Audio Pack 2008-11-13 19:21 --------- d-----w c:\program files\Bonjour 2008-11-13 12:11 --------- d-----w c:\program files\DScaler5 2008-11-13 11:07 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-11 15:56 --------- d-----w c:\documents and settings\stephanie.STEPG\Application Data\LimeWire 2008-10-22 16:52 --------- d-----w c:\program files\FreeGo 2008-10-10 09:50 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-10-10 08:33 --------- d-----w c:\documents and settings\stephanie.STEPG\Application Data\gtk-2.0 2008-10-07 07:45 --------- d-----w c:\program files\iTunes 2008-10-07 07:45 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-07 07:44 --------- d-----w c:\program files\iPod 2008-10-07 07:40 --------- d-----w c:\program files\Fichiers communs\Apple 2008-10-01 11:01 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys 2008-09-26 18:26 --------- d-----w c:\program files\dvd to divx 2008-09-25 10:16 74,528 ------w c:\windows\system32\drivers\imagedrv.sys 2008-09-25 10:16 708,608 ------w c:\windows\UNIDRV.exe 2008-09-25 10:16 --------- d-----w c:\program files\Ahead 2008-09-21 15:35 --------- d-----w c:\documents and settings\stephanie.STEPG\Application Data\NeoDivX2008 2008-09-21 15:29 --------- d-----w c:\program files\WinASPI 2008-09-21 15:27 370,176 ----a-w c:\windows\system32\x264vfw.dll 2008-09-21 15:09 --------- d-----w c:\program files\AviSynth 2.5 2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe 2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll 2008-01-21 10:03 32 ----a-w c:\documents and settings\All Users.WINDOWS\Application Data\ezsid.dat 2006-02-10 11:16 284 ----a-w c:\documents and settings\stephanie\Application Data\ViewerApp.dat 2005-06-20 06:51 774,144 ----a-w c:\program files\RngInterstitial.dll 1995-09-20 15:16 456,976 ----a-w c:\program files\Fichiers communs\dao3032.dll 2006-05-29 14:40 7,296,000 ----a-w c:\program files\mozilla firefox\plugins\libvlc.dll 2008-04-25 12:32 5,817,064 ----a-w c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll 2008-03-04 11:25 8,192 --sha-w c:\windows\o2cLicStore.bin . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-20 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-20 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2005-11-11 7311360] "NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2005-11-11 86016] "EPSON Stylus Photo R300 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE" [2003-09-11 99840] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2008-03-22 155648] "snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840] "QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2008-09-06 413696] "Ashampoo FireWall"="c:\program files\Ashampoo FireWall\FireWall.exe" [2007-04-05 3251800] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "nwiz"="nwiz.exe" [2005-11-11 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-20 15360] c:\documents and settings\stephanie\Menu D‚marrer\Programmes\D‚marrage\ Magnifier.lnk - c:\windows\system32\magnify.exe [2001-09-28 73216] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ RaConfig2500.lnk - c:\program files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2008-01-25 507904] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"= ctwdm32.dll "aux"= ctwdm32.dll "vidc.X264"= x264vfw.dll "msacm.avis"= ff_acm.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=c:\documents and settings\stephanie.STEPG\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk] path=c:\documents and settings\stephanie.STEPG\Menu Démarrer\Programmes\Démarrage\TribalWeb.net.lnk backup=c:\windows\pss\TribalWeb.net.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] --a------ 2008-10-01 11:57 111936 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] --a------ 2008-11-12 18:36 103992 c:\program files\Canal\Canal Widget\Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 10:39 486856 c:\program files\DAEMON Tools Lite2\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client] --a------ 2008-04-22 11:20 22237184 c:\program files\Telephone\X-Lite\x-lite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] --a----t- 2008-11-12 21:44 133104 c:\documents and settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0] --a------ 2001-07-25 09:00 245810 c:\program files\Microsoft Money\System\Activation.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "KPF4"=2 (0x2) "CanalPlus.VOD"=2 (0x2) "Apple Mobile Device"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\stephanie.STEPG\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\stephanie.STEPG\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= R3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] R3 hcwPVRP2;Hauppauge WinTV PVR PCI II (Encoder/Decoder);c:\windows\system32\DRIVERS\hcwPVRP2.sys [2008-01-15 796064] S1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [] S1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [] S3 maconfservice;Ma-Config Service;"c:\program files\ma-config.com\maconfservice.exe" [2008-10-28 195752] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);c:\windows\system32\DRIVERS\snp2sxp.sys [2008-03-21 12039552] S4 CanalPlus.VOD;CanalPlus.VOD;"c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe" [2008-04-11 61440] S4 hpt3xx;hpt3xx; [] . Contenu du dossier 'Tâches planifiées' 2008-11-20 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 21:44] . . ------- Examen supplémentaire ------- . FireFox -: Profile - c:\documents and settings\stephanie.STEPG\Application Data\Mozilla\Firefox\Profiles\h8cqzep9.default\ FF -: plugin - c:\documents and settings\All Users.WINDOWS\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF -: plugin - c:\documents and settings\stephanie.STEPG\Application Data\Mozilla\Firefox\Profiles\h8cqzep9.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll FF -: plugin - c:\documents and settings\stephanie.STEPG\Application Data\Mozilla\plugins\npgoogletalk.dll FF -: plugin - c:\documents and settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\1.2.131.27\npGoogleOneClick6.dll FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\Canal\Canal Widget\VOD\npCpVod.dll FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - c:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin.dll FF -: plugin - c:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin2.dll FF -: plugin - c:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin3.dll FF -: plugin - c:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin4.dll FF -: plugin - c:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin5.dll FF -: plugin - c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF -: plugin - c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npracplug.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npvirtools.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-20 15:49:16 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\ASFWHide] "ImagePath"="\??\c:\docume~1\STEPHA~1.STE\LOCALS~1\Temp\ASFWHide" . --------------------- DLLs chargées dans les processus actifs --------------------- PROCESSUS: c:\windows\system32\lsass.exe -> c:\program files\Ashampoo FireWall\spi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\windows\system32\rundll32.exe c:\windows\system32\devldr32.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\tcpsvcs.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2008-11-20 15:53:54 - La machine a redémarré ComboFix-quarantined-files.txt 2008-11-20 14:53:48 Avant-CF: 8,220,590,080 octets libres Après-CF: 8,151,556,096 octets libres 245
  3. stefanie77
    Ci dessous le rapport MBAM. Je m' occupe de tes indications. Merci Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1412 Windows 5.1.2600 Service Pack 2 2008-11-20 14:38:45 mbam-log-2008-11-20 (14-38-45).txt Type de recherche: Examen rapide Eléments examinés: 66503 Temps écoulé: 51 minute(s), 0 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{18e4cdd5-23e9-3c2b-9ea7-7a5d489f4356} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{61181f3a-b7b4-3f2d-bc24-5dc5deab99c0} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78f8464d-a6f2-3f0d-a87f-a53a5f10d092} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\ws59179.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\TDSSlxwp.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\stephanie.STEPG\results.txt (Malware.Trace) -> Quarantined and deleted successfully.
  4. stefanie77
    Ok. J'ai effectué le scan et la suppression avec scan MBAM, puis généré le rapport ci dessous avec RSIT. Logfile of random's system information tool 1.04 (written by random/random) Run by stephanie at 2008-11-20 14:40:53 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 8 GB (21%) free of 37 GB Total RAM: 639 MB (16% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:41, on 2008-11-20 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Ashampoo FireWall\FireWall.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Documents and Settings\stephanie.STEPG\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\stephanie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo FireWall\FireWall.exe" -TRAY O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://astre.adp.fr/vdesk/terminal/InstallerControl.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - https://astre.adp.fr/vdesk/terminal/f5Inspe...,2007,0223,0317 O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://astre.adp.fr/vdesk/terminal/urTermP...,2007,0530,2303 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://astre.adp.fr/vdesk/terminal/vdeskct...,2007,0530,2232 O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://astre.adp.fr/vdesk/terminal/urxshos...,2007,0223,0320 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://astre.adp.fr/vdesk/terminal/urxhost...,2007,0524,2120 O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: kqicef.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- End of file - 7506 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUser.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}] C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 143420] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2005-11-11 7311360] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2005-11-11 86016] "EPSON Stylus Photo R300 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE [2003-09-11 99840] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2008-03-22 155648] "snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840] "QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2008-09-06 413696] "Ashampoo FireWall"=C:\Program Files\Ashampoo FireWall\FireWall.exe [2007-04-05 3251800] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-20 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-20 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] C:\Program Files\Canal\Canal Widget\Launcher.exe [2008-11-12 103992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite2\daemon.exe [2008-04-01 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client] C:\Program Files\Telephone\X-Lite\x-lite.exe [2008-04-22 22237184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0] C:\Program Files\Microsoft Money\System\Activation.exe [2001-07-25 245810] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk] C:\PROGRA~1\TRIBAL~1.NET\tribalweb.exe -system:startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "KPF4"=2 "CanalPlus.VOD"=2 "Apple Mobile Device"=2 C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage RaConfig2500.lnk - C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="kqicef.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-20 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{70E5C213-45BC-4494-BA22-025EE7A38A42}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\khfCrOhf [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"= "NoDrives"= "NoDriveAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2008-11-20 11:48:05 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\Malwarebytes 2008-11-20 11:47:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes 2008-11-20 11:47:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-11-20 10:25:36 ----A---- C:\WINDOWS\system32\CF2895.exe 2008-11-19 20:12:35 ----D---- C:\rsit 2008-11-19 18:52:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-11-19 18:52:40 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-11-19 18:43:44 ----D---- C:\WINDOWS\temp 2008-11-19 16:13:07 ----D---- C:\WINDOWS\ERDNT 2008-11-19 16:12:41 ----A---- C:\WINDOWS\system32\CF18052.exe 2008-11-19 13:41:28 ----A---- C:\WINDOWS\system32\gnc.exe 2008-11-19 13:34:47 ----A---- C:\WINDOWS\system32\Process.exe 2008-11-19 13:34:47 ----A---- C:\cleannavi.txt 2008-11-19 13:34:00 ----A---- C:\fixnavi1.txt 2008-11-19 12:55:23 ----A---- C:\fixnavi.txt 2008-11-19 12:51:07 ----D---- C:\Program Files\Navilog1 2008-11-18 18:26:05 ----D---- C:\Program Files\ma-config.com 2008-11-18 18:26:04 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com 2008-11-18 16:14:19 ----D---- C:\Program Files\Trend Micro 2008-11-18 14:55:08 ----A---- C:\WINDOWS\msnfix.txt 2008-11-18 01:06:33 ----D---- C:\Program Files\Avira 2008-11-18 01:06:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira 2008-11-18 00:43:33 ----D---- C:\Program Files\SpywareBlaster 2008-11-17 23:53:47 ----D---- C:\SmitfraudFix 2008-11-17 23:41:06 ----A---- C:\WINDOWS\ntbtlog.txt 2008-11-17 23:39:03 ----A---- C:\SmitfraudFix(2).exe 2008-11-17 23:28:42 ----A---- C:\rapport1.txt 2008-11-17 23:19:24 ----A---- C:\rapport.txt 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\VACFix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\o4Patch.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\IEDFix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\dumphive.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\404Fix.exe 2008-11-17 18:28:56 ----A---- C:\WINDOWS\system32\b3ce59fa-.txt 2008-11-16 20:58:03 ----D---- C:\Program Files\Agent 2008-11-15 16:43:24 ----D---- C:\Program Files\QuickPar 2008-11-13 12:58:37 ----D---- C:\Program Files\directx 2008-11-13 12:10:43 ----D---- C:\WINDOWS\pss 2008-11-12 19:02:38 ----D---- C:\Program Files\Ashampoo FireWall 2008-11-12 18:58:21 ----D---- C:\WINDOWS\system32\vso_loc 2008-11-12 18:58:21 ----D---- C:\WINDOWS\system32\iosubsys 2008-11-12 18:58:02 ----D---- C:\Program Files\vso 2008-11-12 18:08:28 ----A---- C:\Documents and Settings\stephanie.STEPG\Application Data\ezplay.ini 2008-11-12 18:07:58 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\Vso 2008-11-09 17:47:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TERMINAL Studio 2008-11-09 17:47:10 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-11-09 17:45:05 ----D---- C:\Program Files\Fichiers communs\Oberon Media 2008-11-01 13:02:33 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\GrabIt 2008-11-01 13:01:31 ----D---- C:\Program Files\GrabIt 2008-11-01 13:00:43 ----D---- C:\Program Files\genealogie ======List of files/folders modified in the last 1 months====== 2008-11-20 14:38:44 ----D---- C:\WINDOWS\system32 2008-11-20 14:33:26 ----D---- C:\WINDOWS\Prefetch 2008-11-20 11:47:39 ----D---- C:\WINDOWS\system32\drivers 2008-11-20 11:47:26 ----RD---- C:\Program Files 2008-11-20 11:46:35 ----D---- C:\WINDOWS 2008-11-20 11:46:31 ----A---- C:\trace.txt 2008-11-20 11:44:56 ----SHD---- C:\System Volume Information 2008-11-20 11:44:56 ----D---- C:\WINDOWS\system32\Restore 2008-11-20 11:10:37 ----D---- C:\Program Files\Mozilla Firefox 2008-11-20 10:55:58 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-20 10:17:28 ----D---- C:\Documents and Settings 2008-11-19 18:52:41 ----D---- C:\WINDOWS\SoftwareDistribution 2008-11-19 18:52:39 ----HD---- C:\WINDOWS\inf 2008-11-19 18:52:38 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-19 17:03:54 ----D---- C:\WINDOWS\AppPatch 2008-11-19 17:03:54 ----D---- C:\Program Files\Fichiers communs 2008-11-18 18:26:18 ----SHD---- C:\WINDOWS\Installer 2008-11-17 23:57:48 ----D---- C:\Program Files\Google 2008-11-17 15:50:53 ----D---- C:\Program Files\Jeux 2008-11-17 10:25:44 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\FileZilla 2008-11-16 20:58:19 ----A---- C:\WINDOWS\win.ini 2008-11-15 17:34:25 ----D---- C:\WINDOWS\Registration 2008-11-15 15:31:22 ----RASH---- C:\boot.ini 2008-11-15 15:31:22 ----A---- C:\WINDOWS\system.ini 2008-11-13 20:25:25 ----D---- C:\Program Files\Outils 2008-11-13 20:24:40 ----D---- C:\Program Files\Nikon 2008-11-13 20:22:52 ----D---- C:\Program Files\Free Audio Pack 2008-11-13 20:21:26 ----D---- C:\Program Files\Bonjour 2008-11-13 19:29:24 ----D---- C:\TEMP 2008-11-13 19:03:20 ----D---- C:\extract 2008-11-13 18:24:41 ----D---- C:\My Games 2008-11-13 13:11:07 ----D---- C:\Program Files\DScaler5 2008-11-13 12:07:34 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-12 21:44:42 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\Mozilla 2008-11-12 21:44:20 ----SD---- C:\WINDOWS\Tasks 2008-11-11 17:34:33 ----D---- C:\video 2008-11-11 16:56:07 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\LimeWire 2008-11-09 17:45:46 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft 2008-11-07 10:49:28 ----D---- C:\WINDOWS\repair 2008-11-05 10:48:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-22 17:52:34 ----D---- C:\Program Files\FreeGo ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-19 75072] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-11-25 54368] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-28 12032] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.0.0.5; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2007-02-01 15939] R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244] R3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\STEPHA~1.STE\LOCALS~1\Temp\ASFWHide [] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\System32\DRIVERS\fbxusb32.sys [2004-10-20 21344] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000] R3 hcwPVRP2;Hauppauge WinTV PVR PCI II (Encoder/Decoder); C:\WINDOWS\System32\DRIVERS\hcwPVRP2.sys [2004-01-29 796064] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-11-11 3532928] R3 RT2500;CNet Wireless Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2004-06-10 191360] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480] S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600] S1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [] S1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [] S3 arjg96tk;arjg96tk; C:\WINDOWS\system32\drivers\arjg96tk.sys [] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800] S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-19 701440] S3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2008-11-12 94208] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824] S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-12 47360] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136] S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [2007-04-09 12039552] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-04 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2005-11-11 131139] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\System32\tcpsvcs.exe [2001-09-28 19456] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-25 138168] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-10-28 195752] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] S4 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-11 61440] S4 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [] -----------------EOF-----------------
  5. stefanie77
    non rien de tout ça. J'ai pleins d'autres fichiers dans le fichier quarantine, qui affole d'ailleurs mon antivirus, mais pas de ceux dont tu parles.
  6. stefanie77
    Non je n'ai également pas de fichier zip dans c:\qoobox...
  7. stefanie77
    Slt Angélique, Point 1 => Ok Point 2 => J'ai copié/collé le texte ds un fichier CFScript.txt. Je l'ai glissé sur Combo-Fix. Ce dernier a travaillé puisque mon bureau a disparu plusieurs fois. Je l'ai laissé tourner une bonne 1/2 h sans affichage au final de rapport. Idem pour le rapport c:\ComboFix.txt, qui ne s'est créé. Dois-je relancer cette manip? Merci
  8. stefanie77
    Voici le rapport log.txt Logfile of random's system information tool 1.04 (written by random/random) Run by stephanie at 2008-11-19 20:12:35 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 8 GB (21%) free of 37 GB Total RAM: 639 MB (46% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:12, on 2008-11-19 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Ashampoo FireWall\FireWall.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Documents and Settings\stephanie.STEPG\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\stephanie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {14B80902-4C84-4D6E-9122-7DE159FDE3EC} - C:\WINDOWS\system32\khfCrOhf.dll (file missing) O2 - BHO: (no name) - {70E5C213-45BC-4494-BA22-025EE7A38A42} - C:\WINDOWS\system32\pmnoPfGW.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: D - {78F8464D-A6F2-3F0D-A87F-A53A5F10D092} - C:\WINDOWS\system32\mws59179.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: {b708b6d2-3ffa-1a49-be84-4aff554cacdf} - {fdcac455-ffa4-48eb-94a1-aff32d6b807b} - C:\WINDOWS\system32\kqicef.dll (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo FireWall\FireWall.exe" -TRAY O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://astre.adp.fr/vdesk/terminal/InstallerControl.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - https://astre.adp.fr/vdesk/terminal/f5Inspe...,2007,0223,0317 O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://astre.adp.fr/vdesk/terminal/urTermP...,2007,0530,2303 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://astre.adp.fr/vdesk/terminal/vdeskct...,2007,0530,2232 O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://astre.adp.fr/vdesk/terminal/urxshos...,2007,0223,0320 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://astre.adp.fr/vdesk/terminal/urxhost...,2007,0524,2120 O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: pmnoPfGW - pmnoPfGW.dll (file missing) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- End of file - 7923 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUser.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14B80902-4C84-4D6E-9122-7DE159FDE3EC}] C:\WINDOWS\system32\khfCrOhf.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70E5C213-45BC-4494-BA22-025EE7A38A42}] C:\WINDOWS\system32\pmnoPfGW.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F8464D-A6F2-3F0D-A87F-A53A5F10D092}] D - C:\WINDOWS\system32\mws59179.dll [2008-11-17 176128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fdcac455-ffa4-48eb-94a1-aff32d6b807b}] C:\WINDOWS\system32\kqicef.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}] C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 143420] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2005-11-11 7311360] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2005-11-11 86016] "EPSON Stylus Photo R300 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE [2003-09-11 99840] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2008-03-22 155648] "snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840] "QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2008-09-06 413696] "Ashampoo FireWall"=C:\Program Files\Ashampoo FireWall\FireWall.exe [2007-04-05 3251800] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-20 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-20 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] C:\Program Files\Canal\Canal Widget\Launcher.exe [2008-11-12 103992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite2\daemon.exe [2008-04-01 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client] C:\Program Files\Telephone\X-Lite\x-lite.exe [2008-04-22 22237184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0] C:\Program Files\Microsoft Money\System\Activation.exe [2001-07-25 245810] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^stephanie.STEPG^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk] C:\PROGRA~1\TRIBAL~1.NET\tribalweb.exe -system:startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "KPF4"=2 "CanalPlus.VOD"=2 "Apple Mobile Device"=2 C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage RaConfig2500.lnk - C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnoPfGW] pmnoPfGW.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-20 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{70E5C213-45BC-4494-BA22-025EE7A38A42}"=C:\WINDOWS\system32\pmnoPfGW.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\khfCrOhf [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"= "NoDrives"= "NoDriveAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\stephanie.STEPG\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2008-11-19 20:12:35 ----D---- C:\rsit 2008-11-19 18:52:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-11-19 18:52:40 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-11-19 18:52:39 ----D---- C:\WINDOWS\LastGood 2008-11-19 18:43:44 ----D---- C:\WINDOWS\temp 2008-11-19 16:27:31 ----A---- C:\WINDOWS\zip.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\VFIND.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\SWXCACLS.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\SWSC.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\SWREG.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\sed.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\NIRCMD.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\grep.exe 2008-11-19 16:27:31 ----A---- C:\WINDOWS\fdsv.exe 2008-11-19 16:13:07 ----D---- C:\WINDOWS\ERDNT 2008-11-19 16:13:07 ----D---- C:\Qoobox 2008-11-19 16:12:57 ----D---- C:\Combo-Fix 2008-11-19 16:12:41 ----A---- C:\WINDOWS\system32\CF18052.exe 2008-11-19 13:41:28 ----A---- C:\WINDOWS\system32\gnc.exe 2008-11-19 13:34:47 ----A---- C:\WINDOWS\system32\Process.exe 2008-11-19 13:34:47 ----A---- C:\cleannavi.txt 2008-11-19 13:34:00 ----A---- C:\fixnavi1.txt 2008-11-19 12:55:23 ----A---- C:\fixnavi.txt 2008-11-19 12:51:07 ----D---- C:\Program Files\Navilog1 2008-11-18 18:26:05 ----D---- C:\Program Files\ma-config.com 2008-11-18 18:26:04 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com 2008-11-18 16:14:19 ----D---- C:\Program Files\Trend Micro 2008-11-18 14:55:08 ----A---- C:\WINDOWS\msnfix.txt 2008-11-18 01:06:33 ----D---- C:\Program Files\Avira 2008-11-18 01:06:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira 2008-11-18 00:43:33 ----D---- C:\Program Files\SpywareBlaster 2008-11-17 23:53:47 ----D---- C:\SmitfraudFix 2008-11-17 23:41:06 ----A---- C:\WINDOWS\ntbtlog.txt 2008-11-17 23:39:03 ----A---- C:\SmitfraudFix(2).exe 2008-11-17 23:28:42 ----A---- C:\rapport1.txt 2008-11-17 23:19:24 ----A---- C:\rapport.txt 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\VACFix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\swsc.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\o4Patch.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\IEDFix.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\dumphive.exe 2008-11-17 23:16:52 ----A---- C:\WINDOWS\system32\404Fix.exe 2008-11-17 18:28:56 ----A---- C:\WINDOWS\system32\b3ce59fa-.txt 2008-11-17 18:03:45 ----A---- C:\WINDOWS\system32\TDSSlxwp.dll 2008-11-17 17:58:19 ----A---- C:\WINDOWS\system32\ws59179.dll 2008-11-17 17:58:19 ----A---- C:\WINDOWS\system32\mws59179.dll 2008-11-16 20:58:03 ----D---- C:\Program Files\Agent 2008-11-15 16:43:24 ----D---- C:\Program Files\QuickPar 2008-11-13 12:58:37 ----D---- C:\Program Files\directx 2008-11-13 12:10:43 ----D---- C:\WINDOWS\pss 2008-11-12 19:02:38 ----D---- C:\Program Files\Ashampoo FireWall 2008-11-12 18:58:21 ----D---- C:\WINDOWS\system32\vso_loc 2008-11-12 18:58:21 ----D---- C:\WINDOWS\system32\iosubsys 2008-11-12 18:58:02 ----D---- C:\Program Files\vso 2008-11-12 18:08:28 ----A---- C:\Documents and Settings\stephanie.STEPG\Application Data\ezplay.ini 2008-11-12 18:07:58 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\Vso 2008-11-09 17:47:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TERMINAL Studio 2008-11-09 17:47:10 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-11-09 17:45:05 ----D---- C:\Program Files\Fichiers communs\Oberon Media 2008-11-01 13:02:33 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\GrabIt 2008-11-01 13:01:31 ----D---- C:\Program Files\GrabIt 2008-11-01 13:00:43 ----D---- C:\Program Files\genealogie ======List of files/folders modified in the last 1 months====== 2008-11-19 20:12:46 ----D---- C:\WINDOWS\Prefetch 2008-11-19 20:12:11 ----A---- C:\trace.txt 2008-11-19 20:08:05 ----D---- C:\Program Files\Mozilla Firefox 2008-11-19 18:52:41 ----D---- C:\WINDOWS\SoftwareDistribution 2008-11-19 18:52:40 ----D---- C:\WINDOWS\system32 2008-11-19 18:52:39 ----HD---- C:\WINDOWS\inf 2008-11-19 18:52:39 ----D---- C:\WINDOWS 2008-11-19 18:52:38 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-19 17:11:12 ----D---- C:\WINDOWS\system32\drivers 2008-11-19 17:03:54 ----D---- C:\WINDOWS\AppPatch 2008-11-19 17:03:54 ----D---- C:\Program Files\Fichiers communs 2008-11-19 16:59:01 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-19 13:40:14 ----RD---- C:\Program Files 2008-11-18 18:26:18 ----SHD---- C:\WINDOWS\Installer 2008-11-17 23:57:48 ----D---- C:\Program Files\Google 2008-11-17 18:19:06 ----D---- C:\Documents and Settings 2008-11-17 15:50:53 ----D---- C:\Program Files\Jeux 2008-11-17 10:25:44 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\FileZilla 2008-11-16 20:58:19 ----A---- C:\WINDOWS\win.ini 2008-11-15 18:01:24 ----SHD---- C:\System Volume Information 2008-11-15 17:34:25 ----D---- C:\WINDOWS\Registration 2008-11-15 15:31:22 ----RASH---- C:\boot.ini 2008-11-15 15:31:22 ----A---- C:\WINDOWS\system.ini 2008-11-13 20:25:25 ----D---- C:\Program Files\Outils 2008-11-13 20:24:40 ----D---- C:\Program Files\Nikon 2008-11-13 20:22:52 ----D---- C:\Program Files\Free Audio Pack 2008-11-13 20:21:26 ----D---- C:\Program Files\Bonjour 2008-11-13 19:29:24 ----D---- C:\TEMP 2008-11-13 19:03:20 ----D---- C:\extract 2008-11-13 18:24:41 ----D---- C:\My Games 2008-11-13 13:11:07 ----D---- C:\Program Files\DScaler5 2008-11-13 12:07:34 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-12 21:44:42 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\Mozilla 2008-11-12 21:44:20 ----SD---- C:\WINDOWS\Tasks 2008-11-11 17:34:33 ----D---- C:\video 2008-11-11 16:56:07 ----D---- C:\Documents and Settings\stephanie.STEPG\Application Data\LimeWire 2008-11-09 17:45:46 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft 2008-11-07 10:49:28 ----D---- C:\WINDOWS\repair 2008-11-05 10:48:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-22 17:52:34 ----D---- C:\Program Files\FreeGo ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-19 75072] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-11-25 54368] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-28 12032] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.0.0.5; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2007-02-01 15939] R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244] R3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\STEPHA~1.STE\LOCALS~1\Temp\ASFWHide [] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\System32\DRIVERS\fbxusb32.sys [2004-10-20 21344] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000] R3 hcwPVRP2;Hauppauge WinTV PVR PCI II (Encoder/Decoder); C:\WINDOWS\System32\DRIVERS\hcwPVRP2.sys [2004-01-29 796064] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-11-11 3532928] R3 RT2500;CNet Wireless Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2004-06-10 191360] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480] S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600] S1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [] S1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [] S3 a76aidvv;a76aidvv; C:\WINDOWS\system32\drivers\a76aidvv.sys [] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800] S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-19 701440] S3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2008-11-12 94208] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824] S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-12 47360] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136] S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [2007-04-09 12039552] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-04 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2005-11-11 131139] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\System32\tcpsvcs.exe [2001-09-28 19456] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-25 138168] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-10-28 195752] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] S4 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-11 61440] S4 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [] -----------------EOF----------------- Voici le rapport info.txt info.txt logfile of random's system information tool 1.04 2008-11-19 20:12:50 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F} Adobe Flash Player 9 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6} Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Ashampoo FireWall 1.20-->"C:\Program Files\Ashampoo FireWall\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" BlindWrite suite-->"C:\Program Files\vso\BlindWrite\unins000.exe" Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} CANAL WIDGET-->MsiExec.exe /X{09B6B322-325F-4A5F-9051-830ED194A1A7} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe" Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe" ConTEXT-->"C:\Program Files\ConTEXT\unins000.exe" CopyPod (remove only)-->"C:\Program Files\CopyPod\uninstall.exe" Counter Strike Configuration v.1.04-->C:\PROGRAM FILES\JEUX\HALF LIFE\CSTRIKE\Uninstal.exe CreationCentre 2005-->C:\WINDOWS\iun6002.exe "C:\Program Files\CreationCentre 2005\irunin.ini" DirectVobSub (remove only)-->"C:\Program Files\DirectVobSub\uninstall.exe" Dora au pays des Contes de Fées-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD298C10-EED0-4075-A9F1-4C8C93ACBD08}\Setup.exe" -l0x40c DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe" DS-MP3 Source 1.30-->"C:\Program Files\DS-MP3 Source\Uninstall.exe" EA SPORTS online 2005-->C:\Program Files\Jeux\EA SPORTS online\EASOUNInstaller.exe EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe" EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst EPSON Print CD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x40c -SYSTEM EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything EW : Cossacks-->C:\WINDOWS\uncsetup.exe Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe Extension Système de Microsoft Money-->MsiExec.exe /I{CF5193FB-6B37-11D5-B7D2-00AA00A204F1} FastStone Image Viewer 3.2-->C:\Program Files\FastStone Image Viewer\uninst.exe ffdshow [rev 1703] [2007-12-15]-->"C:\Program Files\K-Lite Codec Pack\ffdshow\unins000.exe" FileZilla Client 3.0.11.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe Flickr Uploadr 2.5.0.15-->"C:\Program Files\Flickr Uploadr\uninstall.exe" Football Manager 2007-->C:\Program Files\Sports Interactive\Football Manager 2007\uninstall\Uninstall FM 2007.exe Forté Agent-->C:\PROGRA~1\Agent\UNWISE.EXE C:\PROGRA~1\Agent\INSTALL.LOG "Uninstall Forté Agent" Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe FreeGo version 4-->"C:\Program Files\FreeGo\unins000.exe" Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe" Google Talk Plugin-->MsiExec.exe /I{108921F0-2DDB-3C3D-A02D-CC18285F514C} Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt\unins000.exe" Hauppauge WinTV2000-->C:\PROGRA~1\WinTV\UNTV32.EXE C:\PROGRA~1\WinTV\WINTV2K.LOG Hauppauge WinTV-PVR II PCI Drivers-->C:\PROGRA~1\WinTV\UNpvr48.EXE C:\PROGRA~1\WinTV\pvr48xxx.LOG Heredis 2001-->C:\WINDOWS\unvise32.exe C:\Program Files\genealogie\Heredis 2001\uninstal.log HHD Software Free Hex Editor 3.12-->"C:\Program Files\Hex Editor 3.x\Uninstaller.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" ImageDrive (Ahead Software)-->C:\WINDOWS\UNIDRV.exe /UNINSTALL InterVideo FilterSDK for Hauppauge-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} K-Lite Mega Codec Pack 1.64-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe" Ma-Config.com-->MsiExec.exe /X{49C3F7D7-215F-47D7-A93B-E9FC772A5E96} Magic Cookies-FR-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Infogrames\Smoby\Magic Cookies-FR\System\UnEB.isu" -c"C:\Program Files\Infogrames\Smoby\Magic Cookies-FR\System\IsUninst.dll" Micro Application - 3D Architecte Pro - Spécial Déco 2008-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB632818-AEDC-4569-B5B6-B71D9AF6AB9E}\setup.exe" -l0x40c Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Money-->MsiExec.exe /I{E7298FDC-1386-11D5-8D6C-0050DAD32D95} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Midisport 1x1 1.0.1.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\M-Audio Midisport 1x1\irunin.ini" MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03} Morgan Stream Switcher-->"C:\divx\mmswitch\uninst.exe" Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} nanoPEG-Editor 2.3 Hauppauge Edition-->"C:\Program Files\nanocosmos\MPEG-Tools for Hauppauge\Editor2\unins000.exe" NeoDivx 2008-->"C:\divx\NeoDivX2008\uninstall.exe" NeoDivx Suite-->"C:\divx\NeoDivX Suite\uninstall.exe" Nero - Burning Rom (Web installer)-->C:\WINDOWS\UNNERO.exe /UNINSTALL NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI OpenMG Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C877DA0-5EFF-11D4-9254-0000F460E7A9}\setup.exe" UNINSTALL OpenMG Secure Module 3.0.03-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL OpenSource Flash Video Splitter (remove only)-->"C:\Program Files\OpenSource Flash Video Splitter\uninstall.exe" Outils de Guitare-Online - Accordeur (Version Light), version 2-->"C:\Program Files\Outils de Guitare-Online\Tuner\unins000.exe" PDFCreator-->C:\Program Files\PDFCreator\unins000.exe PHPEdit 2.12.10-->"C:\Program Files\PHPEdit\2.12.10\Uninstall.exe" "C:\Program Files\PHPEdit\2.12.10\install.log" -u PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything POD-Bot 2.5-->C:\WINDOWS\unvise32.exe c:\program files\jeux\half life\cstrike\poduninst.log QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe" RT2500 Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA66A0D-E610-40B8-9D51-C1854285773A}\setup.exe" -l0x9 -removeonly ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG Sibelius Scorch (Firefox, Opera, Netscape only)-->MsiExec.exe /I{5F4B558D-8AEB-4DEE-AAB3-C00D1D9A86BA} Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Spybot - Search & Destroy 1.2-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" Stamp Uninstall-->C:\Program Files\NCH Swift Sound\Stamp\uninst.exe Steinberg Cubase SX 3-->"C:\Program Files\Steinberg\Cubase SX 3\Uninstall.exe" "C:\Program Files\Steinberg\Cubase SX 3\install.log" Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe TmNationsForever-->"C:\Program Files\jeux\TmNationsForever\unins000.exe" Trust Webcam 15007-->C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x040c -removeonly -u Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe Virtools 3D Life Player-->C:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -u VRally3-->"C:\Program Files\jeux\VRally3\unins000.exe" VuPassword-->"C:\Program Files\VuPassword\unins000.exe" WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe Winamp 5 FR-->"C:\Program Files\Winamp\UninstFR.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe x264 Revision 305 x264.nl (remove only)-->"C:\divx\x264\x264-uninstall.exe" X-Lite 3.0-->"C:\Program Files\Telephone\X-Lite\unins000.exe" Xvid 1.1.3 final uninstall-->"C:\divx\Xvid\unins000.exe" Zoom Player (remove only)-->"C:\Program Files\Zoom Player\uninstall.exe" =====HijackThis Backups===== O4 - HKCU\..\Run: [eyurarydv] c:\documents and settings\stephanie.stepg\local settings\application data\eyurarydv.exe eyurarydv O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) ======Security center information====== AV: Avira AntiVir PersonalEdition ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=0102 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF----------------- Merci et bonne soirée
  9. stefanie77
    Ok merci. Je m'occupe pour le moment de mon problème actuel avec Combofix et verrai plus tard la console de recup Windows. J'ai lancé ComFix et il a planté en cours de route...j'ai dû rebooter, car il tournait toujours au bout 1h45, sans résultat. Du coup je n'ai pas de rapport sur C:\. Par contre, je constate que les ralentissements ont disparu et qu'apperemment mon pb d'antivirus 2009. Dois je relancer, combo Fix pour générer le rapport ? En tous cas, merci de ton aide précieuse
  10. stefanie77
    Ok pour le dwld du fichier Par contre, ComboFix me dit que la Console de recupération Windows n'est pas installée. Dois-je le faire ? Merci
  11. stefanie77
    Bonjour Angélique, Merci pour ces infos. Donc Point n°1 effectué Point n° 2 : Ci après Point n°3 : Impossible d'accéder aux différents sites : Un message d'erreur apparait depuis Firefox ou IE "impossible d'afficher la page" ----------------- Rapports Navilog option 1 Search Navipromo version 3.6.9 commencé le 19/11/2008 à 13:55:23,42 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "stephanie" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : Recherche executé en mode normal *** Recherche Programmes installés *** WebMediaPlayer *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" *** ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\stephanie.STEPG\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\stephanie.STEPG\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" : afplpow.dat trouvé ! afplpow_nav.dat trouvé ! afplpow_navps.dat trouvé ! * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : C:\WINDOWS\system32\fhOrCfhk.ini2 trouvé ! infection Vundo possible non traitée par cet outil ! *** Analyse terminée le 19/11/2008 à 12:58:47,98 *** -------------------------- Rapport Navilog option 2 Clean Navipromo version 3.6.9 commencé le 19/11/2008 à 14:14:47,18 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "stephanie" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** ...\WebMediaPlayer ...suppression... ...\WebMediaPlayer supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" *** ...\WebMediaPlayer ...suppression... ...\WebMediaPlayer supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\stephanie.STEPG\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\stephanie.STEPG\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\stephanie.STEPG\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\stephanie.STEPG\locals~1\applic~1" * afplpow.dat trouvé ! Copie afplpow.dat réalisée avec succès ! afplpow.dat supprimé ! afplpow_nav.dat trouvé ! Copie afplpow_nav.dat réalisée avec succès ! afplpow_nav.dat supprimé ! afplpow_navps.dat trouvé ! Copie afplpow_navps.dat réalisée avec succès ! afplpow_navps.dat supprimé ! * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent !
  12. stefanie77
    Bonjour à tous, Un appel au secours après plusieurs manipulations de ma part n'ayant pas abouti.... Voila mon problème : J'ai détecté hier un utilitaire "total secure 2009" qui s'est installé sur ma machine. Pensant avoir réussie à le supprimer, je m'aperçois aujourd'hui que j'ai de nouveau ce malware sous le nom de "Antivirus 2009". Résultat, dès que j'essaie d'accéder a certains sites tel que secuser.com, je suis redirigée systématiquement vers sites qui n'ont rien à voir, avec en prime des fenetres supplémentaires de tous genres qui s'affichent. De plus, je trouve ma connexion Internet très lente depuis hier et j'ai l'impression qu'un programme tourne en arrière plan et ralenti ma machine. Merci d'avance pour votre aide précieuse J'ai téléchargé Hikackthis et voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:49:58, on 18/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Ashampoo FireWall\FireWall.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo FireWall\FireWall.exe" -TRAY O4 - HKLM\..\Run: [b8ed9d84] rundll32.exe "C:\WINDOWS\system32\ltkfbkfh.dll",b O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [eyurarydv] c:\documents and settings\stephane.stepg\local settings\application data\eyurarydv.exe eyurarydv O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://astre.adp.fr/vdesk/terminal/InstallerControl.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - https://astre.adp.fr/vdesk/terminal/f5Inspe...,2007,0223,0317 O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://astre.adp.fr/vdesk/terminal/urTermP...,2007,0530,2303 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://astre.adp.fr/vdesk/terminal/vdeskct...,2007,0530,2232 O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://astre.adp.fr/vdesk/terminal/urxshos...,2007,0223,0320 O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://astre.adp.fr/vdesk/terminal/urxhost...,2007,0524,2120 O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: trifgq.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- End of file - 6813 bytes
×
×
  • Créer...